diff options
| author | Dirk Brenken <dev@brenken.org> | 2019-11-30 17:26:41 +0100 |
|---|---|---|
| committer | Dirk Brenken <dev@brenken.org> | 2019-11-30 19:31:14 +0100 |
| commit | e97f350a00e120037f9d00b669fdd8bde00ea12d (patch) | |
| tree | 20ec4614750341dc5084d08c2871e7a1741459c7 /net/banip/files | |
| parent | 3ca455e79ee8e3bf3e662d95a174d20802e21b7a (diff) | |
banip: update 0.3.11
* fix ssh daemon autodetection
* fix 'sshd' logfile parsing
Signed-off-by: Dirk Brenken <dev@brenken.org>
Diffstat (limited to 'net/banip/files')
| -rwxr-xr-x | net/banip/files/banip.service | 2 | ||||
| -rwxr-xr-x | net/banip/files/banip.sh | 23 |
2 files changed, 17 insertions, 8 deletions
diff --git a/net/banip/files/banip.service b/net/banip/files/banip.service index 45d1a62fa..eab59cc33 100755 --- a/net/banip/files/banip.service +++ b/net/banip/files/banip.service @@ -29,7 +29,7 @@ if [ -x "${ban_logread}" ] then f_log "info" "log/banIP service started" "${ban_logread}" -f -e "${ban_sshdaemon}\|luci: failed login" | \ - { grep -qE "Exit before auth|luci: failed login|[0-9]+ \[preauth\]$"; [ $? -eq 0 ] && /etc/init.d/banip refresh; } + { grep -q "Exit before auth\|luci: failed login\|error: maximum authentication attempts exceeded"; [ $? -eq 0 ] && /etc/init.d/banip refresh; } else f_log "err" "can't start log/banIP service" fi diff --git a/net/banip/files/banip.sh b/net/banip/files/banip.sh index 0a0f4d0fd..14c4e838a 100755 --- a/net/banip/files/banip.sh +++ b/net/banip/files/banip.sh @@ -13,7 +13,7 @@ # LC_ALL=C PATH="/usr/sbin:/usr/bin:/sbin:/bin" -ban_ver="0.3.10" +ban_ver="0.3.11" ban_basever="" ban_enabled=0 ban_automatic="1" @@ -280,13 +280,16 @@ f_envcheck() # if [ -z "${ban_sshdaemon}" ] then - utils="dropbear sshd" + utils="sshd dropbear" for util in ${utils} do if [ -x "$(command -v "${util}")" ] then - ban_sshdaemon="${util}" - break + if [ "$("/etc/init.d/${util}" enabled; printf "%u" ${?})" -eq 0 ] + then + ban_sshdaemon="${util}" + break + fi fi done fi @@ -636,7 +639,13 @@ f_main() local src_name src_on src_url src_rset src_setipv src_settype src_ruletype src_cat src_log src_addon src_ts src_rc local wan_input wan_forward lan_input lan_forward target_src target_dst ssh_log luci_log - ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/:[0-9]*$//g')" + if [ "${ban_sshdaemon}" = "dropbear" ] + then + ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/:[0-9]*$//g')" + elif [ "${ban_sshdaemon}" = "sshd" ] + then + ssh_log="$(logread -e "${ban_sshdaemon}" | grep -o "${ban_sshdaemon}.*" | sed 's/ port.*$//g')" + fi luci_log="$(logread -e "luci: failed login" | grep -o "luci:.*")" mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)" mem_free="$(awk '/^MemFree/ {print int($2/1000)}' "/proc/meminfo" 2>/dev/null)" @@ -748,7 +757,7 @@ f_main() done elif [ "${ban_sshdaemon}" = "sshd" ] then - src_addon="$(printf "%s\\n" "${ssh_log}" | grep -E "[0-9]+ \[preauth\]$" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" + src_addon="$(printf "%s\\n" "${ssh_log}" | grep -F "error: maximum authentication attempts exceeded" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" fi src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/([0-9]{1,3}\.){3}[0-9]{1,3}$/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" ;; @@ -762,7 +771,7 @@ f_main() done elif [ "${ban_sshdaemon}" = "sshd" ] then - src_addon="$(printf "%s\\n" "${ssh_log}" | grep -E "[0-9]+ \[preauth\]$" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" + src_addon="$(printf "%s\\n" "${ssh_log}" | grep -F "error: maximum authentication attempts exceeded" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" fi src_addon="${src_addon} $(printf "%s\\n" "${luci_log}" | awk 'match($0,/(([0-9A-f]{0,4}::?){1,7}[0-9A-f]{0,4}$)/){ORS=" ";print substr($0,RSTART,RLENGTH)}')" ;; |