From 4f27cf06576484e4a27ce788558eb97e524188a7 Mon Sep 17 00:00:00 2001
From: Pavel Odintsov <pavel.odintsov@gmail.com>
Date: Wed, 3 Aug 2022 22:40:41 +0100
Subject: [PATCH] We deprecated configuration field notify_script_pass_details
 and set it to true by default. You need to read stdin attack information for
 both ban and attack_details actions

---
 src/fastnetmon.conf                |  5 -----
 src/fastnetmon.cpp                 | 10 +---------
 src/fastnetmon_logic.cpp           | 17 +++++------------
 src/juniper_plugin/README.md       |  9 +--------
 src/mikrotik_plugin/README.md      |  5 -----
 src/notify_about_attack.sh         | 15 ++++++---------
 src/scripts/notify_with_discord.sh |  5 ++++-
 src/scripts/notify_with_slack.sh   |  6 +-----
 8 files changed, 18 insertions(+), 54 deletions(-)

diff --git a/src/fastnetmon.conf b/src/fastnetmon.conf
index 6bf199f..40f229e 100644
--- a/src/fastnetmon.conf
+++ b/src/fastnetmon.conf
@@ -164,11 +164,6 @@ sflow_read_packet_length_from_ip_header = off
 # This script executed for ban, unban and attack detail collection
 notify_script_path = /usr/local/bin/notify_about_attack.sh
 
-# pass attack details to notify_script via stdin
-# Pass details only in case of "ban" call
-# No details will be passed for "unban" call
-notify_script_pass_details = on
-
 # collect a full dump of the attack with full payload in pcap compatible format
 collect_attack_pcap_dumps = off
 
diff --git a/src/fastnetmon.cpp b/src/fastnetmon.cpp
index 4536a4d..9954a32 100644
--- a/src/fastnetmon.cpp
+++ b/src/fastnetmon.cpp
@@ -148,9 +148,6 @@ unsigned int maximum_time_since_bucket_start_to_remove = 120;
 
 FastnetmonPlatformConfigurtion fastnetmon_platform_configuration;
 
-// Send or not any details about attack for ban script call over stdin
-bool notify_script_pass_details = true;
-
 bool notify_script_enabled = true;
 
 // We could collect attack dumps in pcap format
@@ -481,8 +478,7 @@ void RunApiServer() {
 
 void sigpipe_handler_for_popen(int signo) {
     logger << log4cpp::Priority::ERROR << "Sorry but we experienced error with popen. "
-           << "Please check your scripts. They should receive data on stdin! Optionally you could disable "
-              "passing any details with configuration param: notify_script_pass_details = no";
+           << "Please check your scripts. They must receive data on stdin";
 
     // Well, we do not need exit here because we have another options to notifying about atatck
     // exit(1);
@@ -959,10 +955,6 @@ bool load_configuration_file() {
         fastnetmon_platform_configuration.notify_script_path = configuration_map["notify_script_path"];
     }
 
-    if (configuration_map.count("notify_script_pass_details") != 0) {
-        notify_script_pass_details = configuration_map["notify_script_pass_details"] == "on" ? true : false;
-    }
-
     if (file_exists(fastnetmon_platform_configuration.notify_script_path)) {
         notify_script_enabled = true;
     } else {
diff --git a/src/fastnetmon_logic.cpp b/src/fastnetmon_logic.cpp
index 0ecc764..13e8b0a 100644
--- a/src/fastnetmon_logic.cpp
+++ b/src/fastnetmon_logic.cpp
@@ -120,7 +120,6 @@ extern bool mongodb_enabled;
 extern std::string mongodb_database_name;
 #endif
 
-extern bool notify_script_pass_details;
 extern unsigned int number_of_packets_for_pcap_attack_dump;
 extern patricia_tree_t *lookup_tree_ipv4, *whitelist_tree_ipv4;
 extern patricia_tree_t *lookup_tree_ipv6, *whitelist_tree_ipv6;
@@ -1230,7 +1229,7 @@ void call_attack_details_handlers(uint32_t client_ip, attack_details_t& current_
                                     " " + attack_direction + " " + pps_as_string + " attack_details";
 
         // We should execute external script in separate thread because any lag in this code
-        // will be very distructive
+        // will be very destructive
         boost::thread exec_with_params_thread(exec_with_stdin_params, script_params, attack_fingerprint);
         exec_with_params_thread.detach();
 
@@ -1604,17 +1603,11 @@ void call_ban_handlers(uint32_t client_ip,
         logger << log4cpp::Priority::INFO << "Call script for ban client: " << client_ip_as_string;
 
         // We should execute external script in separate thread because any lag in this code will be
-        // very distructive
+        // very destructive
 
-        if (notify_script_pass_details) {
-            // We will pass attack details over stdin
-            boost::thread exec_thread(exec_with_stdin_params, script_call_params, full_attack_description);
-            exec_thread.detach();
-        } else {
-            // Do not pass anything to script
-            boost::thread exec_thread(exec_no_error_check, script_call_params);
-            exec_thread.detach();
-        }
+        // We will pass attack details over stdin
+        boost::thread exec_thread(exec_with_stdin_params, script_call_params, full_attack_description);
+        exec_thread.detach();
 
         logger << log4cpp::Priority::INFO << "Script for ban client is finished: " << client_ip_as_string;
     }
diff --git a/src/juniper_plugin/README.md b/src/juniper_plugin/README.md
index 84d3c05..8173afd 100644
--- a/src/juniper_plugin/README.md
+++ b/src/juniper_plugin/README.md
@@ -49,17 +49,10 @@ This is the first buggy version, you are welcome to add more features.
 
 3. Set executable bit ```sudo chmod +x /etc/fastnetmon/scripts/notify_about_attack.sh```
 
-4. For FastNetMon Advanced, please disable details:
-
-```
-sudo fcli set main notify_script_pass_details disable
-sudo fcli commit
-```
-
 Changelog
 ---------
 v1.0 - 5 Dec 18 - Initial version
 
 Author: Christian David <davidchristia@gmail.com>
 
-Based on Mikrotik Plugin by Maximiliano Dobladez <info@mkesolutions.net>
\ No newline at end of file
+Based on Mikrotik Plugin by Maximiliano Dobladez <info@mkesolutions.net>
diff --git a/src/mikrotik_plugin/README.md b/src/mikrotik_plugin/README.md
index 70dd092..a181d43 100644
--- a/src/mikrotik_plugin/README.md
+++ b/src/mikrotik_plugin/README.md
@@ -43,11 +43,6 @@ sudo fcli set main notify_script_path /etc/fastnetmon/scripts/notify_about_attac
 sudo fcli set main notify_script_format text
 sudo fcli commit
 ```
-And disable passing details to this script:
-```
-sudo fcli set main notify_script_pass_details disable
-sudo fcli commit
-```
 
 Changelog
 ---------
diff --git a/src/notify_about_attack.sh b/src/notify_about_attack.sh
index 31121b5..8473cfd 100755
--- a/src/notify_about_attack.sh
+++ b/src/notify_about_attack.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 #
-# Hello, lovely FastNetMon customer! I'm really happy to see you here!
+# Hello, lovely FastNetMon customer. I'm really happy to see you here
 #  Pavel Odintsov, author
 #
 
@@ -14,7 +14,7 @@
 email_notify="root,please_fix_this_email@domain.ru"
 
 #
-# Please be careful ! You should not remove cat >
+# Please be careful. You should not remove cat >
 #
 
 if [ "$4" = "unban" ]; then
@@ -26,20 +26,17 @@ fi
 
 #
 # For ban and attack_details actions we will receive attack details to stdin
-# if option notify_script_pass_details enabled in FastNetMon's configuration file
-#
-# If you do not need this details, please set option notify_script_pass_details to "no".
-#
-# Please do not remove "cat" command if you have notify_script_pass_details enabled, because
-# FastNetMon will crash in this case (it expect read of data from script side).
+# Please do not remove "cat" command because
+# FastNetMon will crash in this case as it expects read of data from script side
 #
 
 if [ "$4" = "ban" ]; then
     cat | mail -s "FastNetMon Guard: IP $1 blocked because $2 attack with power $3 pps" $email_notify;
-    # You can add ban code here!
+    # You can add ban code here
     exit 0
 fi
 
+# Advanced edition does not use this action and passes all details in ban action
 if [ "$4" == "attack_details" ]; then
     cat | mail -s "FastNetMon Guard: IP $1 blocked because $2 attack with power $3 pps" $email_notify;
 
diff --git a/src/scripts/notify_with_discord.sh b/src/scripts/notify_with_discord.sh
index c952e6f..7fa17e5 100755
--- a/src/scripts/notify_with_discord.sh
+++ b/src/scripts/notify_with_discord.sh
@@ -5,7 +5,6 @@
 # - Copy this script to /usr/local/bin/
 # - Edit /etc/fastnetmon.conf and set:
 #   notify_script_path = /usr/local/bin/notify_with_discord.sh
-#   notify_script_pass_details = no
 # - Add your Discord channel webhook to discord_url.
 #
 # Notes:
@@ -29,8 +28,12 @@ if [ -z "$fastnetmon_ip" ] || [ -z "$webhook_url" ]; then
 fi
 
 if [ "$fastnetmon_action" = "ban" ]; then
+    # Read data from stdin
+    cat > /dev/null
     color="14425373"
 elif [ "$fastnetmon_action" = "attack_details" ]; then
+    # Read data from stdin
+    cat > /dev/null
     color="16765184"
 elif [ "$fastnetmon_action" = "unban" ]; then
     color="3857437"
diff --git a/src/scripts/notify_with_slack.sh b/src/scripts/notify_with_slack.sh
index d75c368..09bb6e2 100755
--- a/src/scripts/notify_with_slack.sh
+++ b/src/scripts/notify_with_slack.sh
@@ -23,11 +23,7 @@
 
 #
 # For ban and attack_details actions we will receive attack details to stdin
-# if option notify_script_pass_details enabled in FastNetMon's configuration file
-#
-# If you do not need this details, please set option notify_script_pass_details to "no".
-#
-# Please do not remove the following command if you have notify_script_pass_details enabled, because
+# Please do not remove the following command because
 # FastNetMon will crash in this case (it expect read of data from script side).
 #