Add missing banaction_allports setting to update settings function

2026-04-17 05:53:15 +02:00 · 2025-12-04 19:57:58 +01:00
parent 13704df994
commit 0f2a3a1e32
2 changed files with 35 additions and 13 deletions
--- a/internal/config/settings.go
+++ b/internal/config/settings.go
@@ -756,13 +756,16 @@ func ensureJailLocalStructure() error {
 		existingContent = string(content)
 	}
-	// Check if file already has our banner (indicating it's already structured)
+	// Check if file already has our full banner (indicating it's already properly structured)
-	hasBanner := strings.Contains(existingContent, "Fail2Ban-UI") || strings.Contains(existingContent, "fail2ban-ui")
+	// Check for the complete banner pattern with hash line separators
 	hasFullBanner := strings.Contains(existingContent, "################################################################################") &&
 		strings.Contains(existingContent, "Fail2Ban-UI Managed Configuration") &&
 		strings.Contains(existingContent, "DO NOT EDIT THIS FILE MANUALLY")
 	hasActionMwlg := strings.Contains(existingContent, "action_mwlg") && strings.Contains(existingContent, "ui-custom-action")
 	hasActionOverride := strings.Contains(existingContent, "action = %(action_mwlg)s")
 	// If file is already properly structured, just ensure DEFAULT section is up to date
-	if hasBanner && hasActionMwlg && hasActionOverride {
+	if hasFullBanner && hasActionMwlg && hasActionOverride {
 		DebugLog("jail.local already has proper structure, updating DEFAULT section if needed")
 		// Update DEFAULT section values without changing structure
 		return updateJailLocalDefaultSection(settings)
@@ -848,14 +851,30 @@ func updateJailLocalDefaultSection(settings AppSettings) error {
 	inDefault := false
 	defaultUpdated := false
 	// Convert IgnoreIPs array to space-separated string
 	ignoreIPStr := strings.Join(settings.IgnoreIPs, " ")
 	if ignoreIPStr == "" {
 		ignoreIPStr = "127.0.0.1/8 ::1"
 	}
 	// Set default banaction values if not set
 	banaction := settings.Banaction
 	if banaction == "" {
 		banaction = "iptables-multiport"
 	}
 	banactionAllports := settings.BanactionAllports
 	if banactionAllports == "" {
 		banactionAllports = "iptables-allports"
 	}
 	// Keys to update
 	keysToUpdate := map[string]string{
-		"bantime.increment": fmt.Sprintf("bantime.increment = %t", settings.BantimeIncrement),
+		"bantime.increment":  fmt.Sprintf("bantime.increment = %t", settings.BantimeIncrement),
-		"ignoreip":          fmt.Sprintf("ignoreip = %s", strings.Join(settings.IgnoreIPs, " ")),
+		"ignoreip":           fmt.Sprintf("ignoreip = %s", ignoreIPStr),
-		"bantime":           fmt.Sprintf("bantime = %s", settings.Bantime),
+		"bantime":            fmt.Sprintf("bantime = %s", settings.Bantime),
-		"findtime":          fmt.Sprintf("findtime = %s", settings.Findtime),
+		"findtime":           fmt.Sprintf("findtime = %s", settings.Findtime),
-		"maxretry":          fmt.Sprintf("maxretry = %d", settings.Maxretry),
+		"maxretry":           fmt.Sprintf("maxretry = %d", settings.Maxretry),
-		"destemail":         fmt.Sprintf("destemail = %s", settings.Destemail),
+		"destemail":          fmt.Sprintf("destemail = %s", settings.Destemail),
 		"banaction":          fmt.Sprintf("banaction = %s", banaction),
 		"banaction_allports": fmt.Sprintf("banaction_allports = %s", banactionAllports),
 	}
 	keysUpdated := make(map[string]bool)
--- a/internal/fail2ban/connector_ssh.go
+++ b/internal/fail2ban/connector_ssh.go
@@ -793,22 +793,23 @@ settings = {
    'banaction_allports': banaction_allports_val
 }
-# Check if file already has our banner
+# Check if file already has our full banner (indicating it's already properly structured)
-has_banner = False
+has_full_banner = False
 has_action_mwlg = False
 has_action_override = False
 try:
    with open(jail_file, 'r') as f:
        content = f.read()
-        has_banner = 'Fail2Ban-UI' in content or 'fail2ban-ui' in content
+        # Check for the complete banner pattern with hash line separators
        has_full_banner = '################################################################################' in content and 'Fail2Ban-UI Managed Configuration' in content and 'DO NOT EDIT THIS FILE MANUALLY' in content
        has_action_mwlg = 'action_mwlg' in content and 'ui-custom-action' in content
        has_action_override = 'action = %%(action_mwlg)s' in content
 except FileNotFoundError:
    pass
 # If already properly structured, just update DEFAULT section
-if has_banner and has_action_mwlg and has_action_override:
+if has_full_banner and has_action_mwlg and has_action_override:
    try:
        with open(jail_file, 'r') as f:
            lines = f.readlines()
@@ -862,6 +863,8 @@ if has_banner and has_action_mwlg and has_action_override:
            ('findtime', 'findtime = ' + settings['findtime']),
            ('maxretry', 'maxretry = ' + str(settings['maxretry'])),
            ('destemail', 'destemail = ' + settings['destemail']),
            ('banaction', 'banaction = ' + settings['banaction']),
            ('banaction_allports', 'banaction_allports = ' + settings['banaction_allports']),
        ]:
            if key not in keys_updated:
                for i, output_line in enumerate(output_lines):