feat: add simple setup func to blockerengine, fix init and db, version for realease v0.2.0

docs: typo and update readme.md
docs: typo
2026-01-15 19:14:44 +03:00 · 2026-01-15 18:16:54 +03:00 · 2026-01-15 18:14:04 +03:00 · 2026-01-15 18:06:48 +03:00 · 2026-01-15 17:27:46 +03:00 · 2026-01-15 17:01:49 +03:00
28 changed files with 1009 additions and 85 deletions
--- a/.gitea/workflows/CD.yml
+++ b/.gitea/workflows/CD.yml
@@ -0,0 +1,67 @@
+name: CD - BanForge Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+  workflow_dispatch:
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - name: Create Release
+        env:
+          TOKEN: ${{ secrets.TOKEN }}
+        run: |
+          TAG="${{ gitea.ref_name }}"
+          REPO="${{ gitea.repository }}"
+          SERVER="${{ gitea.server_url }}"
+          curl -X POST \
+            -H "Authorization: token $TOKEN" \
+            -H "Content-Type: application/json" \
+            -d '{
+              "tag_name": "'$TAG'",
+              "name": "Release '$TAG'",
+              "body": "# BanForge '$TAG'\n\nIntrusion Prevention System",
+              "draft": false,
+              "prerelease": false
+            }' \
+            "$SERVER/api/v1/repos/$REPO/releases"
+
+  build:
+    needs: release
+    strategy:
+      matrix:
+        include:
+          - goos: linux
+            arch: amd64
+          - goos: linux
+            arch: arm64
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-go@v6
+        with:
+          go-version: '1.25'
+          cache: false
+      - run: go mod tidy
+      - run: go test ./...
+      - name: Build ${{ matrix.goos }}-${{ matrix.arch }}
+        env:
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.arch }}
+        run: go build -o banforge-${{ matrix.goos }}-${{ matrix.arch }} ./cmd/banforge
+      - name: Upload ${{ matrix.goos }}-${{ matrix.arch }}
+        env:
+          TOKEN: ${{ secrets.TOKEN }}
+        run: |
+          TAG="${{ gitea.ref_name }}"
+          FILE="banforge-${{ matrix.goos }}-${{ matrix.arch }}"
+          curl --user d3m0k1d:$TOKEN \
+            --upload-file $FILE \
+            https://gitea.d3m0k1d.ru/api/packages/d3m0k1d/generic/banforge/$TAG/$FILE
--- a/3
+++ b/3
@@ -25,3 +25,6 @@ clean:

 test:
 	go test ./...
+
+test-cover:
+	go test -cover ./...
--- a/README.md
+++ b/README.md
@@ -1,7 +1,9 @@
 # BanForge

-Log-based IPS system written in Go for Linux based system.
+Log-based IPS system written in Go for Linux-based system.

+[![Go Reference](https://pkg.go.dev/badge/github.com/d3m0k1d/BanForge/cmd/banforge.svg)](https://pkg.go.dev/github.com/d3m0k1d/BanForge)
+[![License](https://img.shields.io/badge/license-%20%20GNU%20GPLv3%20-green?style=plastic)](https://github.com/d3m0k1d/BanForge/blob/master/LICENSE)
 # Table of contents
 1. [Overview](#overview)
 2. [Requirements](#requirements)
@@ -12,24 +14,40 @@ Log-based IPS system written in Go for Linux based system.
 # Overview
 BanForge is a simple IPS for replacement fail2ban in Linux system.
 The project is currently in its early stages of development.
-All release are available on my self-hosted [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge) because Github have limit for Actions.
+All release are available on my self-hosted [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge) because Github has limits for Actions.
 If you have any questions or suggestions, create issue on [Github](https://github.com/d3m0k1d/BanForge/issues).

 ## Roadmap
- [ ] Real-time Nginx log monitoring
+- [x] Real-time Nginx log monitoring
 - [ ] Add support for other service
 - [ ] Add support for user service with regular expressions
 - [ ] TUI interface

 # Requirements

- Go 1.21+
+- Go 1.25+
 - ufw/iptables/nftables/firewalld

 # Installation
-currently no binary file if you wanna build the project yourself, you can use [Makefile](https://github.com/d3m0k1d/BanForge/blob/master/Makefile)
+Search for a release on the [Gitea](https://gitea.d3m0k1d.ru/d3m0k1d/BanForge/releases) releases page and download it. Then create or copy a systemd unit file.
+Or clone the repo and use the Makefile.
+```
+git clone https://gitea.d3m0k1d.ru/d3m0k1d/BanForge.git
+cd BanForge
+sudo make build-daemon
+cd bin
+```

 # Usage
+For first steps use this commands
+```bash
+banforge init   # Create config files and database
+banforge daemon # Start BanForge daemon (use systemd or another init system to create a service)
+```
+You can edit the config file with examples in 
+- `/etc/banforge/config.toml` main config file
+- `/etc/banforge/rules.toml` ban rules
+For more information see the [docs](https://github.com/d3m0k1d/BanForge/docs).

 # License
 The project is licensed under the [GPL-3.0](https://github.com/d3m0k1d/BanForge/blob/master/LICENSE)
--- a/cmd/banforge/command/daemon.go
+++ b/cmd/banforge/command/daemon.go
@@ -0,0 +1,91 @@
+package command
+
+import (
+	"os"
+	"time"
+
+	"github.com/d3m0k1d/BanForge/internal/blocker"
+	"github.com/d3m0k1d/BanForge/internal/config"
+	"github.com/d3m0k1d/BanForge/internal/judge"
+	"github.com/d3m0k1d/BanForge/internal/logger"
+	"github.com/d3m0k1d/BanForge/internal/parser"
+	"github.com/d3m0k1d/BanForge/internal/storage"
+	"github.com/spf13/cobra"
+)
+
+var DaemonCmd = &cobra.Command{
+	Use:   "daemon",
+	Short: "Run BanForge daemon process",
+	Run: func(cmd *cobra.Command, args []string) {
+		log := logger.New(false)
+		log.Info("Starting BanForge daemon")
+		db, err := storage.NewDB()
+		if err != nil {
+			log.Error("Failed to create database", "error", err)
+			os.Exit(1)
+		}
+		defer func() {
+			err = db.Close()
+			if err != nil {
+				log.Error("Failed to close database connection", "error", err)
+			}
+		}()
+		cfg, err := config.LoadConfig()
+		if err != nil {
+			log.Error("Failed to load config", "error", err)
+			os.Exit(1)
+		}
+		var b blocker.BlockerEngine
+		fw := cfg.Firewall.Name
+		b = blocker.GetBlocker(fw, cfg.Firewall.Config)
+		r, err := config.LoadRuleConfig()
+		if err != nil {
+			log.Error("Failed to load rules", "error", err)
+			os.Exit(1)
+		}
+		j := judge.New(db, b)
+		j.LoadRules(r)
+		go func() {
+			ticker := time.NewTicker(5 * time.Second)
+			defer ticker.Stop()
+			for range ticker.C {
+				if err := j.ProcessUnviewed(); err != nil {
+					log.Error("Failed to process unviewed", "error", err)
+				}
+			}
+		}()
+
+		for _, svc := range cfg.Service {
+			log.Info("Processing service", "name", svc.Name, "enabled", svc.Enabled, "path", svc.LogPath)
+
+			if !svc.Enabled {
+				log.Info("Service disabled, skipping", "name", svc.Name)
+				continue
+			}
+
+			if svc.Name != "nginx" {
+				log.Info("Only nginx supported, skipping", "name", svc.Name)
+				continue
+			}
+
+			log.Info("Starting parser for service", "name", svc.Name, "path", svc.LogPath)
+
+			pars, err := parser.NewScanner(svc.LogPath)
+			if err != nil {
+				log.Error("Failed to create scanner", "service", svc.Name, "error", err)
+				continue
+			}
+
+			go pars.Start()
+			go func(p *parser.Scanner, serviceName string) {
+				log.Info("Starting nginx parser", "service", serviceName)
+				ng := parser.NewNginxParser()
+				resultCh := make(chan *storage.LogEntry, 100)
+				ng.Parse(p.Events(), resultCh)
+				go storage.Write(db, resultCh)
+			}(pars, svc.Name)
+		}
+
+		select {}
+	},
+}
--- a/cmd/banforge/command/fw.go
+++ b/cmd/banforge/command/fw.go
@@ -0,0 +1,84 @@
+package command
+
+import (
+	"fmt"
+	"net"
+	"os"
+
+	"github.com/d3m0k1d/BanForge/internal/blocker"
+	"github.com/d3m0k1d/BanForge/internal/config"
+	"github.com/spf13/cobra"
+)
+
+var (
+	ip string
+)
+var UnbanCmd = &cobra.Command{
+	Use:   "unban",
+	Short: "Unban IP",
+	Run: func(cmd *cobra.Command, args []string) {
+		cfg, err := config.LoadConfig()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fw := cfg.Firewall.Name
+		b := blocker.GetBlocker(fw, cfg.Firewall.Config)
+		if ip == "" {
+			fmt.Println("IP can't be empty")
+			os.Exit(1)
+		}
+		if net.ParseIP(ip) == nil {
+			fmt.Println("Invalid IP")
+			os.Exit(1)
+		}
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		err = b.Unban(ip)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fmt.Println("IP unblocked successfully!")
+	},
+}
+
+var BanCmd = &cobra.Command{
+	Use:   "ban",
+	Short: "Ban IP",
+	Run: func(cmd *cobra.Command, args []string) {
+
+		cfg, err := config.LoadConfig()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fw := cfg.Firewall.Name
+		b := blocker.GetBlocker(fw, cfg.Firewall.Config)
+		if ip == "" {
+			fmt.Println("IP can't be empty")
+			os.Exit(1)
+		}
+		if net.ParseIP(ip) == nil {
+			fmt.Println("Invalid IP")
+			os.Exit(1)
+		}
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		err = b.Ban(ip)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fmt.Println("IP unblocked successfully!")
+	},
+}
+
+func FwRegister() {
+	BanCmd.Flags().StringVarP(&ip, "ip", "i", "", "ip to ban")
+	UnbanCmd.Flags().StringVarP(&ip, "ip", "i", "", "ip to unban")
+}
--- a/cmd/banforge/command/init.go
+++ b/cmd/banforge/command/init.go
@@ -0,0 +1,106 @@
+package command
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/d3m0k1d/BanForge/internal/blocker"
+	"github.com/d3m0k1d/BanForge/internal/config"
+	"github.com/d3m0k1d/BanForge/internal/storage"
+	"github.com/spf13/cobra"
+)
+
+var InitCmd = &cobra.Command{
+	Use:   "init",
+	Short: "Initialize BanForge",
+	Run: func(cmd *cobra.Command, args []string) {
+		fmt.Println("Initializing BanForge...")
+
+		if _, err := os.Stat("/var/log/banforge"); err == nil {
+			fmt.Println("/var/log/banforge already exists, skipping...")
+		} else if os.IsNotExist(err) {
+			err := os.Mkdir("/var/log/banforge", 0750)
+			if err != nil {
+				fmt.Println(err)
+				os.Exit(1)
+			}
+			fmt.Println("Created /var/log/banforge")
+		} else {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		if _, err := os.Stat("/var/lib/banforge"); err == nil {
+			fmt.Println("/var/lib/banforge already exists, skipping...")
+		} else if os.IsNotExist(err) {
+			err := os.Mkdir("/var/lib/banforge", 0750)
+			if err != nil {
+				fmt.Println(err)
+				os.Exit(1)
+			}
+			fmt.Println("Created /var/lib/banforge")
+		} else {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
+		if _, err := os.Stat("/etc/banforge"); err == nil {
+			fmt.Println("/etc/banforge already exists, skipping...")
+		} else if os.IsNotExist(err) {
+			err := os.Mkdir("/etc/banforge", 0750)
+			if err != nil {
+				fmt.Println(err)
+				os.Exit(1)
+			}
+			fmt.Println("Created /etc/banforge")
+		} else {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
+		err := config.CreateConf()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fmt.Println("Config created")
+
+		err = config.FindFirewall()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		cfg, err := config.LoadConfig()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		b := blocker.GetBlocker(cfg.Firewall.Name, cfg.Firewall.Config)
+		err = b.Setup(cfg.Firewall.Config)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fmt.Println("Firewall configured")
+
+		db, err := storage.NewDB()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		err = db.CreateTable()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		defer func() {
+			err = db.Close()
+			if err != nil {
+				fmt.Println(err)
+				os.Exit(1)
+			}
+		}()
+		fmt.Println("Firewall detected and configured")
+
+		fmt.Println("BanForge initialized successfully!")
+	},
+}
--- a/cmd/banforge/command/rule.go
+++ b/cmd/banforge/command/rule.go
@@ -0,0 +1,73 @@
+package command
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/d3m0k1d/BanForge/internal/config"
+	"github.com/spf13/cobra"
+)
+
+var (
+	name    string
+	service string
+	path    string
+	status  string
+	method  string
+)
+
+var RuleCmd = &cobra.Command{
+	Use:   "rule",
+	Short: "Manage rules",
+}
+
+var AddCmd = &cobra.Command{
+	Use:   "add",
+	Short: "CLI interface for add new rule to file /etc/banforge/rules.toml",
+	Run: func(cmd *cobra.Command, args []string) {
+		if name == "" {
+			fmt.Printf("Rule name can't be empty\n")
+			os.Exit(1)
+		}
+		if service == "" {
+			fmt.Printf("Service name can't be empty\n")
+			os.Exit(1)
+		}
+		if path == "" && status == "" && method == "" {
+			fmt.Printf("At least 1 rule field must be filled in.")
+			os.Exit(1)
+		}
+
+		err := config.NewRule(name, service, path, status, method)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		fmt.Println("Rule added successfully!")
+	},
+}
+
+var ListCmd = &cobra.Command{
+	Use:   "list",
+	Short: "List rules",
+	Run: func(cmd *cobra.Command, args []string) {
+		r, err := config.LoadRuleConfig()
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		for _, rule := range r {
+			fmt.Printf("Name: %s\nService: %s\nPath: %s\nStatus: %s\nMethod: %s\n\n", rule.Name, rule.ServiceName, rule.Path, rule.Status, rule.Method)
+		}
+	},
+}
+
+func RuleRegister() {
+	RuleCmd.AddCommand(AddCmd)
+	RuleCmd.AddCommand(ListCmd)
+	AddCmd.Flags().StringVarP(&name, "name", "n", "", "rule name (required)")
+	AddCmd.Flags().StringVarP(&service, "service", "s", "", "service name")
+	AddCmd.Flags().StringVarP(&path, "path", "p", "", "request path")
+	AddCmd.Flags().StringVarP(&status, "status", "c", "", "HTTP status code")
+	AddCmd.Flags().StringVarP(&method, "method", "m", "", "HTTP method")
+}
--- a/cmd/banforge/main.go
+++ b/cmd/banforge/main.go
@@ -4,7 +4,8 @@ import (
 	"fmt"
 	"os"

-	"github.com/d3m0k1d/BanForge/internal/config"
+	"github.com/d3m0k1d/BanForge/cmd/banforge/command"
+
 	"github.com/spf13/cobra"
 )

@@ -16,40 +17,18 @@ var rootCmd = &cobra.Command{
 	},
 }

-var initCmd = &cobra.Command{
-	Use:   "init",
-	Short: "Initialize BanForge",
-	Run: func(cmd *cobra.Command, args []string) {
-		fmt.Println("Initializing BanForge...")
-		err := os.Mkdir("/var/log/banforge", 0750)
-		if err != nil {
-			fmt.Println(err)
-			os.Exit(1)
-		}
-		err = os.Mkdir("/etc/banforge", 0750)
-		if err != nil {
-			fmt.Println(err)
-			os.Exit(1)
-		}
-		err = config.CreateConf()
-		if err != nil {
-			fmt.Println(err)
-			os.Exit(1)
-		}
-		err = config.FindFirewall()
-		if err != nil {
-			fmt.Println(err)
-			os.Exit(1)
-		}
-	},
-}
-
 func Init() {

 }

 func Execute() {
-	rootCmd.AddCommand(initCmd)
+	rootCmd.AddCommand(command.DaemonCmd)
+	rootCmd.AddCommand(command.InitCmd)
+	rootCmd.AddCommand(command.RuleCmd)
+	rootCmd.AddCommand(command.BanCmd)
+	rootCmd.AddCommand(command.UnbanCmd)
+	command.RuleRegister()
+	command.FwRegister()
 	if err := rootCmd.Execute(); err != nil {
 		fmt.Println(err)
 		os.Exit(1)
--- a/docs/cli.md
+++ b/docs/cli.md
@@ -0,0 +1,51 @@
+# CLI commands BanForge
+BanForge provides a command-line interface (CLI) to manage IP blocking, 
+configure detection rules, and control the daemon process.
+## Commands
+### init - create a deps file
+
+```shell
+banforge init
+```
+
+**Description**
+This command creates the necessary directories and base configuration files 
+required for the daemon to operate.
+### daemon - Starts the BanForge daemon process
+
+```shell
+banforge daemon
+```
+
+**Description**
+This command starts the BanForge daemon process in the background. 
+The daemon continuously monitors incoming requests, detects anomalies, 
+and applies firewall rules in real-time.
+
+### firewall - Manages firewall rules
+```shell
+banforge ban <ip>
+banforge unban <ip>
+```
+
+**Description**
+These commands provide an abstraction over your firewall. If you want to simplify the interface to your firewall, you can use these commands.
+
+### rule - Manages detection rules
+
+```shell
+banforge rule add -n rule.name -c 403
+banforge rule list 
+```
+
+**Description**
+These command help you to create and manage detection rules in CLI interface.
+
+| Flag        | Required |
+| ----------- | -------- |
+| -n -name    | +        |
+| -s -service | +        |
+| -p -path    | -        |
+| -m -method  | -        |
+| -c -status  | -        |
+You must specify at least 1 of the optional flags to create a rule.
--- a/docs/config.md
+++ b/docs/config.md
--- a/go.mod
+++ b/go.mod
@@ -4,11 +4,11 @@ go 1.25.5

 require (
 	github.com/BurntSushi/toml v1.6.0
+	github.com/mattn/go-sqlite3 v1.14.33
 	github.com/spf13/cobra v1.10.2
 )

 require (
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
-	github.com/mattn/go-sqlite3 v1.14.33 // indirect
 	github.com/spf13/pflag v1.0.10 // indirect
 )
--- a/internal/blocker/firewalld.go
+++ b/internal/blocker/firewalld.go
@@ -57,3 +57,7 @@ func (f *Firewalld) Unban(ip string) error {
 	f.logger.Info("Reload " + string(output))
 	return nil
 }
+
+func (f *Firewalld) Setup(config string) error {
+	return nil
+}
--- a/internal/blocker/interface.go
+++ b/internal/blocker/interface.go
@@ -1,6 +1,28 @@
 package blocker

+import (
+	"fmt"
+
+	"github.com/d3m0k1d/BanForge/internal/logger"
+)
+
 type BlockerEngine interface {
 	Ban(ip string) error
 	Unban(ip string) error
+	Setup(config string) error
+}
+
+func GetBlocker(fw string, config string) BlockerEngine {
+	switch fw {
+	case "ufw":
+		return NewUfw(logger.New(false))
+	case "iptables":
+		return NewIptables(logger.New(false), config)
+	case "nftables":
+		return NewNftables(logger.New(false), config)
+	case "firewalld":
+		return NewFirewalld(logger.New(false))
+	default:
+		panic(fmt.Sprintf("Unknown firewall: %s", fw))
+	}
 }
--- a/internal/blocker/iptables.go
+++ b/internal/blocker/iptables.go
@@ -101,3 +101,7 @@ func (f *Iptables) Unban(ip string) error {
 		"output", string(output))
 	return nil
 }
+
+func (f *Iptables) Setup(config string) error {
+	return nil
+}
--- a/internal/blocker/ufw.go
+++ b/internal/blocker/ufw.go
@@ -55,3 +55,28 @@ func (u *Ufw) Unban(ip string) error {
 	u.logger.Info("IP unbanned", "ip", ip, "output", string(output))
 	return nil
 }
+
+func (u *Ufw) Setup(config string) error {
+	if config != "" {
+		fmt.Printf("Ufw dont support config file\n")
+		cmd := exec.Command("sudo", "ufw", "enable")
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			u.logger.Error("failed to enable ufw",
+				"error", err.Error(),
+				"output", string(output))
+			return fmt.Errorf("failed to enable ufw: %w", err)
+		}
+	}
+	if config == "" {
+		cmd := exec.Command("sudo", "ufw", "enable")
+		output, err := cmd.CombinedOutput()
+		if err != nil {
+			u.logger.Error("failed to enable ufw",
+				"error", err.Error(),
+				"output", string(output))
+			return fmt.Errorf("failed to enable ufw: %w", err)
+		}
+	}
+	return nil
+}
--- a/internal/blocker/validators_test.go
+++ b/internal/blocker/validators_test.go
@@ -0,0 +1,47 @@
+package blocker
+
+import (
+	"testing"
+)
+
+func TestValidateConfigPath(t *testing.T) {
+	tests := []struct {
+		name    string
+		input   string
+		wantErr bool
+	}{
+		{name: "empty", input: "", wantErr: true},
+		{name: "valid path", input: "/path/to/config", wantErr: false},
+		{name: "invalid path", input: "path/to/config", wantErr: true},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := validateConfigPath(tt.input)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("validateConfigPath(%q) error = %v, wantErr %v", tt.input, err, tt.wantErr)
+			}
+		})
+	}
+}
+
+func TestValidateIP(t *testing.T) {
+	tests := []struct {
+		name    string
+		input   string
+		wantErr bool
+	}{
+		{name: "empty", input: "", wantErr: true},
+		{name: "invalid IP", input: "1.1.1", wantErr: true},
+		{name: "valid IP", input: "1.1.1.1", wantErr: false},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := validateIP(tt.input)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("validateIP(%q) error = %v, wantErr %v", tt.input, err, tt.wantErr)
+			}
+		})
+	}
+}
--- a/internal/config/appconf.go
+++ b/internal/config/appconf.go
@@ -2,6 +2,7 @@ package config

 import (
 	"fmt"
+	"os"

 	"github.com/BurntSushi/toml"
 	"github.com/d3m0k1d/BanForge/internal/logger"
@@ -20,3 +21,86 @@ func LoadRuleConfig() ([]Rule, error) {
 	log.Info(fmt.Sprintf("loaded %d rules", len(cfg.Rules)))
 	return cfg.Rules, nil
 }
+
+func NewRule(Name string, ServiceName string, Path string, Status string, Method string) error {
+	r, err := LoadRuleConfig()
+	if err != nil {
+		r = []Rule{}
+	}
+	if Name == "" {
+		fmt.Printf("Rule name can't be empty\n")
+		return nil
+	}
+	r = append(r, Rule{Name: Name, ServiceName: ServiceName, Path: Path, Status: Status, Method: Method})
+	file, err := os.Create("/etc/banforge/rules.toml")
+	if err != nil {
+		return err
+	}
+	defer func() {
+		err = file.Close()
+		if err != nil {
+			fmt.Println(err)
+		}
+	}()
+	cfg := Rules{Rules: r}
+
+	err = toml.NewEncoder(file).Encode(cfg)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func EditRule(Name string, ServiceName string, Path string, Status string, Method string) error {
+	if Name == "" {
+		return fmt.Errorf("Rule name can't be empty")
+	}
+
+	r, err := LoadRuleConfig()
+	if err != nil {
+		return fmt.Errorf("rules is empty, please use 'banforge add rule' or create rules.toml")
+	}
+
+	found := false
+	for i, rule := range r {
+		if rule.Name == Name {
+			found = true
+
+			if ServiceName != "" {
+				r[i].ServiceName = ServiceName
+			}
+			if Path != "" {
+				r[i].Path = Path
+			}
+			if Status != "" {
+				r[i].Status = Status
+			}
+			if Method != "" {
+				r[i].Method = Method
+			}
+			break
+		}
+	}
+
+	if !found {
+		return fmt.Errorf("rule '%s' not found", Name)
+	}
+
+	file, err := os.Create("/etc/banforge/rules.toml")
+	if err != nil {
+		return err
+	}
+	defer func() {
+		err = file.Close()
+		if err != nil {
+			fmt.Println(err)
+		}
+	}()
+
+	cfg := Rules{Rules: r}
+	if err := toml.NewEncoder(file).Encode(cfg); err != nil {
+		return fmt.Errorf("failed to encode config: %w", err)
+	}
+
+	return nil
+}
--- a/internal/config/sysconf.go
+++ b/internal/config/sysconf.go
@@ -50,6 +50,14 @@ func CreateConf() error {
 	if err != nil {
 		return fmt.Errorf("failed to create rules file: %w", err)
 	}
+	file, err = os.Create("/var/lib/banforge/storage.db")
+	if err != nil {
+		return fmt.Errorf("failed to create database file: %w", err)
+	}
+	err = os.Chmod("/var/lib/banforge/storage.db", 0600)
+	if err != nil {
+		return fmt.Errorf("failed to set permissions: %w", err)
+	}
 	defer func() {
 		err = file.Close()
 		if err != nil {
@@ -117,3 +125,12 @@ func FindFirewall() error {

 	return fmt.Errorf("firewall not found")
 }
+
+func LoadConfig() (*Config, error) {
+	cfg := &Config{}
+	_, err := toml.DecodeFile("/etc/banforge/config.toml", cfg)
+	if err != nil {
+		return nil, fmt.Errorf("failed to decode config: %w", err)
+	}
+	return cfg, nil
+}
--- a/internal/config/template.go
+++ b/internal/config/template.go
@@ -9,8 +9,16 @@ name = ""
 config = "/etc/nftables.conf"
 ban_time = 1200

-[service]
+[[service]]
 name = "nginx"
 log_path = "/var/log/nginx/access.log"
 enabled = true
+
+[[service]]
+name = "nginx"
+log_path = "/var/log/nginx/access.log"
+enabled = false
+
 `
+
+// TODO: fix types for use 1 or any services"
--- a/internal/config/types.go
+++ b/internal/config/types.go
@@ -13,8 +13,8 @@ type Service struct {
 }

 type Config struct {
-	Firewall Firewall `toml:"firewall"`
-	Service  Service  `toml:"service"`
+	Firewall Firewall  `toml:"firewall"`
+	Service  []Service `toml:"service"`
 }

 // Rules
--- a/internal/judge/judge.go
+++ b/internal/judge/judge.go
@@ -1,4 +1,4 @@
-package Judge
+package judge

 import (
 	"fmt"
@@ -12,15 +12,16 @@ import (
 type Judge struct {
 	db             *storage.DB
 	logger         *logger.Logger
-	Blocker        *blocker.BlockerEngine
+	Blocker        blocker.BlockerEngine
 	rulesByService map[string][]config.Rule
 }

-func New(db *storage.DB) *Judge {
+func New(db *storage.DB, b blocker.BlockerEngine) *Judge {
 	return &Judge{
 		db:             db,
 		logger:         logger.New(false),
 		rulesByService: make(map[string][]config.Rule),
+		Blocker:        b,
 	}
 }

@@ -35,11 +36,11 @@ func (j *Judge) LoadRules(rules []config.Rule) {
 	j.logger.Info("Rules loaded and indexed by service")
 }

-func (j *Judge) ProcessUnviewed() ([]storage.LogEntry, error) {
+func (j *Judge) ProcessUnviewed() error {
 	rows, err := j.db.SearchUnViewed()
 	if err != nil {
 		j.logger.Error(fmt.Sprintf("Failed to query database: %v", err))
-		return nil, err
+		return err
 	}
 	defer func() {
 		err = rows.Close()
@@ -48,8 +49,6 @@ func (j *Judge) ProcessUnviewed() ([]storage.LogEntry, error) {
 		}
 	}()

-	var entries []storage.LogEntry
-
 	for rows.Next() {
 		var entry storage.LogEntry
 		err = rows.Scan(&entry.ID, &entry.Service, &entry.IP, &entry.Path, &entry.Status, &entry.Method, &entry.IsViewed, &entry.CreatedAt)
@@ -57,13 +56,37 @@ func (j *Judge) ProcessUnviewed() ([]storage.LogEntry, error) {
 			j.logger.Error(fmt.Sprintf("Failed to scan database row: %v", err))
 			continue
 		}
-		entries = append(entries, entry)
+
+		rules, serviceExists := j.rulesByService[entry.Service]
+		if serviceExists {
+			for _, rule := range rules {
+				if (rule.Method == "" || entry.Method == rule.Method) &&
+					(rule.Status == "" || entry.Status == rule.Status) &&
+					(rule.Path == "" || entry.Path == rule.Path) {
+
+					j.logger.Info(fmt.Sprintf("Rule matched for IP: %s, Service: %s", entry.IP, entry.Service))
+					err = j.Blocker.Ban(entry.IP)
+					if err != nil {
+						j.logger.Error(fmt.Sprintf("Failed to ban IP: %v", err))
+					}
+					j.logger.Info(fmt.Sprintf("IP banned: %s", entry.IP))
+					break
+				}
+			}
+		}
+
+		err = j.db.MarkAsViewed(entry.ID)
+		if err != nil {
+			j.logger.Error(fmt.Sprintf("Failed to mark entry as viewed: %v", err))
+		} else {
+			j.logger.Info(fmt.Sprintf("Entry marked as viewed: ID=%d", entry.ID))
+		}
 	}

 	if err = rows.Err(); err != nil {
 		j.logger.Error(fmt.Sprintf("Error iterating rows: %v", err))
-		return nil, err
+		return err
 	}

-	return entries, nil
+	return nil
 }
--- a/internal/parser/NginxParser.go
+++ b/internal/parser/NginxParser.go
@@ -35,12 +35,14 @@ func (p *NginxParser) Parse(eventCh <-chan Event, resultCh chan<- *storage.LogEn
 			method := matches[3]

 			resultCh <- &storage.LogEntry{
-				Service: "nginx",
-				IP:      matches[1],
-				Path:    &path,
-				Status:  &status,
-				Method:  &method,
+				Service:  "nginx",
+				IP:       matches[1],
+				Path:     path,
+				Status:   status,
+				Method:   method,
+				IsViewed: false,
 			}
+			p.logger.Info("Parsed nginx log entry", "ip", matches[1], "path", path, "status", status, "method", method)
 		}
 	}()
 }
--- a/internal/parser/parser.go
+++ b/internal/parser/parser.go
@@ -52,6 +52,7 @@ func (s *Scanner) Start() {
 					s.ch <- Event{
 						Data: s.scanner.Text(),
 					}
+					s.logger.Info("Scanner event", "data", s.scanner.Text())
 				} else {
 					if err := s.scanner.Err(); err != nil {
 						s.logger.Error("Scanner error")
--- a/internal/storage/db.go
+++ b/internal/storage/db.go
@@ -13,10 +13,14 @@ type DB struct {
 }

 func NewDB() (*DB, error) {
-	db, err := sql.Open("sqlite3", "/var/lib/banforge/storage.db")
+	db, err := sql.Open("sqlite3", "/var/lib/banforge/storage.db?mode=rwc&_journal_mode=WAL&_busy_timeout=10000&cache=shared")
 	if err != nil {
 		return nil, err
 	}
+
+	if err := db.Ping(); err != nil {
+		return nil, err
+	}
 	return &DB{
 		logger: logger.New(false),
 		db:     db,
@@ -49,3 +53,12 @@ func (d *DB) SearchUnViewed() (*sql.Rows, error) {
 	}
 	return rows, nil
 }
+
+func (d *DB) MarkAsViewed(id int) error {
+	_, err := d.db.Exec("UPDATE requests SET viewed = 1 WHERE id = ?", id)
+	if err != nil {
+		d.logger.Error("Failed to mark as viewed", "error", err)
+		return err
+	}
+	return nil
+}
--- a/internal/storage/db_test.go
+++ b/internal/storage/db_test.go
@@ -0,0 +1,177 @@
+package storage
+
+import (
+	"database/sql"
+	"github.com/d3m0k1d/BanForge/internal/logger"
+	_ "github.com/mattn/go-sqlite3"
+	"os"
+	"path/filepath"
+	"testing"
+	"time"
+)
+
+func createTestDB(t *testing.T) *sql.DB {
+	tmpDir, err := os.MkdirTemp("", "banforge-test-*")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	filePath := filepath.Join(tmpDir, "test.db")
+	db, err := sql.Open("sqlite3", filePath)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	t.Cleanup(func() {
+		db.Close()
+		os.RemoveAll(tmpDir)
+	})
+
+	return db
+}
+
+func createTestDBStruct(t *testing.T) *DB {
+	tmpDir, err := os.MkdirTemp("", "banforge-test-*")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	filePath := filepath.Join(tmpDir, "test.db")
+	sqlDB, err := sql.Open("sqlite3", filePath)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	t.Cleanup(func() {
+		sqlDB.Close()
+		os.RemoveAll(tmpDir)
+	})
+
+	return &DB{
+		logger: logger.New(false),
+		db:     sqlDB,
+	}
+}
+
+func TestCreateTable(t *testing.T) {
+	d := createTestDBStruct(t)
+
+	err := d.CreateTable()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	rows, err := d.db.Query("SELECT 1 FROM requests LIMIT 1")
+	if err != nil {
+		t.Fatal("requests table should exist:", err)
+	}
+	rows.Close()
+
+	rows, err = d.db.Query("SELECT 1 FROM bans LIMIT 1")
+	if err != nil {
+		t.Fatal("bans table should exist:", err)
+	}
+	rows.Close()
+}
+
+func TestMarkAsViewed(t *testing.T) {
+	d := createTestDBStruct(t)
+
+	err := d.CreateTable()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = d.db.Exec(
+		"INSERT INTO requests (service, ip, path, method, status, created_at) VALUES (?, ?, ?, ?, ?, ?)",
+		"test",
+		"127.0.0.1",
+		"/test",
+		"GET",
+		"200",
+		time.Now().Format(time.RFC3339),
+	)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = d.MarkAsViewed(1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	var isViewed bool
+	err = d.db.QueryRow("SELECT viewed FROM requests WHERE id = 1").Scan(&isViewed)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !isViewed {
+		t.Fatal("viewed should be true")
+	}
+}
+
+func TestSearchUnViewed(t *testing.T) {
+	d := createTestDBStruct(t)
+
+	err := d.CreateTable()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	for i := 0; i < 2; i++ {
+		_, err := d.db.Exec(
+			"INSERT INTO requests (service, ip, path, method, status, created_at) VALUES (?, ?, ?, ?, ?, ?)",
+			"test",
+			"127.0.0.1",
+			"/test",
+			"GET",
+			"200",
+			time.Now().Format(time.RFC3339),
+		)
+		if err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	rows, err := d.SearchUnViewed()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer rows.Close()
+
+	count := 0
+	for rows.Next() {
+		var id int
+		var service, ip, path, status, method string
+		var viewed bool
+		var createdAt string
+
+		err := rows.Scan(&id, &service, &ip, &path, &status, &method, &viewed, &createdAt)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if viewed {
+			t.Fatal("should be unviewed")
+		}
+
+		count++
+	}
+
+	if err := rows.Err(); err != nil {
+		t.Fatal(err)
+	}
+
+	if count != 2 {
+		t.Fatalf("expected 2 unviewed requests, got %d", count)
+	}
+}
+
+func TestClose(t *testing.T) {
+	d := createTestDBStruct(t)
+
+	err := d.Close()
+	if err != nil {
+		t.Fatal(err)
+	}
+}
--- a/internal/storage/models.go
+++ b/internal/storage/models.go
@@ -1,19 +1,19 @@
 package storage

 type LogEntry struct {
-	ID        int     `db:"id"`
-	Service   string  `db:"service"`
-	IP        string  `db:"ip"`
-	Path      *string `db:"path"`
-	Status    *string `db:"status"`
-	Method    *string `db:"method"`
-	IsViewed  *bool   `db:"viewed"`
-	CreatedAt string  `db:"created_at"`
+	ID        int    `db:"id"`
+	Service   string `db:"service"`
+	IP        string `db:"ip"`
+	Path      string `db:"path"`
+	Status    string `db:"status"`
+	Method    string `db:"method"`
+	IsViewed  bool   `db:"viewed"`
+	CreatedAt string `db:"created_at"`
 }

 type Ban struct {
-	ID       int     `db:"id"`
-	IP       string  `db:"ip"`
-	Reason   *string `db:"reason"`
-	BannedAt string  `db:"banned_at"`
+	ID       int    `db:"id"`
+	IP       string `db:"ip"`
+	Reason   string `db:"reason"`
+	BannedAt string `db:"banned_at"`
 }
--- a/internal/storage/writer.go
+++ b/internal/storage/writer.go
@@ -6,28 +6,13 @@ import (

 func Write(db *DB, resultCh <-chan *LogEntry) {
 	for result := range resultCh {
-		path := ""
-		if result.Path != nil {
-			path = *result.Path
-		}
-
-		status := ""
-		if result.Status != nil {
-			status = *result.Status
-		}
-
-		method := ""
-		if result.Method != nil {
-			method = *result.Method
-		}
-
 		_, err := db.db.Exec(
 			"INSERT INTO requests (service, ip, path, method, status, created_at) VALUES (?, ?, ?, ?, ?, ?)",
 			result.Service,
 			result.IP,
-			path,
-			method,
-			status,
+			result.Path,
+			result.Method,
+			result.Status,
 			time.Now().Format(time.RFC3339),
 		)
 		if err != nil {
--- a/internal/storage/writer_test.go
+++ b/internal/storage/writer_test.go
@@ -0,0 +1,40 @@
+package storage
+
+import (
+	"testing"
+	"time"
+)
+
+func TestWrite(t *testing.T) {
+	var ip string
+	d := createTestDBStruct(t)
+
+	err := d.CreateTable()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	resultCh := make(chan *LogEntry)
+
+	go Write(d, resultCh)
+
+	resultCh <- &LogEntry{
+		Service: "test",
+		IP:      "127.0.0.1",
+		Path:    "/test",
+		Method:  "GET",
+		Status:  "200",
+	}
+
+	close(resultCh)
+
+	time.Sleep(100 * time.Millisecond)
+
+	err = d.db.QueryRow("SELECT ip FROM requests LIMIT 1").Scan(&ip)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if ip != "127.0.0.1" {
+		t.Fatal("ip should be 127.0.0.1")
+	}
+}
Author	SHA1	Message	Date
d3m0k1d	1603fbee35	feat: add simple setup func to blockerengine, fix init and db, version for realease v0.2.0 All checks were successful CD - BanForge Release / release (push) Successful in 20s Details CI.yml / build (push) Successful in 2m1s Details CD - BanForge Release / build (amd64, linux) (push) Successful in 3m3s Details CD - BanForge Release / build (arm64, linux) (push) Successful in 2m52s Details	2026-01-15 19:14:44 +03:00
d3m0k1d	bbb152dfb8	docs: typo and update readme.md All checks were successful CI.yml / build (push) Successful in 1m56s Details	2026-01-15 18:16:54 +03:00
d3m0k1d	a7b79d0e27	docs: typo All checks were successful CI.yml / build (push) Successful in 1m55s Details	2026-01-15 18:14:04 +03:00
d3m0k1d	eaf276bd3f	docs: Add new docs and fix rule command All checks were successful CI.yml / build (push) Successful in 1m53s Details	2026-01-15 18:06:48 +03:00
d3m0k1d	14c6c64989	tests: update makefile and add test for validators and writter All checks were successful CI.yml / build (push) Successful in 2m20s Details	2026-01-15 17:27:46 +03:00
d3m0k1d	623bd87b4c	tests: Add tests for storage package All checks were successful CI.yml / build (push) Successful in 1m54s Details	2026-01-15 17:01:49 +03:00
d3m0k1d	7d9645b3e3	refactoring(cmd/banforge/main.go): command logic on command dir in different files All checks were successful CI.yml / build (push) Successful in 1m49s Details	2026-01-14 21:52:13 +03:00
d3m0k1d	bf6ff50da8	fix: fix go bage url All checks were successful CI.yml / build (push) Successful in 1m47s Details	2026-01-14 20:56:44 +03:00
d3m0k1d	85f6919bda	docs: Add bages to readme All checks were successful CI.yml / build (push) Successful in 1m48s Details	2026-01-14 20:54:42 +03:00
d3m0k1d	7a7f57f5ae	feat: add new command to control firewall in banfogre interface All checks were successful CI.yml / build (push) Successful in 1m44s Details	2026-01-14 17:47:29 +03:00
d3m0k1d	36508201ad	feat: Add rule control command to cli interface All checks were successful CI.yml / build (push) Successful in 1m46s Details	2026-01-14 17:20:08 +03:00
d3m0k1d	3cb9bcbcf3	docs(README.md): update docs for first realease version All checks were successful CI.yml / build (push) Successful in 1m51s Details	2026-01-14 15:32:26 +03:00
d3m0k1d	8b6dc88233	chore: fix cd All checks were successful CD - BanForge Release / release (push) Successful in 28s Details CI.yml / build (push) Successful in 3m43s Details CD - BanForge Release / build (amd64, linux) (push) Successful in 3m8s Details CD - BanForge Release / build (arm64, linux) (push) Successful in 2m8s Details	2026-01-14 14:40:48 +03:00
d3m0k1d	511b708737	chore: fix cd from fratifact to generic pakage All checks were successful CD - BanForge Release / release (push) Successful in 31s Details CI.yml / build (push) Successful in 3m24s Details CD - BanForge Release / build (amd64, linux) (push) Successful in 2m53s Details CD - BanForge Release / build (arm64, linux) (push) Successful in 2m41s Details	2026-01-14 14:21:31 +03:00
d3m0k1d	803e9db7b4	chore: fix one more time All checks were successful CI.yml / build (push) Successful in 1m41s Details	2026-01-14 01:45:43 +03:00
d3m0k1d	12c40a5748	chore: Add upload artifacts All checks were successful CI.yml / build (push) Successful in 1m45s Details	2026-01-14 01:41:36 +03:00
d3m0k1d	24fe951e49	fix: judge creator, daemon logic All checks were successful CI.yml / build (push) Successful in 1m45s Details feat: first version for alpha test daemon on server fix: add second template for fix bug with slice Fix: add chek if path exists Fix: template one more time feat: Add file db on init command feat: add create dit feat: Add to init command create table to db feat: Add new logs for debug on server feat: Add CD, first release version chore:fix cd fix: change artifact ver from v4->v2 fix: ci one more time fix: ci	2026-01-14 01:21:30 +03:00
d3m0k1d	2d699af630	feat: add base daemon cli command Some checks failed CI.yml / build (push) Failing after 1m37s Details	2026-01-13 21:28:16 +03:00
d3m0k1d	17faaa5c27	Fix errchecl All checks were successful CI.yml / build (push) Successful in 1m45s Details	2026-01-13 21:03:50 +03:00
d3m0k1d	f0180b4bbe	feat: fix db and recode judge	2026-01-13 21:03:10 +03:00