Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Quick info about banned IP at Fail2Ban list (Host/Banlist/Location) #174

Open
VasilisParaschos opened this issue Feb 2, 2024 · 2 comments
Open

Feature Request: Quick info about banned IP at Fail2Ban list (Host/Banlist/Location) #174

VasilisParaschos opened this issue Feb 2, 2024 · 2 comments

Comments

@VasilisParaschos
Copy link

VasilisParaschos commented Feb 2, 2024
edited

Describe the problem:

I believe it would be a nice feature of someone getting some info about a banned IP with a single click. Using the patch below, a search icon is added next to each IP of Fail2Ban list interface. Clicking on the search icon, info about Host, Banlists and Location of IP shows up. For each banlist, a green icon appears if IP is not found in the list, a red icon if found and a yellow icon in case the list could not be retrieved and/or is empty, thus green and yellow icon for this list. Hovering over a list name, the last retrieved date and last http code result is shown. Right now the cache of lists expires the next day or if session ends.
In this state, caching is not ideally implemented (uses $_SESSION) because I had permission issues when writing to files. I think this feature could be improved by adding lists as a myVesta parameter somewhere, by making cache persist using files and maybe date expiration could be a parameter as well. I am not experienced with myVesta internals, so someone who is, could contribute an improved solution.

Patch for 0.9.9-0-6: diff.patch

Info / Host
Provided by gethostbyaddr().

Info / Banlist
Provided by 7 urls, see image.

Info / Location
Provided by https://db-ip.com

How to clear session cache
It is possible to clear cache of banlists by passing the following parameter:
/list/firewall/banlist/?clear_cache=1

Notice on cache of banlists
Some banlist providers provide plain IP addresses like a.b.c.d. Others provide IPs in CIDR format like a.b.c.0/24. I tried the approach of generating plain IPs from CIDR format and storing these plain IPs first but it generates VERY large cache data...
Storing (currently) using CIDR format in cache takes about 750 KB.

image1

Steps to Reproduce:

Just go to Menu > Firewall > LIST FAIL2BAN after patching to see the search icon next to the listed ip.

Debian version:

Debian 11

VestaCP Version:

0.9.9-0-6

Installed Software (what you got with the installer):

WEB_SYSTEM='apache2'
WEB_RGROUPS='www-data'
WEB_PORT='8080'
WEB_SSL_PORT='8443'
WEB_SSL='mod_ssl'
PROXY_SYSTEM='nginx'
PROXY_PORT='80'
PROXY_SSL_PORT='443'
STATS_SYSTEM='webalizer,awstats'
FTP_SYSTEM='proftpd'
DNS_SYSTEM='bind9'
MAIL_SYSTEM='exim4'
ANTIVIRUS_SYSTEM='clamav-daemon'
ANTISPAM_SYSTEM='spamassassin'
IMAP_SYSTEM='dovecot'
CRON_SYSTEM='cron'
FIREWALL_SYSTEM='iptables'
FIREWALL_EXTENSION='fail2ban'
BACKUP_SYSTEM='local'
LANGUAGE='en'
VERSION='0.9.8'
DB_SYSTEM='mysql'
@myvesta
Copy link
Owner

myvesta commented Feb 2, 2024

Can you make pull request?

@VasilisParaschos
Copy link
Author

Yes, I just did #175.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@myvesta @VasilisParaschos