atmos
/
ban2fail
mirror of https://github.com/jrbrtsn/ban2fail
1
1
Fork 0
Code Issues Releases Wiki Activity

Prepare for refactor

This commit is contained in:
john 2019-12-01 17:18:43 -05:00
parent 5e133d66f4
commit 40c82821ca
3 changed files with 63 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
ban2fail.c
View File

@ -159,6 +159,7 @@ main(int argc, char **argv)
/* Prepare static data */
// global
MAP_constructor(&G.logType_map, 10, 10);
PTRVEC_constructor(&G.rpt.addr_vec, 100);
// local
MAP_constructor(&S.addr2logEntry_map, N_ADDRESSES_HINT/BUCKET_DEPTH_HINT, BUCKET_DEPTH_HINT);
@ -243,7 +244,8 @@ main(int argc, char **argv)
if(errflg) {
ez_fprintf(stderr,
"ban2fail v%d.%d.%d Usage:\n"
"%s [options] [-t confFile]\n"
"%s [options] [-t confFile] [addr1 addr2 ...]\n"
" addr1 ... print offending lines from logfiles for these addresses\n"
" --help\tprint this usage message.\n"
" -a[+]\t\tList results by Address. '+' to perform DNS reverse lookups.\n"
" -c\t\tlist results by Country\n"
@ -258,6 +260,14 @@ main(int argc, char **argv)
goto abort;
}
/* Pick up addresses on command line */
for(; optind < argc; ++optind) {
// TODO: instantiate address report objects
eprintf("arg %d= \"%s\"", optind, argv[optind]);
}
} /* Done with command line arguments */
/* Make sure we will be able to run iptables */
@ -296,17 +306,17 @@ main(int argc, char **argv)
}
/* Default sending listing to stdout */
G.listing_fh= stdout;
G.rpt.fh= stdout;
#ifndef DEBUG
/* if stdout is a tty, and listing is likely
* to be long, then use $PAGER.
*/
if(G.flags & GLB_LONG_LISTING_FLG && isatty(fileno(G.listing_fh))) {
if(G.flags & GLB_LONG_LISTING_FLG && isatty(fileno(G.rpt.fh))) {
S.flags |= PAGER_RUNNING_FLG;
G.listing_fh= pager_open();
G.rpt.fh= pager_open();
}
#endif
assert(G.listing_fh);
assert(G.rpt.fh);
/* Open our cache, instance file-specific LOGTYPE objects */
{ /*=============================================================*/
@ -320,12 +330,12 @@ main(int argc, char **argv)
}
if(G.flags & GLB_LONG_LISTING_FLG) {
ez_fprintf(G.listing_fh, "=============== ban2fail v%d.%d.%d =============\n"
ez_fprintf(G.rpt.fh, "=============== ban2fail v%d.%d.%d =============\n"
, G.version.major
, G.version.minor
, G.version.patch
);
fflush(G.listing_fh);
fflush(G.rpt.fh);
}
/* Implement configuration */
@ -337,8 +347,8 @@ main(int argc, char **argv)
}
if(G.flags & GLB_VERBOSE_FLG) { /* Warn about unused symbols */
CFGMAP_print_unused_symbols(&S.cfgmap, G.listing_fh);
fflush(G.listing_fh);
CFGMAP_print_unused_symbols(&S.cfgmap, G.rpt.fh);
fflush(G.rpt.fh);
}
/* Just leave the S.cfgmap in place, so all the value strings
@ -401,12 +411,12 @@ main(int argc, char **argv)
/* Number of items in map is number of unique addresses */
nAddrFound= MAP_numItems(&map);
ez_fprintf(G.listing_fh,
ez_fprintf(G.rpt.fh,
"===== Found %u total offenses (%u addresses) =====\n"
, nOffFound
, nAddrFound
);
fflush(G.listing_fh);
fflush(G.rpt.fh);
/* Clean up map used for counting */
MAP_clearAndDestroy(&map, (void*(*)(void*))LOGENTRY_destructor);
@ -437,14 +447,14 @@ main(int argc, char **argv)
/* Special processing for DNS lookups */
if(G.flags & GLB_DNS_LOOKUP_FLG) {
ez_fprintf(G.listing_fh, "Performing DNS lookups for up to %d seconds ...\n", DFLT_DNS_PAUSE_SEC);
fflush(G.listing_fh);
ez_fprintf(G.rpt.fh, "Performing DNS lookups for up to %d seconds ...\n", DFLT_DNS_PAUSE_SEC);
fflush(G.rpt.fh);
int64_t begin_ms= clock_gettime_ms(CLOCK_REALTIME);
int rc= PDNS_lookup(S.lePtrArr, nItems, DFLT_DNS_PAUSE_SEC*1000);
assert(-1 != rc);
int64_t ms= clock_gettime_ms(CLOCK_REALTIME) - begin_ms;
ez_fprintf(G.listing_fh, "\t==> Completed %d of %u lookups in %.1f seconds\n", rc, nItems, (double)ms/1000.);
ez_fprintf(G.rpt.fh, "\t==> Completed %d of %u lookups in %.1f seconds\n", rc, nItems, (double)ms/1000.);
}
/* Process each LOGENTRY item */
@ -494,7 +504,7 @@ main(int argc, char **argv)
const static char *dns_fmt= "%-15s\t%5u/%-4d offenses %s [%s] %s %s\n",
*fmt= "%-15s\t%5u/%-4d offenses %s [%s]\n";
ez_fprintf(G.listing_fh, e->dns.flags ? dns_fmt : fmt
ez_fprintf(G.rpt.fh, e->dns.flags ? dns_fmt : fmt
, e->addr
, e->count
, nAllowed
@ -533,16 +543,16 @@ main(int argc, char **argv)
for(unsigned i= 0; i < vec_sz; ++i) {
struct cntryStat *cs= rtn_vec[i];
ez_fprintf(G.listing_fh, "%2s %5u blocked addresses\n"
ez_fprintf(G.rpt.fh, "%2s %5u blocked addresses\n"
, cs->cntry[0] ? cs->cntry : "--"
, cs->nAddr
);
}
ez_fprintf(G.listing_fh, "===============================================\n");
ez_fprintf(G.rpt.fh, "===============================================\n");
}
ez_fprintf(G.listing_fh, "%6u countries affected\n" , vec_sz);
ez_fprintf(G.rpt.fh, "%6u countries affected\n" , vec_sz);
}
@ -551,7 +561,7 @@ main(int argc, char **argv)
unsigned n2Unblock= PTRVEC_numItems(&S.toUnblock_vec);
if(G.flags & GLB_LIST_ADDR_FLG && !(G.flags & (GLB_LIST_SUMMARY_FLG|GLB_LIST_CNTRY_FLG)))
ez_fprintf(G.listing_fh, "===============================================\n");
ez_fprintf(G.rpt.fh, "===============================================\n");
if(!(G.flags & GLB_DONT_IPTABLE_FLG)) {
@ -561,7 +571,7 @@ main(int argc, char **argv)
eprintf("ERROR: cannot block addresses!");
goto abort;
}
ez_fprintf(G.listing_fh, "Blocked %u new hosts\n", n2Block);
ez_fprintf(G.rpt.fh, "Blocked %u new hosts\n", n2Block);
}
if(n2Unblock) {
@ -570,28 +580,28 @@ main(int argc, char **argv)
eprintf("ERROR: cannot unblock addresses!");
goto abort;
}
ez_fprintf(G.listing_fh, "Unblocked %u hosts\n", n2Unblock);
ez_fprintf(G.rpt.fh, "Unblocked %u hosts\n", n2Unblock);
}
} else {
if(n2Block)
ez_fprintf(G.listing_fh, "Would block %u new hosts\n", n2Block);
ez_fprintf(G.rpt.fh, "Would block %u new hosts\n", n2Block);
if(n2Unblock)
ez_fprintf(G.listing_fh, "Would unblock %u hosts\n", n2Unblock);
ez_fprintf(G.rpt.fh, "Would unblock %u hosts\n", n2Unblock);
}
if(G.flags & (GLB_LIST_ADDR_FLG|GLB_LIST_SUMMARY_FLG))
ez_fprintf(G.listing_fh, "%6u addresses currently blocked\n" , currBlocked + n2Block - n2Unblock);
ez_fprintf(G.rpt.fh, "%6u addresses currently blocked\n" , currBlocked + n2Block - n2Unblock);
}
fflush(G.listing_fh);
fflush(G.rpt.fh);
/* Wait for pager to finish, if it is running */
if(S.flags & PAGER_RUNNING_FLG)
ez_pclose(G.listing_fh);
ez_pclose(G.rpt.fh);
rtn= EXIT_SUCCESS;
abort:

33
ban2fail.h
View File

@ -39,7 +39,9 @@
#define N_ADDRESSES_HINT 10000
#define BUCKET_DEPTH_HINT 10
/* How long to wait for reverse DNS lookups before bailing out */
/* How long to wait for reverse DNS lookups before giving up and
* moving on with the report.
*/
#ifdef DEBUG
# define DFLT_DNS_PAUSE_SEC 10
#else
@ -55,27 +57,32 @@
#define GEOIP_DB "/usr/share/GeoIP/GeoIP.dat"
#define GEOIP6_DB "/usr/share/GeoIP/GeoIPv6.dat"
enum GlobalFlg_enum {
GLB_VERBOSE_FLG =1<<0,
GLB_LIST_ADDR_FLG =1<<1,
GLB_LIST_CNTRY_FLG =1<<2,
GLB_DONT_IPTABLE_FLG =1<<3,
GLB_LIST_SUMMARY_FLG =1<<4,
GLB_PRINT_LOGFILE_NAMES_FLG=1<<5,
GLB_DNS_LOOKUP_FLG =1<<6,
GLB_DNS_FILTER_BAD_FLG =1<<7,
GLB_LONG_LISTING_FLG = GLB_LIST_CNTRY_FLG|GLB_LIST_ADDR_FLG
};
/* Singleton static object with global visibility */
extern struct Global {
enum {
GLB_VERBOSE_FLG =1<<0,
GLB_LIST_ADDR_FLG =1<<1,
GLB_LIST_CNTRY_FLG =1<<2,
GLB_DONT_IPTABLE_FLG =1<<3,
GLB_LIST_SUMMARY_FLG =1<<4,
GLB_PRINT_LOGFILE_NAMES_FLG=1<<5,
GLB_DNS_LOOKUP_FLG =1<<6,
GLB_DNS_FILTER_BAD_FLG =1<<7,
GLB_LONG_LISTING_FLG = GLB_LIST_CNTRY_FLG|GLB_LIST_ADDR_FLG
} flags;
enum GlobalFlg_enum flags;
MAP logType_map;
char *cacheDir,
*lockPath;
FILE *listing_fh;
struct {
FILE *fh;
PTRVEC addr_vec;
} rpt;
struct {
int major,

14
logType.c
View File

@ -105,7 +105,7 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
if(G.flags & GLB_PRINT_LOGFILE_NAMES_FLG) {
ez_fprintf(G.listing_fh, "%s/%s\n", proto->dir, proto->pfix);
ez_fprintf(G.rpt.fh, "%s/%s\n", proto->dir, proto->pfix);
/* We're going to save time here and short circuit the remainder
* of the process; because this object will not get used for
* anything other than listing the file names.
@ -191,8 +191,8 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
}
if(G.flags & GLB_LONG_LISTING_FLG) {
ez_fprintf(G.listing_fh, "Scanning \"%s\"... ", log_fname);
fflush(G.listing_fh);
ez_fprintf(G.rpt.fh, "Scanning \"%s\"... ", log_fname);
fflush(G.rpt.fh);
}
/* Now we have the checksum of the log file */
@ -232,8 +232,8 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
LOGFILE_addressCount(f, &nAddrFound);
if(G.flags & GLB_LONG_LISTING_FLG) {
ez_fprintf(G.listing_fh, "found %u offenses (%u addresses)\n", nOffFound, nAddrFound);
fflush(G.listing_fh);
ez_fprintf(G.rpt.fh, "found %u offenses (%u addresses)\n", nOffFound, nAddrFound);
fflush(G.rpt.fh);
}
MAP_addStrKey(&self->file_map, sumStr, f);
@ -274,13 +274,13 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
nAddrFound= LOGTYPE_addressCount(self);
if(G.flags & GLB_LONG_LISTING_FLG) {
ez_fprintf(G.listing_fh, ">>>> Found %u offenses (%u addresses) for %s/%s*\n"
ez_fprintf(G.rpt.fh, ">>>> Found %u offenses (%u addresses) for %s/%s*\n"
, nOffFound
, nAddrFound
, self->dir
, self->pfix
);
fflush(G.listing_fh);
fflush(G.rpt.fh);
}
rtn= self;