Implement geoIP and whois lookups directly from fail2ban-UI

2026-04-17 05:53:15 +02:00 · 2025-12-15 21:50:19 +01:00
parent 3ad4821cb7
commit c57322e38d
19 changed files with 523 additions and 42 deletions
--- a/internal/storage/storage.go
+++ b/internal/storage/storage.go
@@ -70,6 +70,9 @@ type AppSettingsRecord struct {
 	Banaction           string
 	BanactionAllports   string
 	AdvancedActionsJSON string
+	GeoIPProvider       string
+	GeoIPDatabasePath   string
+	MaxLogLines         int
 }

 type ServerRecord struct {
@@ -171,17 +174,17 @@ func GetAppSettings(ctx context.Context) (AppSettingsRecord, bool, error) {
 	}

 	row := db.QueryRowContext(ctx, `
-SELECT language, port, debug, callback_url, restart_needed, alert_countries, smtp_host, smtp_port, smtp_username, smtp_password, smtp_from, smtp_use_tls, bantime_increment, default_jail_enable, ignore_ip, bantime, findtime, maxretry, destemail, banaction, banaction_allports, advanced_actions
+SELECT language, port, debug, callback_url, restart_needed, alert_countries, smtp_host, smtp_port, smtp_username, smtp_password, smtp_from, smtp_use_tls, bantime_increment, default_jail_enable, ignore_ip, bantime, findtime, maxretry, destemail, banaction, banaction_allports, advanced_actions, geoip_provider, geoip_database_path, max_log_lines
 FROM app_settings
 WHERE id = 1`)

 	var (
-		lang, callback, alerts, smtpHost, smtpUser, smtpPass, smtpFrom, ignoreIP, bantime, findtime, destemail, banaction, banactionAllports, advancedActions sql.NullString
-		port, smtpPort, maxretry                                                                                                                              sql.NullInt64
-		debug, restartNeeded, smtpTLS, bantimeInc, defaultJailEn                                                                                              sql.NullInt64
+		lang, callback, alerts, smtpHost, smtpUser, smtpPass, smtpFrom, ignoreIP, bantime, findtime, destemail, banaction, banactionAllports, advancedActions, geoipProvider, geoipDatabasePath sql.NullString
+		port, smtpPort, maxretry, maxLogLines                                                                                                                                                   sql.NullInt64
+		debug, restartNeeded, smtpTLS, bantimeInc, defaultJailEn                                                                                                                                sql.NullInt64
 	)

-	err := row.Scan(&lang, &port, &debug, &callback, &restartNeeded, &alerts, &smtpHost, &smtpPort, &smtpUser, &smtpPass, &smtpFrom, &smtpTLS, &bantimeInc, &defaultJailEn, &ignoreIP, &bantime, &findtime, &maxretry, &destemail, &banaction, &banactionAllports, &advancedActions)
+	err := row.Scan(&lang, &port, &debug, &callback, &restartNeeded, &alerts, &smtpHost, &smtpPort, &smtpUser, &smtpPass, &smtpFrom, &smtpTLS, &bantimeInc, &defaultJailEn, &ignoreIP, &bantime, &findtime, &maxretry, &destemail, &banaction, &banactionAllports, &advancedActions, &geoipProvider, &geoipDatabasePath, &maxLogLines)
 	if errors.Is(err, sql.ErrNoRows) {
 		return AppSettingsRecord{}, false, nil
 	}
@@ -212,6 +215,9 @@ WHERE id = 1`)
 		Banaction:           stringFromNull(banaction),
 		BanactionAllports:   stringFromNull(banactionAllports),
 		AdvancedActionsJSON: stringFromNull(advancedActions),
+		GeoIPProvider:       stringFromNull(geoipProvider),
+		GeoIPDatabasePath:   stringFromNull(geoipDatabasePath),
+		MaxLogLines:         intFromNull(maxLogLines),
 	}

 	return rec, true, nil
@@ -223,9 +229,9 @@ func SaveAppSettings(ctx context.Context, rec AppSettingsRecord) error {
 	}
 	_, err := db.ExecContext(ctx, `
 INSERT INTO app_settings (
-	id, language, port, debug, callback_url, restart_needed, alert_countries, smtp_host, smtp_port, smtp_username, smtp_password, smtp_from, smtp_use_tls, bantime_increment, default_jail_enable, ignore_ip, bantime, findtime, maxretry, destemail, banaction, banaction_allports, advanced_actions
+	id, language, port, debug, callback_url, restart_needed, alert_countries, smtp_host, smtp_port, smtp_username, smtp_password, smtp_from, smtp_use_tls, bantime_increment, default_jail_enable, ignore_ip, bantime, findtime, maxretry, destemail, banaction, banaction_allports, advanced_actions, geoip_provider, geoip_database_path, max_log_lines
 ) VALUES (
-	1, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
+	1, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
 ) ON CONFLICT(id) DO UPDATE SET
 	language = excluded.language,
 	port = excluded.port,
@@ -248,7 +254,10 @@ INSERT INTO app_settings (
 	destemail = excluded.destemail,
 	banaction = excluded.banaction,
 	banaction_allports = excluded.banaction_allports,
-	advanced_actions = excluded.advanced_actions
+	advanced_actions = excluded.advanced_actions,
+	geoip_provider = excluded.geoip_provider,
+	geoip_database_path = excluded.geoip_database_path,
+	max_log_lines = excluded.max_log_lines
 `, rec.Language,
 		rec.Port,
 		boolToInt(rec.Debug),
@@ -271,6 +280,9 @@ INSERT INTO app_settings (
 		rec.Banaction,
 		rec.BanactionAllports,
 		rec.AdvancedActionsJSON,
+		rec.GeoIPProvider,
+		rec.GeoIPDatabasePath,
+		rec.MaxLogLines,
 	)
 	return err
 }
@@ -451,7 +463,7 @@ INSERT INTO ban_events (
 	server_id, server_name, jail, ip, country, hostname, failures, whois, logs, occurred_at, created_at
 ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`

-	result, err := db.ExecContext(
+	_, err := db.ExecContext(
 		ctx,
 		query,
 		record.ServerID,
@@ -470,12 +482,6 @@ INSERT INTO ban_events (
 		return err
 	}

-	// Get the inserted ID
-	id, err := result.LastInsertId()
-	if err == nil {
-		record.ID = id
-	}
-
 	return nil
 }

@@ -797,7 +803,10 @@ CREATE TABLE IF NOT EXISTS app_settings (
 	destemail TEXT,
 	banaction TEXT,
 	banaction_allports TEXT,
-	advanced_actions TEXT
+	advanced_actions TEXT,
+	geoip_provider TEXT,
+	geoip_database_path TEXT,
+	max_log_lines INTEGER
 );

 CREATE TABLE IF NOT EXISTS servers (
@@ -884,6 +893,38 @@ CREATE INDEX IF NOT EXISTS idx_perm_blocks_status ON permanent_blocks(status);
 		}
 	}

+	// Add geoip_provider column
+	if _, err := db.ExecContext(ctx, `ALTER TABLE app_settings ADD COLUMN geoip_provider TEXT`); err != nil {
+		if !strings.Contains(strings.ToLower(err.Error()), "duplicate column name") {
+			return err
+		}
+	}
+
+	// Add geoip_database_path column
+	if _, err := db.ExecContext(ctx, `ALTER TABLE app_settings ADD COLUMN geoip_database_path TEXT`); err != nil {
+		if !strings.Contains(strings.ToLower(err.Error()), "duplicate column name") {
+			return err
+		}
+	}
+
+	// Add max_log_lines column
+	if _, err := db.ExecContext(ctx, `ALTER TABLE app_settings ADD COLUMN max_log_lines INTEGER`); err != nil {
+		if !strings.Contains(strings.ToLower(err.Error()), "duplicate column name") {
+			return err
+		}
+	}
+
+	// Set default values for new columns if they are NULL
+	if _, err := db.ExecContext(ctx, `UPDATE app_settings SET geoip_provider = 'maxmind' WHERE geoip_provider IS NULL`); err != nil {
+		log.Printf("Warning: Failed to set default value for geoip_provider: %v", err)
+	}
+	if _, err := db.ExecContext(ctx, `UPDATE app_settings SET geoip_database_path = '/usr/share/GeoIP/GeoLite2-Country.mmdb' WHERE geoip_database_path IS NULL`); err != nil {
+		log.Printf("Warning: Failed to set default value for geoip_database_path: %v", err)
+	}
+	if _, err := db.ExecContext(ctx, `UPDATE app_settings SET max_log_lines = 50 WHERE max_log_lines IS NULL OR max_log_lines = 0`); err != nil {
+		log.Printf("Warning: Failed to set default value for max_log_lines: %v", err)
+	}
+
 	return nil
 }