vesta icon indicating copy to clipboard operation
vesta copied to clipboard

Published 20 hours ago verified publisher icon myvesta

Feature Request: Quick info about banned IP at Fail2Ban list (Host/Banlist/Location)

Open VasilisParaschos opened this issue 1 year ago • 2 comments

Describe the problem:

I believe it would be a nice feature of someone getting some info about a banned IP with a single click. Using the patch below, a search icon is added next to each IP of Fail2Ban list interface. Clicking on the search icon, info about Host, Banlists and Location of IP shows up. For each banlist, a green icon appears if IP is not found in the list, a red icon if found and a yellow icon in case the list could not be retrieved and/or is empty, thus green and yellow icon for this list. Hovering over a list name, the last retrieved date and last http code result is shown. Right now the cache of lists expires the next day or if session ends. In this state, caching is not ideally implemented (uses $_SESSION) because I had permission issues when writing to files. I think this feature could be improved by adding lists as a myVesta parameter somewhere, by making cache persist using files and maybe date expiration could be a parameter as well. I am not experienced with myVesta internals, so someone who is, could contribute an improved solution.

Patch for 0.9.9-0-6: diff.patch

Info / Host Provided by gethostbyaddr().

Info / Banlist Provided by 7 urls, see image.

Info / Location Provided by https://db-ip.com

How to clear session cache It is possible to clear cache of banlists by passing the following parameter: /list/firewall/banlist/?clear_cache=1

Notice on cache of banlists Some banlist providers provide plain IP addresses like a.b.c.d. Others provide IPs in CIDR format like a.b.c.0/24. I tried the approach of generating plain IPs from CIDR format and storing these plain IPs first but it generates VERY large cache data... Storing (currently) using CIDR format in cache takes about 750 KB.

image1

Steps to Reproduce:

Just go to Menu > Firewall > LIST FAIL2BAN after patching to see the search icon next to the listed ip.

Debian version:

Debian 11

VestaCP Version:

0.9.9-0-6

Installed Software (what you got with the installer):

WEB_SYSTEM='apache2' WEB_RGROUPS='www-data' WEB_PORT='8080' WEB_SSL_PORT='8443' WEB_SSL='mod_ssl' PROXY_SYSTEM='nginx' PROXY_PORT='80' PROXY_SSL_PORT='443' STATS_SYSTEM='webalizer,awstats' FTP_SYSTEM='proftpd' DNS_SYSTEM='bind9' MAIL_SYSTEM='exim4' ANTIVIRUS_SYSTEM='clamav-daemon' ANTISPAM_SYSTEM='spamassassin' IMAP_SYSTEM='dovecot' CRON_SYSTEM='cron' FIREWALL_SYSTEM='iptables' FIREWALL_EXTENSION='fail2ban' BACKUP_SYSTEM='local' LANGUAGE='en' VERSION='0.9.8' DB_SYSTEM='mysql'

VasilisParaschos avatar Feb 02 '24 12:02 VasilisParaschos

Can you make pull request?

myvesta avatar Feb 02 '24 13:02 myvesta

Yes, I just did #175.

VasilisParaschos avatar Feb 02 '24 14:02 VasilisParaschos