stalwartlabs/mail-server
1
1
Fork 0
mirror of https://github.com/stalwartlabs/mail-server.git synced 2025-09-08 13:04:26 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

HTTP: Scan ban should only be triggered by HTTP parse errors

Browse source
This commit is contained in:
mdecimus 2025-08-23 19:49:58 +02:00
parent 062863eb4c
commit 0529645790
1 changed files with 28 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
crates/http/src/request.rs
View file

@ -813,33 +813,36 @@ async fn handle_session<T: SessionStream>(inner: Arc<Inner>, session: SessionDat
.with_upgrades() .with_upgrades()
.await .await
{ {
match inner if http_err.is_parse() {
.build_server() match inner
.is_scanner_fail2banned(session.remote_ip) .build_server()
.await .is_scanner_fail2banned(session.remote_ip)
{ .await
Ok(true) => { {
trc::event!( Ok(true) => {
Security(SecurityEvent::ScanBan), trc::event!(
SpanId = session.session_id, Security(SecurityEvent::ScanBan),
RemoteIp = session.remote_ip, SpanId = session.session_id,
Reason = http_err.to_string(), RemoteIp = session.remote_ip,
); Reason = http_err.to_string(),
} );
Ok(false) => { return;
trc::event!( }
Http(trc::HttpEvent::Error), Ok(false) => {}
SpanId = session.session_id, Err(err) => {
Reason = http_err.to_string(), trc::error!(
); err.span_id(session.session_id)
} .details("Failed to check for fail2ban")
Err(err) => { );
trc::error!( }
err.span_id(session.session_id)
.details("Failed to check for fail2ban")
);
} }
} }
trc::event!(
Http(trc::HttpEvent::Error),
SpanId = session.session_id,
Reason = http_err.to_string(),
);
} }
} }