diff --git a/README.md b/README.md index 545db3e..7179f29 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,57 @@ -# ipban -A library for managing IP address bans on UFW systems \ No newline at end of file +# Library for the fail-ban function + +IPBan is a C++ library for banning IP addresses in case of consecutive errors. + +## Features + +- Object oriented +- Thread safe +- Internal database of banned addresses as a protection mechanism against irreversible ban +- Automatic unbanning +- Manual fail and unfail methods +- White list of IP addresses +- It is adjustable: database file location, tracking time for errors, number of attempts before ban, ban duration. +## Installation + +This library also requires my exec library to work, download the latest release: + +https://git.bitelex.co/marcelb/exec or https://github.com/bandicm/exec + +Then download the latest backend of these libraries and unzip to the same location. You can turn it on with: + +``` +#include "cppurl/lib/cppurl.hpp" +using namespace marcelb; +``` + +## Usage + +```c++ +//init +ipban myban(30); // 30 minutes +// add white list string or vector +myban.add_white_list("10.0.8.1"); +// ban now ip +myban.ban("10.0.8.2"); +// fail ip +myban.fail("10.0.8.3"); +// unfail ip +myban.unfail("10.0.8.3"); + +``` +## License + +[APACHE 2.0](http://www.apache.org/licenses/LICENSE-2.0/) + + +## Support & Feedback + +For support and any feedback, contact the address: marcelb96@yahoo.com. + +## Contributing + +Contributions are always welcome! + +Feel free to fork and start working with or without a later pull request. Or contact for suggest and request an option. + diff --git a/lib/ipban.hpp b/lib/ipban.hpp index ff737c7..93f97b5 100644 --- a/lib/ipban.hpp +++ b/lib/ipban.hpp @@ -23,8 +23,8 @@ namespace marcelb { #define BOT_SLEEP_LOOP_TIME 1 // 1 second /** - * Banovani objekt - * IP adresa i vrijeme banovanja + * Banned object + * IP address and ban time */ struct _ban { string ip; @@ -32,7 +32,7 @@ struct _ban { }; /** - * Pomoćna struktura - za praćenje broja pogrešaka + * Auxiliary structure - to track the number of errors */ struct _fail { time_t first_fail; @@ -40,9 +40,9 @@ struct _fail { }; /** - * Biblioteka za ban IP adrese kroz UFW vatrozid na određeno vrijeme - * Automatski uklanja zabranu po isteku vremena - * Posjeduje vlastiti DB mehanizam za zaštitu od nepovratnog ban-a + * Library to ban IP addresses through the UFW firewall for a certain period of time + * Automatically removes ban after timeout + * It has its own DB mechanism for protection against irreversible ban */ class ipban { mutex io, f_io, wl_io; @@ -55,90 +55,84 @@ class ipban { vector white_list; future unban_bot; bool run_unban_bot = true; - // interface možda bude trebao za ban /** - * Metoda učitava banovane IP adrese iz baze + * The method loads banned IP addresses from the database */ void load_db(); /** - * Metoda ažurira stanja baze sa stanjima iz memorije + * The method updates database states with memory states */ bool update_db(); /** - * Metoda uklanja ban za proslijeđeni iterator vektora banned i ažurira bazu + * The method removes the ban for the passed iterator of the banned vector and updates the base */ bool unban(vector<_ban>::iterator ban_itr); /** - * Metoda poziva exec i dodaje pravila u UFW vatrozid + * Method calls exec and adds rules to UFW firewall */ bool ufw_ban(const string& ip); /** - * Metoda poziva exec i uklanja pravilo u UFW vatrozidu + * The method calls exec and removes the rule in the UFW firewall */ bool ufw_unban(const string& ip); + /** + * Checks whether the forwarded address is in the white list + * If it returns true, if not false + */ + bool is_in_white_list(const string& ip); + public: /** - * Konstruktor, prima zadanu vrijednost trajanja ban-a u minutama, - * vrijeme praćenja pogreške adrese, broj dozvoljenih pogreški - * i putanju datoteke baze podataka + * Constructor, receives the default value of the duration of the ban in minutes, + * address error tracking time, number of allowed errors + * and the database file path */ ipban(const uint& _duration, const uint& _fail_interval = 30, const uint& _fail_limit = 3, const string& db_file = "ipban.db"); // u minutama? /** - * Metoda koja banuje proslijeđenu IP adresu, dodaje je u vector banned, ažurira bazu - * Vraća status operacije + * The method that bans the forwarded IP address, adds it to the banned vector, updates the database + * Returns the status of the operation */ bool ban(const string& ip); /** - * Inkrementalno povećaj broj grešaka za prosljeđenu adresu - * ako se prekorači broj dozvoljenih grešaka u intervalu - adresa se banuje + * Incrementally increase the number of errors for the forwarded address + * if the number of allowed errors in the interval is exceeded - the address is banned */ - bool fail(const string& ip); /** - * Uklanja greške za prosljeđenu adresu + * Removes errors for forwarded address */ - bool unfail(const string& ip); /** - * Dodaje proslijeđenu adresu u white listu + * Adds the forwarded address to the white list */ - void add_white_list(const string& ip); /** - * Dodaje proslijeđene adrese u white listu + * Adds forwarded addresses to the white list */ - void add_white_list(const vector& ips); /** - * Provjerava da li je prosljeđena adresa u white listi - * Ako je vraća true, ako ne false - */ - - bool is_in_white_list(const string& ip); - - /** - * Destruktor, uklanja sve zabrane. + * Destructor */ ~ipban(); }; /** - * Funkcija za mirovanje tijeka, koj miruje do isteka vremena ili logičkog stanja uvijeta - * Prima vrijeme u sekundama, i logički uvijet + * Sleep function, which sleeps until timeout or logic condition condition + * Receives time in seconds, and logical condition */ static void sleep_if(const uint& _time, const bool& _condition); diff --git a/test/test b/test/test index 7ebf3f5..effe5c3 100755 Binary files a/test/test and b/test/test differ