Le 11/08/2016 à 01:12, John Kelly a écrit :
>> Le 23/07/2016 à 01:00, John Kelly a écrit :
>> > When using Fail2Ban to ban an IP at CloudFlare I would like to add a
>> > readable time in the notes in the format Month-Day-Year
>> > Hour:Minute:Second. Looks like <time> is the number of seconds. Can
>> > anyone tell me how, if possible, to create a variable in the cloudflare
>> > match action file so that I can add a readable time into the cloudflare
>> > block record? I have the following so far.
>> >
>> > actionban = curl -X
>> > POST https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules
>> > <https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules>
>> <https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules%3E>;
>> \
>> > -H "X-Auth-Email: <cfuser>" \
>> > -H "X-Auth-Key: <cfapikey>" \
>> > -H "Content-Type: application/json" \
>> > --data '{
>> > "mode": "challenge",
>> > "configuration": {
>> > "target": "ip",
>> > "value": "<ip>"
>> > },
>> > "notes": "Added by Fail2Ban on <time>"
>> > }'
>>
>> For example:
>>
>> TS=`echo <time> | sed 's/\..*//'`
>> DATE=`date +%%Y%%m%%d%%H%%M.%%S -d "1970-01-01 00:00:00 UTC +$TS second"`
>> curl … --data "… Added by Fail2Ban on $DATE …"
>>
>> Note: Since your --data will have a double-quoted string as a parameter,
>> take care to escape all occurrences of quotes and dollars inside this
>> string with a backslash, except the dollar of $DATE of course.
>
> Thanks for the reply and example, can you please show me how to add it
> to my existing cloudflare match action file? I tried the following but I
> am obviously doing something wrong as the nothing appears where the date
> should be in the record's notes at Cloudflare.
>
> TS=`echo <time> | sed 's/\..*//'`
> DATE=`date +%%Y%%m%%d%%H%%M.%%S -d "1970-01-01 00:00:00 UTC +$TS second"`
>
> actionban = curl -X POST
> https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules
> <https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules>
> <https://deref-mail-02.com/mail/client/dereferrer/?redirectUrl=https%3A%2F%2Fderef-mail-02.com%2Fmail%2Fclient%2Fdereferrer%2F%3FredirectUrl%3Dhttps%253A%252F%252Fapi.cloudflare.com%252Fclient%252Fv4%252Fuser%252Ffirewall%252Faccess_rules%252Frules%3E>;
> \
> -H "X-Auth-Email: <cfuser>" \
> -H "X-Auth-Key: <cfapikey>" \
> -H "Content-Type: application/json" \
> --data '{
> "mode": "challenge",
> "configuration": {
> "target": "ip",
> "value": "<ip>"
> },
> "notes": \"Added by Fail2Ban on $DATE\"
> }'
Sorry for the late reply… I’m glad that you’ve succeeded using an
external script. Still, in case you’re interested, here how that would
have been done without the external script:
(oh, and, sorry: I realize I’ve put too many percents in my example!)
actionban = TS=`echo <time> | sed 's/\..*//'`
DATE=`date "+%Y-%m-%d %H:%M:%S" -d "1970-01-01 00:00:00 UTC
+$TS second"`
curl -X POST \
-H "X-Auth-Email: <cfuser>" \
-H "X-Auth-Key: <cfapikey>" \
-H "Content-Type: application/json" \
--data "{
\"mode\": \"challenge\",
\"configuration\": {
\"target\": \"ip\",
\"value\": \"<ip>\"
},
\"notes\": \"Added by Fail2Ban on $DATE\"
}" \
https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules
Cheers,
Yves.
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
