search

e-cite / f2b-sophosxg

Access Sophos XG API from fail2ban to block hosts on perimeter firewall
MIT License
4 stars 0 forks source link

ERROR 7f55eccee250 -- stderr: "AttributeError: 'NoneType' object has no attribute 'find'" #1

Open tipanic opened 1 year ago

tipanic commented 1 year ago

Hello, thank you very much for this script, I tried it today on a fresh Ubuntu 22.04 Install, but ran into an error. I don't know if did something wrong, maybe you can help me.

i checked /var/log/fail2ban.log:

[5297]: ERROR 7f55eccee250 -- exec: python3 /usr/local/sbin/f2b-sophosxg.py ban --ip 192.168.223.25 2023-03-09 06:09:50,843 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stdout: 'Ban: Banning single IP 192.168.223.25' 2023-03-09 06:09:50,843 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: 'Traceback (most recent call last):' 2023-03-09 06:09:50,843 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: ' File "/usr/local/sbin/f2b-sophosxg.py", line 66, in ' 2023-03-09 06:09:50,843 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: ' ret = f2b.ban(args.ip)' 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: ' File "/usr/local/lib/f2bsophosxg/libf2bsophosxg.py", line 151, in ban' 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: ' if not self.sxg.isApiCallSuccessful(response): return 1' 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: ' File "/usr/local/lib/f2bsophosxg/libsophosxg.py", line 80, in isApiCallSuccessful' 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: ' loginStatusText = self.xml_getRespLoginStatus(response.content)' 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: ' File "/usr/local/lib/f2bsophosxg/libsophosxg.py", line 52, in xml_getRespLoginStatus' 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: " loginStatusMsg = login.find('status').text" 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- stderr: "AttributeError: 'NoneType' object has no attribute 'find'" 2023-03-09 06:09:50,844 fail2ban.utils [5297]: ERROR 7f55eccee250 -- returned 1 2023-03-09 06:09:50,844 fail2ban.actions [5297]: ERROR Failed to execute ban jail 'sshd' action 'sophosxg' info 'ActionInfo({'ip': '192.168.223.25', 'family': 'inet4', 'fid': <function Actions.ActionInfo. at 0x7f55ed64c1f0>, 'raw-ticket': <function Actions.ActionInfo. at 0x7f55ed64c8b0>})': Error banning 192.168.223.25

e-cite commented 1 year ago

Hi @tipanic, sorry for responding this late, but I didn't get any notification about your issue.

I did work on this project, but we did never use this in production. So it's quite a first version, not really tested yet.

Regarding your logs, I suppose the login-status was a None-Type object, which cannot be searched by the find method for the status field. This could be caused by some nonce returned during login. Since I do not have a test-system nor enough time for testing, I have to disappoint you and I cannot help you any further about this issue that time.

Feel free to fork this project and debug it yourself. I'm sorry :(