feat: update docs for new commands

README.md

@@ -15,14 +15,15 @@ Log-based IPS system written in Go for Linux-based system.
 
 # Overview
 BanForge is a simple IPS for replacement fail2ban in Linux system.
-The project is currently in its early stages of development.
+All release are available on my self-hosted [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge) after release v1.0.0 are available on Github release page.
-All release are available on my self-hosted [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge) because Github has limits for Actions.
 If you have any questions or suggestions, create issue on [Github](https://github.com/d3m0k1d/BanForge/issues).
 
 ## Roadmap
-- [x] Real-time Nginx log monitoring
+- [x] Rule system
-- [ ] Add support for other service
+- [x] Nginx and Sshd support
-- [ ] Add support for user service with regular expressions
+- [x] Working with ufw/iptables/nftables/firewalld
+- [ ] Add support for most popular web-service
+- [ ] User regexp for custom services
 - [ ] TUI interface
 
 # Requirements
@@ -31,15 +32,79 @@ If you have any questions or suggestions, create issue on [Github](https://githu
 - ufw/iptables/nftables/firewalld
 
 # Installation
-Search for a release on the [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases) releases page and download it. Then create or copy a systemd unit file.
+Search for a release on the [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases) releases page and download it.
-Or clone the repo and use the Makefile.
+In release page you can find rpm, deb, apk packages, for amd or arm architecture.
-```
+
-git clone https://gitea.d3m0k1d.ru/d3m0k1d/BanForge.git
+## Installation guide for packages
-cd BanForge
+
-sudo make build-daemon
+### Debian/Ubuntu(.deb)
-cd bin
+```bash
+# Download the latest DEB package
+wget https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases/download/v0.4.0/banforge_0.4.0_linux_amd64.deb
+
+# Install
+sudo dpkg -i banforge_0.4.0_linux_amd64.deb
+
+# Verify installation
+sudo systemctl status banforge
 ```
 
+### RHEL-based(.rpm)
+```bash
+
+# Download
+wget https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases/download/v0.4.0/banforge_0.4.0_linux_amd64.rpm
+
+# Install
+sudo rpm -i banforge_0.4.0_linux_amd64.rpm
+
+# Or with dnf (CentOS 8+, AlmaLinux)
+sudo dnf install banforge_0.4.0_linux_amd64.rpm
+
+# Verify
+sudo systemctl status banforge
+```
+
+### Alpine(.apk)
+```bash
+
+# Download
+wget https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases/download/v0.4.0/banforge_0.4.0_linux_amd64.apk
+
+# Install
+sudo apk add --allow-untrusted banforge_0.4.0_linux_amd64.apk
+
+# Verify
+sudo rc-service banforge status
+```
+
+### Arch Linux(.pkg.tar.zst)
+```bash
+
+# Download
+wget https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases/download/v0.4.0/banforge_0.4.0_linux_amd64.pkg.tar.zst
+
+# Install
+sudo pacman -U banforge_0.4.0_linux_amd64.pkg.tar.zst
+
+# Verify
+sudo systemctl status banforge
+```
+This is examples for other versions with different architecture or new versions check release page on [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases).
+
+## Installation guide for source code
+```bash
+# Download
+git clone https://github.com/d3m0k1d/BanForge.git
+cd BanForge
+make build-daemon
+cd bin
+mv banforge /usr/bin/banforge
+cd ..
+# Add init script and uses banforge init
+cd build
+./postinstall.sh
+```
 # Usage
 For first steps use this commands
 ```bash

cmd/banforge/command/daemon.go

@@ -67,7 +67,7 @@ var DaemonCmd = &cobra.Command{
 		j.LoadRules(r)
 		go j.UnbanChecker()
 		go j.Tribunal()
-		go storage.Write(reqDb_w, resultCh)
+		go storage.WriteReq(reqDb_w, resultCh)
 		var scanners []*parser.Scanner
 
 		for _, svc := range cfg.Service {
@@ -112,6 +112,11 @@ var DaemonCmd = &cobra.Command{
 						ssh := parser.NewSshdParser()
 						ssh.Parse(p.Events(), entryCh)
 					}
+					if svc.Name == "apache" {
+						log.Info("Starting apache parser", "service", serviceName)
+						ap := parser.NewApacheParser()
+						ap.Parse(p.Events(), entryCh)
+					}
 				}(pars, svc.Name)
 				continue
 			}
@@ -131,14 +136,18 @@ var DaemonCmd = &cobra.Command{
 					if svc.Name == "nginx" {
 						log.Info("Starting nginx parser", "service", serviceName)
 						ng := parser.NewNginxParser()
-						ng.Parse(p.Events(), resultCh)
+						ng.Parse(p.Events(), entryCh)
 
 					}
 					if svc.Name == "ssh" {
 						log.Info("Starting ssh parser", "service", serviceName)
 						ssh := parser.NewSshdParser()
-						ssh.Parse(p.Events(), resultCh)
+						ssh.Parse(p.Events(), entryCh)
-
+					}
+					if svc.Name == "apache" {
+						log.Info("Starting apache parser", "service", serviceName)
+						ap := parser.NewApacheParser()
+						ap.Parse(p.Events(), entryCh)
 					}
 
 				}(pars, svc.Name)

cmd/banforge/command/fw.go

@@ -12,12 +12,22 @@ import (
 )
 
 var (
-	ip string
+	ttl_fw   string
+	port     int
+	protocol string
 )
 var UnbanCmd = &cobra.Command{
 	Use:   "unban",
 	Short: "Unban IP",
 	Run: func(cmd *cobra.Command, args []string) {
+		if len(args) == 0 {
+			fmt.Println("IP can't be empty")
+			os.Exit(1)
+		}
+		if ttl_fw == "" {
+			ttl_fw = "1y"
+		}
+		ip := args[0]
 		db, err := storage.NewBanWriter()
 		if err != nil {
 			fmt.Println(err)
@@ -60,6 +70,14 @@ var BanCmd = &cobra.Command{
 	Use:   "ban",
 	Short: "Ban IP",
 	Run: func(cmd *cobra.Command, args []string) {
+		if len(args) == 0 {
+			fmt.Println("IP can't be empty")
+			os.Exit(1)
+		}
+		if ttl_fw == "" {
+			ttl_fw = "1y"
+		}
+		ip := args[0]
 		db, err := storage.NewBanWriter()
 		if err != nil {
 			fmt.Println(err)
@@ -89,7 +107,7 @@ var BanCmd = &cobra.Command{
 			fmt.Println(err)
 			os.Exit(1)
 		}
-		err = db.AddBan(ip, "1y")
+		err = db.AddBan(ip, ttl_fw, "manual ban")
 		if err != nil {
 			fmt.Println(err)
 			os.Exit(1)
@@ -98,7 +116,65 @@ var BanCmd = &cobra.Command{
 	},
 }
 
-func FwRegister() {
+var PortCmd = &cobra.Command{
-	BanCmd.Flags().StringVarP(&ip, "ip", "i", "", "ip to ban")
+	Use:   "port",
-	UnbanCmd.Flags().StringVarP(&ip, "ip", "i", "", "ip to unban")
+	Short: "Ports commands",
+}
+
+var PortOpenCmd = &cobra.Command{
+	Use:   "open",
+	Short: "Open ports on firewall",
+	Run: func(cmd *cobra.Command, args []string) {
+		if protocol == "" {
+			fmt.Println("Protocol can't be empty")
+			os.Exit(1)
+		}
+		cfg, err := config.LoadConfig()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fw := cfg.Firewall.Name
+		b := blocker.GetBlocker(fw, cfg.Firewall.Config)
+		err = b.PortOpen(port, protocol)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fmt.Println("Port opened successfully!")
+	},
+}
+
+var PortCloseCmd = &cobra.Command{
+	Use:   "close",
+	Short: "Close ports on firewall",
+	Run: func(cmd *cobra.Command, args []string) {
+		if protocol == "" {
+			fmt.Println("Protocol can't be empty")
+			os.Exit(1)
+		}
+		cfg, err := config.LoadConfig()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fw := cfg.Firewall.Name
+		b := blocker.GetBlocker(fw, cfg.Firewall.Config)
+		err = b.PortClose(port, protocol)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fmt.Println("Port closed successfully!")
+	},
+}
+
+func FwRegister() {
+	BanCmd.Flags().StringVarP(&ttl_fw, "ttl", "t", "", "ban time")
+	PortCmd.AddCommand(PortOpenCmd)
+	PortCmd.AddCommand(PortCloseCmd)
+	PortOpenCmd.Flags().IntVarP(&port, "port", "p", 0, "port number")
+	PortOpenCmd.Flags().StringVarP(&protocol, "protocol", "c", "", "protocol")
+	PortCloseCmd.Flags().IntVarP(&port, "port", "p", 0, "port number")
+	PortCloseCmd.Flags().StringVarP(&protocol, "protocol", "c", "", "protocol")
 }

cmd/banforge/command/version.go

@@ -0,0 +1,17 @@
+package command
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+)
+
+var version = "0.4.3"
+
+var VersionCmd = &cobra.Command{
+	Use:   "version",
+	Short: "BanForge version",
+	Run: func(cmd *cobra.Command, args []string) {
+		fmt.Println("BanForge version:", version)
+	},
+}

cmd/banforge/main.go

@@ -13,7 +13,6 @@ var rootCmd = &cobra.Command{
 	Use:   "banforge",
 	Short: "IPS log-based written on Golang",
 	Run: func(cmd *cobra.Command, args []string) {
-
 	},
 }
 
@@ -28,6 +27,8 @@ func Execute() {
 	rootCmd.AddCommand(command.BanCmd)
 	rootCmd.AddCommand(command.UnbanCmd)
 	rootCmd.AddCommand(command.BanListCmd)
+	rootCmd.AddCommand(command.VersionCmd)
+	rootCmd.AddCommand(command.PortCmd)
 	command.RuleRegister()
 	command.FwRegister()
 	if err := rootCmd.Execute(); err != nil {

docs/cli.md

@@ -11,6 +11,16 @@ banforge init
 **Description**
 This command creates the necessary directories and base configuration files 
 required for the daemon to operate.
+
+### version - Display BanForge version
+
+```shell
+banforge version
+```
+
+**Description**
+This command displays the current version of the BanForge software.
+
 ### daemon - Starts the BanForge daemon process
 
 ```shell
@@ -31,6 +41,18 @@ banforge unban <ip>
 **Description**
 These commands provide an abstraction over your firewall. If you want to simplify the interface to your firewall, you can use these commands.
 
+Flag -t or -ttl add bantime if not used default ban 1 year
+
+### ports - Open and Close ports on firewall
+
+```shell
+banforge open -port <port> -protocol <protocol>
+banforge close -port <port> -protocol <protocol>
+```
+
+**Description**
+These commands provide an abstraction over your firewall. If you want to simplify the interface to your firewall, you can use these commands.
+
 ### list - Lists the IP addresses that are currently blocked
 ```shell
 banforge list

internal/blocker/firewalld.go

@@ -1,7 +1,9 @@
 package blocker
 
 import (
+	"fmt"
 	"os/exec"
+	"strconv"
 
 	"github.com/d3m0k1d/BanForge/internal/logger"
 )
@@ -21,14 +23,14 @@ func (f *Firewalld) Ban(ip string) error {
 	if err != nil {
 		return err
 	}
-	cmd := exec.Command("sudo", "firewall-cmd", "--zone=drop", "--add-source", ip, "--permanent")
+	cmd := exec.Command("firewall-cmd", "--zone=drop", "--add-source", ip, "--permanent")
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		f.logger.Error(err.Error())
 		return err
 	}
 	f.logger.Info("Add source " + ip + " " + string(output))
-	output, err = exec.Command("sudo", "firewall-cmd", "--reload").CombinedOutput()
+	output, err = exec.Command("firewall-cmd", "--reload").CombinedOutput()
 	if err != nil {
 		f.logger.Error(err.Error())
 		return err
@@ -42,14 +44,14 @@ func (f *Firewalld) Unban(ip string) error {
 	if err != nil {
 		return err
 	}
-	cmd := exec.Command("sudo", "firewall-cmd", "--zone=drop", "--remove-source", ip, "--permanent")
+	cmd := exec.Command("firewall-cmd", "--zone=drop", "--remove-source", ip, "--permanent")
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		f.logger.Error(err.Error())
 		return err
 	}
 	f.logger.Info("Remove source " + ip + " " + string(output))
-	output, err = exec.Command("sudo", "firewall-cmd", "--reload").CombinedOutput()
+	output, err = exec.Command("firewall-cmd", "--reload").CombinedOutput()
 	if err != nil {
 		f.logger.Error(err.Error())
 		return err
@@ -58,6 +60,66 @@ func (f *Firewalld) Unban(ip string) error {
 	return nil
 }
 
+func (f *Firewalld) PortOpen(port int, protocol string) error {
+	// #nosec G204 - handle is extracted from nftables output and validated
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			f.logger.Error("invalid protocol")
+			return fmt.Errorf("invalid protocol")
+		}
+		s := strconv.Itoa(port)
+		cmd := exec.Command(
+			"firewall-cmd",
+			"--zone=public",
+			"--add-port="+s+"/"+protocol,
+			"--permanent",
+		)
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			f.logger.Error(err.Error())
+			return err
+		}
+		f.logger.Info("Add port " + s + " " + string(output))
+		output, err = exec.Command("firewall-cmd", "--reload").CombinedOutput()
+		if err != nil {
+			f.logger.Error(err.Error())
+			return err
+		}
+		f.logger.Info("Reload " + string(output))
+	}
+	return nil
+}
+
+func (f *Firewalld) PortClose(port int, protocol string) error {
+	// #nosec G204 - handle is extracted from nftables output and validated
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			f.logger.Error("invalid protocol")
+			return fmt.Errorf("invalid protocol")
+		}
+		s := strconv.Itoa(port)
+		cmd := exec.Command(
+			"firewall-cmd",
+			"--zone=public",
+			"--remove-port="+s+"/"+protocol,
+			"--permanent",
+		)
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			f.logger.Error(err.Error())
+			return err
+		}
+		f.logger.Info("Remove port " + s + " " + string(output))
+		output, err = exec.Command("firewall-cmd", "--reload").CombinedOutput()
+		if err != nil {
+			f.logger.Error(err.Error())
+			return err
+		}
+		f.logger.Info("Reload " + string(output))
+	}
+	return nil
+}
+
 func (f *Firewalld) Setup(config string) error {
 	return nil
 }

internal/blocker/interface.go

@@ -10,6 +10,8 @@ type BlockerEngine interface {
 	Ban(ip string) error
 	Unban(ip string) error
 	Setup(config string) error
+	PortOpen(port int, protocol string) error
+	PortClose(port int, protocol string) error
 }
 
 func GetBlocker(fw string, config string) BlockerEngine {

internal/blocker/iptables.go

@@ -2,6 +2,7 @@ package blocker
 
 import (
 	"os/exec"
+	"strconv"
 
 	"github.com/d3m0k1d/BanForge/internal/logger"
 )
@@ -27,7 +28,7 @@ func (f *Iptables) Ban(ip string) error {
 	if err != nil {
 		return err
 	}
-	cmd := exec.Command("sudo", "iptables", "-A", "INPUT", "-s", ip, "-j", "DROP")
+	cmd := exec.Command("iptables", "-A", "INPUT", "-s", ip, "-j", "DROP")
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		f.logger.Error("failed to ban IP",
@@ -45,7 +46,7 @@ func (f *Iptables) Ban(ip string) error {
 		return err
 	}
 	// #nosec G204 - f.config is validated above via validateConfigPath()
-	cmd = exec.Command("sudo", "iptables-save", "-f", f.config)
+	cmd = exec.Command("iptables-save", "-f", f.config)
 	output, err = cmd.CombinedOutput()
 	if err != nil {
 		f.logger.Error("failed to save config",
@@ -69,7 +70,7 @@ func (f *Iptables) Unban(ip string) error {
 	if err != nil {
 		return err
 	}
-	cmd := exec.Command("sudo", "iptables", "-D", "INPUT", "-s", ip, "-j", "DROP")
+	cmd := exec.Command("iptables", "-D", "INPUT", "-s", ip, "-j", "DROP")
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		f.logger.Error("failed to unban IP",
@@ -87,7 +88,7 @@ func (f *Iptables) Unban(ip string) error {
 		return err
 	}
 	// #nosec G204 - f.config is validated above via validateConfigPath()
-	cmd = exec.Command("sudo", "iptables-save", "-f", f.config)
+	cmd = exec.Command("iptables-save", "-f", f.config)
 	output, err = cmd.CombinedOutput()
 	if err != nil {
 		f.logger.Error("failed to save config",
@@ -102,6 +103,64 @@ func (f *Iptables) Unban(ip string) error {
 	return nil
 }
 
+func (f *Iptables) PortOpen(port int, protocol string) error {
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			f.logger.Error("invalid protocol")
+			return nil
+		}
+		s := strconv.Itoa(port)
+		// #nosec G204 - managed by system adminstartor
+		cmd := exec.Command("iptables", "-A", "INPUT", "-p", protocol, "--dport", s, "-j", "ACCEPT")
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			f.logger.Error(err.Error())
+			return err
+		}
+		f.logger.Info("Add port " + s + " " + string(output))
+		// #nosec G204 - f.config is validated above via validateConfigPath()
+		cmd = exec.Command("iptables-save", "-f", f.config)
+		output, err = cmd.CombinedOutput()
+		if err != nil {
+			f.logger.Error("failed to save config",
+				"config_path", f.config,
+				"error", err.Error(),
+				"output", string(output))
+			return err
+		}
+	}
+	return nil
+}
+
+func (f *Iptables) PortClose(port int, protocol string) error {
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			f.logger.Error("invalid protocol")
+			return nil
+		}
+		s := strconv.Itoa(port)
+		// #nosec G204 - managed by system adminstartor
+		cmd := exec.Command("iptables", "-D", "INPUT", "-p", protocol, "--dport", s, "-j", "ACCEPT")
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			f.logger.Error(err.Error())
+			return err
+		}
+		f.logger.Info("Add port " + s + " " + string(output))
+		// #nosec G204 - f.config is validated above via validateConfigPath()
+		cmd = exec.Command("iptables-save", "-f", f.config)
+		output, err = cmd.CombinedOutput()
+		if err != nil {
+			f.logger.Error("failed to save config",
+				"config_path", f.config,
+				"error", err.Error(),
+				"output", string(output))
+			return err
+		}
+	}
+	return nil
+}
+
 func (f *Iptables) Setup(config string) error {
 	return nil
 }

internal/blocker/nftables.go

@@ -3,6 +3,7 @@ package blocker
 import (
 	"fmt"
 	"os/exec"
+	"strconv"
 	"strings"
 
 	"github.com/d3m0k1d/BanForge/internal/logger"
@@ -26,7 +27,7 @@ func (n *Nftables) Ban(ip string) error {
 		return err
 	}
 
-	cmd := exec.Command("sudo", "nft", "add", "rule", "inet", "banforge", "banned",
+	cmd := exec.Command("nft", "add", "rule", "inet", "banforge", "banned",
 		"ip", "saddr", ip, "drop")
 	output, err := cmd.CombinedOutput()
 	if err != nil {
@@ -70,7 +71,7 @@ func (n *Nftables) Unban(ip string) error {
 		return fmt.Errorf("no rule found for IP %s", ip)
 	}
 	// #nosec G204 - handle is extracted from nftables output and validated
-	cmd := exec.Command("sudo", "nft", "delete", "rule", "inet", "banforge", "banned",
+	cmd := exec.Command("nft", "delete", "rule", "inet", "banforge", "banned",
 		"handle", handle)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
@@ -112,7 +113,7 @@ func (n *Nftables) Setup(config string) error {
 	}
 }
 `
-	cmd := exec.Command("sudo", "tee", config)
+	cmd := exec.Command("tee", config)
 	stdin, err := cmd.StdinPipe()
 	if err != nil {
 		return fmt.Errorf("failed to create stdin pipe: %w", err)
@@ -135,7 +136,7 @@ func (n *Nftables) Setup(config string) error {
 		return fmt.Errorf("failed to save config: %w", err)
 	}
 
-	cmd = exec.Command("sudo", "nft", "-f", config)
+	cmd = exec.Command("nft", "-f", config)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		return fmt.Errorf("failed to load nftables config: %s", string(output))
@@ -145,7 +146,7 @@ func (n *Nftables) Setup(config string) error {
 }
 
 func (n *Nftables) findRuleHandle(ip string) (string, error) {
-	cmd := exec.Command("sudo", "nft", "-a", "list", "chain", "inet", "banforge", "banned")
+	cmd := exec.Command("nft", "-a", "list", "chain", "inet", "banforge", "banned")
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		return "", fmt.Errorf("failed to list chain rules: %w", err)
@@ -166,19 +167,94 @@ func (n *Nftables) findRuleHandle(ip string) (string, error) {
 	return "", nil
 }
 
+func (n *Nftables) PortOpen(port int, protocol string) error {
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			n.logger.Error("invalid protocol")
+			return fmt.Errorf("invalid protocol")
+		}
+		s := strconv.Itoa(port)
+		// #nosec G204 - managed by system adminstartor
+		cmd := exec.Command(
+			"nft",
+			"add",
+			"rule",
+			"inet",
+			"banforge",
+			"input",
+			protocol,
+			"dport",
+			s,
+			"accept",
+		)
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			n.logger.Error(err.Error())
+			return err
+		}
+		n.logger.Info("Add port " + s + " " + string(output))
+		err = saveNftablesConfig(n.config)
+		if err != nil {
+			n.logger.Error("failed to save config",
+				"config_path", n.config,
+				"error", err.Error())
+			return err
+		}
+	}
+	return nil
+}
+
+func (n *Nftables) PortClose(port int, protocol string) error {
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			n.logger.Error("invalid protocol")
+			return fmt.Errorf("invalid protocol")
+		}
+		s := strconv.Itoa(port)
+		// #nosec G204 - managed by system adminstartor
+		cmd := exec.Command(
+			"nft",
+			"add",
+			"rule",
+			"inet",
+			"banforge",
+			"input",
+			protocol,
+			"dport",
+			s,
+			"drop",
+		)
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			n.logger.Error(err.Error())
+			return err
+		}
+		n.logger.Info("Add port " + s + " " + string(output))
+		err = saveNftablesConfig(n.config)
+		if err != nil {
+			n.logger.Error("failed to save config",
+				"config_path", n.config,
+				"error", err.Error())
+			return err
+		}
+
+	}
+	return nil
+}
+
 func saveNftablesConfig(configPath string) error {
 	err := validateConfigPath(configPath)
 	if err != nil {
 		return err
 	}
 
-	cmd := exec.Command("sudo", "nft", "list", "ruleset")
+	cmd := exec.Command("nft", "list", "ruleset")
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		return fmt.Errorf("failed to get nftables ruleset: %w", err)
 	}
 
-	cmd = exec.Command("sudo", "tee", configPath)
+	cmd = exec.Command("tee", configPath)
 	stdin, err := cmd.StdinPipe()
 	if err != nil {
 		return fmt.Errorf("failed to create stdin pipe: %w", err)

internal/blocker/ufw.go

@@ -3,6 +3,7 @@ package blocker
 import (
 	"fmt"
 	"os/exec"
+	"strconv"
 
 	"github.com/d3m0k1d/BanForge/internal/logger"
 )
@@ -23,7 +24,7 @@ func (u *Ufw) Ban(ip string) error {
 		return err
 	}
 
-	cmd := exec.Command("sudo", "ufw", "--force", "deny", "from", ip)
+	cmd := exec.Command("ufw", "--force", "deny", "from", ip)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		u.logger.Error("failed to ban IP",
@@ -42,7 +43,7 @@ func (u *Ufw) Unban(ip string) error {
 		return err
 	}
 
-	cmd := exec.Command("sudo", "ufw", "--force", "delete", "deny", "from", ip)
+	cmd := exec.Command("ufw", "--force", "delete", "deny", "from", ip)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
 		u.logger.Error("failed to unban IP",
@@ -56,10 +57,48 @@ func (u *Ufw) Unban(ip string) error {
 	return nil
 }
 
+func (u *Ufw) PortOpen(port int, protocol string) error {
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			u.logger.Error("invalid protocol")
+			return fmt.Errorf("invalid protocol")
+		}
+		s := strconv.Itoa(port)
+		// #nosec G204 - managed by system adminstartor
+		cmd := exec.Command("ufw", "allow", s+"/"+protocol)
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			u.logger.Error(err.Error())
+			return err
+		}
+		u.logger.Info("Add port " + s + " " + string(output))
+	}
+	return nil
+}
+
+func (u *Ufw) PortClose(port int, protocol string) error {
+	if port >= 0 && port <= 65535 {
+		if protocol != "tcp" && protocol != "udp" {
+			u.logger.Error("invalid protocol")
+			return nil
+		}
+		s := strconv.Itoa(port)
+		// #nosec G204 - managed by system adminstartor
+		cmd := exec.Command("ufw", "deny", s+"/"+protocol)
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			u.logger.Error(err.Error())
+			return err
+		}
+		u.logger.Info("Add port " + s + " " + string(output))
+	}
+	return nil
+}
+
 func (u *Ufw) Setup(config string) error {
 	if config != "" {
 		fmt.Printf("Ufw dont support config file\n")
-		cmd := exec.Command("sudo", "ufw", "enable")
+		cmd := exec.Command("ufw", "enable")
 		output, err := cmd.CombinedOutput()
 		if err != nil {
 			u.logger.Error("failed to enable ufw",
@@ -69,7 +108,7 @@ func (u *Ufw) Setup(config string) error {
 		}
 	}
 	if config == "" {
-		cmd := exec.Command("sudo", "ufw", "enable")
+		cmd := exec.Command("ufw", "enable")
 		output, err := cmd.CombinedOutput()
 		if err != nil {
 			u.logger.Error("failed to enable ufw",

internal/judge/judge.go

@@ -100,7 +100,7 @@ func (j *Judge) Tribunal() {
 					break
 				}
 
-				err = j.db_w.AddBan(entry.IP, rule.BanTime)
+				err = j.db_w.AddBan(entry.IP, rule.BanTime, rule.Name)
 				if err != nil {
 					j.logger.Error(
 						"Failed to add ban to database",

internal/parser/ApacheParser.go

@@ -0,0 +1,61 @@
+package parser
+
+import (
+	"regexp"
+
+	"github.com/d3m0k1d/BanForge/internal/logger"
+	"github.com/d3m0k1d/BanForge/internal/storage"
+)
+
+type ApacheParser struct {
+	pattern *regexp.Regexp
+	logger  *logger.Logger
+}
+
+func NewApacheParser() *ApacheParser {
+	pattern := regexp.MustCompile(
+		`^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s+-\s+-\s+\[(.*?)\]\s+"(\w+)\s+(.*?)\s+HTTP/[\d.]+"\s+(\d+)\s+(\d+|-)\s+"(.*?)"\s+"(.*?)"`,
+	)
+	// Groups:
+	// 1: IP
+	// 2: Timestamp
+	// 3: Method (GET, POST, etc.)
+	// 4: Path
+	// 5: Status Code (200, 404, 403...)
+	// 6: Response Size
+	// 7: Referer
+	// 8: User-Agent
+
+	return &ApacheParser{
+		pattern: pattern,
+		logger:  logger.New(false),
+	}
+}
+
+func (p *ApacheParser) Parse(eventCh <-chan Event, resultCh chan<- *storage.LogEntry) {
+	// Group 1: IP, Group 2: Timestamp, Group 3: Method, Group 4: Path, Group 5: Status
+	for event := range eventCh {
+		matches := p.pattern.FindStringSubmatch(event.Data)
+		if matches == nil {
+			continue
+		}
+		path := matches[4]
+		status := matches[5]
+		method := matches[3]
+
+		resultCh <- &storage.LogEntry{
+			Service: "apache",
+			IP:      matches[1],
+			Path:    path,
+			Status:  status,
+			Method:  method,
+		}
+		p.logger.Info(
+			"Parsed apache log entry",
+			"ip", matches[1],
+			"path", path,
+			"status", status,
+			"method", method,
+		)
+	}
+}

internal/storage/ban_db.go

@@ -3,12 +3,13 @@ package storage
 import (
 	"database/sql"
 	"fmt"
+	"os"
+	"time"
+
 	"github.com/d3m0k1d/BanForge/internal/config"
 	"github.com/d3m0k1d/BanForge/internal/logger"
 	"github.com/jedib0t/go-pretty/v6/table"
 	_ "modernc.org/sqlite"
-	"os"
-	"time"
 )
 
 // Writer block
@@ -18,7 +19,10 @@ type BanWriter struct {
 }
 
 func NewBanWriter() (*BanWriter, error) {
-	db, err := sql.Open("sqlite", "/var/lib/banforge/bans.db?_pragma=journal_mode(WAL)&_pragma=busy_timeout(30000)&_pragma=synchronous(NORMAL)")
+	db, err := sql.Open(
+		"sqlite",
+		"/var/lib/banforge/bans.db?_pragma=journal_mode(WAL)&_pragma=busy_timeout(30000)&_pragma=synchronous(NORMAL)",
+	)
 	if err != nil {
 		return nil, err
 	}
@@ -37,7 +41,7 @@ func (d *BanWriter) CreateTable() error {
 	return nil
 }
 
-func (d *BanWriter) AddBan(ip string, ttl string) error {
+func (d *BanWriter) AddBan(ip string, ttl string, reason string) error {
 	duration, err := config.ParseDurationWithYears(ttl)
 	if err != nil {
 		d.logger.Error("Invalid duration format", "ttl", ttl, "error", err)
@@ -50,7 +54,7 @@ func (d *BanWriter) AddBan(ip string, ttl string) error {
 	_, err = d.db.Exec(
 		"INSERT INTO bans (ip, reason, banned_at, expired_at) VALUES (?, ?, ?, ?)",
 		ip,
-		"1",
+		reason,
 		now.Format(time.RFC3339),
 		expiredAt.Format(time.RFC3339),
 	)
@@ -83,7 +87,11 @@ func (w *BanWriter) RemoveExpiredBans() ([]string, error) {
 		w.logger.Error("Failed to get expired bans", "error", err)
 		return nil, err
 	}
-	defer rows.Close()
+	defer func() {
+		if err := rows.Close(); err != nil {
+			w.logger.Error("Failed to close rows", "error", err)
+		}
+	}()
 
 	for rows.Next() {
 		var ip string
@@ -172,8 +180,8 @@ func (d *BanReader) BanList() error {
 	t := table.NewWriter()
 	t.SetOutputMirror(os.Stdout)
 	t.SetStyle(table.StyleBold)
-	t.AppendHeader(table.Row{"№", "IP", "Banned At"})
+	t.AppendHeader(table.Row{"№", "IP", "Banned At", "Reason", "Expires At"})
-	rows, err := d.db.Query("SELECT ip, banned_at  FROM bans")
+	rows, err := d.db.Query("SELECT ip, banned_at, reason, expired_at  FROM bans")
 	if err != nil {
 		d.logger.Error("Failed to get ban list", "error", err)
 		return err
@@ -182,12 +190,14 @@ func (d *BanReader) BanList() error {
 		count++
 		var ip string
 		var bannedAt string
-		err := rows.Scan(&ip, &bannedAt)
+		var reason string
+		var expiredAt string
+		err := rows.Scan(&ip, &bannedAt, &reason, &expiredAt)
 		if err != nil {
 			d.logger.Error("Failed to get ban list", "error", err)
 			return err
 		}
-		t.AppendRow(table.Row{count, ip, bannedAt})
+		t.AppendRow(table.Row{count, ip, bannedAt, reason, expiredAt})
 
 	}
 	t.Render()

internal/storage/ban_db_test.go

@@ -26,7 +26,7 @@ func TestBanWriter_AddBan(t *testing.T) {
 	ip := "192.168.1.1"
 	ttl := "1h"
 
-	err = writer.AddBan(ip, ttl)
+	err = writer.AddBan(ip, ttl, "test")
 	if err != nil {
 		t.Errorf("AddBan failed: %v", err)
 	}
@@ -62,7 +62,7 @@ func TestBanWriter_RemoveBan(t *testing.T) {
 	}
 
 	ip := "192.168.1.2"
-	err = writer.AddBan(ip, "1h")
+	err = writer.AddBan(ip, "1h", "test")
 	if err != nil {
 		t.Fatalf("Failed to add ban: %v", err)
 	}
@@ -111,13 +111,13 @@ func TestBanWriter_RemoveExpiredBans(t *testing.T) {
 	}
 
 	expiredIP := "192.168.1.3"
-	err = writer.AddBan(expiredIP, "-1h")
+	err = writer.AddBan(expiredIP, "-1h", "tes")
 	if err != nil {
 		t.Fatalf("Failed to add expired ban: %v", err)
 	}
 
 	activeIP := "192.168.1.4"
-	err = writer.AddBan(activeIP, "1h")
+	err = writer.AddBan(activeIP, "1h", "test")
 	if err != nil {
 		t.Fatalf("Failed to add active ban: %v", err)
 	}
@@ -181,7 +181,7 @@ func TestBanReader_IsBanned(t *testing.T) {
 	}
 
 	ip := "192.168.1.5"
-	err = writer.AddBan(ip, "1h")
+	err = writer.AddBan(ip, "1h", "test")
 	if err != nil {
 		t.Fatalf("Failed to add ban: %v", err)
 	}
@@ -280,7 +280,7 @@ func TestBanWriter_AddBan_InvalidDuration(t *testing.T) {
 		t.Fatalf("Failed to create table: %v", err)
 	}
 
-	err = writer.AddBan("192.168.1.7", "invalid_duration")
+	err = writer.AddBan("192.168.1.7", "invalid_duration", "test")
 	if err == nil {
 		t.Error("Expected error for invalid duration")
 	} else if err.Error() == "" || err.Error() == "<nil>" {
@@ -306,7 +306,7 @@ func TestMultipleBans(t *testing.T) {
 	ips := []string{"192.168.1.8", "192.168.1.9", "192.168.1.10"}
 
 	for _, ip := range ips {
-		err := writer.AddBan(ip, "1h")
+		err := writer.AddBan(ip, "1h", "test")
 		if err != nil {
 			t.Errorf("Failed to add ban for IP %s: %v", ip, err)
 		}

internal/storage/db.go

@@ -3,6 +3,7 @@ package storage
 import (
 	"database/sql"
 	"fmt"
+
 	_ "modernc.org/sqlite"
 )
 
@@ -17,7 +18,12 @@ func CreateTables() error {
 	if err != nil {
 		return fmt.Errorf("failed to open requests db: %w", err)
 	}
-	defer db_r.Close()
+	defer func() {
+		err = db_r.Close()
+		if err != nil {
+			fmt.Println(err)
+		}
+	}()
 
 	_, err = db_r.Exec(CreateRequestsTable)
 	if err != nil {
@@ -34,7 +40,12 @@ func CreateTables() error {
 	if err != nil {
 		return fmt.Errorf("failed to open bans db: %w", err)
 	}
-	defer db_b.Close()
+	defer func() {
+		err = db_b.Close()
+		if err != nil {
+			fmt.Println(err)
+		}
+	}()
 
 	_, err = db_b.Exec(CreateBansTable)
 	if err != nil {

internal/storage/requests_db.go

@@ -2,6 +2,7 @@ package storage
 
 import (
 	"database/sql"
+
 	"github.com/d3m0k1d/BanForge/internal/logger"
 	_ "modernc.org/sqlite"
 )
@@ -12,7 +13,10 @@ type Request_Writer struct {
 }
 
 func NewRequestsWr() (*Request_Writer, error) {
-	db, err := sql.Open("sqlite", "/var/lib/banforge/requests.db?_pragma=journal_mode(WAL)&_pragma=busy_timeout(30000)&_pragma=synchronous(NORMAL)")
+	db, err := sql.Open(
+		"sqlite",
+		"/var/lib/banforge/requests.db?_pragma=journal_mode(WAL)&_pragma=busy_timeout(30000)&_pragma=synchronous(NORMAL)",
+	)
 	if err != nil {
 		return nil, err
 	}

internal/storage/writer.go

@@ -4,7 +4,7 @@ import (
 	"time"
 )
 
-func Write(db *Request_Writer, resultCh <-chan *LogEntry) {
+func WriteReq(db *Request_Writer, resultCh <-chan *LogEntry) {
 	db.logger.Info("Starting log writer")
 	const batchSize = 100
 	const flushInterval = 1 * time.Second

internal/storage/writer_test.go

@@ -28,7 +28,7 @@ func TestWrite_BatchInsert(t *testing.T) {
 
 	done := make(chan bool)
 	go func() {
-		Write(writer, resultCh)
+		WriteReq(writer, resultCh)
 		close(done)
 	}()
 
@@ -115,7 +115,7 @@ func TestWrite_BatchSizeTrigger(t *testing.T) {
 	resultCh := make(chan *LogEntry, 100)
 	done := make(chan bool)
 	go func() {
-		Write(writer, resultCh)
+		WriteReq(writer, resultCh)
 		close(done)
 	}()
 
@@ -167,7 +167,7 @@ func TestWrite_FlushInterval(t *testing.T) {
 
 	done := make(chan bool)
 	go func() {
-		Write(writer, resultCh)
+		WriteReq(writer, resultCh)
 		close(done)
 	}()
 
@@ -216,7 +216,7 @@ func TestWrite_EmptyBatch(t *testing.T) {
 
 	done := make(chan bool)
 	go func() {
-		Write(writer, resultCh)
+		WriteReq(writer, resultCh)
 		close(done)
 	}()
 
@@ -250,7 +250,7 @@ func TestWrite_ChannelClosed(t *testing.T) {
 
 	done := make(chan bool)
 	go func() {
-		Write(writer, resultCh)
+		WriteReq(writer, resultCh)
 		close(done)
 	}()