feat: remove loglevel to make debug logs noop on plugin usage

tomMoulard · Oct 5, 2023 · a2c4997 · a2c4997
1 parent c209343
commit a2c4997
Show file tree

Hide file tree

Showing 8 changed files with 14 additions and 112 deletions.
diff --git a/Makefile b/Makefile
@@ -8,7 +8,7 @@ lint:
 	golangci-lint run
 
 .PHONY: test
-TEST_ARGS ?= -v -cover -race
+TEST_ARGS ?= -v -cover -race -tags DEBUG
 test:
 	go test ${TEST_ARGS} ./...
 

diff --git a/README.md b/README.md
@@ -37,81 +37,12 @@ testData:
 Where you can use some IP in an array of files or directly in the
 configuration.
 
-### LogLevel
-In order to help you and us when building and using the plugin, we added some
-logs on stdout.
-You can choose the level of logging with this:
-
-```yml
-testData:
-  logLevel: "INFO"
-```
-
-<details>
-
-There is 3 level of logging :
-
-#### `NONE`
-The plugin will not output *any* logs.
-
-```
-INFO[0000] Configuration loaded from file: ./traefik.yml
-```
-
-#### `INFO`
-Configuration informations will be displayed.
-
-```
-INFO[0000] Configuration loaded from file: ./traefik.yml
-INFO: Fail2Ban: restricted.go:51: Whitelisted: '127.0.0.2/32'
-INFO: Fail2Ban: restricted.go:51: Blacklisted: '127.0.0.3/32'
-INFO: Fail2Ban: restricted.go:51: Bantime: 3h0m0s
-INFO: Fail2Ban: restricted.go:51: Findtime: 3h0m0s
-INFO: Fail2Ban: restricted.go:51: FailToBan Rules : '{Xbantime:3h0m0s Xfindtime:3h0m0s Xurlregexp:[localhost:5000/whoami] Xmaxretry:4 Xenabled:true}'
-INFO: Fail2Ban: restricted.go:52: Plugin: FailToBan is up and running
-INFO: Fail2Ban: restricted.go:51: Whitelisted: '127.0.0.2/32'
-INFO: Fail2Ban: restricted.go:51: Blacklisted: '127.0.0.3/32'
-INFO: Fail2Ban: restricted.go:51: Bantime: 3h0m0s
-INFO: Fail2Ban: restricted.go:51: Findtime: 3h0m0s
-INFO: Fail2Ban: restricted.go:51: FailToBan Rules : '{Xbantime:3h0m0s Xfindtime:3h0m0s Xurlregexp:[localhost:5000/whoami] Xmaxretry:4 Xenabled:true}'
-INFO: Fail2Ban: restricted.go:52: Plugin: FailToBan is up and running
-```
-
-#### `DEBUG`
-Every event will be logged.
-
-Warning, all IPs will be prompted in clear text with this option.
-
-```
-INFO[0000] Configuration loaded from file: ./traefik.yml
-INFO: Fail2Ban: restricted.go:51: Whitelisted: '127.0.0.2/32'
-INFO: Fail2Ban: restricted.go:51: Blacklisted: '127.0.0.3/32'
-INFO: Fail2Ban: restricted.go:51: Bantime: 3s
-INFO: Fail2Ban: restricted.go:51: Findtime: 3h0m0s
-INFO: Fail2Ban: restricted.go:51: FailToBan Rules : '{Xbantime:3s Xfindtime:3h0m0s Xurlregexp:[localhost:5000/whoami] Xmaxretry:4 Xenabled:true}'
-INFO: Fail2Ban: restricted.go:52: Plugin: FailToBan is up and running
-DEBUG: Fail2Ban: restricted.go:51: New request: &{GET /whoami HTTP/1.1 1 1
-DEBUG: Fail2Ban: restricted.go:51: welcome ::1
-DEBUG: Fail2Ban: restricted.go:51: New request: &{GET /whoami HTTP/1.1 1 1
-DEBUG: Fail2Ban: restricted.go:51: welcome back ::1 for the 2 time
-DEBUG: Fail2Ban: restricted.go:51: New request: &{GET /whoami HTTP/1.1 1 1
-DEBUG: Fail2Ban: restricted.go:51: welcome back ::1 for the 3 time
-DEBUG: Fail2Ban: restricted.go:51: New request: &{GET /whoami HTTP/1.1 1 1
-DEBUG: Fail2Ban: restricted.go:52: ::1 is now banned temporarily
-DEBUG: Fail2Ban: restricted.go:51: New request: &{GET /whoami HTTP/1.1 1 1
-DEBUG: Fail2Ban: restricted.go:51: ::1 is still banned since 2021-04-23T21:40:55+02:00, 5 request
-DEBUG: Fail2Ban: restricted.go:51: New request: &{GET /whoami HTTP/1.1 1 1
-DEBUG: Fail2Ban: restricted.go:52: ::1 is no longer banned
-```
-
-</details>
 
 ## Fail2ban
 We plan to use all default fail2ban configuration but at this time only a
 few features are implemented:
 ```yml
 testData:
-  logLevel: "INFO"
   rules:
     urlregexps:
     - regexp: "/no"
@@ -133,8 +64,6 @@ use 'smart' strings: "4h", "2m", "1s", ...
  - `enabled`: allow to enable or disable the plugin (must be set to `true` to
 enable the plugin).
  - `urlregexp`: a regexp list to block / allow requests with regexps on the url
- - `logLevel`: is used to show the correct level of logs (`DEBUG`, `INFO`,
-`NONE`)
 
 #### URL Regexp
 Urlregexp are used to defined witch part of your website will be either

diff --git a/ci/yamls/local-banned.yaml b/ci/yamls/local-banned.yaml
@@ -20,7 +20,6 @@ http:
     fail2ban:
       plugin:
         dev:
-          logLevel: "DEBUG"
           blacklist:
             ip:
               - "127.0.0.1"

diff --git a/ci/yamls/local-whited.yaml b/ci/yamls/local-whited.yaml
@@ -20,7 +20,6 @@ http:
     fail2ban:
       plugin:
         dev:
-          logLevel: "DEBUG"
           whitelist:
             ip:
               - "127.0.0.1"

diff --git a/ci/yamls/no-rules.yaml b/ci/yamls/no-rules.yaml
@@ -20,7 +20,6 @@ http:
     fail2ban:
       plugin:
         dev:
-          logLevel: "DEBUG"
           rules:
             urlregexps:
               - regexp: "/blocked"

diff --git a/fail2ban.go b/fail2ban.go
@@ -4,7 +4,6 @@ package fail2ban
 import (
 	"context"
 	"fmt"
-	"io"
 	"log"
 	"net"
 	"net/http"
@@ -16,6 +15,7 @@ import (
 
 	"github.com/tomMoulard/fail2ban/files"
 	"github.com/tomMoulard/fail2ban/ipchecking"
+	logger "github.com/tomMoulard/fail2ban/log"
 )
 
 // IPViewed struct.
@@ -31,12 +31,8 @@ type Urlregexp struct {
 	Mode   string `yaml:"mode"`
 }
 
-var (
-	// LoggerINFO Main logger.
-	LoggerINFO = log.New(io.Discard, "INFO: Fail2Ban: ", log.Ldate|log.Ltime|log.Lshortfile)
-	// LoggerDEBUG debug logger.
-	LoggerDEBUG = log.New(io.Discard, "DEBUG: Fail2Ban: ", log.Ldate|log.Ltime|log.Lshortfile)
-)
+// LoggerDEBUG debug logger. noop by default.
+var LoggerDEBUG = logger.New(os.Stdout, "DEBUG: Fail2Ban: ", log.Ldate|log.Ltime|log.Lshortfile)
 
 // Rules struct fail2ban config.
 type Rules struct {
@@ -55,10 +51,9 @@ type List struct {
 
 // Config struct.
 type Config struct {
-	Blacklist List   `yaml:"blacklist"`
-	Whitelist List   `yaml:"whitelist"`
-	Rules     Rules  `yaml:"port"`
-	LogLevel  string `yaml:"loglevel"`
+	Blacklist List  `yaml:"blacklist"`
+	Whitelist List  `yaml:"whitelist"`
+	Rules     Rules `yaml:"port"`
 }
 
 // CreateConfig populates the Config data object.
@@ -89,29 +84,29 @@ func TransformRule(r Rules) (RulesTransformed, error) {
 		return RulesTransformed{}, fmt.Errorf("failed to parse bantime duration: %w", err)
 	}
 
-	LoggerINFO.Printf("Bantime: %s", bantime)
+	log.Printf("Bantime: %s", bantime)
 
 	findtime, err := time.ParseDuration(r.Findtime)
 	if err != nil {
 		return RulesTransformed{}, fmt.Errorf("failed to parse findtime duration: %w", err)
 	}
 
-	LoggerINFO.Printf("Findtime: %s", findtime)
+	log.Printf("Findtime: %s", findtime)
 
 	var regexpAllow []string
 
 	var regexpBan []string
 
 	for _, rg := range r.Urlregexps {
-		LoggerINFO.Printf("using mode %q for rule %q", rg.Mode, rg.Regexp)
+		log.Printf("using mode %q for rule %q", rg.Mode, rg.Regexp)
 
 		switch rg.Mode {
 		case "allow":
 			regexpAllow = append(regexpAllow, rg.Regexp)
 		case "block":
 			regexpBan = append(regexpBan, rg.Regexp)
 		default:
-			LoggerINFO.Printf("mode %q is not known, the rule %q cannot not be applied", rg.Mode, rg.Regexp)
+			log.Printf("mode %q is not known, the rule %q cannot not be applied", rg.Mode, rg.Regexp)
 		}
 	}
 
@@ -124,7 +119,7 @@ func TransformRule(r Rules) (RulesTransformed, error) {
 		Enabled:        r.Enabled,
 	}
 
-	LoggerINFO.Printf("FailToBan Rules : '%+v'", rules)
+	log.Printf("FailToBan Rules : '%+v'", rules)
 
 	return rules, nil
 }
@@ -162,28 +157,15 @@ func ImportIP(list List) ([]string, error) {
 	return rlist, nil
 }
 
-const (
-	logLevelInfo  = "INFO"
-	logLevelDebug = "DEBUG"
-)
-
 // New instantiates and returns the required components used to handle a HTTP
 // request.
 func New(_ context.Context, next http.Handler, config *Config, name string) (http.Handler, error) {
 	if !config.Rules.Enabled {
-		LoggerINFO.Println("Plugin: FailToBan is disabled")
+		log.Println("Plugin: FailToBan is disabled")
 
 		return next, nil
 	}
 
-	switch config.LogLevel {
-	case logLevelInfo:
-		LoggerINFO.SetOutput(os.Stdout)
-	case logLevelDebug:
-		LoggerINFO.SetOutput(os.Stdout)
-		LoggerDEBUG.SetOutput(os.Stdout)
-	}
-
 	whiteips, err := ImportIP(config.Whitelist)
 	if err != nil {
 		return nil, err
@@ -209,7 +191,7 @@ func New(_ context.Context, next http.Handler, config *Config, name string) (htt
 		return nil, fmt.Errorf("error when Transforming rules: %w", err)
 	}
 
-	LoggerINFO.Println("Plugin: FailToBan is up and running")
+	log.Println("Plugin: FailToBan is up and running")
 
 	return &Fail2Ban{
 		next:      next,

diff --git a/fail2ban_test.go b/fail2ban_test.go
@@ -7,7 +7,6 @@ import (
 	"io"
 	"net/http"
 	"net/http/httptest"
-	"os"
 	"strings"
 	"sync/atomic"
 	"testing"
@@ -298,7 +297,6 @@ func TestFail2Ban(t *testing.T) {
 				nextCount.Add(1)
 			})
 
-			tt.cfg.LogLevel = logLevelDebug
 			handler, err := New(context.Background(), next, &tt.cfg, "fail2ban_test")
 			if err != nil {
 				if tt.newError != (err != nil) {
@@ -459,8 +457,6 @@ func TestShouldAllow(t *testing.T) {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			t.Parallel()
-			LoggerINFO.SetOutput(os.Stdout)
-			LoggerDEBUG.SetOutput(os.Stdout)
 
 			got := tt.cfg.shouldAllow(tt.remoteIP, tt.reqURL)
 			if tt.expect != got {
@@ -495,7 +491,6 @@ func TestDeadlockWebsocket(t *testing.T) {
 	})
 
 	cfg := CreateConfig()
-	cfg.LogLevel = logLevelDebug
 	cfg.Rules.Maxretry = 20
 
 	handler, err := New(context.Background(), next, cfg, "fail2ban_test")

diff --git a/rules-fail2ban.yaml b/rules-fail2ban.yaml
@@ -5,7 +5,6 @@ http:
     fail2ban:
       plugin:
         fail2ban:
-          loglevel: INFO
           whitelist:
             ip: "127.0.0.2"
           blacklist: