external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

More CrowdSec improvements.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2022-07-08 00:15:06 -07:00
parent 40bc91b6f3
commit ecdf0e450a
3 changed files with 7 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
MeshCentralServer.njsproj
View file

@ -100,6 +100,7 @@
<Compile Include="amt\amt-xml.js" />
<Compile Include="amt\amt.js" />
<Compile Include="authenticode.js" />
<Compile Include="crowdsec.js" />
<Compile Include="exeHandler.js" />
<Compile Include="amtprovisioningserver.js" />
<Compile Include="firebase.js" />

7
crowdsec.js
View file

@ -5,7 +5,7 @@ module.exports.CreateCrowdSecBouncer = function (parent, config) {
const { getLogger } = require('@crowdsec/express-bouncer/src/nodejs-bouncer/lib/logger');
const { configure, renderBanWall, testConnectionToCrowdSec, getRemediationForIp } = require('@crowdsec/express-bouncer/src/nodejs-bouncer');
const applyCaptcha = require('@crowdsec/express-bouncer/src/express-crowdsec-middleware/lib/captcha');
const { BYPASS_REMEDIATION, CAPTCHA_REMEDIATION, BAN_REMEDIATION } = require('@crowdsec/express-bouncer/src/nodejs-bouncer/lib/constants');
const { BYPASS_REMEDIATION, CAPTCHA_REMEDIATION, BAN_REMEDIATION } = require('@crowdsec/express-bouncer/src/nodejs-bouncer/lib/constants'); // "bypass", "captcha", "ban";
const svgCaptcha = require('svg-captcha');
const { renderCaptchaWall } = require('@crowdsec/express-bouncer/src/nodejs-bouncer');
@ -15,7 +15,7 @@ module.exports.CreateCrowdSecBouncer = function (parent, config) {
// Set the default values
if (typeof config.userAgent != 'string') { config.userAgent = "CrowdSec Express-NodeJS bouncer/v0.0.1"; }
if (typeof config.timeout != 'number') { config.timeout = 2000; }
if (typeof config.fallbackRemediation != 'number') { config.fallbackRemediation = BAN_REMEDIATION; }
if ((typeof config.fallbackRemediation != 'string') || (["bypass", "captcha", "ban"].indexOf(config.fallbackRemediation) == -1)) { config.fallbackRemediation = BAN_REMEDIATION; }
if (typeof config.maxRemediation != 'number') { config.maxRemediation = BAN_REMEDIATION; }
if (typeof config.captchaGenerationCacheDuration != 'number') { config.captchaGenerationCacheDuration = 60 * 1000; }
if (typeof config.captchaResolutionCacheDuration != 'number') { config.captchaResolutionCacheDuration = 30 * 60 * 1000; }
@ -53,7 +53,8 @@ module.exports.CreateCrowdSecBouncer = function (parent, config) {
// Process a web request
obj.process = async function (domain, req, res, next) {
try {
const remediation = await getRemediationForIp(req.clientIp);
var remediation = config.fallbackRemediation;
try { remediation = await getRemediationForIp(req.clientIp); } catch (ex) { }
//console.log('CrowdSec', req.clientIp, remediation, req.url);
switch (remediation) {
case BAN_REMEDIATION:

3
meshcentral-config-schema.json
View file

@ -201,7 +201,8 @@
"description": "Enabled the MeshCentral built-in Crowdsec bouncer. This section is passed directly to the bouncer, all of the settings are documented at https://www.npmjs.com/package/@crowdsec/express-bouncer",
"properties": {
"url": { "type": "string", "description": "The URL of your LAPI instance. Ex: http://localhost:8080" },
"apiKey": { "type": "string", "description": "The bouncer key (generated via cscli)" }
"apiKey": { "type": "string", "description": "The bouncer key (generated via cscli)." },
"fallbackRemediation": { "type": "string", "default": "ban", "enum": ["bypass", "captcha", "ban"], "description": "Action to perform if the CrowdSec agent can't be contacted." }
},
"required": [ "url", "apiKey" ]
},