beenull/sftpgo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of github.com:drakkan/sftpgo

Browse source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino 2024-01-10 20:16:28 +01:00
commit e6c8b0c86b
No known key found for this signature in database
GPG key ID: 935D2952DEC4EECF
3 changed files with 41 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
internal/common/defender.go
View file

@ -19,17 +19,18 @@ import (
"time" "time"
"github.com/drakkan/sftpgo/v2/internal/dataprovider" "github.com/drakkan/sftpgo/v2/internal/dataprovider"
"github.com/drakkan/sftpgo/v2/internal/logger"
) )
// HostEvent is the enumerable for the supported host events // HostEvent is the enumerable for the supported host events
type HostEvent int type HostEvent string
// Supported host events // Supported host events
const ( const (
HostEventLoginFailed HostEvent = iota HostEventLoginFailed HostEvent = "LoginFailed"
HostEventUserNotFound HostEventUserNotFound HostEvent = "UserNotFound"
HostEventNoLoginTried HostEventNoLoginTried HostEvent = "NoLoginTried"
HostEventLimitExceeded HostEventLimitExceeded HostEvent = "LimitExceeded"
) )
// Supported defender drivers // Supported defender drivers
@ -132,6 +133,36 @@ func (d *baseDefender) getScore(event HostEvent) int {
return score return score
} }
// logEvent logs a defender event that changes a host's score
func (d *baseDefender) logEvent(ip, protocol string, event HostEvent, totalScore int) {
// ignore events which do not change the host score
eventScore := d.getScore(event)
if eventScore == 0 {
return
}
logger.GetLogger().Debug().
Timestamp().
Str("sender", "defender").
Str("client_ip", ip).
Str("protocol", protocol).
Str("event", string(event)).
Int("increase_score_by", eventScore).
Int("score", totalScore).
Send()
}
// logBan logs a host's ban due to a too high host score
func (d *baseDefender) logBan(ip, protocol string) {
logger.GetLogger().Info().
Timestamp().
Str("sender", "defender").
Str("client_ip", ip).
Str("protocol", protocol).
Str("event", "banned").
Send()
}
type hostEvent struct { type hostEvent struct {
dateTime time.Time dateTime time.Time
score int score int

2
internal/common/defenderdb.go
View file

@ -100,7 +100,9 @@ func (d *dbDefender) AddEvent(ip, protocol string, event HostEvent) {
if err != nil { if err != nil {
return return
} }
d.baseDefender.logEvent(ip, protocol, event, host.Score)
if host.Score > d.config.Threshold { if host.Score > d.config.Threshold {
d.baseDefender.logBan(ip, protocol)
banTime := time.Now().Add(time.Duration(d.config.BanTime) * time.Minute) banTime := time.Now().Add(time.Duration(d.config.BanTime) * time.Minute)
err = dataprovider.SetDefenderBanTime(ip, util.GetTimeAsMsSinceEpoch(banTime)) err = dataprovider.SetDefenderBanTime(ip, util.GetTimeAsMsSinceEpoch(banTime))
if err == nil { if err == nil {

3
internal/common/defendermem.go
View file

@ -206,9 +206,11 @@ func (d *memoryDefender) AddEvent(ip, protocol string, event HostEvent) {
idx++ idx++
} }
} }
d.baseDefender.logEvent(ip, protocol, event, hs.TotalScore)
hs.Events = hs.Events[:idx] hs.Events = hs.Events[:idx]
if hs.TotalScore >= d.config.Threshold { if hs.TotalScore >= d.config.Threshold {
d.baseDefender.logBan(ip, protocol)
d.banned[ip] = time.Now().Add(time.Duration(d.config.BanTime) * time.Minute) d.banned[ip] = time.Now().Add(time.Duration(d.config.BanTime) * time.Minute)
delete(d.hosts, ip) delete(d.hosts, ip)
d.cleanupBanned() d.cleanupBanned()
@ -222,6 +224,7 @@ func (d *memoryDefender) AddEvent(ip, protocol string, event HostEvent) {
d.hosts[ip] = hs d.hosts[ip] = hs
} }
} else { } else {
d.baseDefender.logEvent(ip, protocol, event, ev.score)
d.hosts[ip] = hostScore{ d.hosts[ip] = hostScore{
TotalScore: ev.score, TotalScore: ev.score,
Events: []hostEvent{ev}, Events: []hostEvent{ev},