Anti hammer and banlist (IP Access)

Post here if you have some suggestions or you want to request a new feature.

Anti hammer and banlist (IP Access)

Postby Djfx* » Fri Jan 07, 2011 4:37 am

would it be possible to add a option to add a ip to the domain banlist if the anti-hammer rule get`s broken?

it`s a pretty good system to make a server a lot more secure!

thx!
Djfx*
 
posts 5
 
joined Fri Jan 07, 2011 4:14 am

Re: Anti hammer and banlist (IP Access)

Postby FTP » Fri Jan 07, 2011 6:43 am

If my understanding is right, you want to add the IP into domain banlist if it exceeds the max failed login tries. right?

Yes, Wing FTP Server can handle it of course, because Wing FTP Server supports Lua scripts and it is very flexible, you just need to add the following scripts into the Event "OnExceedUSERPASS":

local tabIPMask = c_GetIPMaskList("%Domain")
table.insert(tabIPMask,{"%IP",true})
c_SetIPMaskList("%Domain",tabIPMask)
FTP
Site Admin
 
posts 1243
 
joined Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Postby Djfx* » Mon Jan 10, 2011 12:32 am

yes that`s what i ment :)

alltho i didnt get it to work.. i tryed pasting it straight inn the Lua console. i changed from %Domain to %mydomain

i allso looked in the wing ftp root dir under lua but no sutch file as OnExceedUSERPASS

allso i got 4 domains up right now. how would the script look like if i`d like to add the ip`s to the global banlist instead of the domain specific list so the other domain`s wont be available nether??

thx for the help so far!
Dj
Djfx*
 
posts 5
 
joined Fri Jan 07, 2011 4:14 am

Re: Anti hammer and banlist (IP Access)

Postby FTP » Mon Jan 10, 2011 3:31 am

Hi, it is under "Domain -> Event Manager -> FTP(or HTTP, SSH) Events -> OnExceedUSERPASS"
FTP
Site Admin
 
posts 1243
 
joined Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Postby gockenbr » Wed Feb 02, 2011 4:42 pm

Sorry for piggy backing on the thread but I was looking to do the same type of thing. I entered in the lua scritpt:

local tabIPMask = c_GetIPMaskList("%Domain")
table.insert(tabIPMask,{"%IP",true})
c_SetIPMaskList("%Domain",tabIPMask)

as you suggested. It works great for the first IP it blocks. however any other IP that gets entered after goofs the list. It basically makes all other blank allows or denied statements. For instance if by default I have *.*.*.* set to allowed and a IP gets denied added via the above script, all connections seem to get blocked. When looking at the IP access list I see the line that I had put in for the default allow however the *.*.*.* now shows nothing. Any ideas?

Also it seems like this script adds the denied IP to the bottom of the list. I'd like it to add it to the top of the list so my default *.*.*.* allow stays at the bottom for its intended purpose.

Please advise.
gockenbr
 
posts 7
 
joined Thu Jan 27, 2011 8:26 pm

Re: Anti hammer and banlist (IP Access)

Postby FTP » Thu Feb 03, 2011 5:34 pm

In such situation, allowing " *.*.*.* " doesn't make any sense, please remove this rule.
FTP
Site Admin
 
posts 1243
 
joined Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Postby gockenbr » Thu Feb 03, 2011 8:12 pm

Ok I removed the rule. Again everything works until a IP gets added via the script at which point all others still show the deny line but the IP's get removed.

-B
gockenbr
 
posts 7
 
joined Thu Jan 27, 2011 8:26 pm

Re: Anti hammer and banlist (IP Access)

Postby FTP » Fri Feb 04, 2011 7:17 am

Which version of Wing FTP Server are you using? Still banned all the IPs?
FTP
Site Admin
 
posts 1243
 
joined Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Postby gockenbr » Fri Feb 04, 2011 3:32 pm

I have the lastest version 3.7.5 installed.

Yes it appears that all IP's get blocked once this happens. After doing some more testing after the initial IP gets blocked all appears to be fine. but once the second IP gets blocked it changes the deny statement for the first IP to allow and removes the IP information. Once that happens noone can connect to the server. I have screenshot and logs if you have somewhere for me to send them to.
gockenbr
 
posts 7
 
joined Thu Jan 27, 2011 8:26 pm

Re: Anti hammer and banlist (IP Access)

Postby FTP » Fri Feb 04, 2011 4:11 pm

OK, please try the following code:


Code: Select all
local ipmasks = c_GetIPMaskList("%Domain")
local domain_ipmasks = {}
if type(ipmasks) == "table" then
   for _,ipmask in pairs(ipmasks) do
      local temp = {}
      table.insert(temp,ipmask.ip)
      table.insert(temp,ipmask.refuse)
      table.insert(domain_ipmasks,temp)
   end
end
table.insert(domain_ipmasks,{"%IP",true})
c_SetIPMaskList("%Domain",domain_ipmasks)
FTP
Site Admin
 
posts 1243
 
joined Tue Sep 29, 2009 6:09 am

Next

Return to Suggestions & Wishlist

Who is online

Users browsing this forum: No registered users and 2 guests