Strona główna Odkrywaj Pomoc
Zaloguj się
chiappa
/
irdb
kopia lustrzana https://git.snix.ch/chiappa/irdb.git
1
0
Forkuj 0
Pliki Problemy 0
Drzewo: 024ddc8ac8
Gałęzie Tagi
irdb
/
examples
/
reporters
/
python.py

python.py 2.3 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. #!/usr/bin/env python3
    2. 

  2. """Post a single abuse report to IRDB.
    3. 

  3. 

  4. Usage:
    5. 

  5.     IRDB_URL=http://localhost:8081 IRDB_TOKEN=irdb_rep_... \\
    6. 

  6.         examples/reporters/python.py 203.0.113.42 brute_force '{"url":"/wp-login.php"}'
    7. 

  7. 

  8. The third argument (metadata) is optional and must be valid JSON.
    9. 

  9. 

  10. This script uses only the stdlib (`urllib`); no third-party deps.
    11. 

  11. 

  12. fail2ban-action wrapper (drop into `/etc/fail2ban/action.d/irdb.conf`):
    13. 

  13. 

  14.     [Definition]
    15. 

  15.     actionban = /usr/local/bin/irdb-report.py <ip> brute_force
    16. 

  16.                 '{"jail":"<name>","host":"<ipfailures>"}'
    17. 

  17.     actionunban = true
    18. 

  18. 

  19.     [Init]
    20. 

  20.     name = default
    21. 

  21. 

  22. `<ip>` and `<name>` are substituted by fail2ban at action time. Set
    23. 

  23. IRDB_URL and IRDB_TOKEN in fail2ban's environment (e.g. via
    24. 

  24. `/etc/default/fail2ban`).
    25. 

  25. """
    26. 

  26. from __future__ import annotations
    27. 

  27. 

  28. import json
    29. 

  29. import os
    30. 

  30. import sys
    31. 

  31. import urllib.error
    32. 

  32. import urllib.request
    33. 

  33. 

  34. 

  35. def main(argv: list[str]) -> int:
    36. 

  36.     if len(argv) < 3:
    37. 

  37.         print(f"Usage: {argv[0]} <ip> <category> [<metadata-json>]", file=sys.stderr)
    38. 

  38.         return 64
    39. 

  39. 

  40.     ip = argv[1]
    41. 

  41.     category = argv[2]
    42. 

  42.     metadata_raw = argv[3] if len(argv) > 3 else "{}"
    43. 

  43.     try:
    44. 

  44.         metadata = json.loads(metadata_raw)
    45. 

  45.     except json.JSONDecodeError as e:
    46. 

  46.         print(f"metadata must be valid JSON: {e}", file=sys.stderr)
    47. 

  47.         return 65
    48. 

  48. 

  49.     url_base = os.environ.get("IRDB_URL")
    50. 

  50.     token = os.environ.get("IRDB_TOKEN")
    51. 

  51.     if not url_base or not token:
    52. 

  52.         print("IRDB_URL and IRDB_TOKEN must be set", file=sys.stderr)
    53. 

  53.         return 78
    54. 

  54. 

  55.     body = json.dumps({"ip": ip, "category": category, "metadata": metadata}).encode()
    56. 

  56.     req = urllib.request.Request(
    57. 

  57.         f"{url_base.rstrip('/')}/api/v1/report",
    58. 

  58.         data=body,
    59. 

  59.         method="POST",
    60. 

  60.         headers={
    61. 

  61.             "Authorization": f"Bearer {token}",
    62. 

  62.             "Content-Type": "application/json",
    63. 

  63.         },
    64. 

  64.     )
    65. 

  65.     try:
    66. 

  66.         with urllib.request.urlopen(req, timeout=10) as resp:
    67. 

  67.             print(resp.read().decode())
    68. 

  68.             return 0
    69. 

  69.     except urllib.error.HTTPError as e:
    70. 

  70.         print(f"http {e.code}: {e.read().decode(errors='replace')}", file=sys.stderr)
    71. 

  71.         return 1
    72. 

  72.     except urllib.error.URLError as e:
    73. 

  73.         print(f"network error: {e}", file=sys.stderr)
    74. 

  74.         return 2
    75. 

  75. 

  76. 

  77. if __name__ == "__main__":
    78. 

  78.     sys.exit(main(sys.argv))
    79.