English:
Call: http://www.blocklist.de/en/httpreports.html?
required Variables:
email: string (E-Mailaddress from Server or ID)
apikey: string (in your Profil under SERVER)
ip: string (ipv4/ipv6 Address) (Attacker)
service: string (Service which was attacked (ssh, imap, ftp...))
logs: text (Logfiles)
format: text, json, php, xml (Error-Message/OK-Message/Return-Values format)
Version 0.0.0.1
Are needed as in the mail the following information:
- attacker IP
- Service name (ssh, ftp, imap ....)
- Logs
- E-mail address of the report server or server ID
- Api-Key of the report server
- Format of the return (error messages, OK message ...) = xml, text, php, json
Then you can send the data either via GET or POST.
This can be done weget, curl php, etc. used.
The URL is then as follows:
hxxp://www.blocklist.de/en/httpreports.html? \
server = $serveremail&
apikey = $serverapikey&
ip = $attackerip&
service = $service&
format = $format&
logs = urlencode($logs)
Composed then this looks e.g. as follows:
hxxp://www.blocklist.de/de/httpreports.html?server=fail2ban@sender-server.de&apikey=123456&ip=127.0.0.1&service=ssh&format=php&logs=urlencode('logfiles....)
The return is an array of "status" and "error" is returned.
If $error is 0 or $status "success", everything worked and the report was adopted.
Otherwise, if $status "error" is there is error in the variable $error as an array with the respective error messages such as:
apikey: Please API key with the server about giving.
or formartiert with each format.
For questions, please post in the forum:
https://forum.blocklist.de/viewforum.php?f=23