search

PowerDNS / weakforced

Anti-Abuse for servers at authentication time
GNU General Public License v3.0
123 stars 33 forks source link

[BUG] GEOIP2 not working in Docker image version 2.10 #413

Closed bypper closed 7 months ago

bypper commented 8 months ago

GEOIP2DB for City and Country info not working in the last version (2.10) of Docker image.

Steps to reproduce the behavior:

  1. Configure GEOIP2DB in customize /etc/wforce.conf:
function country_info(args)
...
local dataciudad = migeocountrydb:lookupCity(newCA(vIp))
local country_code = dataciudad.country_code
local country_name = dataciudad.country_name
local continent = dataciudad.continent_code
return true, {ip=vIp,continente=continent,pais=country_name,codigo=country_code}.
...
  1. Up image 2.10 version:

export WFORCE_CONFIG_FILE=/wforce/wforce.conf;export WFORCE_VERBOSE=1;export WFORCE_HTTP_PASSWORD=xxxxx;docker run --restart unless-stopped -d --name miwforce -p 127.0.0.1:8084:8084 -v /bypper/docker/miwforce:/wforce -v /bypper/etc/geoip:/tmp/geoip -v /bypper/docker/resolv.conf:/etc/resolv.conf -e WFORCE_HTTP_PASSWORD -e WFORCE_VERBOSE -e WFORCE_CONFIG_FILE powerdns/wforce:v2.10.0

  1. Call to "country_info" function with an IP as parameter:
curl -X POST -H "Content-Type: application/json" --data '{"attrs":{"ip":"8.8.8.8"}}' http://127.0.0.1:8084/?command=country_info -u wforce:xxxxx
{"r_attrs": {"ip": "8.8.8.8"}, "success": true}

  1. Down image 2.10 version: $ docker container miwforce && docker container prune

  2. Up image 2.8 version:

export WFORCE_CONFIG_FILE=/wforce/wforce.conf;export WFORCE_VERBOSE=1;export WFORCE_HTTP_PASSWORD=xxxxx;docker run --restart unless-stopped -d --name miwforce -p 127.0.0.1:8084:8084 -v /bypper/docker/miwforce:/wforce -v /bypper/etc/geoip:/tmp/geoip -v /bypper/docker/resolv.conf:/etc/resolv.conf -e WFORCE_HTTP_PASSWORD -e WFORCE_VERBOSE -e WFORCE_CONFIG_FILE powerdns/wforce:v2.8.0

  1. Check with the same command:
curl -X POST -H "Content-Type: application/json" --data '{"attrs":{"ip":"8.8.8.8"}}' http://127.0.0.1:8084/?command=country_info -u wforce:xxxxx
{"r_attrs": {"codigo": "US", "continente": "NA", "ip": "8.8.8.8", "pais": "United States"}, "success": true}

Expected behavior Country info (Code, Country...) only appears with 2.8 version Docker image, not with 2.10.

OS (please complete the following information):

slusarz commented 7 months ago

This is expected behavior. From 2.10.0 Release Notes: "Remove Legacy GeoIP from Packages and Dockerfiles/Images"

bypper commented 7 months ago

This is expected behavior. From 2.10.0 Release Notes: "Remove Legacy GeoIP from Packages and Dockerfiles/Images"

It's not Legacy.

newGeoIP2DB("CityDB", "/tmp/geoip/GeoLite2-City.mmdb")                                                                                                                                                             
newGeoIP2DB("CountryDB", "/tmp/geoip/GeoIP2-Country.mmdb")                                                                                                                                                         
newGeoIP2DB("ISPDB", "/tmp/geoip/GeoIP2-ISP.mmdb")
neilcook commented 7 months ago

I can reproduce this. I'm creating a fix for it, and it will be in 2.10.1. I actually don't know how this ever actually worked, it must be a fluke, because the GeoIP lookup code is fine but the code was never correct for accessing the variables from Lua.