search

XaF / fail2ban-subnets

fail2ban-subnets aims to provide a way to ban subnets of IPs repeatingly banned by fail2ban for multiple offenses.
11 stars 3 forks source link

TypeError: cannot use a string pattern on a bytes-like object #8

Open thomasboehm opened 2 years ago

thomasboehm commented 2 years ago

Is this project still maintained and working?

First, I needed to copy the action and filter to the existing directories and not create new *.local ones. Otherwise fail2ban would complain

2021-12-14 12:28:55,125 fail2ban.configreader   [187754]: ERROR   Found no accessible config files for 'filter.d/subnets' under /etc/fail2ban
2021-12-14 12:28:55,126 fail2ban.jailreader     [187754]: ERROR   Unable to read the filter 'subnets'
2021-12-14 12:28:55,126 fail2ban.jailsreader    [187754]: ERROR   Errors in jail 'subnets'. Skipping...
OK

But fail2ban-subnets.py still throws this error

Traceback (most recent call last):
  File "/usr/local/bin/fail2ban-subnets.py", line 250, in <module>
    banList = dict(re.findall(
  File "/usr/lib/python3.8/re.py", line 241, in findall
    return _compile(pattern, flags).findall(string)
TypeError: cannot use a string pattern on a bytes-like object
thomasboehm commented 2 years ago

I got rid of the error by changing line 248 to out = iptablesL.communicate()[0].decode('utf-8') and the script seems to work. But is it correct, that the jail shows the network ip instead of the subnet? iptables shows the subnet correctly thought.

XaF commented 2 years ago

Hello! Thanks for opening the issue :) When I wrote this initially, I believe most of my testing was done in Python 2, which explains the byte-like issue.

Regarding what the jail shows, it's expected to see the IP and not the subnet given fail2ban does not support subnets directly, so fail2ban-subnet uses the IP itself as reference to the subnet, and appends the CIDR to it when calling iptables!