upgrading, and improving ban server

2024-08-30 12:27:32 +02:00 · 2024-08-30 12:27:32 +02:00 · 0593a2bfea
commit 0593a2bfea
parent dffa6b7ed7
3 changed files with 124 additions and 60 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -87,9 +87,9 @@ checksum = "8318a53db07bb3f8dca91a600466bdb3f2eaadeedfdbcf02e1accbad9271ba50"

 [[package]]
 name = "cc"
-version = "1.1.13"
+version = "1.1.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "72db2f7947ecee9b03b510377e8bb9077afa27176fdbff55c51027e976fdcc48"
+checksum = "57b6a275aa2903740dc87da01c62040406b8812552e97129a63ea8850a17c6e6"
 dependencies = [
 "shlex",
 ]
@ -137,10 +137,23 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80"

 [[package]]
-name = "filetime"
-version = "0.2.24"
+name = "env_logger"
+version = "0.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bf401df4a4e3872c4fe8151134cf483738e74b67fc934d6532c882b3d24a4550"
+checksum = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36"
+dependencies = [
+ "atty",
+ "humantime",
+ "log",
+ "regex",
+ "termcolor",
+]
+
+[[package]]
+name = "filetime"
+version = "0.2.25"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "35c0522e981e68cbfa8c3f978441a5f34b30b96e146b33cd3359176b50fe8586"
 dependencies = [
 "cfg-if",
 "libc",
@ -218,6 +231,15 @@ version = "0.3.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024"

+[[package]]
+name = "humantime"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f"
+dependencies = [
+ "quick-error",
+]
+
 [[package]]
 name = "inotify"
 version = "0.9.6"
@ -317,11 +339,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24"

 [[package]]
-name = "martillo-maldito"
+name = "logfmt_logger"
 version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "60da8a0835af8f55c23833348fae381a75380e4748465acc7faf094e426e2f0c"
+dependencies = [
+ "env_logger",
+ "log",
+ "termcolor",
+]
+
+[[package]]
+name = "martillo-maldito"
+version = "0.1.2"
 dependencies = [
 "iptables",
 "linemux",
+ "log",
+ "logfmt_logger",
 "openssl",
 "regex",
 "serde",
@ -400,9 +435,9 @@ dependencies = [

 [[package]]
 name = "object"
-version = "0.36.3"
+version = "0.36.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "27b64972346851a39438c60b341ebc01bba47464ae329e55cf343eb93964efd9"
+checksum = "084f1a5821ac4c651660a94a7153d27ac9d8a53736203f58b31945ded098070a"
 dependencies = [
 "memchr",
 ]
@ -436,7 +471,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
 dependencies = [
 "proc-macro2",
 "quote",
- "syn 2.0.75",
+ "syn 2.0.76",
 ]

 [[package]]
@ -513,10 +548,16 @@ dependencies = [
 ]

 [[package]]
-name = "quote"
-version = "1.0.36"
+name = "quick-error"
+version = "1.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7"
+checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0"
+
+[[package]]
+name = "quote"
+version = "1.0.37"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af"
 dependencies = [
 "proc-macro2",
 ]
@ -582,29 +623,29 @@ dependencies = [

 [[package]]
 name = "serde"
-version = "1.0.208"
+version = "1.0.209"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cff085d2cb684faa248efb494c39b68e522822ac0de72ccf08109abde717cfb2"
+checksum = "99fce0ffe7310761ca6bf9faf5115afbc19688edd00171d81b1bb1b116c63e09"
 dependencies = [
 "serde_derive",
 ]

 [[package]]
 name = "serde_derive"
-version = "1.0.208"
+version = "1.0.209"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "24008e81ff7613ed8e5ba0cfaf24e2c2f1e5b8a0495711e44fcd4882fca62bcf"
+checksum = "a5831b979fd7b5439637af1752d535ff49f4860c0f341d1baeb6faf0f4242170"
 dependencies = [
 "proc-macro2",
 "quote",
- "syn 2.0.75",
+ "syn 2.0.76",
 ]

 [[package]]
 name = "serde_json"
-version = "1.0.125"
+version = "1.0.127"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "83c8e735a073ccf5be70aa8066aa984eaf2fa000db6c8d0100ae605b366d31ed"
+checksum = "8043c06d9f82bd7271361ed64f415fe5e12a77fdb52e573e7f06a516dea329ad"
 dependencies = [
 "itoa",
 "memchr",
@ -679,15 +720,24 @@ dependencies = [

 [[package]]
 name = "syn"
-version = "2.0.75"
+version = "2.0.76"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6af063034fc1935ede7be0122941bafa9bacb949334d090b77ca98b5817c7d9"
+checksum = "578e081a14e0cefc3279b0472138c513f37b41a08d5a3cca9b6e4e8ceb6cd525"
 dependencies = [
 "proc-macro2",
 "quote",
 "unicode-ident",
 ]

+[[package]]
+name = "termcolor"
+version = "1.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755"
+dependencies = [
+ "winapi-util",
+]
+
 [[package]]
 name = "textwrap"
 version = "0.11.0"
@ -699,9 +749,9 @@ dependencies = [

 [[package]]
 name = "tokio"
-version = "1.39.3"
+version = "1.40.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9babc99b9923bfa4804bd74722ff02c0381021eafa4db9949217e3be8e84fff5"
+checksum = "e2b070231665d27ad9ec9b8df639893f46727666c6767db40317fbe920a5d998"
 dependencies = [
 "backtrace",
 "bytes",
@ -721,7 +771,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752"
 dependencies = [
 "proc-macro2",
 "quote",
- "syn 2.0.75",
+ "syn 2.0.76",
 ]

 [[package]]
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "martillo-maldito"
-version = "0.1.1"
+version = "0.1.2"
 edition = "2021"

 [dependencies]
@ -8,7 +8,9 @@ structopt = "0.3.26"
 iptables = "0.5.2"
 linemux = "0.3.0"
 regex = "1.10.6"
-tokio = { version = "1.39.3", features = ["macros", "rt", "rt-multi-thread", "signal"]}
+tokio = { version = "1.40.0", features = ["macros", "rt", "rt-multi-thread", "signal"]}
 openssl = { version = "0.10.66", features = ["vendored"] }
-serde = {version = "1.0.208", features = ["derive"]}
-serde_json = "1.0.125"
+serde = {version = "1.0.209", features = ["derive"]}
+serde_json = "1.0.127"
+log = "0.4.22"
+logfmt_logger = "0.1.1"
--- a/src/main.rs
+++ b/src/main.rs
@ -9,12 +9,15 @@ use iptables_wrapper::{
    map_secured_ports_allowed_ips, remove_allow_ip_for_port, secure_port, unsecure_port,
 };
 use linemux::MuxedLines;
+use log::{error, info};
 use login_attempt::LoginAttempt;
 use std::{collections::HashMap, path::PathBuf, thread::sleep, thread::spawn, time::Duration};
 use structopt::StructOpt;

 #[tokio::main]
 async fn main() {
+    logfmt_logger::init();
+
    match Cli::from_args() {
        Cli::BanServer {
            ssh_auth_log,
@ -79,11 +82,6 @@ async fn start_ban_server(
    ssh_auth_log: PathBuf,
    iptables_save: Option<PathBuf>,
 ) -> std::io::Result<()> {
-    let iptables = iptables::new(false).unwrap();
-    let mut lines = MuxedLines::new()?;
-    lines.add_file(&ssh_auth_log).await?;
-    let mut login_attempts: HashMap<String, usize> = HashMap::new();
-
    if let Some(iptables_save) = iptables_save {
        let seconds_iptables = Duration::from_secs(60);
        println!(
@ -97,39 +95,53 @@ async fn start_ban_server(
        });
    }

-    println!("Listeging to changer over file: {}", ssh_auth_log.display());
+    let iptables = iptables::new(false).unwrap();
+    let mut lines = MuxedLines::new()?;
+    lines.add_file(&ssh_auth_log).await?;
+    let mut login_attempts: HashMap<String, usize> = HashMap::new();
+
+    info!("listening changes over {}", ssh_auth_log.display());
    loop {
-        while let Ok(Some(line)) = lines.next_line().await {
-            if let Some(login_attempt) = LoginAttempt::capture(line.line()) {
-                println!(
-                    "Failed login attempt from {}@{}:{}",
-                    login_attempt.user, login_attempt.ip, login_attempt.port
-                );
+        let next_line = lines.next_line().await;

-                match login_attempts.get_mut(&login_attempt.ip) {
-                    Some(count) => {
-                        *count += 1;
+        if let Err(err) = next_line {
+            error!("reading next file: {}", err);
+            continue;
+        }
+        let line = next_line.unwrap();
+        if line.is_none() {
+            continue;
+        }

-                        if *count == 3 {
-                            if iptables
-                                .append_unique(
-                                    "filter",
-                                    "INPUT",
-                                    &format!("--source {} -j DROP", login_attempt.ip),
-                                )
-                                .is_ok()
-                            {
-                                println!("IP {} banned", login_attempt.ip);
-                            } else {
-                                println!("IP {} already banned", login_attempt.ip);
-                            }
+        let line = line.unwrap();

-                            login_attempts.remove(&login_attempt.ip);
+        if let Some(login_attempt) = LoginAttempt::capture(line.line()) {
+            info!(
+                "login attempt from {}@{}:{}",
+                login_attempt.user, login_attempt.ip, login_attempt.port
+            );
+
+            match login_attempts.get_mut(&login_attempt.ip) {
+                Some(count) => {
+                    *count += 1;
+
+                    if *count == 3 {
+                        if iptables
+                            .append_unique(
+                                "filter",
+                                "INPUT",
+                                &format!("--source {} -j DROP", login_attempt.ip),
+                            )
+                            .is_ok()
+                        {
+                            info!("IP {} banned", login_attempt.ip);
                        }
+
+                        login_attempts.remove(&login_attempt.ip);
                    }
-                    None => {
-                        login_attempts.insert(login_attempt.ip.clone(), 1);
-                    }
+                }
+                None => {
+                    login_attempts.insert(login_attempt.ip.clone(), 1);
                }
            }
        }