Fix ban and unban functions on bad ufw states, and fix response on ufw_ban

Add protection for already banned case
Fix update_db() calls
2024-02-14 10:55:59 +00:00 · 2024-02-13 22:06:42 +01:00 · 2024-02-13 21:33:33 +01:00
5 changed files with 42 additions and 25 deletions
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@ -9,7 +9,7 @@
                "-g",
                "${fileDirname}/test.cpp",
 				"${fileDirname}/../src/*.cpp",
-                "${fileDirname}/../exec/src/*.cpp",
+                "${fileDirname}/../../exec/src/*.cpp",
                "-o",
                "${fileDirname}/test.o"
            ],
--- a/lib/ipban.hpp
+++ b/lib/ipban.hpp
@ -71,6 +71,11 @@ class ipban {
    */
    bool unban(vector<_ban>::iterator ban_itr);
    /**
     * The method checks if the forwarding ip address is currently banned
    */
    bool is_banned(const string& ip);
    /**
     * Method calls exec and adds rules to UFW firewall
    */
--- a/src/ipban.cpp
+++ b/src/ipban.cpp
@ -32,14 +32,6 @@ marcelb::ipban::ipban(const uint& _duration, const uint& _fail_interval, const u
 marcelb::ipban::~ipban() {
    run_unban_bot = false;
    unban_bot.get();
    /**
     * ako aplikaciju sruši napadač - želimo da ostane banovan - unbanovat će se po isteku intervala
    */
    // for (uint i=0; i<banned.size(); i++) {
    //     unban(banned.begin() + i);
    // }
 }
 void marcelb::ipban::load_db() {
@ -74,30 +66,51 @@ bool marcelb::ipban::update_db() {
 bool marcelb::ipban::ban(const string& ip) {
    bool status = !is_in_white_list(ip);
    if (!status) {
        return status;
    }
    if (is_banned(ip)) {
        return status;
    }
    status = ufw_ban(ip);
    if (status) {
        status = ufw_ban(ip);
        io.lock();
        banned.push_back({ip, time(NULL)});
-        status = status && update_db();
+        status = update_db();
        io.unlock();
    }
    return status;
 }
 bool marcelb::ipban::unban(vector<_ban>::iterator ban_itr) {
    bool status = ufw_unban(ban_itr->ip);
-    io.lock();
+    if (status) {
-    banned.erase(ban_itr);
+        io.lock();
-    status = status && update_db();
+        banned.erase(ban_itr);
-    io.unlock();
+        status = update_db();
        io.unlock();
    }
    return status;
 }
 bool marcelb::ipban::is_banned(const string& ip) {
    auto it = std::find_if(banned.begin(), banned.end(), [&](const struct _ban& an_ban){
        return an_ban.ip == ip;
    });
    if (it == banned.end()) {
        return false;
    }
    return true;
 }
 bool marcelb::ipban::ufw_ban(const string& ip) {
    string ufw_cmd = "sudo ufw insert 1 deny from " + ip + " to any";
    try {
        string execute_res = exec(ufw_cmd);
-        if (execute_res == "Rule added\n") {
+        if (execute_res == "Rule added\n" || execute_res == "Rule inserted\n") {
            return true;
        }
    } catch (const string except) {
--- a/test/test
+++ b/test/test
--- a/test/test.cpp
+++ b/test/test.cpp
@ -33,24 +33,23 @@ int main() {
    //     i++;
    // }
-    myban.add_white_list("192.168.2.74");
+    // myban.add_white_list("192.168.2.74");
    cout << myban.ban("192.168.2.74") << endl;
-    sleep(2);
+    sleep(5);
-    cout << myban.ban("192.168.2.75") << endl;
+    cout << myban.ban("192.168.2.74") << endl;
    sleep(200);
    // myban.fail("192.168.2.74");
-    // sleep(120);
+    // sleep(5);
-    // myban.unfail("192.168.2.74");
+    // // myban.unfail("192.168.2.74");
    // sleep(2);
    // myban.fail("192.168.2.74");
-    // sleep(120);
+    // sleep(5);
-
+    // myban.fail("192.168.2.74");
    sleep(100);
    return 0;
 }
Author	SHA1	Message	Date
mbandic	8d1b58d51a	Fix ban and unban functions on bad ufw states, and fix response on ufw_ban	2024-02-14 10:55:59 +00:00
marcelb	4d212938a5	Add protection for already banned case	2024-02-13 22:06:42 +01:00
marcelb	68e509b385	Fix update_db() calls	2024-02-13 21:33:33 +01:00