banip: update 0.9.4-2

* fix a long standing problem in the logfile-parser with dropbear and compressed IPv6 addresses

Signed-off-by: Dirk Brenken <dev@brenken.org>

diff --git a/net/banip/Makefile b/net/banip/Makefile
index 682b5fd44e0250869af014ba81c024a5e42de27c..531a343ef2d98b0b17b34a14cd670a40f8ae3946 100644 (file)
--- a/net/banip/Makefile
+++ b/net/banip/Makefile
@@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=banip
 PKG_VERSION:=0.9.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_LICENSE:=GPL-3.0-or-later
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
 

diff --git a/net/banip/files/banip-functions.sh b/net/banip/files/banip-functions.sh
index 2ddf02d8e22496c27093e9c70bbe932f9c7230ca..cd5fd4f2bb930cf5e9762001ca8e543a24ca75be 100644 (file)
--- a/net/banip/files/banip-functions.sh
+++ b/net/banip/files/banip-functions.sh
@@ -118,7 +118,11 @@ f_cmd() {
                        [ "${sec_cmd}" = "true" ] && return
                        cmd="$(command -v "${sec_cmd}" 2>/dev/null)"
                fi
-               [ -x "${cmd}" ] && printf "%s" "${cmd}" || f_log "emerg" "command '${pri_cmd:-"-"}'/'${sec_cmd:-"-"}' not found"
+               if [ -x "${cmd}" ]; then
+                       printf "%s" "${cmd}"
+               else
+                       f_log "emerg" "command '${pri_cmd:-"-"}'/'${sec_cmd:-"-"}' not found"
+               fi
        else
                printf "%s" "${cmd}"
        fi
@@ -1560,7 +1564,7 @@ f_mail() {
 # log monitor
 #
 f_monitor() {
-       local logread_cmd loglimit_cmd nft_expiry line proto ip log_raw log_count rdap_log rdap_rc rdap_elements rdap_info
+       local daemon logread_cmd loglimit_cmd nft_expiry line proto ip log_raw log_count rdap_log rdap_rc rdap_elements rdap_info
 
        if [ -f "${ban_logreadfile}" ]; then
                logread_cmd="${ban_logreadcmd} -qf ${ban_logreadfile} 2>/dev/null | ${ban_grepcmd} -e \"${ban_logterm%%??}\" 2>/dev/null"
@@ -1575,14 +1579,20 @@ f_monitor() {
                [ -n "${ban_nftexpiry}" ] && nft_expiry="timeout $(printf "%s" "${ban_nftexpiry}" | "${ban_grepcmd}" -oE "([0-9]+[d|h|m|s])+$")"
                eval "${logread_cmd}" |
                        while read -r line; do
-                               : >"${ban_rdapfile}"
                                proto=""
+                               : >"${ban_rdapfile}"
+                               [ -z "${daemon}" ] && daemon="$(printf "%s" "${line}" | "${ban_awkcmd}" 'BEGIN{RS="dropbear"}{if(!seen[RT]++)printf "%s",RT}')" || daemon="sshd"
                                ip="$(printf "%s" "${line}" | "${ban_awkcmd}" 'BEGIN{RS="(([0-9]{1,3}\\.){3}[0-9]{1,3})+"}{if(!seen[RT]++)printf "%s ",RT}')"
                                ip="$(f_trim "${ip}")"
                                ip="${ip##* }"
                                [ -n "${ip}" ] && proto="v4"
                                if [ -z "${proto}" ]; then
-                                       ip="$(printf "%s" "${line}" | "${ban_awkcmd}" 'BEGIN{RS="([A-Fa-f0-9]{1,4}::?){3,7}[A-Fa-f0-9]{1,4}"}{if(!seen[RT]++)printf "%s ",RT}')"
+                                       if [ "${daemon}" = "dropbear" ]; then
+                                               ip="$(printf "%s" "${line}" | "${ban_awkcmd}" 'BEGIN{RS="([A-Fa-f0-9]{1,4}::?){3,7}([A-Fa-f0-9]:?)+"}{if(!seen[RT]++)printf "%s ",RT}')"
+                                               ip="${ip%:*}"
+                                       else
+                                               ip="$(printf "%s" "${line}" | "${ban_awkcmd}" 'BEGIN{RS="([A-Fa-f0-9]{1,4}::?){3,7}[A-Fa-f0-9]{1,4}"}{if(!seen[RT]++)printf "%s ",RT}')"
+                                       fi
                                        ip="$(f_trim "${ip}")"
                                        ip="${ip##* }"
                                        [ -n "${ip}" ] && proto="v6"