Banned ip notification by mail, push notification etc

Configuration
1

hello,

i have set up the ip ban by limit of attempts:

/homeassistant/configuration.yaml

  ip_ban_enabled: true
  login_attempts_threshold: 10

if someone tries to log in 10 times in a row and fails all 10 times it automatically bans access from their ip by listing it in the file.

/homeassistant/ip_bans.yaml

83.48.127.31:
  banned_at: '2024-06-18T23:17:40.909765+00:00'

When this happens on the HA website I get a notification of IP banned but I wanted to send me an email or a push notification to the app and I don’t know how to do this automatically.

Is it possible to make an automatism every time a file is modified, or how can I do it?

2

nobody knows?

3

nobody knows?

4

State trigger on file sensor?

5

I get a persistent notification when an IP gets banned, you could trigger an automation from that ?

6

That’s exactly what I was asking… :slight_smile:

7

Does no one know of another method?

8

Does no one know of another method that is simpler or explained in more detail? I have not been able to understand it.

9

Can you post a copy of the persistent notification you get ?

10

Here you can see the 2 notifications that I receive when there are too many access attempts.

image
image672×827 56.3 KB

One of them is the one that interests me, that of IP blocking.

image
image616×739 29.6 KB

What it does is to fix the banned IP in a file.

image
image937×763 20.1 KB

I would like to receive an alert on my cell phone in real time, and not just a notification within the HA website but I don’t know how to generate the trigger for this automatism.

11

Does this do what you want

I tried it and can’t test it as not got any notifications, this is copied from the UI automation editor:

alias: Too Many Login Attempts Notification
description: ""
trigger:
  - platform: persistent_notification
    update_type:
      - added
    notification_id: ""
condition:
  - condition: template
    value_template: >-
      {% set message = trigger.notification.message %} 
      {{'Too many login attempts' in message or 'invalid authentication' in message or 'login attempt' in message}}
action:
  - action: notify.mobile_app_phone
    data:
      title: |
        {% set title = trigger.notification.title %}
        {{title}}
      message: >
        {% set message = trigger.notification.message %}
        {% set now = now().strftime('%d %b: %X') %} {% if 'Too many login attempts' in message %}
          Login notification: {{now}}: {{message}}
        {% elif 'invalid authentication' in message or 'login attempt' in message %}
          Login notification: {{now}}: {{message}}
          Track offending ip on http://www.ip-tracker.org/locator/ip-lookup.php?ip={{message.split('from ')[1]}}
        {% else %}
          Login notification other: {{now}}: {{message}}
        {% endif %}
mode: single
12

indeed your solution works correctly.

Based on your solution I have created 2 warnings, one warning me of failed logins:

alias: Aviso - Logueo - Incorrecto - Por acceso
description: ""
trigger:
  - platform: persistent_notification
    update_type:
      - added
    notification_id: ""
condition:
  - condition: template
    value_template: >-
      {% set message = trigger.notification.message %}  {{'invalid
      authentication' in message or 'login attempt' in message}}
action:
  - action: script.aviso_logueo_incorrecto
    data: {}
mode: single

and another one that warns me about ip bans.

alias: Aviso - Logueo - Incorrecto Baneo - Por accesos
description: ""
trigger:
  - platform: persistent_notification
    update_type:
      - added
    notification_id: ""
condition:
  - condition: template
    value_template: >-
      {% set message = trigger.notification.message %}  {{'Too many login
      attempts' in message}}
action:
  - action: script.aviso_logueo_incorrecto_baneo
    data: {}
mode: single
13

All credit should go to @Mariusthvdb

You could do that in one automation if you use choose

1 Like