Anti hammer and banlist (IP Access)

Post here if you have some suggestions or you want to request a new feature.
Djfx*
Posts: 5
Joined: Fri Jan 07, 2011 4:14 am

Anti hammer and banlist (IP Access)

Post by Djfx* »

would it be possible to add a option to add a ip to the domain banlist if the anti-hammer rule get`s broken?

it`s a pretty good system to make a server a lot more secure!

thx!
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Post by FTP »

If my understanding is right, you want to add the IP into domain banlist if it exceeds the max failed login tries. right?

Yes, Wing FTP Server can handle it of course, because Wing FTP Server supports Lua scripts and it is very flexible, you just need to add the following scripts into the Event "OnExceedUSERPASS":

local tabIPMask = c_GetIPMaskList("%Domain")
table.insert(tabIPMask,{"%IP",true})
c_SetIPMaskList("%Domain",tabIPMask)
Djfx*
Posts: 5
Joined: Fri Jan 07, 2011 4:14 am

Re: Anti hammer and banlist (IP Access)

Post by Djfx* »

yes that`s what i ment :)

alltho i didnt get it to work.. i tryed pasting it straight inn the Lua console. i changed from %Domain to %mydomain

i allso looked in the wing ftp root dir under lua but no sutch file as OnExceedUSERPASS

allso i got 4 domains up right now. how would the script look like if i`d like to add the ip`s to the global banlist instead of the domain specific list so the other domain`s wont be available nether??

thx for the help so far!
Dj
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Post by FTP »

Hi, it is under "Domain -> Event Manager -> FTP(or HTTP, SSH) Events -> OnExceedUSERPASS"
gockenbr
Posts: 7
Joined: Thu Jan 27, 2011 8:26 pm

Re: Anti hammer and banlist (IP Access)

Post by gockenbr »

Sorry for piggy backing on the thread but I was looking to do the same type of thing. I entered in the lua scritpt:

local tabIPMask = c_GetIPMaskList("%Domain")
table.insert(tabIPMask,{"%IP",true})
c_SetIPMaskList("%Domain",tabIPMask)

as you suggested. It works great for the first IP it blocks. however any other IP that gets entered after goofs the list. It basically makes all other blank allows or denied statements. For instance if by default I have *.*.*.* set to allowed and a IP gets denied added via the above script, all connections seem to get blocked. When looking at the IP access list I see the line that I had put in for the default allow however the *.*.*.* now shows nothing. Any ideas?

Also it seems like this script adds the denied IP to the bottom of the list. I'd like it to add it to the top of the list so my default *.*.*.* allow stays at the bottom for its intended purpose.

Please advise.
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Post by FTP »

In such situation, allowing " *.*.*.* " doesn't make any sense, please remove this rule.
gockenbr
Posts: 7
Joined: Thu Jan 27, 2011 8:26 pm

Re: Anti hammer and banlist (IP Access)

Post by gockenbr »

Ok I removed the rule. Again everything works until a IP gets added via the script at which point all others still show the deny line but the IP's get removed.

-B
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Post by FTP »

Which version of Wing FTP Server are you using? Still banned all the IPs?
gockenbr
Posts: 7
Joined: Thu Jan 27, 2011 8:26 pm

Re: Anti hammer and banlist (IP Access)

Post by gockenbr »

I have the lastest version 3.7.5 installed.

Yes it appears that all IP's get blocked once this happens. After doing some more testing after the initial IP gets blocked all appears to be fine. but once the second IP gets blocked it changes the deny statement for the first IP to allow and removes the IP information. Once that happens noone can connect to the server. I have screenshot and logs if you have somewhere for me to send them to.
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Anti hammer and banlist (IP Access)

Post by FTP »

OK, please try the following code:

Code: Select all

local ipmasks = c_GetIPMaskList("%Domain")
local domain_ipmasks = {}
if type(ipmasks) == "table" then
   for _,ipmask in pairs(ipmasks) do
      local temp = {}
      table.insert(temp,ipmask.ip)
      table.insert(temp,ipmask.refuse)
      table.insert(domain_ipmasks,temp)
   end
end
table.insert(domain_ipmasks,{"%IP",true})
c_SetIPMaskList("%Domain",domain_ipmasks)
Post Reply