npm - @roflsec/fail2scan - Versions diffs - 0.0.6 → 0.0.8 - Mend

@roflsec/fail2scan 0.0.6 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/bin/daemon.js +45 -20
package/package.json +1 -1

package/bin/daemon.js CHANGED Viewed

@@ -5,19 +5,23 @@ const { execFile, spawn } = require('child_process');
 const { promisify } = require('util');
 const execFileP = promisify(execFile);
 require('dotenv').config({ quiet:true})
 // -------------------- IPGeolocation --------------------
-const IPGeolocationAPI = require("ip-geolocation-api-javascript-sdk");
-const GeolocationParams = require("ip-geolocation-api-javascript-sdk/GeolocationParams.js");
-const ipGeo = new IPGeolocationAPI(`${process.env.IPGEO_API_KEY}`, true);
-const getGeo = (ip) => {
-  return new Promise((resolve) => {
-    const params = new GeolocationParams();
-    params.setIPAddress(ip);
-    params.setFields("geo,time_zone,currency,asn,security");
-    ipGeo.getGeolocation((res) => resolve(res), params);
-  });
-};
+let getGeo = async (ip) => null;
+if(process.env.IPGEO_API_KEY){
+  const IPGeolocationAPI = require("ip-geolocation-api-javascript-sdk");
+  const GeolocationParams = require("ip-geolocation-api-javascript-sdk/GeolocationParams.js");
+  const ipGeo = new IPGeolocationAPI(`${process.env.IPGEO_API_KEY}`, true);
+  getGeo = (ip) => {
+    return new Promise((resolve) => {
+      const params = new GeolocationParams();
+      params.setIPAddress(ip);
+      params.setFields("geo,time_zone,currency,asn,security");
+      ipGeo.getGeolocation((res) => resolve(res), params);
+    });
+  };
+}
 // -------------------- CLI / CONFIG --------------------
 const argv = process.argv.slice(2);
@@ -60,7 +64,14 @@ function saveState(s){try{fs.mkdirSync(path.dirname(STATE_FILE),{recursive:true,
 const STATE=loadState();
 // -------------------- IP extraction --------------------
-function extractIpFromLine(line){const v4=line.match(/\b(?:\d{1,3}\.){3}\d{1,3}\b/);if(v4&&v4[0])return v4[0];const v6=line.match(/\b([0-9a-fA-F]{0,4}:){2,7}[0-9a-fA-F]{0,4}\b/);if(v6&&v6[0])return v6[0];return null;}
+function extractIpFromLine(line){
+  // garde ton extracteur d’origine (IPv4 + IPv6)
+  const v4 = line.match(/\b(?:\d{1,3}\.){3}\d{1,3}\b/);
+  if(v4&&v4[0]) return v4[0];
+  const v6 = line.match(/\b([0-9a-fA-F]{0,4}:){2,7}[0-9a-fA-F]{0,4}\b/);
+  if(v6&&v6[0]) return v6[0];
+  return null;
+}
 // -------------------- nmap helpers (parallel support) --------------------
 function spawnOneNmap(args, outFile) {
@@ -149,16 +160,17 @@ async function performScan(ip){
   try{ fs.writeFileSync(path.join(outDir,'summary.json'),JSON.stringify(summary,null,2)); } catch (e) {}
-  try {
-    const geo = await getGeo(ip);
-    fs.writeFileSync(path.join(outDir, 'geo.json'), JSON.stringify(geo, null, 2));
-  } catch(e) {}
+  if(process.env.IPGEO_API_KEY){
+    getGeo(ip)
+      .then(geo => { try{ fs.writeFileSync(path.join(outDir,'geo.json'), JSON.stringify(geo, null, 2)); }catch{} })
+      .catch(()=>{});
+  }
   try{ fs.chmodSync(outDir,0o750); } catch (e) {}
   log('Scan written for',ip,'->',outDir);
 }
-// -------------------- queue optimized --------------------
+// -------------------- queue --------------------
 class ScanQueue{
   constructor(concurrency=1){this.concurrency=concurrency;this.running=0;this.q=[];this.set=STATE.seen;this.tmpCache=new Set();}
   push(ip){
@@ -192,7 +204,9 @@ const concurrency = CORE_OVERRIDE||USER_CONCURRENCY||os.cpus().length||1;
 const q = new ScanQueue(concurrency);
 log(`Fail2Scan started. Watching ${LOG_PATH} -> output ${OUT_ROOT}, concurrency ${concurrency}`);
-const BAN_RE = /\bBan\b/i;
+// -------------------- FIX : regex BAN correct --------------------
+const BAN_RE = /Ban\s+(\d{1,3}(?:\.\d{1,3}){3})/;
 class FileTail{
   constructor(filePath,onLine){this.filePath=filePath;this.onLine=onLine;this.pos=0;this.inode=null;this.buf='';this.watch=null;this.start();}
   start(){try{const st=fs.statSync(this.filePath);this.inode=st.ino;this.pos=st.size;}catch{this.inode=null;this.pos=0;}this._watch();this._readNew().catch(()=>{});}
@@ -200,7 +214,18 @@ class FileTail{
   async _readNew(){try{const st=fs.statSync(this.filePath);if(st.size<this.pos)this.pos=0;if(st.size===this.pos)return;const stream=fs.createReadStream(this.filePath,{start:this.pos,end:st.size-1,encoding:'utf8'});for await(const chunk of stream){this.buf+=chunk;let idx;while((idx=this.buf.indexOf('\n'))>=0){const line=this.buf.slice(0,idx);this.buf=this.buf.slice(idx+1);if(line.trim())this.onLine(line);}}this.pos=st.size;}catch{}}
   close(){try{this.watch?.close();}catch{}}
 }
-const tail=new FileTail(LOG_PATH,line=>{try{if(!BAN_RE.test(line))return;const ip=extractIpFromLine(line);if(!ip)return;q.push(ip);}catch(e){log('onLine handler error',e.message||e);}});
+const tail=new FileTail(LOG_PATH,line=>{
+  try{
+    const m=line.match(BAN_RE);
+    if(!m) return;
+    const ip = m[1];
+    if(!ip) return;
+    q.push(ip);
+  }catch(e){
+    log('onLine handler error',e.message||e);
+  }
+});
 function shutdown(){log('Shutting down Fail2Scan...');tail.close();const start=Date.now();const wait=()=>{if(q.running===0||Date.now()-start>10000)process.exit(0);setTimeout(wait,500);};wait();}
 process.on('SIGINT',shutdown);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@roflsec/fail2scan",
-  "version": "0.0.6",
+  "version": "0.0.8",
   "description": "Fail2Scan daemon - watches fail2ban logs and scans banned IPs using nmap, dig and whois.",
   "bin": {
     "fail2scan-daemon": "./bin/daemon.js"