Le 23/07/2016 à 01:00, John Kelly a écrit :
> When using Fail2Ban to ban an IP at CloudFlare I would like to add a
> readable time in the notes in the format Month-Day-Year
> Hour:Minute:Second. Looks like <time> is the number of seconds. Can
> anyone tell me how, if possible, to create a variable in the cloudflare
> match action file so that I can add a readable time into the cloudflare
> block record? I have the following so far.
>
> actionban = curl -X
> POST https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules
> <https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules><https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules%3E>;
> \
> -H "X-Auth-Email: <cfuser>" \
> -H "X-Auth-Key: <cfapikey>" \
> -H "Content-Type: application/json" \
> --data '{
> "mode": "challenge",
> "configuration": {
> "target": "ip",
> "value": "<ip>"
> },
> "notes": "Added by Fail2Ban on <time>"
> }'
For example:
TS=`echo <time> | sed 's/\..*//'`
DATE=`date +%%Y%%m%%d%%H%%M.%%S -d "1970-01-01 00:00:00 UTC +$TS second"`
curl … --data "… Added by Fail2Ban on $DATE …"
Note: Since your --data will have a double-quoted string as a parameter,
take care to escape all occurrences of quotes and dollars inside this
string with a backslash, except the dollar of $DATE of course.
Thanks for the reply and example, can you please show me how to add it to my
existing cloudflare match action file? I tried the following but I am obviously
doing something wrong as the nothing appears where the date should be in the
record's notes at Cloudflare.
TS=`echo <time> | sed 's/\..*//'`
DATE=`date +%%Y%%m%%d%%H%%M.%%S -d "1970-01-01 00:00:00 UTC +$TS second"`
actionban = curl -X POST
https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules
<https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules><https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules%3E>;
\
-H "X-Auth-Email: <cfuser>" \
-H "X-Auth-Key: <cfapikey>" \
-H "Content-Type: application/json" \
--data '{
"mode": "challenge",
"configuration": {
"target": "ip",
"value": "<ip>"
},
"notes": \"Added by Fail2Ban on $DATE\"
}'
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
