|
|
@@ -25,21 +25,22 @@ RULES[5] = 'SOGo.+ Login from \'([0-9a-f\.:]+)\' for user .+ might not have work
|
|
|
RULES[6] = 'mailcow UI: Invalid password for .+ by ([0-9a-f\.:]+)'
|
|
|
|
|
|
if not r.get('F2B_OPTIONS'):
|
|
|
- f2options = {}
|
|
|
- f2options['ban_time'] = int
|
|
|
- f2options['max_attempts'] = int
|
|
|
- f2options['retry_window'] = int
|
|
|
- f2options['netban_ipv4'] = int
|
|
|
- f2options['netban_ipv6'] = int
|
|
|
- f2options['ban_time'] = r.get('F2B_BAN_TIME') or 1800
|
|
|
- f2options['max_attempts'] = r.get('F2B_MAX_ATTEMPTS') or 10
|
|
|
- f2options['retry_window'] = r.get('F2B_RETRY_WINDOW') or 600
|
|
|
- f2options['netban_ipv4'] = r.get('F2B_NETBAN_IPV4') or 24
|
|
|
- f2options['netban_ipv6'] = r.get('F2B_NETBAN_IPV6') or 64
|
|
|
- r.set('F2B_OPTIONS', json.dumps(f2options, ensure_ascii=False))
|
|
|
+ f2boptions = {}
|
|
|
+ f2boptions['ban_time'] = int
|
|
|
+ f2boptions['max_attempts'] = int
|
|
|
+ f2boptions['retry_window'] = int
|
|
|
+ f2boptions['netban_ipv4'] = int
|
|
|
+ f2boptions['netban_ipv6'] = int
|
|
|
+ f2boptions['ban_time'] = r.get('F2B_BAN_TIME') or 1800
|
|
|
+ f2boptions['max_attempts'] = r.get('F2B_MAX_ATTEMPTS') or 10
|
|
|
+ f2boptions['retry_window'] = r.get('F2B_RETRY_WINDOW') or 600
|
|
|
+ f2boptions['netban_ipv4'] = r.get('F2B_NETBAN_IPV4') or 24
|
|
|
+ f2boptions['netban_ipv6'] = r.get('F2B_NETBAN_IPV6') or 64
|
|
|
+ r.set('F2B_OPTIONS', json.dumps(f2boptions, ensure_ascii=False))
|
|
|
else:
|
|
|
try:
|
|
|
- f2options = json.loads(r.get('F2B_OPTIONS'))
|
|
|
+ f2boptions = {}
|
|
|
+ f2boptions = json.loads(r.get('F2B_OPTIONS'))
|
|
|
except ValueError, e:
|
|
|
print 'Error loading F2B options: F2B_OPTIONS is not json'
|
|
|
raise SystemExit(1)
|
|
|
@@ -52,11 +53,11 @@ log = {}
|
|
|
quit_now = False
|
|
|
|
|
|
def ban(address):
|
|
|
- BAN_TIME = int(f2options['ban_time'])
|
|
|
- MAX_ATTEMPTS = int(f2options['max_attempts'])
|
|
|
- RETRY_WINDOW = int(f2options['retry_window'])
|
|
|
- NETBAN_IPV4 = '/' + str(f2options['netban_ipv4'])
|
|
|
- NETBAN_IPV6 = '/' + str(f2options['netban_ipv6'])
|
|
|
+ BAN_TIME = int(f2boptions['ban_time'])
|
|
|
+ MAX_ATTEMPTS = int(f2boptions['max_attempts'])
|
|
|
+ RETRY_WINDOW = int(f2boptions['retry_window'])
|
|
|
+ NETBAN_IPV4 = '/' + str(f2boptions['netban_ipv4'])
|
|
|
+ NETBAN_IPV6 = '/' + str(f2boptions['netban_ipv6'])
|
|
|
WHITELIST = r.hgetall('F2B_WHITELIST')
|
|
|
|
|
|
ip = ipaddress.ip_address(address.decode('ascii'))
|
|
|
@@ -225,8 +226,8 @@ def snat(snat_target):
|
|
|
|
|
|
def autopurge():
|
|
|
while not quit_now:
|
|
|
- BAN_TIME = f2options['ban_time']
|
|
|
- MAX_ATTEMPTS = f2options['max_attempts']
|
|
|
+ BAN_TIME = f2boptions['ban_time']
|
|
|
+ MAX_ATTEMPTS = f2boptions['max_attempts']
|
|
|
QUEUE_UNBAN = r.hgetall('F2B_QUEUE_UNBAN')
|
|
|
if QUEUE_UNBAN:
|
|
|
for net in QUEUE_UNBAN:
|
André Peters