JoshS/UFW-AbuseIPDB-Reporter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Quality fixes

Browse source
This commit is contained in:
Sefinek 2024-12-24 23:47:58 +01:00
parent 1bd0ba2608
commit e1bfd289fd
5 changed files with 38 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
default.config.js
View file

@ -1,8 +1,8 @@
exports.MAIN = { exports.MAIN = {
// Server // Server
LOG_FILE: '/var/log/ufw.log', UFW_FILE: '/var/log/ufw.log',
CACHE_FILE: '/tmp/ufw-abuseipdb-reporter.cache', CACHE_FILE: '/tmp/ufw-abuseipdb-reporter.cache',
SERVER_IDENTIFIER: null, SERVER_ID: null,
// Reporting // Reporting
ABUSEIPDB_API_KEY: '', ABUSEIPDB_API_KEY: '',

41
index.js
View file

@ -1,16 +1,16 @@
const fs = require('node:fs'); const fs = require('node:fs');
const chokidar = require('chokidar'); const chokidar = require('chokidar');
const isLocalIP = require('./utils/isLocalIP.js'); const isLocalIP = require('./utils/isLocalIP.js');
const { reportedIps, loadReportedIps, saveReportedIps, isIpReportedRecently, markIpAsReported } = require('./utils/cache.js'); const { reportedIPs, loadReportedIPs, saveReportedIPs, isIPReportedRecently, markIPAsReported } = require('./utils/cache.js');
const log = require('./utils/log.js'); const log = require('./utils/log.js');
const axios = require('./services/axios.js'); const axios = require('./services/axios.js');
const config = require('./config.js'); const config = require('./config.js');
const { version } = require('./package.json'); const { version } = require('./package.json');
const { LOG_FILE, ABUSEIPDB_API_KEY, SERVER_IDENTIFIER } = config.MAIN; const { UFW_FILE, ABUSEIPDB_API_KEY, SERVER_ID, GITHUB_REPO } = config.MAIN;
let fileOffset = 0; let fileOffset = 0;
const reportToAbuseIpDb = async (ip, categories, comment) => { const reportToAbuseIPDb = async (ip, categories, comment) => {
try { try {
const { data } = await axios.post('https://api.abuseipdb.com/api/v2/report', new URLSearchParams({ ip, categories, comment }), { const { data } = await axios.post('https://api.abuseipdb.com/api/v2/report', new URLSearchParams({ ip, categories, comment }), {
headers: { 'Key': ABUSEIPDB_API_KEY }, headers: { 'Key': ABUSEIPDB_API_KEY },
@ -58,8 +58,8 @@ const processLogLine = async line => {
return; return;
} }
if (isIpReportedRecently(srcIp)) { if (isIPReportedRecently(srcIp)) {
const lastReportedTime = reportedIps.get(srcIp); const lastReportedTime = reportedIPs.get(srcIp);
const elapsedTime = Math.floor(Date.now() / 1000 - lastReportedTime); const elapsedTime = Math.floor(Date.now() / 1000 - lastReportedTime);
const days = Math.floor(elapsedTime / 86400); const days = Math.floor(elapsedTime / 86400);
@ -79,27 +79,30 @@ const processLogLine = async line => {
} }
const categories = config.DETERMINE_CATEGORIES(proto, dpt); const categories = config.DETERMINE_CATEGORIES(proto, dpt);
const comment = config.REPORT_COMMENT(match.timestamp, srcIp, match.dstIp, proto, match.spt, dpt, match.ttl, match.len, match.tos, SERVER_IDENTIFIER); const comment = config.REPORT_COMMENT(match.timestamp, srcIp, match.dstIp, proto, match.spt, dpt, match.ttl, match.len, match.tos, SERVER_ID);
log(0, `Reporting IP ${srcIp} (${proto} ${dpt}) with categories: ${categories}`); log(0, `Reporting IP ${srcIp} (${proto} ${dpt}) with categories: ${categories}`);
if (await reportToAbuseIpDb(srcIp, categories, comment)) { if (await reportToAbuseIPDb(srcIp, categories, comment)) {
markIpAsReported(srcIp); markIPAsReported(srcIp);
saveReportedIps(); saveReportedIPs();
} }
}; };
const startMonitoring = () => { (async () => {
loadReportedIps(); log(0, `* Version: ${version}`);
log(0, `* Repository: ${GITHUB_REPO}`);
if (!fs.existsSync(LOG_FILE)) { loadReportedIPs();
log(2, `Log file ${LOG_FILE} does not exist.`);
if (!fs.existsSync(UFW_FILE)) {
log(2, `Log file ${UFW_FILE} does not exist.`);
return; return;
} }
fileOffset = fs.statSync(LOG_FILE).size; fileOffset = fs.statSync(UFW_FILE).size;
chokidar.watch(LOG_FILE, { persistent: true, ignoreInitial: true }) chokidar.watch(UFW_FILE, { persistent: true, ignoreInitial: true })
.on('change', path => { .on('change', path => {
const stats = fs.statSync(path); const stats = fs.statSync(path);
if (stats.size < fileOffset) { if (stats.size < fileOffset) {
@ -114,8 +117,6 @@ const startMonitoring = () => {
}); });
}); });
log(0, `==================== Version ${version} ====================`); log(0, '=====================================================================');
log(0, `Ready! Now monitoring: ${LOG_FILE}`); log(0, `Ready! Now monitoring: ${UFW_FILE}`);
}; })();
startMonitoring();

8
package.json
View file

@ -22,13 +22,13 @@
"test": "echo \"Error: no test specified\" && exit 1", "test": "echo \"Error: no test specified\" && exit 1",
"up": "ncu -u && npm install && npm update && npm audit fix" "up": "ncu -u && npm install && npm update && npm audit fix"
}, },
"devDependencies": {
"@eslint/js": "^9.17.0",
"globals": "^15.14.0"
},
"dependencies": { "dependencies": {
"axios": "^1.7.9", "axios": "^1.7.9",
"chokidar": "^4.0.3", "chokidar": "^4.0.3",
"ipaddr.js": "^2.2.0" "ipaddr.js": "^2.2.0"
},
"devDependencies": {
"@eslint/js": "^9.17.0",
"globals": "^15.14.0"
} }
} }

4
services/axios.js
View file

@ -1,8 +1,8 @@
const axios = require('axios'); const axios = require('axios');
const { version, homepage } = require('../config.js'); const { version } = require('../config.js');
axios.defaults.headers.common = { axios.defaults.headers.common = {
'User-Agent': `Mozilla/5.0 (compatible; UFW-AbuseIPDB-Reporter/${version}; +${homepage})`, 'User-Agent': `Mozilla/5.0 (compatible; UFW-AbuseIPDB-Reporter/${version}; +https://github.com/sefinek/UFW-AbuseIPDB-Reporter)`,
'Accept': 'application/json', 'Accept': 'application/json',
'Cache-Control': 'no-cache', 'Cache-Control': 'no-cache',
'Connection': 'keep-alive', 'Connection': 'keep-alive',

18
utils/cache.js
View file

@ -2,29 +2,29 @@ const fs = require('node:fs');
const { CACHE_FILE, REPORT_INTERVAL } = require('../config.js').MAIN; const { CACHE_FILE, REPORT_INTERVAL } = require('../config.js').MAIN;
const log = require('./log.js'); const log = require('./log.js');
const reportedIps = new Map(); const reportedIPs = new Map();
const loadReportedIps = () => { const loadReportedIPs = () => {
if (fs.existsSync(CACHE_FILE)) { if (fs.existsSync(CACHE_FILE)) {
fs.readFileSync(CACHE_FILE, 'utf8') fs.readFileSync(CACHE_FILE, 'utf8')
.split('\n') .split('\n')
.forEach(line => { .forEach(line => {
const [ip, time] = line.split(' '); const [ip, time] = line.split(' ');
if (ip && time) reportedIps.set(ip, Number(time)); if (ip && time) reportedIPs.set(ip, Number(time));
}); });
log(0, `Loaded ${reportedIps.size} IPs from ${CACHE_FILE}`); log(0, `Loaded ${reportedIPs.size} IPs from ${CACHE_FILE}`);
} else { } else {
log(0, `${CACHE_FILE} does not exist. No data to load.`); log(0, `${CACHE_FILE} does not exist. No data to load.`);
} }
}; };
const saveReportedIps = () => fs.writeFileSync(CACHE_FILE, Array.from(reportedIps).map(([ip, time]) => `${ip} ${time}`).join('\n'), 'utf8'); const saveReportedIPs = () => fs.writeFileSync(CACHE_FILE, Array.from(reportedIPs).map(([ip, time]) => `${ip} ${time}`).join('\n'), 'utf8');
const isIpReportedRecently = ip => { const isIPReportedRecently = ip => {
const reportedTime = reportedIps.get(ip); const reportedTime = reportedIPs.get(ip);
return reportedTime && (Date.now() / 1000 - reportedTime < REPORT_INTERVAL / 1000); return reportedTime && (Date.now() / 1000 - reportedTime < REPORT_INTERVAL / 1000);
}; };
const markIpAsReported = ip => reportedIps.set(ip, Math.floor(Date.now() / 1000)); const markIPAsReported = ip => reportedIPs.set(ip, Math.floor(Date.now() / 1000));
module.exports = { reportedIps, loadReportedIps, saveReportedIps, isIpReportedRecently, markIpAsReported }; module.exports = { reportedIPs, loadReportedIPs, saveReportedIPs, isIPReportedRecently, markIPAsReported };