/// <summary>
/// Create a log file scanner
/// </summary>
/// <param name="loginHandler">Interface for handling logins</param>
/// <param name="dns">Interface for dns lookup</param>
/// <param name="source">The source, i.e. SSH or SMTP, etc.</param>
/// <param name="pathAndMask">File path and mask (i.e. /var/log/auth*.log)</param>
/// <param name="recursive">Whether to parse all sub directories of path and mask recursively</param>
/// <param name="regexFailure">Regex to parse file lines to pull out failed login ipaddress and username</param>
/// <param name="regexSuccess">Regex to parse file lines to pull out successful login ipaddress and username</param>
/// <param name="maxFileSizeBytes">Max size of file (in bytes) before it is deleted or 0 for unlimited</param>
/// <param name="pingIntervalMilliseconds">Ping interval in milliseconds, less than 1 for manual ping required</param>
public IPBanIPAddressLogFileScanner
(
IIPAddressEventHandler loginHandler,
IDnsLookup dns,
string source,
string pathAndMask,
bool recursive,
string regexFailure,
string regexSuccess,
long maxFileSizeBytes = 0,
int pingIntervalMilliseconds = 0
) : base(pathAndMask, recursive, maxFileSizeBytes, pingIntervalMilliseconds)
{
loginHandler.ThrowIfNull(nameof(loginHandler));
dns.ThrowIfNull(nameof(dns));
Source = source;
this.loginHandler = loginHandler;
this.dns = dns;
this.regexFailure = IPBanConfig.ParseRegex(regexFailure);
this.regexSuccess = IPBanConfig.ParseRegex(regexSuccess);
}
private void UpdateLogFiles(IPBanConfig newConfig)
{
// remove existing log files that are no longer in config
foreach (IPBanLogFileScanner file in logFilesToParse.ToArray())
{
if (newConfig.LogFilesToParse.FirstOrDefault(f => f.PathsAndMasks.Contains(file.PathAndMask)) == null)
{
file.Dispose();
logFilesToParse.Remove(file);
}
}
foreach (IPBanLogFileToParse newFile in newConfig.LogFilesToParse)
{
string[] pathsAndMasks = newFile.PathAndMask.Split('\n');
for (int i = 0; i < pathsAndMasks.Length; i++)
{
string pathAndMask = pathsAndMasks[i].Trim();
if (pathAndMask.Length != 0)
{
// if we don't have this log file and the platform matches, add it
if (logFilesToParse.FirstOrDefault(f => f.PathAndMask == pathAndMask) == null &&
!string.IsNullOrWhiteSpace(newFile.PlatformRegex) &&
Regex.IsMatch(IPBanOS.Description, newFile.PlatformRegex.ToString().Trim(), RegexOptions.IgnoreCase | RegexOptions.CultureInvariant))
{
// log files use a timer internally and do not need to be updated regularly
IPBanLogFileScanner scanner = new IPBanIPAddressLogFileScanner(this, DnsLookup,
newFile.Source, pathAndMask, newFile.Recursive, newFile.FailedLoginRegex, newFile.SuccessfulLoginRegex, newFile.MaxFileSize, newFile.PingInterval);
logFilesToParse.Add(scanner);
IPBanLog.Debug("Adding log file to parse: {0}", pathAndMask);
}
else
{
IPBanLog.Debug("Ignoring log file path {0}, regex: {1}", pathAndMask, newFile.PlatformRegex);
}
}
}
}
}
internal async Task ReadAppSettings()
{
try
{
ConfigFilePath = (!File.Exists(ConfigFilePath) ? Path.Combine(AppDomain.CurrentDomain.BaseDirectory, IPBanService.ConfigFileName) : ConfigFilePath);
string newXml = await ConfigReaderWriter.CheckForConfigChange();
if (!string.IsNullOrWhiteSpace(newXml))
{
IPBanConfig oldConfig = Config;
IPBanConfig newConfig = IPBanConfig.LoadFromXml(newXml, DnsLookup);
UpdateLogFiles(newConfig);
whitelistChanged = (Config == null || Config.WhiteList != newConfig.WhiteList || Config.WhiteListRegex != newConfig.WhiteListRegex);
Config = newConfig;
LoadFirewall(oldConfig);
}
}
catch (Exception ex)
{
IPBanLog.Error(ex);
if (Config == null)
{
throw new ApplicationException("Configuration failed to load, make sure to check for XML errors or unblock all the files.", ex);
}
}
// set or unset default banned ip address handler based on config
if (Config.UseDefaultBannedIPAddressHandler && BannedIPAddressHandler == null)
{
BannedIPAddressHandler = new DefaultBannedIPAddressHandler();
}
else if (!Config.UseDefaultBannedIPAddressHandler && BannedIPAddressHandler != null && BannedIPAddressHandler is DefaultBannedIPAddressHandler)
{
BannedIPAddressHandler = null;
}
}
