From 526b1c72728769de98abd1d77cb7f7b7c97fb10b Mon Sep 17 00:00:00 2001
From: Hector <dev@hsmith.org>
Date: Fri, 27 Aug 2021 16:22:05 +0100
Subject: [PATCH] fix: update banned metrics to exclude expired bans

Update the database query counting the number of banned IPs to filter out
any bans that have already expired. An expired ban is defined as a ban
where the "time of ban" plus the "duration of ban" is less than the
current time.
This is necessary because bans that have expired are not automatically
removed from the database and will cause metrics to diverge from the counts
reported by `fail2ban-client`.
---
 src/db/db.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/db/db.go b/src/db/db.go
index e4f8974..27ed7d3 100644
--- a/src/db/db.go
+++ b/src/db/db.go
@@ -7,7 +7,7 @@ import (
 )
 
 const queryBadIpsPerJail = "SELECT j.name, (SELECT COUNT(1) FROM bips b WHERE j.name = b.jail) FROM jails j"
-const queryBannedIpsPerJail = "SELECT j.name, (SELECT COUNT(1) FROM bans b WHERE j.name = b.jail) FROM jails j"
+const queryBannedIpsPerJail = "SELECT j.name, (SELECT COUNT(1) FROM bans b WHERE j.name = b.jail AND b.timeofban + b.bantime >= strftime('%s','now') + 0) FROM jails j"
 const queryJailNameToEnabled = "SELECT j.name, j.enabled FROM jails j"
 
 type Fail2BanDB struct {