marcelb/ipban
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Database, UFW metodes, and tested.

Browse Source
This commit is contained in:
marcelb 2023-12-11 20:41:28 +01:00
parent 33550ccc69
commit 8795b6ff29
12 changed files with 279 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +1,2 @@
example example
exec

58
.vscode/settings.json vendored
View File

@ -1,5 +1,61 @@
{ {
"files.associations": { "files.associations": {
"*.tcc": "cpp" "*.tcc": "cpp",
"ostream": "cpp",
"cctype": "cpp",
"clocale": "cpp",
"cmath": "cpp",
"cstdarg": "cpp",
"cstddef": "cpp",
"cstdio": "cpp",
"cstdlib": "cpp",
"ctime": "cpp",
"cwchar": "cpp",
"cwctype": "cpp",
"array": "cpp",
"atomic": "cpp",
"bit": "cpp",
"chrono": "cpp",
"compare": "cpp",
"concepts": "cpp",
"condition_variable": "cpp",
"cstdint": "cpp",
"deque": "cpp",
"map": "cpp",
"string": "cpp",
"unordered_map": "cpp",
"vector": "cpp",
"exception": "cpp",
"algorithm": "cpp",
"functional": "cpp",
"iterator": "cpp",
"memory": "cpp",
"memory_resource": "cpp",
"numeric": "cpp",
"random": "cpp",
"ratio": "cpp",
"string_view": "cpp",
"system_error": "cpp",
"tuple": "cpp",
"type_traits": "cpp",
"utility": "cpp",
"fstream": "cpp",
"future": "cpp",
"initializer_list": "cpp",
"iosfwd": "cpp",
"iostream": "cpp",
"istream": "cpp",
"limits": "cpp",
"mutex": "cpp",
"new": "cpp",
"numbers": "cpp",
"semaphore": "cpp",
"sstream": "cpp",
"stdexcept": "cpp",
"stop_token": "cpp",
"streambuf": "cpp",
"thread": "cpp",
"cinttypes": "cpp",
"typeinfo": "cpp"
} }
} }

28
.vscode/tasks.json vendored Normal file
View File

@ -0,0 +1,28 @@
{
"tasks": [
{
"type": "cppbuild",
"label": "C/C++: g++ build active file",
"command": "/usr/bin/g++",
"args": [
"-fdiagnostics-color=always",
"-g",
"${file}",
"-o",
"${fileDirname}/${fileBasenameNoExtension}"
],
"options": {
"cwd": "${fileDirname}"
},
"problemMatcher": [
"$gcc"
],
"group": {
"kind": "build",
"isDefault": true
},
"detail": "Task generated by Debugger."
}
],
"version": "2.0.0"
}

2
README.md
View File

@ -1,3 +1,3 @@
# ipban # ipban
Ban an IP in time over UFW A library for managing IP address bans on UFW systems

5
clonelibs.sh Normal file
View File

@ -0,0 +1,5 @@
rm -rf exec
wget https://git.bitelex.co/marcelb/exec/archive/v0.1_beta.tar.gz
tar -xvf v0.1_beta.tar.gz
rm v0.1_beta.tar.gz

56
lib/ipban.hpp
View File

@ -6,10 +6,13 @@
#include <string> #include <string>
#include <future> #include <future>
#include <mutex> #include <mutex>
#include <fstream>
#include <time.h> #include <time.h>
#include <unistd.h> #include <unistd.h>
#include "../exec/lib/exec.hpp"
using namespace std; using namespace std;
namespace marcelb { namespace marcelb {
@ -17,30 +20,79 @@ namespace marcelb {
#define BOT_LOOP_TIME 60 // 1 minutes #define BOT_LOOP_TIME 60 // 1 minutes
#define BOT_SLEEP_LOOP_TIME 1 // 1 second #define BOT_SLEEP_LOOP_TIME 1 // 1 second
/**
* Banovani objekt
* IP adresa i vrijeme banovanja
*/
struct _ban { struct _ban {
string ip; string ip;
time_t _time; time_t _time;
}; };
/**
* Biblioteka za ban IP adrese kroz UFW vatrozid na određeno vrijeme
* Automatski uklanja zabranu po isteku vremena
* Posjeduje vlastiti DB mehanizam za zaštitu od nepovratnog ban-a
*/
class ipban { class ipban {
mutex io; mutex io;
time_t ban_duration; // u sekundama time_t ban_duration;
string db_file;
vector<_ban> banned; vector<_ban> banned;
future<void> unban_bot; future<void> unban_bot;
bool run_unban_bot = true; bool run_unban_bot = true;
// interface možda bude trebao za ban // interface možda bude trebao za ban
/**
* Metoda učitava banovane IP adrese iz baze
*/
void load_db();
/**
* Metoda ažurira stanja baze sa stanjima iz memorije
*/
bool update_db();
/**
* Metoda uklanja ban za proslijeđeni iterator vektora banned i ažurira bazu
*/
bool unban(vector<_ban>::iterator ban_itr); bool unban(vector<_ban>::iterator ban_itr);
/**
* Metoda poziva exec i dodaje pravila u UFW vatrozid
*/
bool ufw_ban(const string& ip); bool ufw_ban(const string& ip);
/**
* Metoda poziva exec i uklanja pravilo u UFW vatrozidu
*/
bool ufw_unban(const string& ip); bool ufw_unban(const string& ip);
public: public:
ipban(const uint& _duration); // u minutama?
/**
* Konstruktor, prima zadanu vrijednost trajanja ban-a u minutama
* i putanju datoteke baze podataka
*/
ipban(const uint& _duration, const string& db_file = "ipban.db"); // u minutama?
/**
* Metoda koja banuje proslijeđenu IP adresu, dodaje je u vector banned, ažurira bazu
* Vraća status operacije
*/
bool ban(const string& ip); bool ban(const string& ip);
/**
* Destruktor, uklanja sve zabrane.
*/
~ipban(); ~ipban();
}; };
/**
* Funkcija za mirovanje tijeka, koj miruje do isteka vremena ili logičkog stanja uvijeta
* Prima vrijeme u sekundama, i logički uvijet
*/
static void sleep_if(const uint& _time, const bool& _condition); static void sleep_if(const uint& _time, const bool& _condition);
} }

72
src/ipban.cpp
View File

@ -1,23 +1,23 @@
#include "../lib/ipban.hpp" #include "../lib/ipban.hpp"
marcelb::ipban::ipban(const uint& _duration) { marcelb::ipban::ipban(const uint& _duration, const string& _db_file) {
ban_duration = _duration*60; ban_duration = _duration*60;
db_file = _db_file;
load_db();
unban_bot = async(launch::async, [&]() { unban_bot = async(launch::async, [&]() {
while (run_unban_bot) { while (run_unban_bot) {
sleep_if(BOT_LOOP_TIME, run_unban_bot); sleep_if(BOT_LOOP_TIME, run_unban_bot);
cout << "Sleep" << endl;
io.lock();
for (uint i=0; i<banned.size(); i++) { for (uint i=0; i<banned.size(); i++) {
if (difftime(time(NULL), banned[i]._time) >= ban_duration) { if (difftime(time(NULL), banned[i]._time) >= ban_duration) {
unban(banned.begin() + i); if (!unban(banned.begin() + i)) {
cout << "[ERROR] Unban is not done properly! " << endl;
}
} }
} }
io.unlock();
} }
return; return;
}); });
} }
marcelb::ipban::~ipban() { marcelb::ipban::~ipban() {
@ -28,27 +28,79 @@ marcelb::ipban::~ipban() {
} }
} }
void marcelb::ipban::load_db() {
string line;
ifstream mydb (db_file);
if (mydb.is_open()) {
while (getline(mydb, line) ) {
struct _ban saved_ban;
saved_ban.ip = line.substr(0, line.find('-'));
saved_ban._time = stol(line.substr(line.find('-')+1));
banned.push_back(saved_ban);
}
mydb.close();
}
}
bool marcelb::ipban::update_db() {
bool success = false;
ofstream mydb (db_file);
if (mydb.is_open()) {
for (int i=0; i<banned.size(); i++) {
mydb << banned[i].ip << "-" << banned[i]._time << "\n";
}
success = true;
mydb.close();
}
else {
success = false;
}
return success;
}
bool marcelb::ipban::ban(const string& ip) { bool marcelb::ipban::ban(const string& ip) {
ufw_ban(ip); bool status = ufw_ban(ip);
io.lock(); io.lock();
banned.push_back({ip, time(NULL)}); banned.push_back({ip, time(NULL)});
status = status && update_db();
io.unlock(); io.unlock();
return status;
} }
bool marcelb::ipban::unban(vector<_ban>::iterator ban_itr) { bool marcelb::ipban::unban(vector<_ban>::iterator ban_itr) {
ufw_unban(ban_itr->ip); bool status = ufw_unban(ban_itr->ip);
io.lock(); io.lock();
banned.erase(ban_itr); banned.erase(ban_itr);
status = status && update_db();
io.unlock(); io.unlock();
return status;
} }
bool marcelb::ipban::ufw_ban(const string& ip) { bool marcelb::ipban::ufw_ban(const string& ip) {
cout << "UFW ban IP: " << ip << endl; string ufw_cmd = "sudo ufw deny from " + ip + " to any";
try {
string execute_res = exec(ufw_cmd);
if (execute_res == "Rule added\n") {
return true;
}
} catch (const string except) {
cout << except << endl;
}
return false;
} }
bool marcelb::ipban::ufw_unban(const string& ip) { bool marcelb::ipban::ufw_unban(const string& ip) {
cout << "UFW unban IP: " << ip << endl; string ufw_cmd = "sudo ufw delete deny from " + ip + " to any";
try {
string execute_res = exec(ufw_cmd);
if (execute_res == "Rule deleted\n") {
return true;
}
} catch (const string except) {
cout << except << endl;
}
return false;
} }
static void marcelb::sleep_if(const uint& _time, const bool& _condition) { static void marcelb::sleep_if(const uint& _time, const bool& _condition) {

1
test/compile.sh Normal file
View File

@ -0,0 +1 @@
g++ test.cpp ../src/*.cpp ../exec/src/*.cpp -o test

40
test/gen_db.cpp Normal file
View File

@ -0,0 +1,40 @@
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <ctime>
#include <cstdlib>
struct _ban {
std::string ip;
long int _time;
};
// Funkcija za generiranje pseudoslučajnih IP adresa
std::string generateRandomIP() {
return std::to_string(rand() % 256) + "." +
std::to_string(rand() % 256) + "." +
std::to_string(rand() % 256) + "." +
std::to_string(rand() % 256);
}
int main() {
//std::ofstream mydb("datoteka.txt");
// Postavka generiranja pseudoslučajnih brojeva
srand(static_cast<unsigned>(time(0)));
// Generiranje desetaka IP adresa i povezanih vremenskih brojeva
for (int i = 0; i < 10; ++i) {
_ban generated_ban;
generated_ban.ip = generateRandomIP();
generated_ban._time = static_cast<long int>(time(nullptr) - rand()%100);
// Ispisivanje u datoteku
std::cout << generated_ban.ip << "-" << generated_ban._time << std::endl;
}
std::cout << "Generiranje završeno." << std::endl;
return 0;
}

1
test/ipban.db Normal file
View File

@ -0,0 +1 @@
90.163.88.49-1702323353

BIN
test/test
View File

Binary file not shown.

31
test/test.cpp
View File

@ -2,9 +2,36 @@
using namespace marcelb; using namespace marcelb;
std::string generateRandomIP() {
return std::to_string(rand() % 256) + "." +
std::to_string(rand() % 256) + "." +
std::to_string(rand() % 256) + "." +
std::to_string(rand() % 256);
}
// time_t random_time (const uint& offset) {
// time_t _time = time(nullptr);
// if (_time %2 == 0) {
// return (time(nullptr) + rand()%offset);
// }
// else {
// return (time(nullptr) - rand()%offset);
// }
// }
int main() { int main() {
ipban myban(1); ipban myban(1);
myban.ban("192.168.2.74"); // myban.ban("192.168.2.74");
sleep(80); // sleep(300);
uint i=0;
while (i<10) {
string ip = generateRandomIP();
cout << "Ban " << ip << endl;
myban.ban(ip);
sleep(30);
i++;
}
return 0; return 0;
} }