0ct0pu5/sftpgo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

defender: remove extra option to control defender logging and use debug and info log levels

Browse source 
Signed-off-by: Anthrazz <25553648+Anthrazz@users.noreply.github.com>
This commit is contained in:
Anthrazz 2024-01-08 13:52:16 +01:00
parent e187b77f29
commit c34863f449
No known key found for this signature in database
GPG key ID: 0F89B3C5F4CE165E
2 changed files with 3 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
docs/full-configuration.md
View file

@ -103,7 +103,6 @@ The configuration file contains the following sections:
- `observation_time`, integer. Defines the time window, in minutes, for tracking client errors. A host is banned if it has exceeded the defined threshold during the last observation time minutes. Default: `30`.
- `entries_soft_limit`, integer. Ignored for `provider` driver. Default: `100`.
- `entries_hard_limit`, integer. The number of banned IPs and host scores kept in memory will vary between the soft and hard limit for `memory` driver. If you use the `provider` driver, this setting will limit the number of entries to return when you ask for the entire host list from the defender. Default: `150`.
- `log_events`, boolean. Set to true if defender events and banned IPs should be logged. Default: `false`.
- `rate_limiters`, list of structs containing the rate limiters configuration. Take a look [here](./rate-limiting.md) for more details. Each struct has the following fields:
- `average`, integer. Average defines the maximum rate allowed. 0 means disabled. Default: 0
- `period`, integer. Period defines the period as milliseconds. The rate is actually defined by dividing average by period Default: 1000 (1 second).

14
internal/common/defender.go
View file

@ -90,8 +90,6 @@ type DefenderConfig struct {
// to return when you request for the entire host list from the defender
EntriesSoftLimit int `json:"entries_soft_limit" mapstructure:"entries_soft_limit"`
EntriesHardLimit int `json:"entries_hard_limit" mapstructure:"entries_hard_limit"`
// LogEvents controls if Defender events should be logged
LogEvents bool `json:"log_events" mapstructure:"log_events"`
}
type baseDefender struct {
@ -135,18 +133,15 @@ func (d *baseDefender) getScore(event HostEvent) int {
return score
}
// logEvent do log an defender event which modifies the score of an host
func (d *baseDefender) logEvent(ip, protocol string, event HostEvent, totalScore int) {
if !d.config.LogEvents {
return
}
// ignore events which do not change the host score
eventScore := d.getScore(event)
if eventScore == 0 {
return
}
logger.GetLogger().Info().
logger.GetLogger().Debug().
Timestamp().
Str("sender", "defender").
Str("client_ip", ip).
@ -157,11 +152,8 @@ func (d *baseDefender) logEvent(ip, protocol string, event HostEvent, totalScore
Send()
}
// logBan do log a ban of an host due to a too high host score
func (d *baseDefender) logBan(ip, protocol string) {
if !d.config.LogEvents {
return
}
logger.GetLogger().Info().
Timestamp().
Str("sender", "defender").