tomMoulard
commented
2 months ago Changing the code catcher implementation to block request that should be blocked by f2b, and forward ones that should pass
Closed tomMoulard closed 1 month ago
tomMoulard
commented
2 months ago Changing the code catcher implementation to block request that should be blocked by f2b, and forward ones that should pass
dberardo-com
commented
1 month ago is it possible to install this in preview on traefik ? i.e. is it possible to download the plugin from the non master branch ?
tomMoulard
commented
1 month ago For sure, you can install the plugin locally using the localPlugins mode. Please take a look at the docker-compose.yml file. doc
dberardo-com
commented
1 month ago ok, in which format should the directory be ? should it be a zip or is it enough to have the whole github repo in decompressed form ? also: would it work on traefik v<3 ?
tomMoulard
commented
1 month ago Local mode is available since traefik:v2.5.0-rc1. As for the usage, feel free to take a look at the doc.
dberardo-com
commented
1 month ago good, and is this pull request already stable ? can it be used ? would you be kind and share a sample configuration for it ?
tomMoulard
commented
1 month ago If you want to try it out, the configuration example is on the .traefik.yml.
As it is a draft PR, it is still a highly experimental feature !
dberardo-com
commented
1 month ago btw i get an error when loading it from source:
time="2024-05-16T10:30:50Z" level=error msg="Plugins are disabled because an error has occurred." error="github.com/tomMoulard/fail2ban: failed to import plugin code \"github.com/tomMoulard/fail2ban\": 1:21: import \"github.com/tomMoulard/fail2ban\" error: plugins-local/src/github.com/tomMoulard/fail2ban/fail2ban.go:18:2: import \"github.com/tomMoulard/fail2ban/pkg/response/status\" error: plugins-local/src/github.com/tomMoulard/fail2ban/pkg/response/status/http_code_range.go:5:2: import \"slices\" error: unable to find source related to: \"slices\""Indded, this plugin requires having a recent go version running traefik. And if I trust this:
> docker run -ti --rm traefik:v2.10 version
Version: 2.10.7
Codename: saintmarcelin
Go version: go1.21.5
Built: 2023-12-06T15:54:59Z
OS/Arch: linux/amd64traefik:v2.10 should work
dberardo-com
commented
1 month ago mmm, same error:
dberardo-com
commented
2 weeks ago ok at the end i have opted for traefik v2.9 and it seems to work in local mode. will test the new features later on.
cheers:
ARG TRAEFIK_VERSION
FROM traefik:v${TRAEFIK_VERSION}
ARG F2B_VERSION=0.8.1
RUN cd /tmp/ && wget https://github.com/tomMoulard/fail2ban/archive/refs/tags/v$F2B_VERSION.tar.gz && tar -xvzf v$F2B_VERSION.tar.gz
RUN mkdir -p ./plugins-local/src/github.com/tomMoulard/ && mv /tmp/fail2ban-$F2B_VERSION ./plugins-local/src/github.com/tomMoulard/fail2ban
This PR adds the status handler that let the plugin check the status code of the request. As the requests has been already forwarded, the next request will be blocked. Note that using this implementation, we could simply change the codecatcher implementation to block the request to reach the end user entirely.
This PR fixes #69, #46