Replies: 1 comment 1 reply
-
I guess - no. But since fail2ban already stores the matches in its database, I don't think you need some action (and a helper script) which will store it in some extra database. A simple view script (obtaining data from fail2ban status, log and sqlite-database) would be enough. Here you can find an example how to get info from database via command line - #2659 (comment) This is a small python script generating a html table for single IP (supplied as first argument): #!/usr/bin/python
dbpath='/var/lib/fail2ban/fail2ban.sqlite3';
import sys, logging; logging.basicConfig(stream=sys.stdout, level=logging.ERROR);
from fail2ban.server.database import Fail2BanDb;
try:
from html import escape # python 3.x
except ImportError:
from cgi import escape # python 2.x
def esc(s):
return escape(str(s))
def time2str(v):
d = float(v) / 86400
s = float(v % 86400)
if d >= 1: return '%.1f days' % d
t = s / 60 / 60
if t >= 1: return '%.1f hours' % t
t = int(s / 60) % 60
if t: return '%s min' % t
return 'sec'
ip = sys.argv[1];
db = Fail2BanDb(dbpath);
cur = db._db.cursor()
for r in cur.execute('''select datetime(timeofban, 'unixepoch', 'localtime') as startofban,
datetime(timeofban + bantime, 'unixepoch', 'localtime') as endofban,
(select '*' where datetime(timeofban + bantime, 'unixepoch', 'localtime') > datetime('now', 'localtime')) as act,
jail, cast(bantime as int) bantime, bancount, data
from (
select ip, jail, timeofban, bantime, bancount, data from bips where ip = ?1
union
select ip, jail, timeofban, bantime, bancount, data from bans where ip = ?1
)
order by endofban desc
limit 50;
''', (ip,)):
s = '<table style="width:100% !important; table-layout:fixed;"><tr>'
names = list(map(lambda x: x[0], cur.description))
for v in names[0:-1]:
s += '<th>' + esc(v) + '</th>'
s += '</tr><tr>'
for i,v in enumerate(r[0:-1]):
if names[i] == 'bantime':
v = '%s (%s)' % (v, time2str(v))
s += '<td>' + esc(v) + '</td>'
s += '</tr>'
print(s)
for k, v in r[-1].iteritems():
if k == 'matches':
s = '\n'.join(map(esc, v))
print('<tr><th>%s</th><td colspan=6><pre style="overflow-x:auto; width:100%% !important">%s</pre></td></tr>' % (esc(k), s))
continue
print('<tr><th>%s</th><td colspan=6>%s</td></tr>' % (esc(k), esc(v)))
print('</table>') The same you can do using PHP or whatever scripting you prefer. |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The mentioned site is no longer active.
fail2ban/config/action.d/abuseipdb.conf
Lines 76 to 83 in 6893d5a
Beta Was this translation helpful? Give feedback.
All reactions