Improved blocklist_de action to not resend bans that were already reported

2019-06-29 01:39:38 +02:00 · 2019-06-29 01:39:38 +02:00 · 9327218843
parent 80f97eaf02
commit 9327218843
1 changed files with 15 additions and 1 deletions
--- a/config/action.d/blocklist_de.conf
+++ b/config/action.d/blocklist_de.conf
@ -54,7 +54,21 @@ actioncheck =
 # Tags:    See jail.conf(5) man page
 # Values:  CMD
 #
-actionban = curl --fail --data-urlencode "server=<email>" --data "apikey=<apikey>" --data "service=<service>" --data "ip=<ip>" --data-urlencode "logs=<matches><br>" --data 'format=text' --user-agent "<agent>" "https://www.blocklist.de/en/httpreports.html"
+
+tmpfile = "/var/run/fail2ban/last-log-<name>.time"
+
+actionban = if [ ! -e "<tmpfile>" ]
+            then
+                # if the file doesn't exist yet, create it
+                touch -d @<time> "<tmpfile>"
+                curl --fail --data-urlencode "server=<email>" --data "apikey=<apikey>" --data "service=<service>" --data "ip=<ip>" --data-urlencode "logs=<matches><br>" --data 'format=text' --user-agent "<agent>" "https://www.blocklist.de/en/httpreports.html"
+            fi
+            if [ $(stat -c %%X "<tmpfile>") -lt <time> ]
+            then
+                # If the time of the offense is later than the last ban, actually report it to blocklist.de
+                touch -d @<time> "<tmpfile>"
+                curl --fail --data-urlencode "server=<email>" --data "apikey=<apikey>" --data "service=<service>" --data "ip=<ip>" --data-urlencode "logs=<matches><br>" --data 'format=text' --user-agent "<agent>" "https://www.blocklist.de/en/httpreports.html"
+            fi

 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the