Subsonic
Subsonic copied to clipboard
Published
20 hours ago •
daneren2005
daneren2005
Airsonic-Advanced + DSub + SWAG = fail2ban ban
Hello,
I am running an Airsonic-Advanced server on Docker and I have a SWAG HTTPS proxy to access my services from the WAN.
The SWAG container is running fail2ban and DSub is the only app that consistently triggers the nginx-unauthorized filter and leads to my client IP being banned. This does not happen with Ultrasonic.
Here are the NGINX access logs:
REDACTED-IP - - [11/Dec/2022:11:17:02 +0200] "GET /rest/getRandomSongs.view?u=s&p=enc:null&v=1.2.0&c=DSub&size=50 HTTP/1.1" 200 209 "-" "DSub"
REDACTED-IP - - [11/Dec/2022:11:17:05 +0200] "GET /rest/getMusicFolders.view?u=s&p=enc:null&v=1.2.0&c=DSub HTTP/1.1" 200 209 "-" "DSub"
REDACTED-IP - - [11/Dec/2022:11:17:08 +0200] "GET /rest/getMusicFolders.view?u=s&p=enc:null&v=1.2.0&c=DSub HTTP/1.1" 200 209 "-" "DSub"
REDACTED-IP - - [11/Dec/2022:11:17:12 +0200] "GET /rest/getAvatar.view?u=s&p=enc:null&v=1.2.0&c=DSub&username=s HTTP/1.1" 200 209 "-" "DSub"
REDACTED-IP - - [11/Dec/2022:11:17:12 +0200] "GET /rest/getRandomSongs.view?u=s&p=enc:null&v=1.2.0&c=DSub&size=50 HTTP/1.1" 200 209 "-" "DSub"
REDACTED-IP - - [11/Dec/2022:11:17:14 +0200] "GET /rest/ping.view?u=s&p=enc:null&v=1.2.0&c=DSub HTTP/1.1" 200 209 "-" "DSub"
REDACTED-IP - s [11/Dec/2022:11:17:20 +0200] "GET /rest/ping.view?u=s&p=enc:null&v=1.2.0&c=DSub HTTP/1.1" 401 117 "-" "DSub"
REDACTED-IP - s [11/Dec/2022:11:17:30 +0200] "GET /rest/ping.view?u=s&p=enc:null&v=1.2.0&c=DSub HTTP/1.1" 401 117 "-" "DSub"
REDACTED-IP - s [11/Dec/2022:11:17:47 +0200] "GET /rest/ping.view?u=s&p=enc:null&v=1.2.0&c=DSub HTTP/1.1" 401 117 "-" "DSub"
REDACTED-IP - s [11/Dec/2022:11:17:53 +0200] "GET /rest/getUser.view?u=s&p=enc:null&v=1.2.0&c=DSub&username=s HTTP/1.1" 401 120 "-" "DSub"
REDACTED-IP - - [11/Dec/2022:11:23:06 +0200] "GET /rest/ping.view?u=s&c=Ultrasonic&f=json&v=1.7.0&p=enc:35303034353030355362 HTTP/2.0" 200 85 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:06 +0200] "GET /rest/ping.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=d2418ecbb5d384aa1b46f56d35a287fe&s=910066075AE88D157C6ED5E2F5AD9FD4 HTTP/2.0" 200 85 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:06 +0200] "GET /rest/getChatMessages.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=0b3f46fd25859a8ded37dd3c83ab3006&s=76FD31C3F95311908202792C8F53B20F HTTP/2.0" 410 19 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:07 +0200] "GET /rest/getBookmarks.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=16fff0daf3e3aeb0351930dcf24510a3&s=6E2C7A0325A809AAA0DC3CBAA2CAB4C3 HTTP/2.0" 200 91876 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:07 +0200] "GET /rest/getShares.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=297c4e1da7f848881a192a6fc4d70ed4&s=371D2417A3F568B27C5316891C081909 HTTP/2.0" 200 113 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:07 +0200] "GET /rest/getPodcasts.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=7bac89637d43cee935791fba2ddf27b1&s=3BB6789B44BD38B14B5066A053CB4FCE HTTP/2.0" 200 115 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:07 +0200] "GET /rest/getLicense.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=1fd97719610c7dd29cf4c978da54c791&s=CAAE68940EEDF2897511B7E3FCC47928 HTTP/2.0" 200 290 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:19 +0200] "GET /rest/getArtists.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=0a07ae9dcde9330692e90d8117189554&s=BF0BEA7891DAC5C321C745371F0ACE5F HTTP/2.0" 200 91058 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-72&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=cea7a6524928f56e1bddde58b09b33d7&s=D8F8AEF2922F5FA63894C375637E66C1 HTTP/2.0" 200 79765 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-307&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=6957864c45ab68c9f950fe111d63bf71&s=2BF7BD33E1A7BB2BD0FD584C0A4DE367 HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-102&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=a62f614e619270f96c08587339016e42&s=8D1F7DF2913731029E88369BEDAE4BAA HTTP/2.0" 200 75695 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-351&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=4570411bd2280fb9c688ae5c207b6880&s=AC047F84A760A3EBCB257F76C7C5061D HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-573&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=49f331609d37e220bdea1c12c6dc871f&s=B34F328331E422615A982992CA9B0A55 HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-134&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=413c754b72aad230bcab38297e28119a&s=E22CA7B0B561D85305E894833C53D28C HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-500&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=36d7f0b986616887477411990a23a85f&s=7222A597729B419B9B5FB611FC13F2A2 HTTP/2.0" 200 115569 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-487&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=ae390c498269e54d580f1f192f6a8fc3&s=216144321BE74AF7E2DDAB4CA50E5D7C HTTP/2.0" 200 75695 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-168&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=c6b87bd3a3bfe43778281bbc4e8e66ae&s=DF000A26E44761933F56CD0158A9455B HTTP/2.0" 200 75695 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-575&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=788ae9bac47c2f822c9dc2261151e1a2&s=05186F79E71B6AB6FF635F628C3D685E HTTP/2.0" 200 90763 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:20 +0200] "GET /rest/getCoverArt.view?id=ar-357&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=7243a068cdbfe2ee9dee566086447c9a&s=EDE03470B6963418085F0DBC7AD5BEB0 HTTP/2.0" 200 129741 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:30 +0200] "GET /rest/getArtists.view?u=s&c=Ultrasonic&f=json&v=1.7.0&p=enc:35303034353030355362 HTTP/2.0" 200 91058 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:34 +0200] "GET /rest/getArtists.view?u=s&c=Ultrasonic&f=json&v=1.15.0&t=3601776a35950bdf8991fe91304dbb08&s=F5D5498E04A3FF36E6091A10CF86A8A2 HTTP/2.0" 200 91058 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:43 +0200] "GET /rest/search3.view?query=terror&artistCount=10&albumCount=20&songCount=25&u=s&c=Ultrasonic&f=json&v=1.15.0&t=fd7b1610212368af58c085c228a94a44&s=2BE9A954E8215F31A1249A74B0052F55 HTTP/2.0" 200 1346 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:43 +0200] "GET /rest/getCoverArt.view?id=ar-69&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=6324602db2ace78b15b6f3f411f6aded&s=75C3C495BC9A9FD315A5D0E6C69731A5 HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:43 +0200] "GET /rest/getCoverArt.view?id=al-477&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=11f74ec5ef832ab511ef20f66cb80cfc&s=42CA409BC37A5AC9105CDD76064987BE HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:46 +0200] "GET /rest/getArtist.view?id=69&u=s&c=Ultrasonic&f=json&v=1.15.0&t=8c14632933c1e99b9f9ce0f0a103df27&s=F1FFF5E0FA6CC1B54F7DB8CD00E3E876 HTTP/2.0" 200 555 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:47 +0200] "GET /rest/getAlbum.view?id=477&u=s&c=Ultrasonic&f=json&v=1.15.0&t=7e337b0d184666f7a505cfd046784a47&s=36F8911DE691C1DB78BB760A1EEB08AD HTTP/2.0" 200 1105 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:47 +0200] "GET /rest/getCoverArt.view?id=1412&size=512&u=s&c=Ultrasonic&f=json&v=1.15.0&t=6dce618dd997b1a2a8d1dfa623b91429&s=F5B6736AAD57869D1620977ABE07FF2A HTTP/2.0" 200 47758 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:49 +0200] "GET /rest/getUser.view?username=s&u=s&c=Ultrasonic&f=json&v=1.15.0&t=61f405414ee8b1c0df6b8800af765795&s=E7C2B595A52E2B969ABDC66DA81C3A10 HTTP/2.0" 200 630 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/stream.view?id=4081&maxBitRate=0&u=s&c=Ultrasonic&f=json&v=1.15.0&t=08762afcdb9591d46daa0567f9086a0a&s=F0C5F34442F52715949B3C67DC92989A HTTP/2.0" 200 3502823 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/stream.view?id=4081&u=s&c=Ultrasonic&f=json&v=1.15.0&t=f1e1e780f6f531c1eaf9b15b253c29a9&s=D8F916964C3825A7C7AC3EB806E7A885 HTTP/2.0" 200 3502823 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/getCoverArt.view?id=1412&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=04032b5849c9c9924ae0109f031bda0b&s=62B383CB1133B862ACD5141F343E6C36 HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/getCoverArt.view?id=1412&size=3088&u=s&c=Ultrasonic&f=json&v=1.15.0&t=21c048c441ede3d43f4dd2d0f116ff18&s=9B34BF19923D0D4E7A9AB0FDEFED8925 HTTP/2.0" 200 583126 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/getCoverArt.view?id=1412&size=3088&u=s&c=Ultrasonic&f=json&v=1.15.0&t=a25429c1be85cf84577ce6de6c893b60&s=232151436A3067FFBFBC8D996AF030C9 HTTP/2.0" 200 583126 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/getCoverArt.view?id=1412&size=3088&u=s&c=Ultrasonic&f=json&v=1.15.0&t=20ed470a8a1633877be3ff83791c3f8d&s=D4B66CAAC1EE953839202DACCDFD8037 HTTP/2.0" 200 583126 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/getCoverArt.view?id=ar-69&size=3088&u=s&c=Ultrasonic&f=json&v=1.15.0&t=479de7c5a731223256b755fda0ce56b7&s=DF8D7CA23C3C7B65AF829C272C729CFC HTTP/2.0" 200 583126 "-" "okhttp/4.10.0"
REDACTED-IP - - [11/Dec/2022:11:23:50 +0200] "GET /rest/getCoverArt.view?id=1412&size=700&u=s&c=Ultrasonic&f=json&v=1.15.0&t=173db71db9c0588cf61c6814393e1f48&s=B9AEAFEE045EE4CF8C6A6569ED0365B8 HTTP/2.0" 200 77178 "-" "okhttp/4.10.0"
