mirror of
https://github.com/swissmakers/fail2ban-ui.git
synced 2026-04-15 05:03:14 +02:00
87 lines
2.3 KiB
Go
87 lines
2.3 KiB
Go
// Fail2ban UI - A Swiss made, management interface for Fail2ban.
|
|
//
|
|
// Copyright (C) 2025 Swissmakers GmbH (https://swissmakers.ch)
|
|
//
|
|
// Licensed under the GNU General Public License, Version 3 (GPL-3.0)
|
|
// You may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// https://www.gnu.org/licenses/gpl-3.0.en.html
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
// LEGACY, WILL BE REMOVED IN FUTURE VERSIONS.
|
|
package fail2ban
|
|
|
|
import (
|
|
"bufio"
|
|
"fmt"
|
|
"os"
|
|
"regexp"
|
|
"time"
|
|
)
|
|
|
|
// =========================================================================
|
|
// Types
|
|
// =========================================================================
|
|
|
|
var logRegex = regexp.MustCompile(`^(\S+\s+\S+) fail2ban\.actions.*?\[\d+\]: NOTICE\s+\[(\S+)\]\s+Ban\s+(\S+)`)
|
|
|
|
// This is a single ban event from the fail2ban log. REMOVE THIS TYPE.
|
|
type BanEvent struct {
|
|
Time time.Time
|
|
Jail string
|
|
IP string
|
|
LogLine string
|
|
}
|
|
|
|
// =========================================================================
|
|
// Log Parsing
|
|
// =========================================================================
|
|
|
|
// ParseBanLog reads the fail2ban log and returns events grouped by jail.
|
|
func ParseBanLog(logPath string) (map[string][]BanEvent, error) {
|
|
file, err := os.Open(logPath)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to open fail2ban log: %v", err)
|
|
}
|
|
defer file.Close()
|
|
|
|
eventsByJail := make(map[string][]BanEvent)
|
|
|
|
scanner := bufio.NewScanner(file)
|
|
for scanner.Scan() {
|
|
line := scanner.Text()
|
|
|
|
matches := logRegex.FindStringSubmatch(line)
|
|
if len(matches) == 4 {
|
|
timestampStr := matches[1]
|
|
jail := matches[2]
|
|
ip := matches[3]
|
|
|
|
parsedTime, err := time.Parse("2006-01-02 15:04:05,000", timestampStr)
|
|
if err != nil {
|
|
continue
|
|
}
|
|
|
|
ev := BanEvent{
|
|
Time: parsedTime,
|
|
Jail: jail,
|
|
IP: ip,
|
|
LogLine: line,
|
|
}
|
|
|
|
eventsByJail[jail] = append(eventsByJail[jail], ev)
|
|
}
|
|
}
|
|
|
|
if err := scanner.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return eventsByJail, nil
|
|
}
|