mirror of
https://github.com/jrbrtsn/ban2fail
synced 2024-06-07 23:50:08 +00:00
Added summary count of blocked addresses.
This commit is contained in:
parent
b8d49ee7ed
commit
20f48adc64
105
ban2fail.c
105
ban2fail.c
@ -79,6 +79,14 @@ static int whitelist_init(CFGMAP *h_cfgmap, char *symStr);
|
|||||||
/*==================================================================*/
|
/*==================================================================*/
|
||||||
/*========================= static data ============================*/
|
/*========================= static data ============================*/
|
||||||
/*==================================================================*/
|
/*==================================================================*/
|
||||||
|
static const struct bitTuple GlobalFlagBitTuples[]= {
|
||||||
|
{.name= "GLB_VERBOSE_FLG", .bit= GLB_VERBOSE_FLG},
|
||||||
|
{.name= "GLB_LIST_ADDR_FLG", .bit= GLB_LIST_ADDR_FLG},
|
||||||
|
{.name= "GLB_LIST_CNTRY_FLG", .bit= GLB_LIST_CNTRY_FLG},
|
||||||
|
{.name= "GLB_DONT_IPTABLE_FLG", .bit= GLB_DONT_IPTABLE_FLG},
|
||||||
|
{/* Terminating member */}
|
||||||
|
};
|
||||||
|
|
||||||
struct Global G= {
|
struct Global G= {
|
||||||
.cacheDir= CACHEDIR,
|
.cacheDir= CACHEDIR,
|
||||||
.lockPath= LOCKPATH,
|
.lockPath= LOCKPATH,
|
||||||
@ -86,8 +94,10 @@ struct Global G= {
|
|||||||
.version= {
|
.version= {
|
||||||
.major= 0,
|
.major= 0,
|
||||||
.minor= 10,
|
.minor= 10,
|
||||||
.patch= 3
|
.patch= 4
|
||||||
}
|
},
|
||||||
|
|
||||||
|
.bitTuples.flags= GlobalFlagBitTuples
|
||||||
};
|
};
|
||||||
|
|
||||||
const static struct initInfo S_initInfo_arr[] = {
|
const static struct initInfo S_initInfo_arr[] = {
|
||||||
@ -96,7 +106,6 @@ const static struct initInfo S_initInfo_arr[] = {
|
|||||||
{/* Terminating member */}
|
{/* Terminating member */}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
static const struct bitTuple BlockBitTuples[]= {
|
static const struct bitTuple BlockBitTuples[]= {
|
||||||
{.name= "BLOCKED", .bit= BLOCKED_FLG},
|
{.name= "BLOCKED", .bit= BLOCKED_FLG},
|
||||||
{.name= "+WouldBLOCK+", .bit= WOULD_BLOCK_FLG},
|
{.name= "+WouldBLOCK+", .bit= WOULD_BLOCK_FLG},
|
||||||
@ -105,6 +114,7 @@ static const struct bitTuple BlockBitTuples[]= {
|
|||||||
{/* Terminating member */}
|
{/* Terminating member */}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
/*================ Local only static struct ======================*/
|
/*================ Local only static struct ======================*/
|
||||||
static struct {
|
static struct {
|
||||||
|
|
||||||
@ -338,7 +348,7 @@ main(int argc, char **argv)
|
|||||||
MAP_visitAllEntries(&G.logType_map, (int(*)(void*,void*))LOGTYPE_map_addr, &S.addr2logEntry_map);
|
MAP_visitAllEntries(&G.logType_map, (int(*)(void*,void*))LOGTYPE_map_addr, &S.addr2logEntry_map);
|
||||||
unsigned nItems= MAP_numItems(&S.addr2logEntry_map);
|
unsigned nItems= MAP_numItems(&S.addr2logEntry_map);
|
||||||
|
|
||||||
{
|
{ /*--- extra scope for dynamic leArr ---*/
|
||||||
LOGENTRY *leArr[nItems];
|
LOGENTRY *leArr[nItems];
|
||||||
MAP_fetchAllItems(&S.addr2logEntry_map, (void**)leArr);
|
MAP_fetchAllItems(&S.addr2logEntry_map, (void**)leArr);
|
||||||
qsort(leArr, nItems, sizeof(LOGENTRY*), logentry_count_qsort);
|
qsort(leArr, nItems, sizeof(LOGENTRY*), logentry_count_qsort);
|
||||||
@ -388,39 +398,7 @@ main(int argc, char **argv)
|
|||||||
|
|
||||||
} /*--- End of LOGENTRY processing ---*/
|
} /*--- End of LOGENTRY processing ---*/
|
||||||
|
|
||||||
/* Take care of summary blocking and reporting */
|
unsigned currBlocked= MAP_numItems(&S.addr2logEntry_map);
|
||||||
unsigned n2Block= PTRVEC_numItems(&S.toBlock_vec);
|
|
||||||
unsigned n2Unblock= PTRVEC_numItems(&S.toUnblock_vec);
|
|
||||||
|
|
||||||
if(!(G.flags & GLB_DONT_IPTABLE_FLG)) {
|
|
||||||
|
|
||||||
if(n2Block) {
|
|
||||||
|
|
||||||
if(IPTABLES_block_addresses(&S.toBlock_vec, 10)) {
|
|
||||||
eprintf("ERROR: cannot block addresses!");
|
|
||||||
goto abort;
|
|
||||||
}
|
|
||||||
printf("Blocked %u new hosts\n", n2Block);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(n2Unblock) {
|
|
||||||
|
|
||||||
if(IPTABLES_unblock_addresses(&S.toUnblock_vec, 10)) {
|
|
||||||
eprintf("ERROR: cannot unblock addresses!");
|
|
||||||
goto abort;
|
|
||||||
}
|
|
||||||
printf("Unblocked %u hosts\n", n2Unblock);
|
|
||||||
}
|
|
||||||
|
|
||||||
} else {
|
|
||||||
|
|
||||||
if(n2Block)
|
|
||||||
printf("Would block %u new hosts\n", n2Block);
|
|
||||||
|
|
||||||
if(n2Unblock)
|
|
||||||
printf("Would unblock %u new hosts\n", n2Unblock);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/* List offenses by country if directed to do so */
|
/* List offenses by country if directed to do so */
|
||||||
if(G.flags & GLB_LIST_CNTRY_FLG) {
|
if(G.flags & GLB_LIST_CNTRY_FLG) {
|
||||||
@ -450,10 +428,63 @@ main(int argc, char **argv)
|
|||||||
, cs->nAddr
|
, cs->nAddr
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(G.flags & GLB_PRINT_MASK) {
|
||||||
|
ez_fprintf(stdout,
|
||||||
|
"===============================================\n"
|
||||||
|
"%6u addresses currently blocked.\n"
|
||||||
|
, currBlocked
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
/* Take care of summary blocking and reporting */
|
||||||
|
unsigned n2Block= PTRVEC_numItems(&S.toBlock_vec);
|
||||||
|
unsigned n2Unblock= PTRVEC_numItems(&S.toUnblock_vec);
|
||||||
|
|
||||||
|
if(G.flags & GLB_PRINT_MASK)
|
||||||
|
ez_fprintf(stdout, "===============================================\n");
|
||||||
|
|
||||||
|
if(!(G.flags & GLB_DONT_IPTABLE_FLG)) {
|
||||||
|
|
||||||
|
if(n2Block) {
|
||||||
|
|
||||||
|
if(IPTABLES_block_addresses(&S.toBlock_vec, 10)) {
|
||||||
|
eprintf("ERROR: cannot block addresses!");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
ez_fprintf(stdout, "Blocked %u new hosts\n", n2Block);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(n2Unblock) {
|
||||||
|
|
||||||
|
if(IPTABLES_unblock_addresses(&S.toUnblock_vec, 10)) {
|
||||||
|
eprintf("ERROR: cannot unblock addresses!");
|
||||||
|
goto abort;
|
||||||
|
}
|
||||||
|
ez_fprintf(stdout, "Unblocked %u hosts\n", n2Unblock);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
if(n2Block)
|
||||||
|
ez_fprintf(stdout, "Would block %u new hosts\n", n2Block);
|
||||||
|
|
||||||
|
if(n2Unblock)
|
||||||
|
ez_fprintf(stdout, "Would unblock %u new hosts\n", n2Unblock);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(G.flags & GLB_PRINT_MASK)
|
||||||
|
ez_fprintf(stdout, "%6u addresses currently blocked.\n" , currBlocked + n2Block - n2Unblock);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
rtn= EXIT_SUCCESS;
|
rtn= EXIT_SUCCESS;
|
||||||
abort:
|
abort:
|
||||||
|
|
||||||
|
@ -65,6 +65,10 @@ extern struct Global {
|
|||||||
minor,
|
minor,
|
||||||
patch;
|
patch;
|
||||||
} version;
|
} version;
|
||||||
|
|
||||||
|
struct {
|
||||||
|
const struct bitTuple *flags;
|
||||||
|
} bitTuples;
|
||||||
|
|
||||||
} G;
|
} G;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user