|
|
|
@ -32,6 +32,14 @@ marcelb::ipban::ipban(const uint& _duration, const uint& _fail_interval, const u |
|
|
|
marcelb::ipban::~ipban() { |
|
|
|
marcelb::ipban::~ipban() { |
|
|
|
run_unban_bot = false; |
|
|
|
run_unban_bot = false; |
|
|
|
unban_bot.get(); |
|
|
|
unban_bot.get(); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
|
|
* ako aplikaciju sruši napadač - želimo da ostane banovan - unbanovat će se po isteku intervala |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// for (uint i=0; i<banned.size(); i++) {
|
|
|
|
|
|
|
|
// unban(banned.begin() + i);
|
|
|
|
|
|
|
|
// }
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
void marcelb::ipban::load_db() { |
|
|
|
void marcelb::ipban::load_db() { |
|
|
|
@ -66,51 +74,30 @@ bool marcelb::ipban::update_db() { |
|
|
|
|
|
|
|
|
|
|
|
bool marcelb::ipban::ban(const string& ip) { |
|
|
|
bool marcelb::ipban::ban(const string& ip) { |
|
|
|
bool status = !is_in_white_list(ip); |
|
|
|
bool status = !is_in_white_list(ip); |
|
|
|
if (!status) { |
|
|
|
|
|
|
|
return status; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if (is_banned(ip)) { |
|
|
|
|
|
|
|
return status; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
status = ufw_ban(ip); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (status) { |
|
|
|
if (status) { |
|
|
|
|
|
|
|
status = ufw_ban(ip); |
|
|
|
io.lock(); |
|
|
|
io.lock(); |
|
|
|
banned.push_back({ip, time(NULL)}); |
|
|
|
banned.push_back({ip, time(NULL)}); |
|
|
|
status = update_db(); |
|
|
|
status = status && update_db(); |
|
|
|
io.unlock(); |
|
|
|
io.unlock(); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return status; |
|
|
|
return status; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
bool marcelb::ipban::unban(vector<_ban>::iterator ban_itr) { |
|
|
|
bool marcelb::ipban::unban(vector<_ban>::iterator ban_itr) { |
|
|
|
bool status = ufw_unban(ban_itr->ip); |
|
|
|
bool status = ufw_unban(ban_itr->ip); |
|
|
|
if (status) { |
|
|
|
|
|
|
|
io.lock(); |
|
|
|
io.lock(); |
|
|
|
banned.erase(ban_itr); |
|
|
|
banned.erase(ban_itr); |
|
|
|
status = update_db(); |
|
|
|
status = status && update_db(); |
|
|
|
io.unlock(); |
|
|
|
io.unlock(); |
|
|
|
} |
|
|
|
|
|
|
|
return status; |
|
|
|
return status; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
bool marcelb::ipban::is_banned(const string& ip) { |
|
|
|
|
|
|
|
auto it = std::find_if(banned.begin(), banned.end(), [&](const struct _ban& an_ban){ |
|
|
|
|
|
|
|
return an_ban.ip == ip; |
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
if (it == banned.end()) { |
|
|
|
|
|
|
|
return false; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
return true; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
bool marcelb::ipban::ufw_ban(const string& ip) { |
|
|
|
bool marcelb::ipban::ufw_ban(const string& ip) { |
|
|
|
string ufw_cmd = "sudo ufw insert 1 deny from " + ip + " to any"; |
|
|
|
string ufw_cmd = "sudo ufw insert 1 deny from " + ip + " to any"; |
|
|
|
try { |
|
|
|
try { |
|
|
|
string execute_res = exec(ufw_cmd); |
|
|
|
string execute_res = exec(ufw_cmd); |
|
|
|
if (execute_res == "Rule added\n" || execute_res == "Rule inserted\n") { |
|
|
|
if (execute_res == "Rule added\n") { |
|
|
|
return true; |
|
|
|
return true; |
|
|
|
} |
|
|
|
} |
|
|
|
} catch (const string except) { |
|
|
|
} catch (const string except) { |
|
|
|
|
