VladPolskiy/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2025-07-23 00:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for listing jail blocks 1/2

Browse Source 
https://forum.virtualmin.com/t/firewalld-module/116515/12
This commit is contained in:
iliajie
2023-05-07 21:24:30 +03:00
parent c2bbb27de4
commit ae544ec580
6 changed files with 122 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
fail2ban/fail2ban-lib.pl
View File

@ -566,4 +566,15 @@ if ($?) {
} }
} }
# Unblock all IPs in given jail
sub unblock_jail
{
my ($jail) = @_;
my $cmd = "$config{'client_cmd'} reload --unban ".quotemeta($jail)." 2>&1 </dev/null";
my $out = &backquote_logged($cmd);
if ($?) {
&error(&text('status_err_unbanjail', &html_escape($jail)) . " : $out");
}
}
1; 1;

59
fail2ban/jail_blocks.cgi Normal file
View File

@ -0,0 +1,59 @@
#!/usr/local/bin/perl
# Show a status of all active jails
use strict;
use warnings;
no warnings 'redefine';
no warnings 'uninitialized';
require './fail2ban-lib.pl';
our (%in, %text, %config);
&ReadParse();
my $jail = $in{'jail'};
my $out = &backquote_logged("$config{'client_cmd'} status 2>&1 </dev/null");
my ($jail_list) = $out =~ /jail\s+list:\s*(.*)/im;
my @jails = split(/,\s*/, $jail_list);
&indexof($jail, @jails) > -1 || error('Unknown jail');
&ui_print_header("$jail", $text{'status_title3'}, "");
my $fh = 'jailinfo';
my @jail_blocks;
&open_execute_command($fh, "$config{'client_cmd'} get @{[quotemeta($jail)]} banip --with-time 2>&1 </dev/null", 1);
while(<$fh>) {
if (/^(?<ip>.*?)\s+(?<start>.*?\s+.*?)\s+.*?\s+.*?\s+=\s+(?<end>.*)$/) {
my $ip = $+{ip};
my $start = $+{start};
my $end = $+{end};
if ($ip && $start && $end) {
push(@jail_blocks, &ui_checked_columns_row([$ip, $start, $end], [ 'width=5' ], "ip", $ip));
}
}
}
close($fh);
if (@jail_blocks) {
my @links = ( &select_all_link("ip"),
&select_invert_link("ip"));
print &ui_links_row(\@links);
print &ui_form_start("unblock_jailed_ip.cgi", "post");
print &ui_columns_start([ "",
$text{'status_head_blocks_ip'},
$text{'status_head_blocks_stime'},
$text{'status_head_blocks_etime'} ]);
foreach my $r (@jail_blocks) {
print $r;
}
print &ui_columns_end();
print &ui_links_row(\@links);
print &ui_hidden("jail", $jail);
print &ui_hidden("return", 1);
print &ui_form_end([ [ undef, $text{'status_jail_unblock_ips'} ] ]);
}
else {
print &text('status_jail_noactiveips', $jail);
}
&ui_print_footer("list_status.cgi", $text{'status_return'},
"", $text{'index_return'});

16
fail2ban/lang/en
View File

@ -170,23 +170,31 @@ manual_efile=Selected file is not part of the Fail2Ban configuration!
manual_err=Failed to edit config file manual_err=Failed to edit config file
manual_edata=No config file contents entered manual_edata=No config file contents entered
status_title=Jails Status And Actions status_title=Jails Status
status_title2=Jails Status status_title3=Jail Blocks
status_head_jail_name=Jail name status_return=jails status
status_head_jail_blocks=Jail blocks
status_head_currently_failed=Currently failed status_head_currently_failed=Currently failed
status_head_total_failed=Total failed status_head_total_failed=Total failed
status_head_file_list=File list status_head_file_list=File list
status_head_currently_banned=Currently banned status_head_currently_banned=Currently banned
status_head_total_banned=Total banned status_head_total_banned=Total banned
status_head_banned_ip_list=Banned IP list status_head_banned_ip_list=Banned IP list
status_head_blocks_ip=IP
status_head_blocks_stime=Start time
status_head_blocks_etime=End time
status_rules_plus_more=+ $1 more status_rules_plus_more=+ $1 more
status_jail_unblock_ip=Remove $1 from banned list status_jail_unblock_ip=Remove $1 from banned list
status_jail_unblock=Unblock All IPs for Selected Jails status_jail_unblock=Unblock Selected Jails
status_jail_unblock_ips=Unblock Selected IP
status_jail_noactive=There are no active jails enabled yet. status_jail_noactive=There are no active jails enabled yet.
status_jail_noactiveips=There are no blocked entries in jail <tt>$1</tt> found.
status_err_set=Failed set action status_err_set=Failed set action
status_err_unblock=Failed to unblock action status_err_unblock=Failed to unblock action
status_err_nojail=No jails have been selected status_err_nojail=No jails have been selected
status_err_noips=No IP has been selected
status_err_unban=Cannot un-ban $1 IP address status_err_unban=Cannot un-ban $1 IP address
status_err_unbanjail=Cannot un-ban $1 jail
syslog_logtarget=Fail2Ban action log syslog_logtarget=Fail2Ban action log

17
fail2ban/list_status.cgi
View File

@ -8,7 +8,7 @@ no warnings 'uninitialized';
require './fail2ban-lib.pl'; require './fail2ban-lib.pl';
our (%in, %text, %config); our (%in, %text, %config);
&ui_print_header(undef, $text{'status_title2'}, ""); &ui_print_header(undef, $text{'status_title'}, "");
my $out = &backquote_logged("$config{'client_cmd'} status 2>&1 </dev/null"); my $out = &backquote_logged("$config{'client_cmd'} status 2>&1 </dev/null");
my ($jail_list) = $out =~ /jail\s+list:\s*(.*)/im; my ($jail_list) = $out =~ /jail\s+list:\s*(.*)/im;
@ -25,13 +25,13 @@ if (@jails) {
my $fh = 'cmdjail'; my $fh = 'cmdjail';
my $cmd = "$config{'client_cmd'} status ".quotemeta($jail); my $cmd = "$config{'client_cmd'} status ".quotemeta($jail);
my $jcmd = "$cmd 2>&1 </dev/null"; my $jcmd = "$cmd 2>&1 </dev/null";
my @head = (undef, $text{"status_head_jail_name"}); my @head = (undef, $text{"status_head_jail_blocks"});
my @body = (&ui_link("edit_jail.cgi?name=".urlize($jail), "&nbsp;".&html_escape($jail))); my @body = (&ui_link("jail_blocks.cgi?jail=".urlize($jail), "&nbsp;".&html_escape($jail)));
my $br = '<br>'; my $br = '<br>';
my $nbsp = '&nbsp;'; my $nbsp = '&nbsp;';
my $ipslimit = sub { my $ipslimit = sub {
my ($ips, $limit) = @_; my ($ips, $limit) = @_;
$limit ||= 15; $limit ||= 10;
# Limit sanity check # Limit sanity check
$limit = 1 if ($limit < 1); $limit = 1 if ($limit < 1);
my $ipscount = () = $ips =~ /$br/g; my $ipscount = () = $ips =~ /$br/g;
@ -39,7 +39,9 @@ if (@jails) {
my @ips = split($br, $ips); my @ips = split($br, $ips);
@ips = @ips[0 .. $limit]; @ips = @ips[0 .. $limit];
$ips = join($br, @ips); $ips = join($br, @ips);
$ips .= "<small style='cursor: default;'>$br".&text('status_rules_plus_more', $ipscount-$limit)."</small>"; $ips .= "<small style='cursor: default;'>$br".
(&ui_link("jail_blocks.cgi?jail=".urlize($jail),
"&nbsp;".&text('status_rules_plus_more', $ipscount-$limit)))."</small>";
} }
return $ips; return $ips;
}; };
@ -57,7 +59,7 @@ if (@jails) {
if ($col =~ /banned_ip_list/) { if ($col =~ /banned_ip_list/) {
$jips = $val; $jips = $val;
my @ips = split(/\s+/, $val); my @ips = split(/\s+/, $val);
@ips = map { "<small $tal><tt><label $lwf>" . &ui_link("unblock_jail.cgi?unblock=1&jips-@{[&urlize($jail)]}=@{[&urlize($_)]}&jail=@{[&urlize($jail)]}", $_, undef, @ips = map { "<small $tal><tt><label $lwf>" . &ui_link("unblock_jailed_ip.cgi?ip=@{[&urlize($_)]}&jail=@{[&urlize($jail)]}", $_, undef,
"title=\"@{[&text('status_jail_unblock_ip', &quote_escape($_))]}\" onmouseover=\"this.style.textDecoration='line-through'\" onmouseout=\"this.style.textDecoration='none'\"" "title=\"@{[&text('status_jail_unblock_ip', &quote_escape($_))]}\" onmouseover=\"this.style.textDecoration='line-through'\" onmouseout=\"this.style.textDecoration='none'\""
) . "</label></tt></small>" } @ips; ) . "</label></tt></small>" } @ips;
$val = "<br>" if ($val); $val = "<br>" if ($val);
@ -82,9 +84,6 @@ if (@jails) {
if ($head) { if ($head) {
print &ui_columns_end(); print &ui_columns_end();
print &ui_links_row(\@links); print &ui_links_row(\@links);
foreach my $j (@jipsall) {
print &ui_hidden("jips-$j->[0]", "$j->[1]");
}
print &ui_form_end([ [ 'unblock', $text{'status_jail_unblock'} ] ]); print &ui_form_end([ [ 'unblock', $text{'status_jail_unblock'} ] ]);
} }
} }

9
fail2ban/unblock_jail.cgi
View File

@ -1,5 +1,5 @@
#!/usr/local/bin/perl #!/usr/local/bin/perl
# Create, update or delete a action # Unblock specific jail
use strict; use strict;
use warnings; use warnings;
@ -18,14 +18,9 @@ my @jails = split(/\0/, $in{'jail'});
# Processes jails actions # Processes jails actions
my @jailsmod; my @jailsmod;
foreach my $jail (@jails) { foreach my $jail (@jails) {
my @jailips = split(/\s+/, $in{"jips-$jail"}); &unblock_jail($jail);
if (@jailips) {
foreach my $ip (@jailips) {
&unblock_jailed_ip($jail, $ip);
push(@jailsmod, $jail); push(@jailsmod, $jail);
} }
}
}
# Log and redirect # Log and redirect
&webmin_log('update', 'jail', join(", ", &unique(@jailsmod))) if (@jailsmod); &webmin_log('update', 'jail', join(", ", &unique(@jailsmod))) if (@jailsmod);

29
fail2ban/unblock_jailed_ip.cgi Normal file
View File

@ -0,0 +1,29 @@
#!/usr/local/bin/perl
# Unblock specific IP in jail
use strict;
use warnings;
no warnings 'redefine';
no warnings 'uninitialized';
require './fail2ban-lib.pl';
our (%in, %text, %config);
&ReadParse();
&error_setup($text{'status_err_set'});
my $jail = $in{'jail'};
my @ips = split(/\0/, $in{'ip'});
# Error checks
$jail || &error($text{'status_err_nojail'});
@ips || &error($text{'status_err_noips'});
# Processes jails actions
my @jailips;
foreach my $ip (@ips) {
&unblock_jailed_ip($jail, $ip);
push(@jailips, $ip);
}
# Log and redirect
&webmin_log('update', 'jail', $jail) if (@jailips);
&redirect($in{'return'} ? $ENV{'HTTP_REFERER'} : "list_status.cgi");