parent
e3c7e8de33
commit
8b4f2d9fe8
|
|
@ -99,16 +99,33 @@ class Fail2BanCard extends Component
|
|||
/** Zählt die häufigsten IPs aus den letzten Fail2Ban-Logs (ban/unban Events) */
|
||||
private function collectTopIps(): array
|
||||
{
|
||||
// Zieh nur fail2ban.log, nicht auth/mail – präziser & schneller
|
||||
$cmd = 'tail -n 2000 /var/log/fail2ban.log 2>/dev/null'
|
||||
. ' | grep -Eo "([0-9]{1,3}\.){3}[0-9]{1,3}"'
|
||||
// 1. Versuch: IPs direkt aus den Jails
|
||||
$rows = [];
|
||||
foreach ($this->jails as $jail) {
|
||||
foreach ($jail['ips'] as $ip) {
|
||||
$rows[$ip] = ($rows[$ip] ?? 0) + 1;
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($rows)) {
|
||||
arsort($rows);
|
||||
return collect($rows)
|
||||
->map(fn($count, $ip) => ['ip' => $ip, 'count' => $count])
|
||||
->values()
|
||||
->take(5)
|
||||
->toArray();
|
||||
}
|
||||
|
||||
// 2. Fallback: Falls keine Jails/IPs → Logdatei
|
||||
$cmd = 'grep -Eo "([0-9]{1,3}\.){3}[0-9]{1,3}" /var/log/fail2ban.log 2>/dev/null'
|
||||
. ' | sort | uniq -c | sort -nr | head -5';
|
||||
$log = (string) @shell_exec($cmd);
|
||||
|
||||
$rows = [];
|
||||
if ($log !== '') {
|
||||
foreach (preg_split('/\R+/', trim($log)) as $l) {
|
||||
if (preg_match('/^\s*(\d+)\s+(\d+\.\d+\.\d+\.\d+)/', $l, $m)) {
|
||||
$rows[] = ['ip'=>$m[2], 'count'=>(int)$m[1]];
|
||||
$rows[] = ['ip'=>$m[2],'count'=>(int)$m[1]];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue