Browse Source

banip: update 0.3.11

* fix ssh daemon autodetection
* fix 'sshd' logfile parsing

Signed-off-by: Dirk Brenken <dev@brenken.org>
lilik-openwrt-22.03
Dirk Brenken 5 years ago
parent
commit
e97f350a00
No known key found for this signature in database GPG Key ID: 9D71CD547BFAE684
3 changed files with 18 additions and 9 deletions
  1. +1
    -1
      net/banip/Makefile
  2. +1
    -1
      net/banip/files/banip.service
  3. +16
    -7
      net/banip/files/banip.sh

+ 1
- 1
net/banip/Makefile View File

@ -6,7 +6,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=banip PKG_NAME:=banip
PKG_VERSION:=0.3.10
PKG_VERSION:=0.3.11
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org> PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>


+ 1
- 1
net/banip/files/banip.service View File

@ -29,7 +29,7 @@ if [ -x "${ban_logread}" ]
then then
f_log "info" "log/banIP service started" f_log "info" "log/banIP service started"
"${ban_logread}" -f -e "${ban_sshdaemon}\|luci: failed login" | \ "${ban_logread}" -f -e "${ban_sshdaemon}\|luci: failed login" | \
{ grep -qE "Exit before auth|luci: failed login|[0-9]+ \[preauth\]$"; [ $? -eq 0 ] && /etc/init.d/banip refresh; }
{ grep -q "Exit before auth\|luci: failed login\|error: maximum authentication attempts exceeded"; [ $? -eq 0 ] && /etc/init.d/banip refresh; }
else else
f_log "err" "can't start log/banIP service" f_log "err" "can't start log/banIP service"
fi fi

+ 16
- 7
net/banip/files/banip.sh View File

@ -13,7 +13,7 @@
# #
LC_ALL=C LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin" PATH="/usr/sbin:/usr/bin:/sbin:/bin"
ban_ver="0.3.10"
ban_ver="0.3.11"
ban_basever="" ban_basever=""
ban_enabled=0 ban_enabled=0
ban_automatic="1" ban_automatic="1"
@ -280,13 +280,16 @@ f_envcheck()
# #
if [ -z "${ban_sshdaemon}" ] if [ -z "${ban_sshdaemon}" ]
then then
utils="dropbear sshd"
utils="sshd dropbear"
for util in ${utils} for util in ${utils}
do do
if [ -x "$(command -v "${util}")" ] if [ -x "$(command -v "${util}")" ]
then then
ban_sshdaemon="${util}"
break
if [ "$("/etc/init.d/${util}" enabled; printf "%u" ${?})" -eq 0 ]
then
ban_sshdaemon="${util}"
break
fi
fi fi
done done
fi fi
@ -636,7 +639,13 @@ f_main()
local src_name src_on src_url src_rset src_setipv src_settype src_ruletype src_cat src_log src_addon src_ts src_rc local src_name src_on src_url src_rset src_setipv src_settype src_ruletype src_cat src_log src_addon src_ts src_rc
local wan_input wan_forward lan_input lan_forward target_src target_dst ssh_log luci_log local wan_input wan_forward lan_input lan_forward target_src target_dst ssh_log luci_log
ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/:[0-9]*$//g')"
if [ "${ban_sshdaemon}" = "dropbear" ]
then
ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/:[0-9]*$//g')"
elif [ "${ban_sshdaemon}" = "sshd" ]
then
ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/ port.*$//g')"
fi
luci_log="$(logread -e "luci: failed login" | grep -o "luci:.*")" luci_log="$(logread -e "luci: failed login" | grep -o "luci:.*")"
mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)" mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)" mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)"
@ -748,7 +757,7 @@ f_main()
done done
elif [ "${ban_sshdaemon}" = "sshd" ] elif [ "${ban_sshdaemon}" = "sshd" ]
then then
src_addon="$(printf "%s\\n" "${ssh_log}" | grep -E "[0-9]+ \[preauth\]$" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
src_addon="$(printf "%s\\n" "${ssh_log}" | grep -F "error: maximum authentication attempts exceeded" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
fi fi
src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
;; ;;
@ -762,7 +771,7 @@ f_main()
done done
elif [ "${ban_sshdaemon}" = "sshd" ] elif [ "${ban_sshdaemon}" = "sshd" ]
then then
src_addon="$(printf "%s\\n" "${ssh_log}" | grep -E "[0-9]+ \[preauth\]$" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
src_addon="$(printf "%s\\n" "${ssh_log}" | grep -F "error: maximum authentication attempts exceeded" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
fi fi
src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')"
;; ;;


Loading…
Cancel
Save