Home Explore Help
Sign In
david
/
failUser
1
0
Fork 0
Files Issues 1 Pull Requests 0 Wiki
Browse Source

Switched to using a debug_blocks setting

  True to just print what would have been executed,
  False to just execute it.
david 4 years ago
parent
e787463c0c
commit
fe7348247f
2 changed files with 18 additions and 13 deletions
Split View Show Diff Stats
  1. 2 0
      config.py
  2. 16 13
      failUser.py

+ 2 - 0
config.py
View File 

@@ -40,6 +40,8 @@ def load_config():
 
         defaults = {
 
             # Target hack logs
 
             "target": "data/data/hack.log",
 
+            # Just print what whould have been executed or execute it?
 
+            "debug_blocks": False, # True is just print, False is execute
 
             # block_time in hours
 
             "block_time": 4,
 
             # Last unblock

+ 16 - 13
failUser.py
View File 

@@ -18,6 +18,7 @@ myConfig = load_config()
 
 myfile = myConfig["target"]
 
 last_run = myConfig["last_unblock"]
 
 bad_users = myConfig["bad_users"]
 
+enable_live = myConfig["debug_blocks"]
 
 
 target = open(myfile, 'r')
 
 target.seek(0,2)
 
@@ -27,16 +28,20 @@ dirmask = IN_MODIFY | IN_DELETE | IN_MOVE_SELF | IN_CREATE
 
 
 def blocker(ip):
 
     # Utility function to block given ip as string
 
-    run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
 
-    #print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
 
+    if not enable_live:
 
+        run(["iptables", "-I", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
 
+    else:
 
+        print("iptables -I DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
 
 
 def unblocker(ip):
 
     # Utility function to unblock given ip as string
 
-    try:
 
-        run(["iptables", "-D", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
 
-    except CalledProcessError:
 
-        pass
 
-    #print("iptables -D DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
 
+    if not enable_live:
 
+        try:
 
+            run(["iptables", "-D", "DOCKER-USER", "-i", "eth0", "-s", ip, "-j", "DROP"], stdout=PIPE, check=True)
 
+        except CalledProcessError:
 
+            pass
 
+    else:
 
+        print("iptables -D DOCKER-USER -i eth0 -s {0} -j DROP".format(ip))
 
 
 # def is_bad(line):
 
 #     # Given line, attempt to parse... then is there a issue with it
 
@@ -89,9 +94,8 @@ class EventHandler(ProcessEvent):
 
             for line in target.readlines():
 
                 luser = is_bad(line.rstrip())
 
                 if(luser):
 
-                    for ip in myconfig["good_users"]:
 
-                        if luser["ip"] == ip:
 
-                            return # Don't block ourselves
 
+                    if luser["ip"] in myConfig["good_users"]:
 
+                        return # Don't block ourselves
 
                     blocker(luser["ip"])
 
                     now = pendulum.now().to_atom_string()
 
                     log.info("Blocked {0} at {1}".format(luser["ip"], now))
 
@@ -110,9 +114,8 @@ class EventHandler(ProcessEvent):
 
             for line in target.readlines():
 
                 luser = is_bad(line.rstrip())
 
                 if(luser):
 
-                    for ip in myconfig["good_users"]:
 
-                        if luser["ip"] == ip:
 
-                            return # Don't block ourselves
 
+                    if luser["ip"] in myConfig["good_users"]:
 
+                        return # Don't block ourselves
 
                     blocker(luser["ip"])
 
                     now = pendulum.now().to_atom_string()
 
                     log.info("Blocked {0} at {1}".format(luser["ip"], now))