search

zsanjin-p / frps-log-ip-ban

ban掉frps的日志文件非法ip/Ban IP addresses identified as illegal or malicious from the FRP server log.
7 stars 1 forks source link

windows不会写封禁IP到banip.txt #3

Open xw-l opened 3 weeks ago

xw-l commented 3 weeks ago

不懂python额,大佬,看不懂。GPT说的都是废话,路径我也提前创建了banip.txt文件,就是无法自动写入进去,封禁脚本我手动执行可以添加防火墙规则,规则是我手动加到banip.txt的

xw-l commented 3 weeks ago

平台是winserver2019 1809

zsanjin-p commented 3 weeks ago

你把.env的内容发给我看看,如果没写入到txt会不会闪退?如果没有闪退就发一下检查到封禁ip时候的行为日志看看

xw-l commented 3 weeks ago

env内容

日志文件路径

LOG_FILE_PATH=C:\Users\Administrator\Desktop\frp_0.46.0\frp_0.46.0\frps.log

目标连接名称标记内容,逗号分隔

TARGET_NAMES=RDP1,RDP2

IP白名单,逗号分隔

WHITELIST=1.1.1.1,3.2.3.2

要写入被禁IP的文件路径

BAN_FILE_PATH=C:\Users\Administrator\Desktop\frp_0.46.0\frp_0.46.0\banip.txt

当检测到被禁IP时要执行的脚本或程序路径

EXECUTE_PATH=C:\Users\Administrator\Downloads\frps-log-ip-ban-main\frps-log-ip-ban-main\banip.ps1

检查日志文件的时间间隔(分钟)

CHECK_INTERVAL=1

触发禁用IP的次数阈值

THRESHOLD_COUNT=2

xw-l commented 3 weeks ago

日志的话就是这两条一直循环 2024-09-25 10:10:40,595 - INFO - Analyzing logs after 2024-09-25 10:09:40.595720 2024-09-25 10:10:40,595 - INFO - Next check scheduled at 2024-09-25 10:11:40 2024-09-25 10:11:40,605 - INFO - Analyzing logs after 2024-09-25 10:10:40.605027 2024-09-25 10:11:40,605 - INFO - Next check scheduled at 2024-09-25 10:12:40 2024-09-25 10:12:40,614 - INFO - Analyzing logs after 2024-09-25 10:11:40.614364 2024-09-25 10:12:40,622 - INFO - Next check scheduled at 2024-09-25 10:13:40 2024-09-25 10:13:40,624 - INFO - Analyzing logs after 2024-09-25 10:12:40.624250 2024-09-25 10:13:40,624 - INFO - Next check scheduled at 2024-09-25 10:14:40 2024-09-25 10:14:40,633 - INFO - Analyzing logs after 2024-09-25 10:13:40.633125 2024-09-25 10:14:40,641 - INFO - Next check scheduled at 2024-09-25 10:15:40 2024-09-25 10:15:40,643 - INFO - Analyzing logs after 2024-09-25 10:14:40.643352 2024-09-25 10:15:40,649 - INFO - Next check scheduled at 2024-09-25 10:16:40 2024-09-25 10:16:40,653 - INFO - Analyzing logs after 2024-09-25 10:15:40.653332 2024-09-25 10:16:40,653 - INFO - Next check scheduled at 2024-09-25 10:17:40 2024-09-25 10:17:40,662 - INFO - Analyzing logs after 2024-09-25 10:16:40.662982 2024-09-25 10:17:40,662 - INFO - Next check scheduled at 2024-09-25 10:18:40 2024-09-25 10:18:40,673 - INFO - Analyzing logs after 2024-09-25 10:17:40.673289 2024-09-25 10:18:40,673 - INFO - Next check scheduled at 2024-09-25 10:19:40 2024-09-25 10:19:40,682 - INFO - Analyzing logs after 2024-09-25 10:18:40.682805 2024-09-25 10:19:40,691 - INFO - Next check scheduled at 2024-09-25 10:20:40 2024-09-25 10:20:40,692 - INFO - Analyzing logs after 2024-09-25 10:19:40.692996 2024-09-25 10:20:40,692 - INFO - Next check scheduled at 2024-09-25 10:21:40 2024-09-25 10:21:40,702 - INFO - Analyzing logs after 2024-09-25 10:20:40.702708 2024-09-25 10:21:40,702 - INFO - Next check scheduled at 2024-09-25 10:22:40 2024-09-25 10:22:40,712 - INFO - Analyzing logs after 2024-09-25 10:21:40.712489

xw-l commented 3 weeks ago

不会闪退,会一直重复这两条日志

zsanjin-p commented 3 weeks ago

你windows路径格式写错了,用双反斜杠\

xw-l commented 3 weeks ago

实测env无论是单斜杠,还是双协杠都没有效果,我env配置上是双斜杠的

xw-l commented 3 weeks ago

解决了大佬,log_time = datetime.strptime(match.group(1), '%Y/%m/%d %H:%M:%S'),GPT说日志格式不对,我改了之后,再跑了,感谢大佬

zsanjin-p commented 3 weeks ago

解决了大佬,log_time = datetime.strptime(match.group(1), '%Y/%m/%d %H:%M:%S'),GPT说日志格式不对,我改了之后,再跑了,感谢大佬

应该是frp0.52版本之前的日志时间和当前版本不一样,你也可以更新frp到0.60,因为最新版的frp日志时间精确到毫秒

xw-l commented 3 weeks ago

能跑就行,不怕被爆破了,感谢大佬