sean-der / fail2web Goto Github PK

View Code? Open in Web Editor NEW

539.0 30.0 48.0 545 KB

a fail2ban GUI powered by fail2rest

CSS 12.17% JavaScript 57.70% HTML 30.13%

fail2web's Introduction

fail2web

fail2web is a fail2ban GUI that communicates with a fail2ban instance via fail2rest

fail2ban allows you to administer the following

Failregex - Delete and add new failregexes
Banned IPs - Ban and Unban IP address
Per Jail Config - Configure find time, max retry and usedns per jail, and view the filelist per jail
Alerting - Notifications when an IP address is banned and unbanned with a user configurable time span
Regex Testing - Testing ignore+fail regexes on your current logs to quickly build and debug regexes
Reporting - Expose the time that an IP address was banned, and show trends via visualizations

Requirements

fail2web communicates with fail2ban via a REST server called fail2rest before fail2web can be used you will need an operational fail2rest instance.

fail2web has been reported to work on IE8 or newer, but is not actively tested on older platforms.

Installing

A guide to install fail2web on Ubuntu can be found here

If you find any errors open an PR against the markdown here

Production

To install the production build of fail2web download the newest release. A fully built release will then be in the web directory. Now you just need to serve the index.html, you can find further instructions here

Development

Install build requirements
- nodejs and npm for browserify (not a runtime requirement) Installing Node.js
Install libraries
- execute npm install in the root of the fail2web repository
Building
- When writing code run npm run watch this will rebuild web/bundle.js on every change
- When deploying run npm run build this will build once and exit

Deploying and Configuration

fail2web is best accessed via a HTTP server, you can find example HTTP server configs here

Fail2web has only one configuration option available via config.json in the root of the web folder. This config option allows you to specify the path to your fail2rest handler. Currently the config.json uses /api/ which is what all the example HTTP configs are configured to do.

Security

It is very important that you configured fail2rest correctly, a public facing fail2rest server could be very dangerous (someone could add inclusive regexes, remove themselves from the banned IP lists etc..)

Out of the box fail2rest has no authentication, and I have no plans of rolling my own authentication.

HTTP Basic Auth

The HTTP configs are both set to use HTTP basic auth, this and SSL should be the absolute minimum security requirements. In both HTTP configs you will see a placeholder with the label of YOUR_HTPASSWD_FILE

To generate a HTTPASSWD file you can use the htpasswd util distributed with Apache HTTPD and htpasswd -c YOUR_HTPASSWD_FILE USERNAME will create it.

SSH Tunnel

I also recommend only serving fail2web/fail2rest on loopback only. You would access the server via a SSH tunnel, you can find more info Here

Getting Help

Please make a GitHub issue, this will allow others in the future to find the issue in the future.

Most of the time I will not be able to respond to emails in a timely manner, however with GitHub issues I try my best to keep the count 0.

License

The MIT License (MIT)

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

fail2web's People

Contributors

Stargazers

Watchers

Forkers

prodigeni eiriksm subutux ultra-prod wojons emperorbeezie sapk-fork nordeide shengxinking oyonax inscriptionweb lue828 thepeppi crudbug baalmckloud dynamicdesignz maikjaek wrestrtdr toxi22 theworms hayou danieljones0028 ro9ueadmin modred claymore008 w3bservice wprobot algonaiss raystyle ircf ajithdesilva strangeman solobouncer erdoukki a2085319 oooh-name oscaballer angeelgarr jmcabandara cfuk poussmouss alexglin sokolinf hiraj xunnamius puthiphorn thecranston

fail2web's Issues

Properly catch no dbfile

We need to properly catch no DBfile and prompt users to upgrade fail2ban to 0.9.* or enable DBfile and restart

Add auto-refresh

Add a global config that will auto-refresh a jail every N seconds, also give desktop notifications if a new IP has been banned.

[$injector:nomod] Module 'fail2web' is not available!

Freshly built from repository, using debian 7. But clearly this is an angular issue which needs to be addressed in the latest version.

can fail2web manage remote server running fail2ban?

Packaging fail2web for Yunohost

Hi there! First off: thanks for this brilliant tool!

I am working towards getting this packaged up for the Yunohost project.

My concern is that I see no activity on this project since 2017. I know everyone is busy but I just wanted to start the discussion here regarding the aim to support this project going forward. Would be great to know we can rely on someone in some sort of timely fashion to support for fixes and reviews.

🚀

Visualize bans and fails

Implement some basic line graphs to show trends of bans/fails

Notification bar can only display one notification at a time

Blank page and HTTP 200 on landing page

Following from #35, I've got what looks like a working installation of fail2web but I am seeing a blank page after I load the page. In the console, I am seeing:

Error: [$injector:unpr] Unknown provider: $$asyncCallbackProvider <- $$asyncCallback <- $animate <- $compile
https://errors.angularjs.org/1.7.8/$injector/unpr?p0=%24%24asyncCallbackProvider%20%3C-%20%24%24asyncCallback%20%3C-%20%24animate%20%3C-%20%24compile

I am using:

root@yunohostdev:/var/www/fail2web# node --version
v12.3.1
root@yunohostdev:/var/www/fail2web# npm --version
6.9.0
root@yunohostdev:/var/www/fail2web# go version
go version go1.7.4 linux/amd64

I've got my fail2web install in /var/www/fail2web with a web/index.html all built using npm install and npm run build. fail2rest is running successfully under the systemd manager. Here's my nginx configuration:

server {
    listen       80;
    server_name  116.203.73.21 ;

    location / {
        root /var/www/fail2web/web;
    }

    location /api/ {
        proxy_pass         http://127.0.0.1:5000/;
        proxy_redirect     off;
    }
}

I'm just trying to get a loading page before integrating authentication etc.

Any thoughts?

I wasn't able to install w3m in termux it was showing this

pkg install w3m
Checking availability of current mirror: ok
Get:1 https://termux.mentality.rip/termux-packages-24 stable InRelease [14.0 kB]
Ign:2 https://dl.bintray.com/grimler/game-packages-24 games InRelease
Hit:3 https://packages.termux.dev/apt/termux-root root InRelease
Ign:4 https://dl.bintray.com/grimler/science-packages-24 science InRelease
Get:5 https://termux.mentality.rip/termux-packages-24 stable/main aarch64 Packages [458 kB]
Err:6 https://dl.bintray.com/grimler/game-packages-24 games Release
502 Bad Gateway
Err:7 https://dl.bintray.com/grimler/science-packages-24 science Release
502 Bad Gateway
Reading package lists... Done
E: The repository 'https://dl.bintray.com/grimler/game-packages-24 games Release' does not have a Release file.
N: Metadata integrity can't be verified, repository is disabled now.
N: Possible cause: repository is under maintenance or down (wrong sources.list URL?).
E: The repository 'https://dl.bintray.com/grimler/science-packages-24 science Release' does not have a Release file.
N: Metadata integrity can't be verified, repository is disabled now.
N: Possible cause: repository is under maintenance or down (wrong sources.list URL?).

go run *.go just hangs?

Followed the tutorial, but when I want to do go run *.go, the command line just hangs and does nothing, no errors, untill i press ctrl-c

No idea where to go from here. Gopath / gobin is set

Tried every possible setting/combination I could think of, but nothing works

Beginner questions

Hello,

First of all, I would like to commend you for creating an awesome tool with a stunning objective! I'm just a beginner, novice when it comes to Linux. Yet, it's a good thing that I have installed fail2ban manually. Now, how can I use this script?

By the way, I installed fail2ban 0.9.0.

Thanks.

404 page not found after install

Hey,
I justed installed fail2rest and fail2web, but fail2web cannot acces fail2rest, here is the error I got :
Unparseable error when attempting to contact fail2rest
When I open a ssh-tunnel to the server on the port 5000, and try to connect directly to the API, I got this error :
404 page not found
Is there any path the the API I can test to be sure that fail2rest is working correctly ?

Nginx config :

        location /fail2web {
                    index index.html;
                    alias /var/www/fail2web/web;
                    if ($scheme = http) {
                                rewrite ^ https://$server_name$request_uri? permanent;
                     }
        default_type text/html;
        }

        location /fail2web/api/ {
                proxy_pass http://127.0.0.1:5000/;
                proxy_redirect off;
        }

I also changed /var/www/fail2web/web/config.json for :

         {
            "APIRoot": "/fail2web/api/"
          }

Add ARCHITECTURE.md

Source layout + patterns may be a bit non-standard, especially to users who are new to angularjs and browserify. Spend some time writing a short guide on how things flow.

404 Page Not Found

Hello,

I already have fail2ban installed and decided to setup the web service.

I've followed the installation for fail2rest and fail2web, as per your instructions on http://siobud.com/blog/installing-fail2web but I get a "404 page not found"

I'm running on Ubuntu 14.04 x64 and have go version 1.4.2 installed.

Add installation guide

Currently there are no instructions on how to get a fail2web/fail2rest running given a user has a running fail2ban instance.

Instruct users on how to install and run fail2rest
Instruct users on how to install fail2web, and configure it
Instruct users on how to setup nginx with HTTP basic auth, and putting fail2rest and fail2web behind it

problem with front page

Hi
I have just installed as per the install manual. though the webpage doesnt work. i get a message on the top left side of the page "Unparseable error when attempting to contact fail2rest"

Add contributing guide.

Write a short intro on

The dev environment setup of fail2rest and fail2web
Good issues for new people to work on
Things that should be expected from a good PR

npm build fails

Hello,

After having some problems with go version, now I am stuck at "npm build":

npm ERR! Error: failed to fetch from registry: lodash
npm ERR! at /usr/share/npm/lib/utils/npm-registry-client/get.js:139:12
npm ERR! at cb (/usr/share/npm/lib/utils/npm-registry-client/request.js:31:9)
npm ERR! at Request._callback (/usr/share/npm/lib/utils/npm-registry-client/request.js:136:18)
npm ERR! at Request.callback (/usr/lib/nodejs/request/main.js:119:22)
npm ERR! at Request. (/usr/lib/nodejs/request/main.js:212:58)
npm ERR! at Request.emit (events.js:88:20)
npm ERR! at ClientRequest. (/usr/lib/nodejs/request/main.js:412:12)
npm ERR! at ClientRequest.emit (events.js:67:17)
npm ERR! at HTTPParser.onIncoming (http.js:1261:11)
npm ERR! at HTTPParser.onHeadersComplete (http.js:102:31)
npm ERR! You may report this log at:
npm ERR! http://bugs.debian.org/npm
npm ERR! or use
npm ERR! reportbug --attach /home/edited/public_html/f2r/fail2web/.git/npm-debug.log npm
npm ERR!
npm ERR! System Linux 3.13.0-36-generic
npm ERR! command "node" "/usr/bin/npm" "install"
npm ERR! cwd /home/edited/public_html/f2r/fail2web/.git
npm ERR! node -v v0.6.12
npm ERR! npm -v 1.1.4
npm ERR! message failed to fetch from registry: lodash
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /home/edited/public_html/f2r/fail2web/.git/npm-debug.log
npm not ok

Any clue how to get past this please?

Implement WHOIS report per BannedIP

You should be able to run a quick WHOIS report per BannedIP address, it should open up in a modal that just gives the output from the authoritative DNS server

Expose list of currentlyFailed, totalFailed and totalBanned

Currently we just have integers for these, find a way to expose the actual objects that were banned

Invalid pickle version after dist-upgrade from Debian 9 -> 10 -> 11

Hello,
Thank you for this great app :)

We just upgraded some old servers from Debian 9 up to Debian 11 with fail2web installed.
service fail2rest is active (running)

But the fail2web interface displays the following error :
invalid pickle version

It seems to be related to the python version, but not sure...
Could anyone please help us to solve this problem ?

Thank you very much :)
Mathieu.

Improve static checks

Currently we just use jshint, and with a lot of outdated options.

Go through and tighten up jshint options, make as strict as possible.
Next make a jscs config, and make that strict as well.

We also need better markup+style checking, but not as important yet.

Doesn't work in chrome?

bundle.js:766 Uncaught Error: [$injector:unpr] Unknown provider: $$asyncCallbackProvider <- $$asyncCallback <- $animate <- $compile
https://errors.angularjs.org/1.8.1/$injector/unpr?p0=%24%24asyncCallbackProvider%20%3C-%20%24%24asyncCallback%20%3C-%20%24animate%20%3C-%20%24compile
at bundle.js:766
at bundle.js:5619
at Object.getService [as get] (bundle.js:5779)
at bundle.js:5624
at getService (bundle.js:5779)
at injectionArgs (bundle.js:5804)
at Object.invoke (bundle.js:5828)
at $AnimateProvider.origProvider.$get (bundle.js:5705)
at Object.invoke (bundle.js:5836)
at bundle.js:5625

Add error handling, and notification bar

Currently we have no error handling mechanism, and there are a couple of program flows that would benefit from it.

Starting fail2web and not being able to contact fail2rest
Banning/Unbanning an IP address failed
Adding/Deleting a failregex failed
Malformed failregex

Implement failregex testing per jail

Installation instructions

Hey, the link returns 404, is it planned to return the installation instructions? Or maybe someone knows where to find these instructions? I got on the fail2web page
502 Bad Gateway - Couldn't contact fail2rest

and

Sep 10 16:17:07 server.net fail2rest[22761]: /home/username/go/src/github.com/gorilla/mux/mux.go:210 +0xcd
Sep 10 16:17:07 server.net fail2rest[22761]: net/http.(*ServeMux).ServeHTTP(0xc9d420, 0x8bedc0, 0xc42012a8c0, 0xc4201b6200)
Sep 10 16:17:07 server.net fail2rest[22761]: /usr/lib/go-1.10/src/net/http/server.go:2340 +0x130
Sep 10 16:17:07 server.net fail2rest[22761]: net/http.serverHandler.ServeHTTP(0xc420072f70, 0x8bedc0, 0xc42012a8c0, 0xc4201b6200)
Sep 10 16:17:07 server.net fail2rest[22761]: /usr/lib/go-1.10/src/net/http/server.go:2697 +0xbc
Sep 10 16:17:07 server.net fail2rest[22761]: net/http.(*conn).serve(0xc4201119a0, 0x8bf0c0, 0xc420194b40)
Sep 10 16:17:07 server.net fail2rest[22761]: /usr/lib/go-1.10/src/net/http/server.go:1830 +0x651
Sep 10 16:17:07 server.net fail2rest[22761]: created by net/http.(*Server).Serve
Sep 10 16:17:07 server.net fail2rest[22761]: /usr/lib/go-1.10/src/net/http/server.go:2798 +0x27b```

Error after build

bundle.js:423 Uncaught TypeError: undefined is not a function

Adding an option to deactivate pie chart

Dear @Sean-Der ,

could you please add a configuration option to not render the pie chart and only render the table of entries instead?
With thousands of bans on a system, browsers may regularly crash trying to render the pie chart.

Thanks in advance!
Maik

Break index.html activeViews out into separate directives

Currently we don't have any way to break markup out into partials.

I am going to break out the activeViews out into separate directives, and those directives will include their templates.

Add the ability to configure more things per jail

Allow users to configure a jails findtime, usedns and maxretry per jail

Installation link seems to be dead

Hi,

In the installing section of the readme, the link https://www.phillmoore.com/9-programming/7-setting-up-fail2web-with-apache seems to be dead.

Do you know where to find the doc to install your web interface please ?

fail2web newbie inquiry

Hi,

I am looking forward of installing fail2web on my Debian 7 x64 server. Still a newbie here and I have no idea how to. Another thing, I wanna use the latest unreleased version of fail2ban, not the one from a distro since the latest one has a lot of new features.

Thanks.

sean-der / fail2web Goto Github PK

fail2web's Introduction

fail2web

Requirements

Installing

Production

Development

Deploying and Configuration

Security

HTTP Basic Auth

SSH Tunnel

Getting Help

License

fail2web's People

Contributors

Stargazers

Watchers

Forkers

fail2web's Issues

Recommend Projects

Recommend Topics

Recommend Org