From da473bdb6aea04f2a6e9a8130df02536d275e5ee Mon Sep 17 00:00:00 2001
From: Alex 'AdUser' Z <ad_user@runbox.com>
Date: Mon, 29 Mar 2021 17:05:52 +1000
Subject: [PATCH] * generate events for jail

---
 src/jail.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/src/jail.c b/src/jail.c
index 6347dd1..696ffeb 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -10,6 +10,7 @@
 #include "appconfig.h"
 #include "matches.h"
 #include "ipaddr.h"
+#include "event.h"
 #include "source.h"
 #include "filter.h"
 #include "backend.h"
@@ -177,6 +178,28 @@ f2b_jail_set_defaults(f2b_config_section_t *section) {
   return;
 }
 
+static void
+f2b_jail_evt_match(f2b_ipaddr_t *addr, f2b_match_t *match) {
+  char buf[EVENT_MAX] = "";
+  snprintf(buf, sizeof(buf), "type=match addr=%s stag=%08X ftag=%08X score=%d",
+    addr->text, match->stag, match->ftag, match->score);
+  f2b_event_send(buf);
+}
+
+static void
+f2b_jail_evt_ban(f2b_ipaddr_t *addr, int bantime) {
+  char buf[EVENT_MAX] = "";
+  snprintf(buf, sizeof(buf), "type=ban addr=%s bantime=%u count=%lu", addr->text, bantime, addr->bancount);
+  f2b_event_send(buf);
+}
+
+static void
+f2b_jail_evt_release(f2b_ipaddr_t *addr) {
+  char buf[EVENT_MAX] = "";
+  snprintf(buf, sizeof(buf), "type=release addr=%s", addr->text);
+  f2b_event_send(buf);
+}
+
 bool
 f2b_jail_ban(f2b_jail_t *jail, f2b_ipaddr_t *addr) {
   time_t bantime = 0;
@@ -202,6 +225,7 @@ f2b_jail_ban(f2b_jail_t *jail, f2b_ipaddr_t *addr) {
   }
 
   if (f2b_backend_ban(jail->backend, addr->text)) {
+    f2b_jail_evt_ban(addr, bantime);
     f2b_log_msg(log_note, "jail '%s': banned ip %s for %.1fhrs",
       jail->name, addr->text, (float) bantime / 3600);
     return true;
@@ -221,6 +245,7 @@ f2b_jail_unban(f2b_jail_t *jail, f2b_ipaddr_t *addr) {
   addr->release_at = 0;
 
   if (f2b_backend_unban(jail->backend, addr->text)) {
+    f2b_jail_evt_release(addr);
     f2b_log_msg(log_note, "jail '%s': released ip %s", jail->name, addr->text);
     return true;
   }
@@ -311,6 +336,7 @@ f2b_jail_process(f2b_jail_t *jail) {
     match->ftag = ftag;
     match->score = score;
     f2b_matches_prepend(&addr->matches, match);
+    f2b_jail_evt_match(addr, match);
     /* host is banned? */
     if (addr->banned) {
       if (addr->banned_at != now)