Nextcloud VM GeoBlock broken

[aaaskew]

Steps To Reproduce

1. Use menu.sh to add Geo blocking
2. Select just countries
3. Select my country

Expected Result

Geoblocking IPs stops people outside the country from connecting

Actual Result

Everyone on IPv4 (I think) is blocked with

Forbidden You don't have permission to access this resource.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Screenshots, Videos, or Pastebins

Additional Context

This affects anyone using GeoBlock installed already or fresh install VMs.

2 issues:

1. On fresh install the install pops-up 2 error messages. These might not actually be a problem? I don't know.

2. The GeoIP configuration in apache.conf points to /usr/share/GeoIP/GeoIPv4.dat that does not exist.

/usr/share/GeoIP/GeoIP.dat and /usr/share/GeoIPv6.dat do exist however so I expect the apache.conf configuration needs changing for fresh installs, but also for people running update.sh?

Build Version

29

Environment

By downloading the VM

Environment Details

No response

[enoch85]

Hmm, this is a new one...

I was trying to be cautious since we're downloading from an external source. I don't want the users to get any virus. :|

Maybe if you can find a better source for the download which we can trust? Then I can make a new PR for this.

[enoch85]

This is what happens in the background:

Checking connection to https://www.miyuru.lk/geoiplegacy...
++ curl -LI https://www.miyuru.lk/geoiplegacy -o /dev/null -w '%{http_code}\n' -s
+ CURL_STATUS=200
+ [[ 200 = \2\0\0 ]]
+ return 0
+ curl -s https://www.miyuru.lk/geoiplegacy
+ grep -q 'September 2024'
+ grep -c GeoIP.dat /etc/apache2/apache2.conf
1
+ '[' '!' -f /usr/share/GeoIP/GeoIPv4.dat ']'
+ download_geoip_dat 4 v4
+ site_200 https://dl.miyuru.lk/geoip/maxmind/country/maxmind4.dat.gz
+ print_text_in_color '\e[0;96m' 'Checking connection to https://dl.miyuru.lk/geoip/maxmind/country/maxmind4.dat.gz...'
+ printf '%b%s%b\n' '\e[0;96m' 'Checking connection to https://dl.miyuru.lk/geoip/maxmind/country/maxmind4.dat.gz...' '\e[0m'
Checking connection to https://dl.miyuru.lk/geoip/maxmind/country/maxmind4.dat.gz...
++ curl -LI https://dl.miyuru.lk/geoip/maxmind/country/maxmind4.dat.gz -o /dev/null -w '%{http_code}\n' -s
+ CURL_STATUS=200
+ [[ 200 = \2\0\0 ]]
+ return 0
+ curl_to_dir https://dl.miyuru.lk/geoip/maxmind/country maxmind4.dat.gz /tmp
+ '[' '!' -d /tmp ']'
+ rm -f /tmp/maxmind4.dat.gz
+ '[' -n yes ']'
+ curl -sfL https://dl.miyuru.lk/geoip/maxmind/country/maxmind4.dat.gz -o /tmp/maxmind4.dat.gz
+ metadefender-scan /tmp/maxmind4.dat.gz
+ grep '"scan_all_result_a":"No Threat Detected","current_av_result_a":"No Threat Detected"'
++ sha256sum /tmp/maxmind4.dat.gz
+ hash='b4452b6ef8225d3eb49752cb5ea371a6fd8d5401215c016d16fdfb1eb01d1922  /tmp/maxmind4.dat.gz'
+ hash=b4452b6ef8225d3eb49752cb5ea371a6fd8d5401215c016d16fdfb1eb01d1922
+ apikey=7XXXXXXXXXXXXXXX
+ curl https://api.metadefender.com/v4/hash/b4452b6ef8225d3eb49752cb5ea371a6fd8d5401215c016d16fdfb1eb01d1922 -H 'apikey: 7283aa9bbcee83132506659a4e5675bb'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  3841  100  3841    0     0   9280      0 --:--:-- --:--:-- --:--:--  9300
{"last_sandbox_id":[{"sandbox_id":"66e4845890309dfc4ad0d892","system":"filescanio","date":"2024-09-13T18:28:52.537Z"}],"votes":{"down":0,"up":0},"last_start_time":"2024-09-13T19:21:16.770Z","scan_result_history_length":2,"file_id":"bzI0MDkxMzdCYmVETHVxUVU","data_id":"bzI0MDkxMzdCYmVETHVxUVVrS3R5bDVDeGlL_mdaas","sanitized":{"result":"Error","reason":"CDR Unsupported file type","progress_percentage":100},"process_info":{"progress_percentage":100,"result":"Allowed","post_processing":{"sanitization_details":{},"actions_failed":"","actions_ran":"","converted_destination":"","converted_to":"","copy_move_destination":""},"blocked_reason":"","profile":"multiscan_sanitize","verdicts":["No Threat Detected"],"blocked_reasons":[]},"scan_results":{"scan_details":{"Bkav Pro":{"scan_time":212,"def_time":"2024-09-09T15:30:00.000Z","scan_result_i":0,"threat_found":""},"Avira":{"scan_time":16,"def_time":"2024-09-09T09:55:00.000Z","scan_result_i":0,"threat_found":""},"CMC":{"scan_time":6,"def_time":"2024-09-09T17:43:43.000Z","scan_result_i":0,"threat_found":""},"K7":{"scan_time":3,"def_time":"2024-09-09T01:20:00.000Z","scan_result_i":0,"threat_found":""},"Xvirus Anti-Malware":{"scan_time":183,"def_time":"2024-09-08T19:35:03.000Z","scan_result_i":0,"threat_found":""},"NANOAV":{"scan_time":2,"def_time":"2024-09-09T04:26:00.000Z","scan_result_i":0,"threat_found":""},"Sophos":{"scan_time":144,"def_time":"2024-09-09T00:46:24.000Z","scan_result_i":0,"threat_found":""},"TACHYON":{"scan_time":24,"def_time":"2024-09-09T00:00:00.000Z","scan_result_i":0,"threat_found":""},"RocketCyber":{"scan_result_i":23,"scan_time":3,"def_time":"2024-09-09T00:00:00.000Z","threat_found":""},"Quick Heal":{"scan_time":1,"def_time":"2024-09-08T22:18:00.000Z","scan_result_i":0,"threat_found":""},"McAfee":{"scan_time":2,"def_time":"2024-09-08T00:00:00.000Z","scan_result_i":0,"threat_found":""},"Webroot":{"scan_result_i":23,"scan_time":1,"def_time":"2024-09-08T21:00:16.000Z","threat_found":""},"Emsisoft":{"scan_time":11,"def_time":"2024-09-09T03:35:00.000Z","scan_result_i":0,"threat_found":""},"ClamAV":{"scan_time":151,"def_time":"2024-09-09T09:19:51.000Z","scan_result_i":0,"threat_found":""},"IKARUS":{"scan_time":4,"def_time":"2024-09-09T08:50:16.000Z","scan_result_i":0,"threat_found":""},"CrowdStrike Falcon ML":{"scan_result_i":23,"scan_time":6,"def_time":"2024-09-09T00:00:00.000Z","threat_found":""},"Varist":{"scan_time":32,"def_time":"2024-09-09T09:49:00.000Z","scan_result_i":0,"threat_found":""},"Lionic":{"scan_time":75,"def_time":"2024-09-08T01:05:36.000Z","scan_result_i":0,"threat_found":""},"Bitdefender":{"scan_time":5,"def_time":"2024-09-09T08:52:06.000Z","scan_result_i":0,"threat_found":""},"Zillya!":{"scan_time":3,"def_time":"2024-09-06T21:09:00.000Z","scan_result_i":0,"threat_found":""},"AhnLab":{"scan_time":1,"def_time":"2024-09-10T00:00:00.000Z","scan_result_i":0,"threat_found":""},"Vir.IT ML":{"scan_time":2,"def_time":"2024-09-13T12:45:00.000Z","scan_result_i":0,"threat_found":""},"Vir.IT eXplorer":{"scan_time":6,"def_time":"2024-09-13T12:45:00.000Z","scan_result_i":0,"threat_found":""}},"scan_all_result_i":0,"current_av_result_i":0,"start_time":"2024-09-13T19:21:16.770Z","total_time":212,"total_avs":23,"total_detected_avs":0,"progress_percentage":100,"scan_all_result_a":"No Threat Detected","current_av_result_a":"No Threat Detected"},"file_info":{"file_size":1576192,"upload_timestamp":"2024-09-13T19:21:15.221Z","md5":"AB1BF046A2E4C5C2C27E94952371B324","sha1":"7C34D36BB7C27DD73CA78BCFE76B6C9918E41952","sha256":"B4452B6EF8225D3EB49752CB5EA371A6FD8D5401215C016D16FDFB1EB01D1922","file_type_category":"A","file_type_description":"GNU Zipped Archive","file_type_extension":"gz","display_name":"maxmind4(5).dat.gz"},"share_file":1,"private_processing":0,"rest_version":"4","additional_info":["sandbox"],"stored":true}
+ install_if_not gzip
+ dpkg-query -W '-f=${Status}' gzip
+ grep -q 'ok installed'
+ gzip -d /tmp/maxmind4.dat.gz
+ mv /tmp/maxmind4.dat /usr/share/GeoIP/GeoIPv4.dat
+ chown root:root /usr/share/GeoIP/GeoIPv4.dat
+ chmod 644 /usr/share/GeoIP/GeoIPv4.dat
+ find /var/scripts -type f -regex '/var/scripts/202[0-9]-[01][0-9]-Maxmind-Country-IPv4\.dat' -delete
+ rm -f /usr/share/GeoIP/GeoIP.dat
+ sed -i 's|GeoIPDBFile /usr/share/GeoIP/GeoIP.dat|GeoIPDBFile /usr/share/GeoIP/GeoIPv4.dat|g' /etc/apache2/apache2.conf
+ check_command systemctl restart apache2
+ systemctl restart apache2

So in other words, it works as expected, but maybe not for you? It's a new function to check for virus, so maybe it detecs another IP and blocks the attempt? Can you please post your full output?

[enoch85]

Please check the PR, should work.

[aaaskew]

Sorry for the delay, will need to take a look this evening UK time.

[enoch85]

I'm in CEST, no worries.