GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → tomMoulard → Fail2ban

tomMoulard / Fail2ban

Traefik plugin on fail2ban middleware

Programming Languages

go
31211 projects - #10 most used programming language

Labels

hackathon

Projects that are alternatives of or similar to Fail2ban

Oneid
OneID — NameCoin-based identity
Stars: ✭ 7 (-89.39%)
Mutual labels:  hackathon
Project Ideas
Running list of all project ideas - pick one and run with it!
Stars: ✭ 31 (-53.03%)
Mutual labels:  hackathon
Azuremonitoringhackathon
Operationalize Azure deployments with Azure platform tools​
Stars: ✭ 46 (-30.3%)
Mutual labels:  hackathon
Pharmacy Blockchain
Open Hackathon Sep 2018 - Oran.
Stars: ✭ 13 (-80.3%)
Mutual labels:  hackathon
Webathon 20
🥳open-source contributors are invited to participate in this hackathon. A contest to create and design websites
Stars: ✭ 31 (-53.03%)
Mutual labels:  hackathon
Hackathon Starter
Useful information for using Amadeus for Developers APIs in Hackathons
Stars: ✭ 38 (-42.42%)
Mutual labels:  hackathon
Hackathon Packing List
📋 Hackathon Packing List - A Handy Guide
Stars: ✭ 17 (-74.24%)
Mutual labels:  hackathon
Av Ltfs Data Science Finhack Ml Hackathon
L&T Financial Services & Analytics Vidhya presents ‘DataScience FinHack’ organised by Analytics Vidhya
Stars: ✭ 48 (-27.27%)
Mutual labels:  hackathon
Projectweek
Website for NA-MIC Project Weeks
Stars: ✭ 31 (-53.03%)
Mutual labels:  hackathon
Hackonhills
Official Website for the Annual Hackathon organized by AppTeam NITH
Stars: ✭ 44 (-33.33%)
Mutual labels:  hackathon
Hackathon Starter
A boilerplate for Node.js web applications
Stars: ✭ 32,485 (+49119.7%)
Mutual labels:  hackathon
Registration
Powerful and extensible registration system for hackathons and other large events
Stars: ✭ 29 (-56.06%)
Mutual labels:  hackathon
Hackinthenorth.github.io
India's greatest student held hackathon. 🐺
Stars: ✭ 38 (-42.42%)
Mutual labels:  hackathon
Droidsentinel
Analizador de tráfico para dispositivos Android potencialmente comprometidos como parte de una botnet orientado a detectar ataques DDoS.
Stars: ✭ 11 (-83.33%)
Mutual labels:  hackathon
Furatto Rails Start Kit
A rails app with Furatto, Devise, and Facebook Authentication perfect for hackathons!
Stars: ✭ 46 (-30.3%)
Mutual labels:  hackathon
Chronicel
Our super sweet hacker management system, built for HackTCNJ 2017+ | Used by [email protected] 2018!
Stars: ✭ 18 (-72.73%)
Mutual labels:  hackathon
Recyclomedia
Recyclomedia is a digital platform that aims to save the planet from pollution which is the major threat to the functioning of earth.
Stars: ✭ 32 (-51.52%)
Mutual labels:  hackathon
Hackcoc
⚖ A generic and configurable Code of Conduct for hackathons
Stars: ✭ 65 (-1.52%)
Mutual labels:  hackathon
Plastic Detection Model
Image Recognition Model to detect plastics, glass, paper, rubbish, metal and cardboard. This is used to detect these pollution in the ocean to allow the eradication of these materials, helping marine life, fishermen, tourism and making the world resilient to climate change.
Stars: ✭ 47 (-28.79%)
Mutual labels:  hackathon
Pantry
🥑 Free data storage as a service that allows devs to store JSON for multiple apps & users. A good resource when building personal projects, apps for hackathons, and prototypes alike.
Stars: ✭ 42 (-36.36%)
Mutual labels:  hackathon
View All Similar Projects ➔

Fail2ban plugin for traefik

Build Status

This plugin is a small implementation of a fail2ban instance as a middleware plugin for Traefik.

Configuration

Whitelist

You can whitelist some IP using this:

testData:
  whitelist:
    files:
      - "tests/test-ipfile.txt"
    ip:
      - "::1"
      - "127.0.0.1"

Where you can use some IP in an array of files or directly in the config.

Blacklist

Like whitelist, you can blacklist some IP using this:

testData:
  blacklist:
    files:
      - "tests/test-ipfile.txt"
    ip:
      - "::1"
      - "127.0.0.1"

Where you can use some IP in an array of files or directly in the config.

Configuration debug

In order to check if the configuration is correct, there should be some logs on stdout like:

Fail2Ban_config: 2020/12/27 22:40:04 restricted.go:51: Whitelisted: '127.0.0.2/32'
Fail2Ban_config: 2020/12/27 22:40:04 restricted.go:51: Blacklisted: '127.0.0.3/32'
Fail2Ban_config: 2020/12/27 22:40:04 restricted.go:51: Bantime: 3h0m0s
Fail2Ban_config: 2020/12/27 22:40:04 restricted.go:51: Findtime: 3h0m0s
Fail2Ban_config: 2020/12/27 22:40:04 restricted.go:51: Ports range from 0 to 8000
Fail2Ban_config: 2020/12/27 22:40:04 restricted.go:51: FailToBan Rules : '{Xbantime:3h0m0s Xfindtime:3h0m0s Xurlregexp:[localhost:5000/whoami] Xmaxretry:4 Xenabled:true Xports:[0 8000]}'
Fail2Ban: 2020/12/27 22:40:04 restricted.go:52: Plugin: FailToBan is up and running

Fail2ban

We plan to use all default fail2ban configuration but at this time only a few features are implemented:

testData:
  rules:
    bantime: "3h"
    findtime: "10m"
    maxretry: 4
    enabled: true
    urlregexp:
      - ""
    urlregexp: ""
    ports: "80:443"

Where:

  • findtime: is the time slot used to count requests (if there is too many requests with the same ip in this slot of time, the ip goes into ban). You can use 'smart' strings: "4h", "2m", "1s", ...
  • bantime: correspond to the amount of time the IP is in Ban mode.
  • maxretry: number of request before Ban mode.
  • enabled: allow to enable or disable the plugin (must be set to true to enable the plugin).
  • urlregexp: a regexp list to block request with regexps on the url
  • ports: filter requests by port range

Schema

First request, IP is added to the Pool, and the findtime timer is started:

A |------------->
  ↑

Second request, findtime is not yet finished thus the request is fine:

A |--x---------->
     ↑

Third request, maxretry is now full, this request is fine but the next wont.

A |--x--x------->
        ↑

Fourth request, too bad, now it's jail time, next request will go through after bantime:

A |--x--x--x---->
           ↓
B          |------------->

Fifth request, the IP is in Ban mode, nothing happen:

A |--x--x--x---->
B          |--x---------->
              ↑

Last request, the bantime is now over, another findtime is started:

A |--x--x--x---->            |------------->
                             ↑
B          |--x---------->

Dev traefik.yml configuration file for traefik

pilot:
  token: [REDACTED]

experimental:
  devPlugin:
    goPath: /home/${USER}/go
    moduleName: github.com/tommoulard/fail2ban

entryPoints:
  http:
    address: ":8000"
    forwardedHeaders:
      insecure: true

api:
  dashboard: true
  insecure: true

providers:
  file:
    filename: rules-fail2ban.yaml

How to dev

$ docker run -d --network host containous/whoami -port 5000
# traefik --configfile traefik.yml

Authors

Tom Moulard Clément David Martin Huvelle Alexandre Bossut-Lasry
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].