Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

banip: update to 0.7.8

Browse source 
* fix pid file processing of the background monitor plus child
  processes (bug reported in the forum)
* made the enabled/disabled switch of the background monitor functional

Signed-off-by: Dirk Brenken <dev@brenken.org>
This commit is contained in:
Dirk Brenken 2021-05-04 16:32:35 +02:00
parent 0352d6d942
commit 1402b3b56d
No known key found for this signature in database
GPG key ID: 9D71CD547BFAE684
2 changed files with 24 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
net/banip/Makefile
View file

@ -6,8 +6,8 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=banip PKG_NAME:=banip
PKG_VERSION:=0.7.7 PKG_VERSION:=0.7.8
PKG_RELEASE:=2 PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org> PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

29
net/banip/files/banip.sh
View file

@ -12,7 +12,7 @@
export LC_ALL=C export LC_ALL=C
export PATH="/usr/sbin:/usr/bin:/sbin:/bin" export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
set -o pipefail set -o pipefail
ban_ver="0.7.7" ban_ver="0.7.8"
ban_enabled="0" ban_enabled="0"
ban_mail_enabled="0" ban_mail_enabled="0"
ban_proto4_enabled="0" ban_proto4_enabled="0"
@ -63,6 +63,7 @@ ban_wan_forwardchains_4=""
ban_wan_forwardchains_6="" ban_wan_forwardchains_6=""
ban_action="${1:-"start"}" ban_action="${1:-"start"}"
ban_pidfile="/var/run/banip.pid" ban_pidfile="/var/run/banip.pid"
ban_bgpidfile="/var/run/banip_bg.pid"
ban_tmpbase="/tmp" ban_tmpbase="/tmp"
ban_rtfile="${ban_tmpbase}/ban_runtime.json" ban_rtfile="${ban_tmpbase}/ban_runtime.json"
ban_srcfile="${ban_tmpbase}/ban_sources.json" ban_srcfile="${ban_tmpbase}/ban_sources.json"
@ -921,18 +922,29 @@ f_log()
fi fi
} }
# kill all relevant background processes
#
f_pidx()
{
local pids ppid="${1}"
pids="$(pgrep -P "${ppid}" 2>/dev/null | awk '{ORS=" ";print $0}')"
kill -HUP "${ppid}" "${pids}" 2>/dev/null
> "${ban_bgpidfile}"
}
# start log service to trace failed ssh/luci logins # start log service to trace failed ssh/luci logins
# #
f_bgsrv() f_bgsrv()
{ {
local bg_pid action="${1}" local bg_pid action="${1}"
bg_pid="$(pgrep -f "^/bin/sh ${ban_logservice}|${ban_logread_cmd}|^grep -qE Exit before auth|^grep -qE error: maximum|^grep -qE luci: failed|^grep -qE nginx" | awk '{ORS=" "; print $1}')" bg_pid="$(cat "${ban_bgpidfile}" 2>/dev/null)"
if [ "${action}" = "start" ] && [ -x "${ban_logservice}" ] && [ "${ban_monitor_enabled}" = "1" ] && [ "${ban_whitelistonly}" = "0" ] if [ "${action}" = "start" ] && [ -x "${ban_logservice}" ] && [ "${ban_monitor_enabled}" = "1" ] && [ "${ban_whitelistonly}" = "0" ]
then then
if [ -n "${bg_pid}" ] if [ -n "${bg_pid}" ]
then then
kill -HUP "${bg_pid}" 2>/dev/null f_pidx "${bg_pid}"
fi fi
if [ -n "$(printf "%s\n" "${ban_logterms}" | grep -F "dropbear")" ] if [ -n "$(printf "%s\n" "${ban_logterms}" | grep -F "dropbear")" ]
then then
@ -950,12 +962,15 @@ f_bgsrv()
then then
ban_search="${ban_search}nginx\[[0-9]+\]:.*\[error\].*open().*client: [[:alnum:].:]+|" ban_search="${ban_search}nginx\[[0-9]+\]:.*\[error\].*open().*client: [[:alnum:].:]+|"
fi fi
( "${ban_logservice}" "${ban_ver}" "${ban_search%?}" & ) (
elif [ "${action}" = "stop" ] && [ -n "${bg_pid}" ] "${ban_logservice}" "${ban_ver}" "${ban_search%?}" &
printf "%s" "${!}" > "${ban_bgpidfile}"
)
elif { [ "${action}" = "stop" ] || [ "${ban_monitor_enabled}" = "0" ]; } && [ -n "${bg_pid}" ]
then then
kill -HUP "${bg_pid}" 2>/dev/null f_pidx "${bg_pid}"
fi fi
f_log "debug" "f_bgsrv ::: action: ${action:-"-"}, bg_pid: ${bg_pid:-"-"}, monitor_enabled: ${ban_monitor_enabled:-"-"}, log_service: ${ban_logservice:-"-"}" f_log "debug" "f_bgsrv ::: action: ${action:-"-"}, bg_pid (old/new): ${bg_pid}/$(cat "${ban_bgpidfile}" 2>/dev/null), monitor_enabled: ${ban_monitor_enabled:-"-"}, log_service: ${ban_logservice:-"-"}"
} }
# download controller # download controller