Skip to content

Commit

Permalink
change logging behaviour to integrate with fail2ban
Browse files Browse the repository at this point in the history
  • Loading branch information
@Sir-Photch
Sir-Photch committed Jan 3, 2024
1 parent 6e481bc commit 98cc864
Show file tree
Hide file tree
Showing 5 changed files with 51 additions and 13 deletions.
3 changes: 3 additions & 0 deletions contrib/fail2ban-example.conf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[Definition]
failregex = ^.*\[WARN\].*\| <HOST>
ignoreregex =
0 nginx/example.conf → contrib/nginx-example.conf
View file
File renamed without changes.
0 systemd/notesock.env → contrib/systemd-example.env
View file
File renamed without changes.
0 systemd/notesock.service → contrib/systemd-example.service
View file
File renamed without changes.
61 changes: 48 additions & 13 deletions src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ use id_gen::*;

use clap::Parser;

use proxy_protocol::version1::ProxyAddresses;
use proxy_protocol::ProxyHeader;
use rand::prelude::*;
use simplelog::*;
use socket2::{Domain, SockAddr, Socket, Type};
Expand Down Expand Up @@ -80,6 +82,26 @@ const CLEANUP_WORKER_TAG: &str = "🧹";

const SOCKET_FILENAME: &str = "note.sock";

fn peer_ip_from_header(header: &ProxyHeader) -> Option<String> {
match header {
ProxyHeader::Version1 { addresses } => match addresses {
ProxyAddresses::Ipv4 { source, .. } => Some(source.ip().to_string()),
ProxyAddresses::Ipv6 { source, .. } => Some(source.ip().to_string()),
_ => None,
},
ProxyHeader::Version2 { addresses, .. } => match addresses {
proxy_protocol::version2::ProxyAddresses::Ipv4 { source, .. } => {
Some(source.ip().to_string())
}
proxy_protocol::version2::ProxyAddresses::Ipv6 { source, .. } => {
Some(source.ip().to_string())
}
_ => None,
},
_ => None,
}
}

fn cleanup_worker(rx_cleanup: mpsc::Receiver<(Instant, PathBuf)>, ids: SafeGen) {
loop {
match rx_cleanup.recv() {
Expand Down Expand Up @@ -200,23 +222,28 @@ fn paste_worker(

let (mut header_len, mut payload_len) = (0, msg_size);

if args.talk_proxy {
let peer = if !args.talk_proxy {
None
} else {
let msg_len = buf.len();

let mut slice = &buf.as_mut_slice()[..];
match proxy_protocol::parse(&mut slice) {
Ok(header) => info!(
"{} | {} kiB incoming | {:?}",
tag,
msg_size as f32 / 1024.0,
let header = match proxy_protocol::parse(&mut slice) {
Ok(header) => {
debug!(
"{} | {} kiB incoming | {:?}",
tag,
msg_size as f32 / 1024.0,
header
);
header
),
}
Err(why) => {
debug!("{} | proxy_protocol.parse: {}", tag, why);
shutdown(&mut stream, Shutdown::Write);
continue;
}
}
};

payload_len = slice.len();
header_len = msg_len - payload_len;
Expand All @@ -240,10 +267,18 @@ fn paste_worker(
})
)
}
}

peer_ip_from_header(&header).or_else(|| {
debug!(
"{} | peer_ip_from_header: could not get IP from header: {:?}",
tag, header
);
None
})
}.unwrap_or("peer".into());

if payload_len > paste_limit {
warn!("{} | exceeded paste limit", tag);
warn!("{} | {} exceeded paste limit", tag, peer);
reply(&mut stream, &exceeded_message);
shutdown(&mut stream, Shutdown::Write);
continue;
Expand All @@ -252,7 +287,7 @@ fn paste_worker(
let payload = match std::str::from_utf8(&buf[header_len..]) {
Ok(pld) => pld,
Err(why) => {
warn!("{} | invalid utf-8: {}", tag, why);
warn!("{} | {} invalid utf-8: {}", tag, peer, why);
reply(&mut stream, "invalid utf-8\n");
shutdown(&mut stream, Shutdown::Write);
continue;
Expand Down Expand Up @@ -286,14 +321,14 @@ fn paste_worker(
Ok(paste_path)
}) {
Ok(paste_path) => {
info!("{} | saved paste to {}", tag, paste_path.display());
info!("{} | {} saved paste to {}", tag, peer, paste_path.display());
tx_clean
.send((Instant::now() + paste_timeout, paste_dir_path))
.expect("Where did my cleanup task go?"); // if we can't cleanup anymore, it is time to panic!
}
Err(why) => {
gen.remove(&paste_id);
error!("{} | write-to-disk error: {}", tag, why);
error!("{} | {} write-to-disk error: {}", tag, peer, why);
reply(&mut stream, "an internal error has occurred");
shutdown(&mut stream, Shutdown::Write);
continue;
Expand Down

0 comments on commit 98cc864

Please sign in to comment.