paulbsd/ipblc
1
0
Fork 0
Code Issues Pull Requests Projects Releases 15 Wiki Activity

added per set blocktime
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Paul 2022-06-04 11:44:32 +02:00
parent 85d85a4ae4
commit 9739dd895c
1 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/config/mod.rs
View File

@ -40,7 +40,6 @@ pub struct SetMap {
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
pub struct Flags { pub struct Flags {
pub debug: bool, pub debug: bool,
pub interval: usize,
pub server: String, pub server: String,
} }
@ -59,7 +58,6 @@ impl Context {
flags: Flags { flags: Flags {
debug: debug, debug: debug,
server: server, server: server,
interval: 60,
}, },
hostname: gethostname(true), hostname: gethostname(true),
discovery: Discovery { discovery: Discovery {
@ -147,20 +145,25 @@ impl Context {
} }
pub async fn gc_blocklist(&mut self) -> Vec<IpData> { pub async fn gc_blocklist(&mut self) -> Vec<IpData> {
let now: DateTime<Local> = Local::now().trunc_subsecs(0); let mut removed: Vec<IpData> = vec![];
let delta: Duration = Duration::minutes(self.flags.interval as i64);
let mindate = now - delta;
let mut toremove: Vec<IpData> = vec![];
// nightly, future use // nightly, future use
//let drained: HashMap<String,IpData> = ctx.blocklist.drain_filter(|k,v| v.parse_date() < mindate) //let drained: HashMap<String,IpData> = ctx.blocklist.drain_filter(|k,v| v.parse_date() < mindate)
for (k, v) in self.blocklist.clone().iter() { for (id, blocked) in self.blocklist.clone().iter() {
if v.parse_date() < mindate { for set in self.cfg.sets.clone() {
self.blocklist.remove(&k.to_string()).unwrap(); if blocked.src == set.t {
toremove.push(v.clone()); let now: DateTime<Local> = Local::now().trunc_subsecs(0);
let mindate = now - Duration::minutes(set.blocktime);
if blocked.parse_date() < mindate {
self.blocklist.remove(&id.to_string()).unwrap();
removed.push(blocked.clone());
} }
} }
toremove break;
}
}
removed
} }
pub async fn update_blocklist(&mut self, ip: &IpData) { pub async fn update_blocklist(&mut self, ip: &IpData) {
@ -228,24 +231,28 @@ impl Config {
filename: "mail.log".to_string(), filename: "mail.log".to_string(),
regex: "(SASL LOGIN authentication failed)".to_string(), regex: "(SASL LOGIN authentication failed)".to_string(),
path: "/var/log".to_string(), path: "/var/log".to_string(),
blocktime: 60,
}, },
Set { Set {
t: "ssh".to_string(), t: "ssh".to_string(),
filename: "auth.log".to_string(), filename: "auth.log".to_string(),
regex: "(Invalid user|BREAK|not allowed because|no matching key exchange method found)".to_string(), regex: "(Invalid user|BREAK|not allowed because|no matching key exchange method found)".to_string(),
path: "/var/log".to_string(), path: "/var/log".to_string(),
blocktime: 60,
}, },
Set { Set {
t: "http".to_string(), t: "http".to_string(),
filename: "".to_string(), filename: "".to_string(),
regex: "(anonymousfox.co)".to_string(), regex: "(anonymousfox.co)".to_string(),
path: "/var/log/nginx".to_string(), path: "/var/log/nginx".to_string(),
blocktime: 60,
} }
,Set { ,Set {
t: "openvpn".to_string(), t: "openvpn".to_string(),
filename: "status".to_string(), filename: "status".to_string(),
regex: "(UNDEF)".to_string(), regex: "(UNDEF)".to_string(),
path: "/var/run/openvpn".to_string(), path: "/var/run/openvpn".to_string(),
blocktime: 60,
}, },
], ],
trustnets: vec![ trustnets: vec![
@ -346,6 +353,7 @@ pub struct Set {
pub filename: String, pub filename: String,
pub regex: String, pub regex: String,
pub path: String, pub path: String,
pub blocktime: i64,
} }
#[derive(Debug, Deserialize, Serialize, Clone)] #[derive(Debug, Deserialize, Serialize, Clone)]