FS-7394 adding mod_fail2ban into freeswitch repo

This commit is contained in:
Kyle King 2015-03-25 20:39:17 -04:00
parent beada9b0cb
commit 4c1e7f24bc
5 changed files with 144 additions and 0 deletions

View File

@ -101,6 +101,7 @@ event_handlers/mod_cdr_sqlite
#event_handlers/mod_erlang_event #event_handlers/mod_erlang_event
#event_handlers/mod_event_multicast #event_handlers/mod_event_multicast
event_handlers/mod_event_socket event_handlers/mod_event_socket
#event_handlers/mod_fail2ban
#event_handlers/mod_format_cdr #event_handlers/mod_format_cdr
#event_handlers/mod_json_cdr #event_handlers/mod_json_cdr
#event_handlers/mod_radius_cdr #event_handlers/mod_radius_cdr

View File

@ -1797,6 +1797,7 @@ AC_CONFIG_FILES([Makefile
src/mod/event_handlers/mod_event_multicast/Makefile src/mod/event_handlers/mod_event_multicast/Makefile
src/mod/event_handlers/mod_event_socket/Makefile src/mod/event_handlers/mod_event_socket/Makefile
src/mod/event_handlers/mod_event_test/Makefile src/mod/event_handlers/mod_event_test/Makefile
src/mod/event_handlers/mod_fail2ban/Makefile
src/mod/event_handlers/mod_format_cdr/Makefile src/mod/event_handlers/mod_format_cdr/Makefile
src/mod/event_handlers/mod_json_cdr/Makefile src/mod/event_handlers/mod_json_cdr/Makefile
src/mod/event_handlers/mod_kazoo/Makefile src/mod/event_handlers/mod_kazoo/Makefile

View File

@ -0,0 +1,8 @@
include $(top_srcdir)/build/modmake.rulesam
MODNAME=mod_fail2ban
mod_LTLIBRARIES = mod_fail2ban.la
mod_fail2ban_la_SOURCES = mod_fail2ban.c
mod_fail2ban_la_CFLAGS = $(AM_CFLAGS)
mod_fail2ban_la_LIBADD = $(switch_builddir)/libfreeswitch.la
mod_fail2ban_la_LDFLAGS = -avoid-version -module -no-undefined -shared

View File

@ -0,0 +1,7 @@
<configuration name="fail2ban.conf" description="fail2ban log configs">
<bindings>
<config name="settings" desription="configs">
<param name="logfile" value="$${log_dir}/fail2ban.log"/>
</config>
</bindings>
</configuration>

View File

@ -0,0 +1,127 @@
#include <switch.h>
SWITCH_MODULE_SHUTDOWN_FUNCTION(mod_fail2ban_shutdown);
SWITCH_MODULE_LOAD_FUNCTION(mod_fail2ban_load);
SWITCH_MODULE_DEFINITION(mod_fail2ban, mod_fail2ban_load, mod_fail2ban_shutdown, NULL);
static struct {
switch_memory_pool_t *modpool;
switch_file_t *logfile;
char *logfile_name;
} globals = {0};
static switch_status_t mod_fail2ban_do_config(void)
{
switch_status_t status = SWITCH_STATUS_SUCCESS;
char *cf = "fail2ban.conf";
switch_xml_t cfg, xml, bindings_tag, config = NULL, param = NULL;
char *var = NULL, *val = NULL;
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "setting configs\n");
if (!(xml = switch_xml_open_cfg(cf, &cfg, NULL))) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Open of %s failed\n", cf);
return SWITCH_STATUS_TERM;
}
if (!(bindings_tag = switch_xml_child(cfg, "bindings"))) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Missing <bindings> tag!\n");
goto done;
}
for (config = switch_xml_child(bindings_tag, "config"); config; config = config->next) {
for (param = switch_xml_child(config, "param"); param; param = param->next) {
var = (char *) switch_xml_attr_soft(param, "name");
val = (char *) switch_xml_attr_soft(param, "value");
if (strncmp(var,"logfile", 7) == 0) {
if (zstr(val)) {
globals.logfile_name = switch_core_strdup(globals.modpool, val);
} else {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Null or empty Logfile attribute %s: %s\n", var, val);
}
} else {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Unknown attribute %s: %s\n", var, val);
}
}
}
if ( ! globals.logfile_name ) {
switch_core_sprintf(globals.modpool, globals.logfile_name, "%s%s%s", SWITCH_GLOBAL_dirs.log_dir, SWITCH_PATH_SEPARATOR, "fail2ban.log");
}
if ((status = switch_file_open(&globals.logfile, globals.logfile_name, SWITCH_FOPEN_WRITE|SWITCH_FOPEN_APPEND|SWITCH_FOPEN_CREATE, SWITCH_FPROT_OS_DEFAULT, globals.modpool)) != SWITCH_STATUS_SUCCESS) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "failed to open %s\n", globals.logfile_name);
status = SWITCH_STATUS_FALSE;
}
done:
switch_xml_free(xml);
return SWITCH_STATUS_SUCCESS;
}
static int fail2ban_logger(const char *message, char *user, char *ip)
{
if (!globals.logfile) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Could not print to fail2ban log!\n");
return -1;
}
struct tm * timeinfo = localtime(switch_epoch_time_now(NULL));
return switch_file_printf(globals.logfile, "%s user[%s] ip[%s] at[%s]\n", message, user, ip, asctime(timeinfo));
}
static void fail2ban_event_handler(switch_event_t *event)
{
struct tm * timeinfo = localtime(switch_epoch_time_now(NULL));
if (event->event_id == SWITCH_EVENT_CUSTOM) {
if (strncmp(event->subclass_name, "sofia::register_attempt",23) == 0) {
fail2ban_logger("A registration was attempted", switch_event_get_header(event, "to-user"), switch_event_get_header(event, "network-ip"));
} else if (strncmp(event->subclass_name, "sofia::register_failure",23) == 0) {
fail2ban_logger("A registration failed", switch_event_get_header(event, "to-user"), switch_event_get_header(event, "network-ip"));
}
}
}
SWITCH_MODULE_LOAD_FUNCTION(mod_fail2ban_load)
{
switch_status_t status;
void *user_data = NULL;
*module_interface = switch_loadable_module_create_module_interface(pool, modname);
globals.modpool = pool;
if (mod_fail2ban_do_config() != SWITCH_STATUS_SUCCESS) {
return SWITCH_STATUS_FALSE;
}
if ((status = switch_event_bind(modname, SWITCH_EVENT_CUSTOM, SWITCH_EVENT_SUBCLASS_ANY, fail2ban_event_handler, user_data)) != SWITCH_STATUS_SUCCESS) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "event bind failed\n");
return SWITCH_STATUS_FALSE;
}
switch_file_printf(globals.logfile, "Fail2ban was started\n");
return SWITCH_STATUS_SUCCESS;
}
SWITCH_MODULE_SHUTDOWN_FUNCTION(mod_fail2ban_shutdown)
{
switch_status_t status;
if (globals.logfile != NULL) {
switch_file_printf(globals.logfile, "Fail2ban stoping\n");
}
if ((status = switch_event_unbind_callback(fail2ban_event_handler)) != SWITCH_STATUS_SUCCESS) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "event unbind failed\n");
}
if ((status = switch_file_close(globals.logfile)) != SWITCH_STATUS_SUCCESS) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "failed to close %s\n", globals.logfile_name);
}
return status;
}