mirror of https://github.com/jrbrtsn/ban2fail
Prepare for refactor
This commit is contained in:
parent
5e133d66f4
commit
40c82821ca
62
ban2fail.c
62
ban2fail.c
|
@ -159,6 +159,7 @@ main(int argc, char **argv)
|
|||
/* Prepare static data */
|
||||
// global
|
||||
MAP_constructor(&G.logType_map, 10, 10);
|
||||
PTRVEC_constructor(&G.rpt.addr_vec, 100);
|
||||
|
||||
// local
|
||||
MAP_constructor(&S.addr2logEntry_map, N_ADDRESSES_HINT/BUCKET_DEPTH_HINT, BUCKET_DEPTH_HINT);
|
||||
|
@ -243,7 +244,8 @@ main(int argc, char **argv)
|
|||
if(errflg) {
|
||||
ez_fprintf(stderr,
|
||||
"ban2fail v%d.%d.%d Usage:\n"
|
||||
"%s [options] [-t confFile]\n"
|
||||
"%s [options] [-t confFile] [addr1 addr2 ...]\n"
|
||||
" addr1 ... print offending lines from logfiles for these addresses\n"
|
||||
" --help\tprint this usage message.\n"
|
||||
" -a[+]\t\tList results by Address. '+' to perform DNS reverse lookups.\n"
|
||||
" -c\t\tlist results by Country\n"
|
||||
|
@ -258,6 +260,14 @@ main(int argc, char **argv)
|
|||
|
||||
goto abort;
|
||||
}
|
||||
|
||||
/* Pick up addresses on command line */
|
||||
for(; optind < argc; ++optind) {
|
||||
// TODO: instantiate address report objects
|
||||
eprintf("arg %d= \"%s\"", optind, argv[optind]);
|
||||
}
|
||||
|
||||
|
||||
} /* Done with command line arguments */
|
||||
|
||||
/* Make sure we will be able to run iptables */
|
||||
|
@ -296,17 +306,17 @@ main(int argc, char **argv)
|
|||
}
|
||||
|
||||
/* Default sending listing to stdout */
|
||||
G.listing_fh= stdout;
|
||||
G.rpt.fh= stdout;
|
||||
#ifndef DEBUG
|
||||
/* if stdout is a tty, and listing is likely
|
||||
* to be long, then use $PAGER.
|
||||
*/
|
||||
if(G.flags & GLB_LONG_LISTING_FLG && isatty(fileno(G.listing_fh))) {
|
||||
if(G.flags & GLB_LONG_LISTING_FLG && isatty(fileno(G.rpt.fh))) {
|
||||
S.flags |= PAGER_RUNNING_FLG;
|
||||
G.listing_fh= pager_open();
|
||||
G.rpt.fh= pager_open();
|
||||
}
|
||||
#endif
|
||||
assert(G.listing_fh);
|
||||
assert(G.rpt.fh);
|
||||
|
||||
/* Open our cache, instance file-specific LOGTYPE objects */
|
||||
{ /*=============================================================*/
|
||||
|
@ -320,12 +330,12 @@ main(int argc, char **argv)
|
|||
}
|
||||
|
||||
if(G.flags & GLB_LONG_LISTING_FLG) {
|
||||
ez_fprintf(G.listing_fh, "=============== ban2fail v%d.%d.%d =============\n"
|
||||
ez_fprintf(G.rpt.fh, "=============== ban2fail v%d.%d.%d =============\n"
|
||||
, G.version.major
|
||||
, G.version.minor
|
||||
, G.version.patch
|
||||
);
|
||||
fflush(G.listing_fh);
|
||||
fflush(G.rpt.fh);
|
||||
}
|
||||
|
||||
/* Implement configuration */
|
||||
|
@ -337,8 +347,8 @@ main(int argc, char **argv)
|
|||
}
|
||||
|
||||
if(G.flags & GLB_VERBOSE_FLG) { /* Warn about unused symbols */
|
||||
CFGMAP_print_unused_symbols(&S.cfgmap, G.listing_fh);
|
||||
fflush(G.listing_fh);
|
||||
CFGMAP_print_unused_symbols(&S.cfgmap, G.rpt.fh);
|
||||
fflush(G.rpt.fh);
|
||||
}
|
||||
|
||||
/* Just leave the S.cfgmap in place, so all the value strings
|
||||
|
@ -401,12 +411,12 @@ main(int argc, char **argv)
|
|||
/* Number of items in map is number of unique addresses */
|
||||
nAddrFound= MAP_numItems(&map);
|
||||
|
||||
ez_fprintf(G.listing_fh,
|
||||
ez_fprintf(G.rpt.fh,
|
||||
"===== Found %u total offenses (%u addresses) =====\n"
|
||||
, nOffFound
|
||||
, nAddrFound
|
||||
);
|
||||
fflush(G.listing_fh);
|
||||
fflush(G.rpt.fh);
|
||||
|
||||
/* Clean up map used for counting */
|
||||
MAP_clearAndDestroy(&map, (void*(*)(void*))LOGENTRY_destructor);
|
||||
|
@ -437,14 +447,14 @@ main(int argc, char **argv)
|
|||
/* Special processing for DNS lookups */
|
||||
if(G.flags & GLB_DNS_LOOKUP_FLG) {
|
||||
|
||||
ez_fprintf(G.listing_fh, "Performing DNS lookups for up to %d seconds ...\n", DFLT_DNS_PAUSE_SEC);
|
||||
fflush(G.listing_fh);
|
||||
ez_fprintf(G.rpt.fh, "Performing DNS lookups for up to %d seconds ...\n", DFLT_DNS_PAUSE_SEC);
|
||||
fflush(G.rpt.fh);
|
||||
|
||||
int64_t begin_ms= clock_gettime_ms(CLOCK_REALTIME);
|
||||
int rc= PDNS_lookup(S.lePtrArr, nItems, DFLT_DNS_PAUSE_SEC*1000);
|
||||
assert(-1 != rc);
|
||||
int64_t ms= clock_gettime_ms(CLOCK_REALTIME) - begin_ms;
|
||||
ez_fprintf(G.listing_fh, "\t==> Completed %d of %u lookups in %.1f seconds\n", rc, nItems, (double)ms/1000.);
|
||||
ez_fprintf(G.rpt.fh, "\t==> Completed %d of %u lookups in %.1f seconds\n", rc, nItems, (double)ms/1000.);
|
||||
}
|
||||
|
||||
/* Process each LOGENTRY item */
|
||||
|
@ -494,7 +504,7 @@ main(int argc, char **argv)
|
|||
const static char *dns_fmt= "%-15s\t%5u/%-4d offenses %s [%s] %s %s\n",
|
||||
*fmt= "%-15s\t%5u/%-4d offenses %s [%s]\n";
|
||||
|
||||
ez_fprintf(G.listing_fh, e->dns.flags ? dns_fmt : fmt
|
||||
ez_fprintf(G.rpt.fh, e->dns.flags ? dns_fmt : fmt
|
||||
, e->addr
|
||||
, e->count
|
||||
, nAllowed
|
||||
|
@ -533,16 +543,16 @@ main(int argc, char **argv)
|
|||
for(unsigned i= 0; i < vec_sz; ++i) {
|
||||
|
||||
struct cntryStat *cs= rtn_vec[i];
|
||||
ez_fprintf(G.listing_fh, "%2s %5u blocked addresses\n"
|
||||
ez_fprintf(G.rpt.fh, "%2s %5u blocked addresses\n"
|
||||
, cs->cntry[0] ? cs->cntry : "--"
|
||||
, cs->nAddr
|
||||
);
|
||||
}
|
||||
|
||||
ez_fprintf(G.listing_fh, "===============================================\n");
|
||||
ez_fprintf(G.rpt.fh, "===============================================\n");
|
||||
}
|
||||
|
||||
ez_fprintf(G.listing_fh, "%6u countries affected\n" , vec_sz);
|
||||
ez_fprintf(G.rpt.fh, "%6u countries affected\n" , vec_sz);
|
||||
|
||||
}
|
||||
|
||||
|
@ -551,7 +561,7 @@ main(int argc, char **argv)
|
|||
unsigned n2Unblock= PTRVEC_numItems(&S.toUnblock_vec);
|
||||
|
||||
if(G.flags & GLB_LIST_ADDR_FLG && !(G.flags & (GLB_LIST_SUMMARY_FLG|GLB_LIST_CNTRY_FLG)))
|
||||
ez_fprintf(G.listing_fh, "===============================================\n");
|
||||
ez_fprintf(G.rpt.fh, "===============================================\n");
|
||||
|
||||
if(!(G.flags & GLB_DONT_IPTABLE_FLG)) {
|
||||
|
||||
|
@ -561,7 +571,7 @@ main(int argc, char **argv)
|
|||
eprintf("ERROR: cannot block addresses!");
|
||||
goto abort;
|
||||
}
|
||||
ez_fprintf(G.listing_fh, "Blocked %u new hosts\n", n2Block);
|
||||
ez_fprintf(G.rpt.fh, "Blocked %u new hosts\n", n2Block);
|
||||
}
|
||||
|
||||
if(n2Unblock) {
|
||||
|
@ -570,28 +580,28 @@ main(int argc, char **argv)
|
|||
eprintf("ERROR: cannot unblock addresses!");
|
||||
goto abort;
|
||||
}
|
||||
ez_fprintf(G.listing_fh, "Unblocked %u hosts\n", n2Unblock);
|
||||
ez_fprintf(G.rpt.fh, "Unblocked %u hosts\n", n2Unblock);
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
if(n2Block)
|
||||
ez_fprintf(G.listing_fh, "Would block %u new hosts\n", n2Block);
|
||||
ez_fprintf(G.rpt.fh, "Would block %u new hosts\n", n2Block);
|
||||
|
||||
if(n2Unblock)
|
||||
ez_fprintf(G.listing_fh, "Would unblock %u hosts\n", n2Unblock);
|
||||
ez_fprintf(G.rpt.fh, "Would unblock %u hosts\n", n2Unblock);
|
||||
}
|
||||
|
||||
if(G.flags & (GLB_LIST_ADDR_FLG|GLB_LIST_SUMMARY_FLG))
|
||||
ez_fprintf(G.listing_fh, "%6u addresses currently blocked\n" , currBlocked + n2Block - n2Unblock);
|
||||
ez_fprintf(G.rpt.fh, "%6u addresses currently blocked\n" , currBlocked + n2Block - n2Unblock);
|
||||
|
||||
}
|
||||
|
||||
fflush(G.listing_fh);
|
||||
fflush(G.rpt.fh);
|
||||
|
||||
/* Wait for pager to finish, if it is running */
|
||||
if(S.flags & PAGER_RUNNING_FLG)
|
||||
ez_pclose(G.listing_fh);
|
||||
ez_pclose(G.rpt.fh);
|
||||
|
||||
rtn= EXIT_SUCCESS;
|
||||
abort:
|
||||
|
|
33
ban2fail.h
33
ban2fail.h
|
@ -39,7 +39,9 @@
|
|||
#define N_ADDRESSES_HINT 10000
|
||||
#define BUCKET_DEPTH_HINT 10
|
||||
|
||||
/* How long to wait for reverse DNS lookups before bailing out */
|
||||
/* How long to wait for reverse DNS lookups before giving up and
|
||||
* moving on with the report.
|
||||
*/
|
||||
#ifdef DEBUG
|
||||
# define DFLT_DNS_PAUSE_SEC 10
|
||||
#else
|
||||
|
@ -55,27 +57,32 @@
|
|||
#define GEOIP_DB "/usr/share/GeoIP/GeoIP.dat"
|
||||
#define GEOIP6_DB "/usr/share/GeoIP/GeoIPv6.dat"
|
||||
|
||||
enum GlobalFlg_enum {
|
||||
GLB_VERBOSE_FLG =1<<0,
|
||||
GLB_LIST_ADDR_FLG =1<<1,
|
||||
GLB_LIST_CNTRY_FLG =1<<2,
|
||||
GLB_DONT_IPTABLE_FLG =1<<3,
|
||||
GLB_LIST_SUMMARY_FLG =1<<4,
|
||||
GLB_PRINT_LOGFILE_NAMES_FLG=1<<5,
|
||||
GLB_DNS_LOOKUP_FLG =1<<6,
|
||||
GLB_DNS_FILTER_BAD_FLG =1<<7,
|
||||
GLB_LONG_LISTING_FLG = GLB_LIST_CNTRY_FLG|GLB_LIST_ADDR_FLG
|
||||
};
|
||||
|
||||
/* Singleton static object with global visibility */
|
||||
extern struct Global {
|
||||
enum {
|
||||
GLB_VERBOSE_FLG =1<<0,
|
||||
GLB_LIST_ADDR_FLG =1<<1,
|
||||
GLB_LIST_CNTRY_FLG =1<<2,
|
||||
GLB_DONT_IPTABLE_FLG =1<<3,
|
||||
GLB_LIST_SUMMARY_FLG =1<<4,
|
||||
GLB_PRINT_LOGFILE_NAMES_FLG=1<<5,
|
||||
GLB_DNS_LOOKUP_FLG =1<<6,
|
||||
GLB_DNS_FILTER_BAD_FLG =1<<7,
|
||||
GLB_LONG_LISTING_FLG = GLB_LIST_CNTRY_FLG|GLB_LIST_ADDR_FLG
|
||||
} flags;
|
||||
|
||||
enum GlobalFlg_enum flags;
|
||||
|
||||
MAP logType_map;
|
||||
|
||||
char *cacheDir,
|
||||
*lockPath;
|
||||
|
||||
FILE *listing_fh;
|
||||
struct {
|
||||
FILE *fh;
|
||||
PTRVEC addr_vec;
|
||||
} rpt;
|
||||
|
||||
struct {
|
||||
int major,
|
||||
|
|
14
logType.c
14
logType.c
|
@ -105,7 +105,7 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
|
|||
|
||||
if(G.flags & GLB_PRINT_LOGFILE_NAMES_FLG) {
|
||||
|
||||
ez_fprintf(G.listing_fh, "%s/%s\n", proto->dir, proto->pfix);
|
||||
ez_fprintf(G.rpt.fh, "%s/%s\n", proto->dir, proto->pfix);
|
||||
/* We're going to save time here and short circuit the remainder
|
||||
* of the process; because this object will not get used for
|
||||
* anything other than listing the file names.
|
||||
|
@ -191,8 +191,8 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
|
|||
}
|
||||
|
||||
if(G.flags & GLB_LONG_LISTING_FLG) {
|
||||
ez_fprintf(G.listing_fh, "Scanning \"%s\"... ", log_fname);
|
||||
fflush(G.listing_fh);
|
||||
ez_fprintf(G.rpt.fh, "Scanning \"%s\"... ", log_fname);
|
||||
fflush(G.rpt.fh);
|
||||
}
|
||||
|
||||
/* Now we have the checksum of the log file */
|
||||
|
@ -232,8 +232,8 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
|
|||
LOGFILE_addressCount(f, &nAddrFound);
|
||||
|
||||
if(G.flags & GLB_LONG_LISTING_FLG) {
|
||||
ez_fprintf(G.listing_fh, "found %u offenses (%u addresses)\n", nOffFound, nAddrFound);
|
||||
fflush(G.listing_fh);
|
||||
ez_fprintf(G.rpt.fh, "found %u offenses (%u addresses)\n", nOffFound, nAddrFound);
|
||||
fflush(G.rpt.fh);
|
||||
}
|
||||
|
||||
MAP_addStrKey(&self->file_map, sumStr, f);
|
||||
|
@ -274,13 +274,13 @@ LOGTYPE_proto_constructor(LOGTYPE *self, const struct logProtoType *proto)
|
|||
nAddrFound= LOGTYPE_addressCount(self);
|
||||
|
||||
if(G.flags & GLB_LONG_LISTING_FLG) {
|
||||
ez_fprintf(G.listing_fh, ">>>> Found %u offenses (%u addresses) for %s/%s*\n"
|
||||
ez_fprintf(G.rpt.fh, ">>>> Found %u offenses (%u addresses) for %s/%s*\n"
|
||||
, nOffFound
|
||||
, nAddrFound
|
||||
, self->dir
|
||||
, self->pfix
|
||||
);
|
||||
fflush(G.listing_fh);
|
||||
fflush(G.rpt.fh);
|
||||
}
|
||||
|
||||
rtn= self;
|
||||
|
|
Loading…
Reference in New Issue