fix fail2ban magnusbilling login

callcenter-magnus · callcenter-magnus · commit b9d9dae89447 · 2024-01-25T12:08:47.000-03:00
diff --git a/build/MagnusBilling-current.tar.gz b/build/MagnusBilling-current.tar.gz
diff --git a/protected/commands/update.sh b/protected/commands/update.sh
@@ -88,12 +88,15 @@ chmod -R 700 /var/www/html/mbilling/resources/images
 chmod +x /var/www/html/mbilling/resources/asterisk/mbilling.php
 chmod -R 555 /var/www/html/mbilling/resources/asterisk/
 rm -rf /var/lib/asterisk/sbin/*
+pkill -f mbillingd
 if [ ${DIST} = "DEBIAN" ]; then
-    CRONPATH='/var/spool/cron/crontabs/asterisk'
+    rm -rf /var/spool/cron/crontabs/asterisk
 elif [ ${DIST} = "CENTOS" ]; then
-    CRONPATH='/var/spool/cron/asterisk'
+    rm -rf /var/spool/cron/asterisk
 fi
 
+
+
 if [[ -e /var/www/html/mbilling/resources/images/lock-screen-background.jpg ]]; then
 	for color in black blue gray orange purple red yellow green
 	do
diff --git a/resources/asterisk/MassiveCall.php b/resources/asterisk/MassiveCall.php
@@ -47,21 +47,21 @@ public function send($agi, &$MAGNUS, &$CalcAgi)
             $now = time();
         }
 
-        if ($MAGNUS->dnid == 'failed' || !is_numeric($MAGNUS->dnid)) {
+        if ($MAGNUS->dnid == 'failed' || ! is_numeric($MAGNUS->dnid)) {
             $agi->verbose("Hangup becouse dnid is OutgoingSpoolFailed", 25);
             $MAGNUS->hangup($agi);
         }
 
         $sql           = "SELECT *, pkg_campaign.id AS id, pkg_campaign.id_user AS id_user, pkg_campaign.description AS description, pkg_campaign.record_call AS record_call FROM pkg_campaign LEFT JOIN pkg_user ON pkg_campaign.id_user = pkg_user.id WHERE pkg_campaign.id = $idCampaign LIMIT 1";
         $modelCampaign = $agi->query($sql)->fetch(PDO::FETCH_OBJ);
 
-        if (!isset($modelCampaign->id)) {
+        if ( ! isset($modelCampaign->id)) {
             $agi->verbose($idCampaign . ' campaing not exist');
             return;
         }
         $sql              = "SELECT * FROM pkg_phonenumber WHERE id = $idPhonenumber LIMIT 1";
         $modelPhoneNumber = $agi->query($sql)->fetch(PDO::FETCH_OBJ);
-        if (!isset($modelPhoneNumber->id)) {
+        if ( ! isset($modelPhoneNumber->id)) {
             $agi->verbose($idPhonenumber . ' number not exist');
             exit;
         }
@@ -379,7 +379,7 @@ public function send($agi, &$MAGNUS, &$CalcAgi)
 
                             $agi->verbose($url);
 
-                            if (!$res = @file_get_contents($url, false)) {
+                            if ( ! $res = @file_get_contents($url, false)) {
                                 $agi->verbose("ERRO SMS -> " . $url);
                             }
 
@@ -451,7 +451,7 @@ public function send($agi, &$MAGNUS, &$CalcAgi)
                         $agi->verbose("Cliente votou na opcao: $dtmf_result", 5);
 
                         //Hungaup call if the fisrt poll dtmf is not numeric
-                        if ($i == 0 && !is_numeric($dtmf_result)) {
+                        if ($i == 0 && ! is_numeric($dtmf_result)) {
                             $agi->verbose('nao votou nada na 1º enquete', 5);
                             break;
                         }
@@ -510,8 +510,13 @@ public function send($agi, &$MAGNUS, &$CalcAgi)
 
                             $url = preg_replace("/\%number\%/", $destination, $poll->{'option' . $dtmf_result});
                             $url = preg_replace("/\%name\%/", $modelPhoneNumber->name, $url);
-
-                            if (preg_match('/POST/', $url)) {
+                            if (preg_match('/JSON/', $url)) {
+                                $url2  = explode('?', $url);
+                                $parts = parse_url($url);
+                                parse_str($parts['query'], $query);
+                                $data = json_encode($query);
+                                exec(" curl -k -X POST  -d '" . $data . "' " . $url2[0] . "");
+                            } else if (preg_match('/POST/', $url)) {
                                 $url = explode('?', $url);
                                 exec(" curl -k -X POST  -d '" . $url[1] . "' " . $url[0] . "");
                             } else {
@@ -617,7 +622,7 @@ public function send($agi, &$MAGNUS, &$CalcAgi)
         $sql       = "SELECT * FROM pkg_rate WHERE id = $idRate LIMIT 1";
         $modelRate = $agi->query($sql)->fetch(PDO::FETCH_OBJ);
 
-        if (!isset($modelRate->id)) {
+        if ( ! isset($modelRate->id)) {
             return;
         }
 
@@ -702,7 +707,7 @@ public function send($agi, &$MAGNUS, &$CalcAgi)
 
             }
 
-            if (!is_null($MAGNUS->id_agent) && $MAGNUS->id_agent > 1) {
+            if ( ! is_null($MAGNUS->id_agent) && $MAGNUS->id_agent > 1) {
                 $CalcAgi->agent_bill = $CalcAgi->updateSystemAgent($agi, $MAGNUS, $destination, $sellratecost, $duration);
             }
 
diff --git a/script/install.sh b/script/install.sh
@@ -948,8 +948,10 @@ ignoreregex =
 echo '
 [INCLUDES]
 [Definition]
-failregex = .* Username or password is wrong - User .* from IP - <HOST>
+failregex = .*Username and password combination is invalid - User.*IP: <HOST>
 ignoreregex =
+
+datepattern = ^%%Y/%%m/%%d:%%H:%%M:%%S
 ' > /etc/fail2ban/filter.d/mbilling_login.conf
 
 
@@ -1001,7 +1003,7 @@ filter   = mbilling_login
 action   = iptables-allports[name=mbilling_login, port=all, protocol=all]
 logpath  = /var/www/html/mbilling/protected/runtime/application.log
 maxretry = 3
-bantime = 600
+bantime = 300
 
 [ip-blacklist]
 enabled   = true
