|
|
@ -73,11 +73,14 @@ bool marcelb::ipban::update_db() { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
bool marcelb::ipban::ban(const string& ip) { |
|
|
|
bool marcelb::ipban::ban(const string& ip) { |
|
|
|
bool status = ufw_ban(ip); |
|
|
|
bool status = !is_in_white_list(ip); |
|
|
|
|
|
|
|
if (status) { |
|
|
|
|
|
|
|
status = ufw_ban(ip); |
|
|
|
io.lock(); |
|
|
|
io.lock(); |
|
|
|
banned.push_back({ip, time(NULL)}); |
|
|
|
banned.push_back({ip, time(NULL)}); |
|
|
|
status = status && update_db(); |
|
|
|
status = status && update_db(); |
|
|
|
io.unlock(); |
|
|
|
io.unlock(); |
|
|
|
|
|
|
|
} |
|
|
|
return status; |
|
|
|
return status; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -91,7 +94,7 @@ bool marcelb::ipban::unban(vector<_ban>::iterator ban_itr) { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
bool marcelb::ipban::ufw_ban(const string& ip) { |
|
|
|
bool marcelb::ipban::ufw_ban(const string& ip) { |
|
|
|
string ufw_cmd = "sudo ufw deny from " + ip + " to any"; |
|
|
|
string ufw_cmd = "sudo ufw insert 1 deny from " + ip + " to any"; |
|
|
|
try { |
|
|
|
try { |
|
|
|
string execute_res = exec(ufw_cmd); |
|
|
|
string execute_res = exec(ufw_cmd); |
|
|
|
if (execute_res == "Rule added\n") { |
|
|
|
if (execute_res == "Rule added\n") { |
|
|
@ -118,8 +121,10 @@ bool marcelb::ipban::ufw_unban(const string& ip) { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void marcelb::ipban::fail(const string& ip) { |
|
|
|
bool marcelb::ipban::fail(const string& ip) { |
|
|
|
lock_guard<mutex> _io(f_io); |
|
|
|
lock_guard<mutex> _io(f_io); |
|
|
|
|
|
|
|
bool status = !is_in_white_list(ip); |
|
|
|
|
|
|
|
if (status) { |
|
|
|
if (failed[ip].n_fails == 0) { |
|
|
|
if (failed[ip].n_fails == 0) { |
|
|
|
failed[ip].n_fails = 1; |
|
|
|
failed[ip].n_fails = 1; |
|
|
|
failed[ip].first_fail = time(NULL); |
|
|
|
failed[ip].first_fail = time(NULL); |
|
|
@ -127,6 +132,8 @@ void marcelb::ipban::fail(const string& ip) { |
|
|
|
ban(ip); |
|
|
|
ban(ip); |
|
|
|
failed.erase(ip); |
|
|
|
failed.erase(ip); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
return status; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -136,6 +143,26 @@ bool marcelb::ipban::unfail(const string& ip) { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void marcelb::ipban::add_white_list(const string& ip) { |
|
|
|
|
|
|
|
lock_guard<mutex> _io(wl_io); |
|
|
|
|
|
|
|
if (find(white_list.begin(), white_list.end(), ip) == white_list.end()) { |
|
|
|
|
|
|
|
white_list.push_back(ip); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void marcelb::ipban::add_white_list(const vector<string>& ips) { |
|
|
|
|
|
|
|
for (auto ip : ips) { |
|
|
|
|
|
|
|
add_white_list(ip); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
bool marcelb::ipban::is_in_white_list(const string& ip) { |
|
|
|
|
|
|
|
return find(white_list.begin(), white_list.end(), ip) != white_list.end(); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void marcelb::sleep_if(const uint& _time, const bool& _condition) { |
|
|
|
static void marcelb::sleep_if(const uint& _time, const bool& _condition) { |
|
|
|
time_t start_time = time(NULL); |
|
|
|
time_t start_time = time(NULL); |
|
|
|
do { |
|
|
|
do { |
|
|
|