Add ban management features and update documentation

- Implement ban model, service, and router endpoints in backend - Add ban table component and dashboard integration in frontend - Update ban-related types and API endpoints - Add comprehensive tests for ban service and dashboard router - Update documentation (Features, Tasks, Architecture, Web-Design) - Clean up old fail2ban configuration files - Update Makefile with new commands
2026-03-06 20:33:42 +01:00
parent 06738dbfa5
commit cbad4ea706
20 changed files with 58 additions and 760 deletions
--- a/Docker/fail2ban-dev-config/README.md
+++ b/Docker/fail2ban-dev-config/README.md
@@ -67,50 +67,6 @@ Chains steps 1–3 automatically with appropriate sleep intervals.

 ---

-## Testing the Access List Feature
-
-The **Access List** tab in BanGUI displays each individual matched log line
-stored in fail2ban's database.  A second jail — `bangui-access` — monitors
-`Docker/logs/access.log` for simulated HTTP bot-scan entries.
-
-### 1 — Run the access-scan simulation
-
-```bash
-bash Docker/simulate_accesses.sh
-```
-
-Default: writes **5** HTTP-scan lines for IP `203.0.113.7` to
-`Docker/logs/access.log`.  
-Optional overrides:
-
-```bash
-bash Docker/simulate_accesses.sh <COUNT> <SOURCE_IP> <LOG_FILE>
-# e.g. bash Docker/simulate_accesses.sh 6 198.51.100.5
-```
-
-Log line format:
-
-```
-YYYY-MM-DD HH:MM:SS bangui-access: http scan from <IP> "GET /.env HTTP/1.1" 404
-```
-
-### 2 — Verify the IP was banned
-
-```bash
-bash Docker/check_ban_status.sh
-```
-
-The `bangui-access` jail should appear alongside `bangui-sim`, showing the
-banned IP and matched line count.
-
-### 3 — Unban and re-test
-
-```bash
-bash Docker/check_ban_status.sh --unban 203.0.113.7
-```
-
---
-
 ## Configuration Reference

 | File | Purpose |
@@ -118,9 +74,6 @@ bash Docker/check_ban_status.sh --unban 203.0.113.7
 | `fail2ban/filter.d/bangui-sim.conf` | Defines the `failregex` that matches simulation log lines |
 | `fail2ban/jail.d/bangui-sim.conf` | Jail settings: `maxretry=3`, `bantime=60s`, `findtime=120s` |
 | `Docker/logs/auth.log` | Log file written by the simulation script (host path) |
-| `fail2ban/filter.d/bangui-access.conf` | Defines the `failregex` that matches access-scan log lines |
-| `fail2ban/jail.d/bangui-access.conf` | Access jail settings: `maxretry=3`, `bantime=60s`, `findtime=120s` |
-| `Docker/logs/access.log` | Log file written by `simulate_accesses.sh` (host path) |

 Inside the container the log file is mounted at `/remotelogs/bangui/auth.log`
 (see `fail2ban/paths-lsio.conf` — `remote_logs_path = /remotelogs`).
@@ -156,9 +109,6 @@ Test the regex manually:
 ```bash
 docker exec bangui-fail2ban-dev \
    fail2ban-regex /remotelogs/bangui/auth.log bangui-sim
-
-docker exec bangui-fail2ban-dev \
-    fail2ban-regex /remotelogs/bangui/access.log bangui-access
 ```

 The output should show matched lines. If nothing matches, check that the log
@@ -167,9 +117,6 @@ lines match the corresponding `failregex` pattern:
 ```
 # bangui-sim (auth log):
 YYYY-MM-DD HH:MM:SS bangui-auth: authentication failure from <IP>
-
-# bangui-access (access log):
-YYYY-MM-DD HH:MM:SS bangui-access: http scan from <IP> "<METHOD> <path> HTTP/1.1" <STATUS>
 ```

 ### iptables / permission errors
--- a/Docker/fail2ban-dev-config/fail2ban/filter.d/bangui-access.conf
+++ b/Docker/fail2ban-dev-config/fail2ban/filter.d/bangui-access.conf
@@ -1,13 +0,0 @@
-# ──────────────────────────────────────────────────────────────
-#  BanGUI — Simulated HTTP access scan failure filter
-#
-#  Matches lines written by Docker/simulate_accesses.sh.
-#  Format:
-#    YYYY-MM-DD HH:MM:SS bangui-access: http scan from <IP> "<METHOD> <path> HTTP/1.1" <STATUS>
-# ──────────────────────────────────────────────────────────────
-
-[Definition]
-
-failregex = ^.* bangui-access: http scan from <HOST> ".*" [45]\d\d\s*$
-
-ignoreregex =
--- a/Docker/fail2ban-dev-config/fail2ban/jail.d/bangui-access.conf
+++ b/Docker/fail2ban-dev-config/fail2ban/jail.d/bangui-access.conf
@@ -1,20 +0,0 @@
-# ──────────────────────────────────────────────────────────────
-#  BanGUI — Simulated HTTP access scan jail
-#
-#  Watches Docker/logs/access.log (mounted at /remotelogs/bangui)
-#  for lines produced by Docker/simulate_accesses.sh.
-# ──────────────────────────────────────────────────────────────
-
-[bangui-access]
-
-enabled    = true
-filter     = bangui-access
-logpath    = /remotelogs/bangui/access.log
-backend    = polling
-maxretry   = 3
-findtime   = 120
-bantime    = 60
-banaction  = iptables-allports
-
-# Never ban localhost, the Docker bridge network, or the host machine.
-ignoreip   = 127.0.0.0/8 ::1 172.16.0.0/12