BanGUI

lukas.pupkalipinski/BanGUI

Fork 0

Commit Graph

Author	SHA1	Message	Date
Lukas	baf45c6c62	feat: Task 4 — paginated banned-IPs section on jail detail page Backend: - Add JailBannedIpsResponse Pydantic model (ban.py) - Add get_jail_banned_ips() service: server-side pagination, optional IP substring search, geo enrichment on page slice only (jail_service.py) - Add GET /api/jails/{name}/banned endpoint with page/page_size/search query params, 400/404/502 error handling (routers/jails.py) - 23 new tests: 13 service tests + 10 router tests (all passing) Frontend: - Add JailBannedIpsResponse TS interface (types/jail.ts) - Add jailBanned endpoint helper (api/endpoints.ts) - Add fetchJailBannedIps() API function (api/jails.ts) - Add BannedIpsSection component: Fluent UI DataGrid, debounced search (300 ms), prev/next pagination, page-size dropdown, per-row unban button, loading spinner, empty state, error MessageBar (BannedIpsSection.tsx) - Mount BannedIpsSection in JailDetailPage between stats and patterns - 12 new Vitest tests for BannedIpsSection (all passing)	2026-03-14 16:28:43 +01:00
Lukas	08b8f3872a	fix: reload/stop jail 404 + access list simulator Task 1 — fix Stop/Reload Jail returning 404 Root cause: reload_jail and reload_all sent an empty config stream (["reload", name, [], []]). In fail2ban's reload protocol the end-of- reload phase deletes every jail still in reload_state — i.e. every jail that received no configuration commands. An empty stream means all affected jails are silently removed from the daemon's runtime, causing everything touching those jails afterwards (including stop) to receive UnknownJailException → HTTP 404. Fixes: - reload_jail: send ["start", name] in the config stream; startJail() removes the jail from reload_state so the end phase commits instead of deletes, and un-idles the jail. - reload_all: fetch current jail list first, build a ["start", name] entry for every active jail, then send reload --all with that stream. - stop_jail: made idempotent — if the jail is already gone (not-found error) the operation silently succeeds (200 OK) rather than returning 404, matching the user expectation that stop = ensure-stopped. - Router: removed dead JailNotFoundError handler from stop endpoint. 391 tests pass (2 new), ruff clean, mypy clean (pre-existing config.py error unchanged). Task 2 — access list simulator - Docker/simulate_accesses.sh: writes fake HTTP-scan log lines in custom format (bangui-access: http scan from <IP> ...) to Docker/logs/access.log so the bangui-access jail detects them. - fail2ban/filter.d/bangui-access.conf: failregex matching the above. - fail2ban/jail.d/bangui-access.conf: polling jail on access.log, same settings as bangui-sim (maxretry=3, bantime=60s). - .gitignore: whitelist new bangui-access.conf files. - Docker/fail2ban-dev-config/README.md: added "Testing the Access List Feature" section with step-by-step instructions and updated Configuration Reference + Troubleshooting.	2026-03-06 19:49:31 +01:00
Lukas	ebec5e0f58	Stage 6: jail management — backend service, routers, tests, and frontend - jail_service.py: list/detail/control/ban/unban/ignore-list/IP-lookup - jails.py router: 11 endpoints including ignore list management - bans.py router: active bans, ban, unban - geo.py router: IP lookup with geo enrichment - models: Jail.actions, ActiveBan.country/.banned_at optional, GeoDetail - 217 tests pass (40 service + 36 router + 141 existing), 76% coverage - Frontend: types/jail.ts, api/jails.ts, hooks/useJails.ts - JailsPage: jail overview table with controls, ban/unban forms, active bans table, IP lookup - JailDetailPage: full detail, start/stop/idle/reload, patterns, ignore list management	2026-03-01 14:09:02 +01:00

Author

SHA1

Message

Date

Lukas

baf45c6c62

feat: Task 4 — paginated banned-IPs section on jail detail page

Backend:
- Add JailBannedIpsResponse Pydantic model (ban.py)
- Add get_jail_banned_ips() service: server-side pagination, optional
  IP substring search, geo enrichment on page slice only (jail_service.py)
- Add GET /api/jails/{name}/banned endpoint with page/page_size/search
  query params, 400/404/502 error handling (routers/jails.py)
- 23 new tests: 13 service tests + 10 router tests (all passing)

Frontend:
- Add JailBannedIpsResponse TS interface (types/jail.ts)
- Add jailBanned endpoint helper (api/endpoints.ts)
- Add fetchJailBannedIps() API function (api/jails.ts)
- Add BannedIpsSection component: Fluent UI DataGrid, debounced search
  (300 ms), prev/next pagination, page-size dropdown, per-row unban
  button, loading spinner, empty state, error MessageBar (BannedIpsSection.tsx)
- Mount BannedIpsSection in JailDetailPage between stats and patterns
- 12 new Vitest tests for BannedIpsSection (all passing)

2026-03-14 16:28:43 +01:00

Lukas

08b8f3872a

fix: reload/stop jail 404 + access list simulator

Task 1 — fix Stop/Reload Jail returning 404
  Root cause: reload_jail and reload_all sent an empty config stream
  (["reload", name, [], []]).  In fail2ban's reload protocol the end-of-
  reload phase deletes every jail still in reload_state — i.e. every jail
  that received no configuration commands.  An empty stream means *all*
  affected jails are silently removed from the daemon's runtime, causing
  everything touching those jails afterwards (including stop) to receive
  UnknownJailException → HTTP 404.

  Fixes:
  - reload_jail: send ["start", name] in the config stream; startJail()
    removes the jail from reload_state so the end phase commits instead of
    deletes, and un-idles the jail.
  - reload_all: fetch current jail list first, build a ["start", name]
    entry for every active jail, then send reload --all with that stream.
  - stop_jail: made idempotent — if the jail is already gone (not-found
    error) the operation silently succeeds (200 OK) rather than returning
    404, matching the user expectation that stop = ensure-stopped.
  - Router: removed dead JailNotFoundError handler from stop endpoint.

  391 tests pass (2 new), ruff clean, mypy clean (pre-existing
  config.py error unchanged).

Task 2 — access list simulator
  - Docker/simulate_accesses.sh: writes fake HTTP-scan log lines in
    custom format (bangui-access: http scan from <IP> ...) to
    Docker/logs/access.log so the bangui-access jail detects them.
  - fail2ban/filter.d/bangui-access.conf: failregex matching the above.
  - fail2ban/jail.d/bangui-access.conf: polling jail on access.log,
    same settings as bangui-sim (maxretry=3, bantime=60s).
  - .gitignore: whitelist new bangui-access.conf files.
  - Docker/fail2ban-dev-config/README.md: added "Testing the Access
    List Feature" section with step-by-step instructions and updated
    Configuration Reference + Troubleshooting.

2026-03-06 19:49:31 +01:00

Lukas

ebec5e0f58

Stage 6: jail management — backend service, routers, tests, and frontend

- jail_service.py: list/detail/control/ban/unban/ignore-list/IP-lookup
- jails.py router: 11 endpoints including ignore list management
- bans.py router: active bans, ban, unban
- geo.py router: IP lookup with geo enrichment
- models: Jail.actions, ActiveBan.country/.banned_at optional, GeoDetail
- 217 tests pass (40 service + 36 router + 141 existing), 76% coverage
- Frontend: types/jail.ts, api/jails.ts, hooks/useJails.ts
- JailsPage: jail overview table with controls, ban/unban forms,
  active bans table, IP lookup
- JailDetailPage: full detail, start/stop/idle/reload, patterns,
  ignore list management

2026-03-01 14:09:02 +01:00

3 Commits