Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

defender: implement logging of events and bans #1495

Merged
merged 2 commits into from
Jan 10, 2024
Merged

defender: implement logging of events and bans #1495

merged 2 commits into from
Jan 10, 2024

Conversation

Anthrazz
Copy link
Contributor

This PR implements optional log messages for defender events and the final ban of IPs. They can be enabled with the new config parameter log_events: true in the defender configuration struct.

Log Messages for invalid user and user with wrong credentials look like this:

{"level":"info","time":"2023-12-19T10:04:39.093","sender":"defender","client_ip":"2a01:4f8::1","protocol":"FTP","event":"UserNotFound","increase_score_by":2,"score":2}
{"level":"info","time":"2023-12-19T10:04:45.360","sender":"defender","client_ip":"2a01:4f8::1","protocol":"FTP","event":"LoginFailed","increase_score_by":1,"score":3}

Log Messages when the score threshold is reached and the IP is banned:

{"level":"info","time":"2023-12-19T10:07:53.768","sender":"defender","client_ip":"2a01:4f8::1","protocol":"FTP","event":"UserNotFound","increase_score_by":2,"score":15}
{"level":"info","time":"2023-12-19T10:07:53.768","sender":"defender","client_ip":"2a01:4f8::1","protocol":"FTP","event":"banned"}

@Anthrazz Anthrazz requested a review from drakkan as a code owner December 21, 2023 10:23
@drakkan
Copy link
Owner

drakkan commented Dec 26, 2023

Hello,

thanks for this contribution. I'm not sure we need yet another settings here. We could log events at debug level and bans at info level.

I'm also curious how SFTPGo is being used or planned to be used at Hetzner

@Anthrazz
Copy link
Contributor Author

Anthrazz commented Jan 8, 2024

Hello,

Yes, that would work for us too. I have made the necessary changes to the PR.

We are currently evaluating SFTPGo as a service for our Storage Boxes.

@drakkan
Copy link
Owner

drakkan commented Jan 10, 2024

Thank you.

Before including SFTPGo in your Storage Boxes, please note that we have registered the SFTPGo trademark and no longer want to allow unauthorized distribution of SFTPGo. Thanks for understanding

@drakkan drakkan merged commit c21b434 into drakkan:main Jan 10, 2024
1 of 2 checks passed
@drakkan
Copy link
Owner

drakkan commented Apr 12, 2024

Hello,

thank you again for this contribution. We have recently updated our contribution policy and we now require signing a CLA. Agreeing to the CLA explicitly states that you are entitled to provide a contribution and that you cannot withdraw permission to use your contribution at a later date. This removes any ambiguities or uncertainties.

If you are unable to sign the CLA, your contribution will be removed.

More details here

You can use the following URL to sign the CLA

https://cla-assistant.io/drakkan/sftpgo?pullRequest=1495

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@drakkan drakkan Awaiting requested review from drakkan drakkan is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Anthrazz @drakkan