Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Bad characters in banlist.conf cause Error 500 when trying to display IP Bans in Webinterface #4378

Open
Anuril opened this issue May 10, 2024 · 0 comments
Open

[Bug] Bad characters in banlist.conf cause Error 500 when trying to display IP Bans in Webinterface #4378

Anuril opened this issue May 10, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@Anuril
Copy link
Contributor

Anuril commented May 10, 2024
edited

Describe the bug

I was blocked from accessing the control panel from our IP Address. I found a fail2ban-RECIDIVE ban for my IP and wasn't sure how that happened. After I tried removing the banned IP with v-delete-firewall-ban x.x.x.x RECIDIVE and still not being able to access, I removed the ip manually with iptables -D so I could access again. I wanted to go to the banlist in the admin interface and received an error 500.

Usually that happens if PHP can't parse the json it receives from the hestia command it's running, so i ran
v-list-firewall-ban json and looked at the output...

[...]
 "1.234.63.192": {
        "IP": "1.234.63.192",
        "CHAIN": "RECIDIVE",
        "TIME": "16:56:03",
        "DATE": "2024-04-23"
    }
    "45.88.90.106": {
        "IP": "45.88.90.106",
        "CHAIN": "RECIDIVE",
        "TIME": "11:41:47",
        "DATE": "2024-04-25"
    }
[...]

The json entries were not separated by "," so the json was invalid.
It was clear that this code wasn't evaluating correctly, not adding the "," at the end of each entry except the last, so I checked my banlist.conf at $HESTIA/data/firewall/banlist.conf and found this line:
grafik
grafik

after I removed all the weird blank space, v-list-firewall-ban json returned valid json again:

[...]
    "1.234.63.192": {
        "IP": "1.234.63.192",
        "CHAIN": "RECIDIVE",
        "TIME": "16:56:03",
        "DATE": "2024-04-23"
    },
    "45.88.90.106": {
        "IP": "45.88.90.106",
        "CHAIN": "RECIDIVE",
        "TIME": "11:41:47",
        "DATE": "2024-04-25"
    },
[...]

The question I have is: Why were there NULL-Byte characters in banlist.conf? (Resp: how did they get there?)

I attached the (shortened) file here:
banlist.zip

Also - we should find a way to clean stuff like that.

P.S: The IPs are malicious so I don't care about censoring them.

Tell us how to replicate the bug

  1. Download the banlist.zip above and unzip the banlist.conf file to $HESTIA/data/firewall/
  2. Go to your hestia control panel and navigate to https://yourserver.com:8083/list/firewall/banlist/

Which components are affected by this bug?

Control Panel Command Line Interface, Control Panel Web Interface, Firewall (Iptables, Fail2ban)

Hestia Control Panel Version

1.8.11

Operating system

Debian 11

Log capture

No response
@Anuril Anuril added the bug Something isn't working label May 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Anuril