Implement basic jail management (turn off and on) and fix some old stuff

2026-04-17 05:53:15 +02:00 · 2025-02-26 16:55:21 +01:00
parent e19c24de08
commit 25238bf83c
12 changed files with 295 additions and 42 deletions
--- a/pkg/web/handlers.go
+++ b/pkg/web/handlers.go
@@ -233,7 +233,7 @@ func GetJailFilterConfigHandler(c *gin.Context) {
 	config.DebugLog("----------------------------")
 	config.DebugLog("GetJailFilterConfigHandler called (handlers.go)") // entry point
 	jail := c.Param("jail")
-	cfg, err := fail2ban.GetJailConfig(jail)
+	cfg, err := fail2ban.GetFilterConfig(jail)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
@@ -260,7 +260,7 @@ func SetJailFilterConfigHandler(c *gin.Context) {
 	}

 	// Write the filter config file to /etc/fail2ban/filter.d/<jail>.conf
-	if err := fail2ban.SetJailConfig(jail, req.Config); err != nil {
+	if err := fail2ban.SetFilterConfig(jail, req.Config); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
 	}
@@ -280,6 +280,49 @@ func SetJailFilterConfigHandler(c *gin.Context) {
 	//	})
 }

+// ManageJailsHandler returns a list of all jails (from jail.local and jail.d)
+// including their enabled status.
+func ManageJailsHandler(c *gin.Context) {
+	config.DebugLog("----------------------------")
+	config.DebugLog("ManageJailsHandler called (handlers.go)") // entry point
+	// Get all jails from jail.local and jail.d directories.
+	// This helper should parse both files and return []fail2ban.JailInfo.
+	jails, err := fail2ban.GetAllJails()
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to load jails: " + err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"jails": jails})
+}
+
+// UpdateJailManagementHandler updates the enabled state for each jail.
+// Expected JSON format: { "JailName1": true, "JailName2": false, ... }
+// After updating, the Fail2ban service is restarted.
+func UpdateJailManagementHandler(c *gin.Context) {
+	config.DebugLog("----------------------------")
+	config.DebugLog("UpdateJailManagementHandler called (handlers.go)") // entry point
+	var updates map[string]bool
+	if err := c.ShouldBindJSON(&updates); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid JSON: " + err.Error()})
+		return
+	}
+	// Update jail configuration file(s) with the new enabled states.
+	if err := fail2ban.UpdateJailEnabledStates(updates); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to update jail settings: " + err.Error()})
+		return
+	}
+	// Restart the Fail2ban service.
+	//if err := fail2ban.RestartFail2ban(); err != nil {
+	//	c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to reload fail2ban: " + err.Error()})
+	//	return
+	//}
+	if err := config.MarkReloadNeeded(); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"message": "Jail settings updated successfully"})
+}
+
 // GetSettingsHandler returns the entire AppSettings struct as JSON
 func GetSettingsHandler(c *gin.Context) {
 	config.DebugLog("----------------------------")
@@ -429,7 +472,7 @@ func sendEmail(to, subject, body string, settings config.AppSettings) error {
 	smtpHost := settings.SMTP.Host
 	smtpPort := settings.SMTP.Port
 	auth := LoginAuth(settings.SMTP.Username, settings.SMTP.Password)
-	smtpAddr := fmt.Sprintf("%s:%d", smtpHost, smtpPort)
+	smtpAddr := net.JoinHostPort(smtpHost, fmt.Sprintf("%d", smtpPort))

 	// **Choose Connection Type**
 	if smtpPort == 465 {
--- a/pkg/web/routes.go
+++ b/pkg/web/routes.go
@@ -34,10 +34,14 @@ func RegisterRoutes(r *gin.Engine) {
 		api.GET("/summary", SummaryHandler)
 		api.POST("/jails/:jail/unban/:ip", UnbanIPHandler)

-		// Config endpoints
+		// Routes for jail-filter management (TODO: rename API-call)
 		api.GET("/jails/:jail/config", GetJailFilterConfigHandler)
 		api.POST("/jails/:jail/config", SetJailFilterConfigHandler)

+		// Routes for jail management
+		api.GET("/jails/manage", ManageJailsHandler)
+		api.POST("/jails/manage", UpdateJailManagementHandler)
+
 		// Settings endpoints
 		api.GET("/settings", GetSettingsHandler)
 		api.POST("/settings", UpdateSettingsHandler)
@@ -46,6 +50,7 @@ func RegisterRoutes(r *gin.Engine) {
 		// Filter debugger endpoints
 		api.GET("/filters", ListFiltersHandler)
 		api.POST("/filters/test", TestFilterHandler)
+
 		// TODO: create or generate new filters
 		// api.POST("/filters/generate", GenerateFilterHandler)

--- a/pkg/web/templates/index.html
+++ b/pkg/web/templates/index.html
@@ -109,7 +109,7 @@
  <div id="dashboardSection" class="container my-4">
    <div class="d-flex align-items-center" style="position: relative;">
      <h1 class="mb-4 flex-grow-1" data-i18n="dashboard.title">Dashboard</h1>
-      <button class="btn btn-outline-secondary" style="position: absolute; right: 0; top: 0;" onclick="openManageJailsModal()" data-i18n="dashboard.manage_jails" title="This feature is currently being implemented." disabled>Manage Jails</button>
+      <button class="btn btn-outline-secondary" style="position: absolute; right: 0; top: 0;" onclick="openManageJailsModal()" data-i18n="dashboard.manage_jails">Manage Jails</button>
    </div>
    <div id="dashboard"></div>
  </div>
@@ -844,10 +844,10 @@
    }

    // Function: openManageJailsModal
-    // Fetches the list of jails (from /api/summary) and builds a list with toggle switches.
+    // Fetches the full-list of all jails (from /jails/manage) and builds a list with toggle switches.
    function openManageJailsModal() {
      showLoading(true);
-      fetch('/api/summary')
+      fetch('/api/jails/manage')
        .then(function(res) { return res.json(); })
        .then(function(data) {
          if (!data.jails || data.jails.length === 0) {
@@ -857,8 +857,7 @@
          }
          var html = '<div class="list-group">';
          data.jails.forEach(function(jail) {
-            // If "enabled" is missing, assume true.
-            var isEnabled = (jail.enabled === undefined || jail.enabled === true);
+            var isEnabled = (jail.enabled === true);
            html += '<div class="list-group-item d-flex justify-content-between align-items-center">';
            html += '<span>' + jail.jailName + '</span>';
            html += '<div class="form-check form-switch">';
@@ -901,8 +900,8 @@
          if (data.error) {
            alert("Error saving jail settings: " + data.error);
          } else {
-            alert("Jail settings updated successfully.");
-            fetchSummary(); // Optionally we refresh the dashboard.
+            // A restart of fail2ban is needed, to enable or disable jails - a reload is not enough
+            document.getElementById('reloadBanner').style.display = 'block';
          }
        })
        .catch(function(err) {