added per set blocktime

2022-06-04 11:44:32 +02:00 · 2022-06-04 11:44:32 +02:00 · 9739dd895c
commit 9739dd895c
parent 85d85a4ae4
1 changed files with 19 additions and 11 deletions
--- a/src/config/mod.rs
+++ b/src/config/mod.rs
@ -40,7 +40,6 @@ pub struct SetMap {
 #[derive(Debug, Clone)]
 pub struct Flags {
    pub debug: bool,
-    pub interval: usize,
    pub server: String,
 }

@ -59,7 +58,6 @@ impl Context {
            flags: Flags {
                debug: debug,
                server: server,
-                interval: 60,
            },
            hostname: gethostname(true),
            discovery: Discovery {
@ -147,20 +145,25 @@ impl Context {
    }

    pub async fn gc_blocklist(&mut self) -> Vec<IpData> {
-        let now: DateTime<Local> = Local::now().trunc_subsecs(0);
-        let delta: Duration = Duration::minutes(self.flags.interval as i64);
-        let mindate = now - delta;
-        let mut toremove: Vec<IpData> = vec![];
+        let mut removed: Vec<IpData> = vec![];

        // nightly, future use
        //let drained: HashMap<String,IpData> = ctx.blocklist.drain_filter(|k,v| v.parse_date() < mindate)
-        for (k, v) in self.blocklist.clone().iter() {
-            if v.parse_date() < mindate {
-                self.blocklist.remove(&k.to_string()).unwrap();
-                toremove.push(v.clone());
+        for (id, blocked) in self.blocklist.clone().iter() {
+            for set in self.cfg.sets.clone() {
+                if blocked.src == set.t {
+                    let now: DateTime<Local> = Local::now().trunc_subsecs(0);
+                    let mindate = now - Duration::minutes(set.blocktime);
+
+                    if blocked.parse_date() < mindate {
+                        self.blocklist.remove(&id.to_string()).unwrap();
+                        removed.push(blocked.clone());
                    }
                }
-        toremove
+                break;
+            }
+        }
+        removed
    }

    pub async fn update_blocklist(&mut self, ip: &IpData) {
@ -228,24 +231,28 @@ impl Config {
                    filename: "mail.log".to_string(),
                    regex: "(SASL LOGIN authentication failed)".to_string(),
                    path: "/var/log".to_string(),
+                    blocktime: 60,
                },
                Set {
                    t: "ssh".to_string(),
                    filename: "auth.log".to_string(),
                    regex: "(Invalid user|BREAK|not allowed because|no matching key exchange method found)".to_string(),
                    path: "/var/log".to_string(),
+                    blocktime: 60,
                },
                Set {
                    t: "http".to_string(),
                    filename: "".to_string(),
                    regex: "(anonymousfox.co)".to_string(),
                    path: "/var/log/nginx".to_string(),
+                    blocktime: 60,
                }
                ,Set {
                    t: "openvpn".to_string(),
                    filename: "status".to_string(),
                    regex: "(UNDEF)".to_string(),
                    path: "/var/run/openvpn".to_string(),
+                    blocktime: 60,
                },
            ],
            trustnets: vec![
@ -346,6 +353,7 @@ pub struct Set {
    pub filename: String,
    pub regex: String,
    pub path: String,
+    pub blocktime: i64,
 }

 #[derive(Debug, Deserialize, Serialize, Clone)]