initial public commit

config.py.dist

@@ -0,0 +1,5 @@
+db = 'fail2sql'
+db_user = 'fail2sql'
+db_pass = 'fail2pass'
+db_host = 'localhost'
+db_port = 8740

fail2shame

@@ -0,0 +1,3 @@
+#!/bin/bash
+F="$0"
+PYTHONPATH="`readlink -f \"$0\" | xargs dirname`" python -m fail2shame $@

fail2shame.conf

@@ -0,0 +1,46 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+#
+# $Revision$
+#
+
+[Definition]
+
+# Option:  actionstart
+# Notes.:  command executed once at the start of Fail2Ban.
+# Values:  CMD
+#
+actionstart = 
+
+# Option:  actionstop
+# Notes.:  command executed once at the end of Fail2Ban
+# Values:  CMD
+#
+actionstop =
+
+# Option:  actioncheck
+# Notes.:  command executed once before each actionban command
+# Values:  CMD
+#
+actioncheck = 
+
+# Option:  actionban
+# Notes.:  command executed when banning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionban = /usr/local/fail2shame/fail2shame <name> <protocol> <port> <ip>
+
+# Option:  actionunban
+# Notes.:  command executed when unbanning an IP. Take care that the
+#          command is executed with Fail2Ban user rights.
+# Tags:    <ip>  IP address
+#          <failures>  number of failures
+#          <time>  unix timestamp of the ban time
+# Values:  CMD
+#
+actionunban = 

fail2shame.py

@@ -0,0 +1,37 @@
+import GeoIP
+import MySQLdb as sql
+import config
+
+gdb = '/usr/share/GeoIP/GeoLiteCity.dat'
+
+def add_host(c, ip):
+    print 'adding host for', ip
+    gi = GeoIP.open(gdb, GeoIP.GEOIP_STANDARD)
+    rec = gi.record_by_addr(ip) or {}
+    city = rec.get('city')
+    country = rec.get('country_name')
+    if city and country:
+        geo = city + ', ' + country
+    else:
+        geo = city or country or ''
+    c.execute('insert into f2s_hosts (ip, longitude, latitude, country_code, country, geo)\
+            values (%s, %s, %s, %s, %s, %s)', [ip, rec.get('longitude'), rec.get('latitude'),
+                rec.get('country_code'), country, geo])
+    return c.lastrowid
+
+def banned(name, protocol, port, ip, *a):
+    conn = sql.connect(config.db_host, config.db_user, config.db_pass, config.db)
+    c = conn.cursor(sql.cursors.DictCursor)
+    n = c.execute('select id from f2s_hosts where ip = %s', [ip])
+    if n == 0:
+        hid = add_host(c, ip)
+    else:
+        hid = c.fetchone()['id']
+    print 'logging ban for host', ip
+    c.execute('insert into f2s_bans (id, name, protocol, port) values\
+            (%s, %s, %s, %s)', [hid, name, protocol, port])
+
+if __name__ == '__main__':
+    from sys import argv
+    argv[3] = int(argv[3])
+    banned(*argv[1:])

fail2shame.sql

@@ -0,0 +1,24 @@
+DROP TABLE IF EXISTS `f2s_hosts`;
+CREATE TABLE `f2s_hosts` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `ip` varchar(40) NOT NULL UNIQUE,
+  `longitude` varchar(20) DEFAULT NULL,
+  `latitude` varchar(20) DEFAULT NULL,
+  `country_code` varchar(5) DEFAULT NULL,
+  `country` varchar(60) DEFAULT NULL,
+  `geo` varchar(255) DEFAULT NULL,
+  PRIMARY KEY (`id`)
+);
+
+DROP TABLE IF EXISTS `f2s_bans`;
+CREATE TABLE `f2s_bans` (
+  `banid` int NOT NULL AUTO_INCREMENT,
+  `id` int NOT NULL,
+  `time` timestamp DEFAULT CURRENT_TIMESTAMP,
+  `name` text NOT NULL,
+  `protocol` varchar(10),
+  `port` int(11) NOT NULL,
+  PRIMARY KEY (`banid`),
+  FOREIGN KEY (`id`) references `f2s_hosts`(`id`)
+    ON DELETE CASCADE
+);