mirror of
https://github.com/SubleXBle/Fail2Ban-Report.git
synced 2026-02-11 03:09:03 -06:00
134 lines
4.4 KiB
PHP
134 lines
4.4 KiB
PHP
<?php
|
|
// includes/block-ip.php
|
|
|
|
/**
|
|
* Blocks one or multiple IP addresses by adding them to their jail-specific blocklist JSON files.
|
|
*
|
|
* @param string|array $ips IP address or array of IP addresses to block.
|
|
* @param string $jail Fail2Ban jail/context name (optional).
|
|
* @param string $source Who triggered the block (e.g. 'manual', 'report', etc.)
|
|
* @return array Result array or array of results with 'success', 'message' and 'type'.
|
|
*/
|
|
function blockIp($ips, $jail = 'unknown', $source = 'manual') {
|
|
$results = [];
|
|
|
|
if (!is_array($ips)) {
|
|
$ips = [$ips];
|
|
}
|
|
|
|
foreach ($ips as $ip) {
|
|
$ip = trim($ip);
|
|
|
|
// Validate IP address format
|
|
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
|
|
$results[] = [
|
|
'ip' => $ip,
|
|
'success' => false,
|
|
'message' => "Invalid IP address: $ip",
|
|
'type' => 'error'
|
|
];
|
|
continue;
|
|
}
|
|
|
|
// Sanitize jail name
|
|
$safeJail = strtolower(preg_replace('/[^a-z0-9_-]/', '', $jail));
|
|
if ($safeJail === '') {
|
|
$safeJail = 'unknown';
|
|
}
|
|
|
|
$jsonFile = dirname(__DIR__, 1) . "/archive/{$safeJail}.blocklist.json";
|
|
|
|
$data = [];
|
|
|
|
if (file_exists($jsonFile)) {
|
|
$existing = file_get_contents($jsonFile);
|
|
$data = json_decode($existing, true);
|
|
if (!is_array($data)) {
|
|
$data = []; // fallback bei Dateibeschädigung
|
|
}
|
|
}
|
|
|
|
// Prüfen, ob IP schon vorhanden und aktiv
|
|
$found = false;
|
|
foreach ($data as &$item) {
|
|
if ($item['ip'] === $ip) {
|
|
$found = true;
|
|
if (!isset($item['active']) || $item['active'] === false) {
|
|
$item['active'] = true;
|
|
$item['lastModified'] = date('c');
|
|
if (file_put_contents($jsonFile, json_encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)) === false) {
|
|
$results[] = [
|
|
'ip' => $ip,
|
|
'success' => false,
|
|
'message' => "Failed to write to {$safeJail}.blocklist.json.",
|
|
'type' => 'error'
|
|
];
|
|
continue 2;
|
|
}
|
|
$results[] = [
|
|
'ip' => $ip,
|
|
'success' => true,
|
|
'message' => "IP $ip was reactivated in {$safeJail}.blocklist.json.",
|
|
'type' => 'success'
|
|
];
|
|
continue 2;
|
|
} else {
|
|
$results[] = [
|
|
'ip' => $ip,
|
|
'success' => true,
|
|
'message' => "IP $ip is already active in {$safeJail}.blocklist.json.",
|
|
'type' => 'info'
|
|
];
|
|
continue 2;
|
|
}
|
|
}
|
|
}
|
|
unset($item);
|
|
|
|
// Neu hinzufügen
|
|
if (!$found) {
|
|
$entry = [
|
|
'ip' => $ip,
|
|
'jail' => $safeJail,
|
|
'source' => $source,
|
|
'timestamp' => date('c'),
|
|
'expires' => null,
|
|
'reason' => '',
|
|
'active' => true,
|
|
'lastModified' => date('c'),
|
|
'tags' => [],
|
|
'pending' => true
|
|
];
|
|
$data[] = $entry;
|
|
|
|
if (file_put_contents($jsonFile, json_encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)) === false) {
|
|
$results[] = [
|
|
'ip' => $ip,
|
|
'success' => false,
|
|
'message' => "Failed to write to {$safeJail}.blocklist.json.",
|
|
'type' => 'error'
|
|
];
|
|
continue;
|
|
}
|
|
$results[] = [
|
|
'ip' => $ip,
|
|
'success' => true,
|
|
'message' => "IP $ip was successfully added to {$safeJail}.blocklist.json.",
|
|
'type' => 'success'
|
|
];
|
|
}
|
|
}
|
|
|
|
// Bei nur einem Ergebnis flach zurückgeben
|
|
if (count($results) === 1) {
|
|
return $results[0];
|
|
}
|
|
|
|
return [
|
|
'success' => true,
|
|
'message' => count($results) . ' IP(s) processed.',
|
|
'details' => $results,
|
|
'type' => 'success'
|
|
];
|
|
}
|