more simple code
* use of some simple macros * simplified code blocks in ctx read/write access
This commit is contained in:
parent
05ef0cd339
commit
a654889263
52
Cargo.lock
generated
52
Cargo.lock
generated
@ -358,9 +358,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "getrandom"
|
name = "getrandom"
|
||||||
version = "0.2.10"
|
version = "0.2.11"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427"
|
checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"cfg-if",
|
"cfg-if",
|
||||||
"libc",
|
"libc",
|
||||||
@ -428,9 +428,9 @@ checksum = "d77f7ec81a6d05a3abb01ab6eb7590f6083d08449fe5a1c8b1e620283546ccb7"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "http"
|
name = "http"
|
||||||
version = "0.2.9"
|
version = "0.2.10"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "bd6effc99afb63425aff9b05836f029929e345a6148a14b7ecd5ab67af944482"
|
checksum = "f95b9abcae896730d42b78e09c155ed4ddf82c07b4de772c64aee5b2d8b7c150"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"bytes",
|
"bytes",
|
||||||
"fnv",
|
"fnv",
|
||||||
@ -543,7 +543,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "ipblc"
|
name = "ipblc"
|
||||||
version = "1.5.0"
|
version = "1.5.2"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"chrono",
|
"chrono",
|
||||||
"clap",
|
"clap",
|
||||||
@ -590,9 +590,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "libc"
|
name = "libc"
|
||||||
version = "0.2.149"
|
version = "0.2.150"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "a08173bc88b7955d1b3145aa561539096c421ac8debde8cbc3612ec635fee29b"
|
checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "lock_api"
|
name = "lock_api"
|
||||||
@ -992,9 +992,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "rustls-pemfile"
|
name = "rustls-pemfile"
|
||||||
version = "1.0.3"
|
version = "1.0.4"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "2d3987094b1d07b653b7dfdc3f70ce9a1da9c51ac18c1b06b662e4f9a0e9f4b2"
|
checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64",
|
"base64",
|
||||||
]
|
]
|
||||||
@ -1071,22 +1071,22 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "serde"
|
name = "serde"
|
||||||
version = "1.0.190"
|
version = "1.0.192"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "91d3c334ca1ee894a2c6f6ad698fe8c435b76d504b13d436f0685d648d6d96f7"
|
checksum = "bca2a08484b285dcb282d0f67b26cadc0df8b19f8c12502c13d966bf9482f001"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"serde_derive",
|
"serde_derive",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "serde_derive"
|
name = "serde_derive"
|
||||||
version = "1.0.190"
|
version = "1.0.192"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "67c5609f394e5c2bd7fc51efda478004ea80ef42fee983d5c67a65e34f32c0e3"
|
checksum = "d6c7207fbec9faa48073f3e3074cbe553af6ea512d7c21ba46e434e70ea9fbc1"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
"syn 2.0.38",
|
"syn 2.0.39",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -1143,9 +1143,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "smallvec"
|
name = "smallvec"
|
||||||
version = "1.11.1"
|
version = "1.11.2"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "942b4a808e05215192e39f4ab80813e599068285906cc91aa64f923db842bd5a"
|
checksum = "4dccd0940a2dcdf68d092b8cbab7dc0ad8fa938bf95787e1b916b0e3d0e8e970"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "socket2"
|
name = "socket2"
|
||||||
@ -1192,9 +1192,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "syn"
|
name = "syn"
|
||||||
version = "2.0.38"
|
version = "2.0.39"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "e96b79aaa137db8f61e26363a0c9b47d8b4ec75da28b7d1d614c2303e232408b"
|
checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
@ -1251,7 +1251,7 @@ checksum = "266b2e40bc00e5a6c09c3584011e08b06f123c00362c92b975ba9843aaaa14b8"
|
|||||||
dependencies = [
|
dependencies = [
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
"syn 2.0.38",
|
"syn 2.0.39",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -1271,9 +1271,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "tokio"
|
name = "tokio"
|
||||||
version = "1.33.0"
|
version = "1.34.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "4f38200e3ef7995e5ef13baec2f432a6da0aa9ac495b2c0e8f3b7eec2c92d653"
|
checksum = "d0c014766411e834f7af5b8f4cf46257aab4036ca95e9d2c144a10f59ad6f5b9"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"backtrace",
|
"backtrace",
|
||||||
"bytes",
|
"bytes",
|
||||||
@ -1290,13 +1290,13 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "tokio-macros"
|
name = "tokio-macros"
|
||||||
version = "2.1.0"
|
version = "2.2.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e"
|
checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
"syn 2.0.38",
|
"syn 2.0.39",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -1479,7 +1479,7 @@ dependencies = [
|
|||||||
"once_cell",
|
"once_cell",
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
"syn 2.0.38",
|
"syn 2.0.39",
|
||||||
"wasm-bindgen-shared",
|
"wasm-bindgen-shared",
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -1513,7 +1513,7 @@ checksum = "c5353b8dab669f5e10f5bd76df26a9360c748f054f862ff5f3f8aae0c7fb3907"
|
|||||||
dependencies = [
|
dependencies = [
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
"syn 2.0.38",
|
"syn 2.0.39",
|
||||||
"wasm-bindgen-backend",
|
"wasm-bindgen-backend",
|
||||||
"wasm-bindgen-shared",
|
"wasm-bindgen-shared",
|
||||||
]
|
]
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "ipblc"
|
name = "ipblc"
|
||||||
version = "1.5.0"
|
version = "1.5.2"
|
||||||
edition = "2021"
|
edition = "2021"
|
||||||
authors = ["PaulBSD <paul@paulbsd.com>"]
|
authors = ["PaulBSD <paul@paulbsd.com>"]
|
||||||
description = "ipblc is a tool that search and send attacking ip addresses to ipbl"
|
description = "ipblc is a tool that search and send attacking ip addresses to ipbl"
|
||||||
@ -21,7 +21,7 @@ regex = "1.10"
|
|||||||
reqwest = { version = "0.11", default-features = false, features = ["json", "rustls-tls"] }
|
reqwest = { version = "0.11", default-features = false, features = ["json", "rustls-tls"] }
|
||||||
serde = { version = "1.0", features = ["derive"] }
|
serde = { version = "1.0", features = ["derive"] }
|
||||||
serde_json = "1.0"
|
serde_json = "1.0"
|
||||||
tokio = { version = "1.33", features = ["full", "sync"] }
|
tokio = { version = "1.34", features = ["full", "sync"] }
|
||||||
tungstenite = { version = "0.20", features = ["handshake", "rustls-tls-native-roots"] }
|
tungstenite = { version = "0.20", features = ["handshake", "rustls-tls-native-roots"] }
|
||||||
|
|
||||||
## to optimize binary size (slow compile time)
|
## to optimize binary size (slow compile time)
|
||||||
|
@ -48,6 +48,7 @@ Options:
|
|||||||
- ✅ Local bound tcp api socket
|
- ✅ Local bound tcp api socket
|
||||||
- ✅ ZMQ -> Websocket
|
- ✅ ZMQ -> Websocket
|
||||||
- ✅ Bug in RwLocks (agent often give up)
|
- ✅ Bug in RwLocks (agent often give up)
|
||||||
|
- ❌ Create memory friendly structs for ipdata
|
||||||
|
|
||||||
|
|
||||||
### Notes
|
### Notes
|
||||||
|
119
src/fw.rs
119
src/fw.rs
@ -19,6 +19,57 @@ pub fn fwglobalinit<'a>() -> ((Batch, Table), (Batch, Table)) {
|
|||||||
((batch4, table4), (batch6, table6))
|
((batch4, table4), (batch6, table6))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
macro_rules! initrules {
|
||||||
|
($batch:expr, $table:expr, $chain:ident) => {
|
||||||
|
let mut $chain = Chain::new(&CString::new(PKG_NAME).unwrap(), &$table);
|
||||||
|
$chain.set_hook(nftnl::Hook::In, 1);
|
||||||
|
$chain.set_policy(nftnl::Policy::Accept);
|
||||||
|
|
||||||
|
$batch.add(&$chain, nftnl::MsgType::Add);
|
||||||
|
|
||||||
|
$batch.add(&Rule::new(&$chain), nftnl::MsgType::Del);
|
||||||
|
|
||||||
|
let mut rule = Rule::new(&$chain);
|
||||||
|
|
||||||
|
rule.add_expr(&nft_expr!(ct state));
|
||||||
|
rule.add_expr(&nft_expr!(bitwise mask 4u32, xor 0u32));
|
||||||
|
rule.add_expr(&nft_expr!(cmp != 0u32));
|
||||||
|
rule.add_expr(&nft_expr!(counter));
|
||||||
|
rule.add_expr(&nft_expr!(verdict accept));
|
||||||
|
|
||||||
|
$batch.add(&rule, nftnl::MsgType::Add);
|
||||||
|
};}
|
||||||
|
macro_rules! createrules {
|
||||||
|
($ipdata:ident, $chain:ident, $batch:ident) => {
|
||||||
|
let mut rule = Rule::new(&$chain);
|
||||||
|
match $ipdata.t {
|
||||||
|
4 => {
|
||||||
|
let ip = $ipdata.ip.parse::<Ipv4Addr>().unwrap();
|
||||||
|
rule.add_expr(&nft_expr!(payload ipv4 saddr));
|
||||||
|
rule.add_expr(&nft_expr!(cmp == ip));
|
||||||
|
},
|
||||||
|
6 => {
|
||||||
|
let ip = $ipdata.ip.parse::<Ipv6Addr>().unwrap();
|
||||||
|
rule.add_expr(&nft_expr!(payload ipv6 saddr));
|
||||||
|
rule.add_expr(&nft_expr!(cmp == ip));
|
||||||
|
},
|
||||||
|
_ => {
|
||||||
|
let ip = $ipdata.ip.parse::<Ipv4Addr>().unwrap();
|
||||||
|
rule.add_expr(&nft_expr!(payload ipv4 saddr));
|
||||||
|
rule.add_expr(&nft_expr!(cmp == ip));
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
rule.add_expr(&nft_expr!(ct state));
|
||||||
|
rule.add_expr(&nft_expr!(bitwise mask 10u32, xor 0u32));
|
||||||
|
rule.add_expr(&nft_expr!(cmp != 0u32));
|
||||||
|
rule.add_expr(&nft_expr!(counter));
|
||||||
|
rule.add_expr(&nft_expr!(verdict drop));
|
||||||
|
|
||||||
|
$batch.add(&rule, nftnl::MsgType::Add);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fn fwinit(t: FwTableType) -> (Batch, Table) {
|
fn fwinit(t: FwTableType) -> (Batch, Table) {
|
||||||
let table_name: String;
|
let table_name: String;
|
||||||
let table: Table;
|
let table: Table;
|
||||||
@ -54,73 +105,13 @@ pub fn fwblock(
|
|||||||
) -> std::result::Result<(), Error> {
|
) -> std::result::Result<(), Error> {
|
||||||
let ((mut batch4, table4), (mut batch6, table6)) = fwglobalinit();
|
let ((mut batch4, table4), (mut batch6, table6)) = fwglobalinit();
|
||||||
|
|
||||||
// build chain for ipv4
|
initrules!(batch4, table4, chain4);
|
||||||
let mut chain4 = Chain::new(&CString::new(PKG_NAME).unwrap(), &table4);
|
initrules!(batch6, table6, chain6);
|
||||||
chain4.set_hook(nftnl::Hook::In, 1);
|
|
||||||
chain4.set_policy(nftnl::Policy::Accept);
|
|
||||||
|
|
||||||
// add chain
|
|
||||||
batch4.add(&chain4, nftnl::MsgType::Add);
|
|
||||||
|
|
||||||
batch4.add(&Rule::new(&chain4), nftnl::MsgType::Del);
|
|
||||||
|
|
||||||
let mut rule4 = Rule::new(&chain4);
|
|
||||||
rule4.add_expr(&nft_expr!(ct state));
|
|
||||||
rule4.add_expr(&nft_expr!(bitwise mask 4u32, xor 0u32));
|
|
||||||
rule4.add_expr(&nft_expr!(cmp != 0u32));
|
|
||||||
rule4.add_expr(&nft_expr!(counter));
|
|
||||||
rule4.add_expr(&nft_expr!(verdict accept));
|
|
||||||
batch4.add(&rule4, nftnl::MsgType::Add);
|
|
||||||
|
|
||||||
// build chain for ipv6
|
|
||||||
let mut chain6 = Chain::new(&CString::new(PKG_NAME).unwrap(), &table6);
|
|
||||||
chain6.set_hook(nftnl::Hook::In, 1);
|
|
||||||
chain6.set_policy(nftnl::Policy::Accept);
|
|
||||||
|
|
||||||
// add chain
|
|
||||||
batch6.add(&chain6, nftnl::MsgType::Add);
|
|
||||||
|
|
||||||
batch6.add(&Rule::new(&chain6), nftnl::MsgType::Del);
|
|
||||||
|
|
||||||
let mut rule6 = Rule::new(&chain6);
|
|
||||||
rule6.add_expr(&nft_expr!(ct state));
|
|
||||||
rule6.add_expr(&nft_expr!(bitwise mask 4u32, xor 0u32));
|
|
||||||
rule6.add_expr(&nft_expr!(cmp != 0u32));
|
|
||||||
rule6.add_expr(&nft_expr!(counter));
|
|
||||||
rule6.add_expr(&nft_expr!(verdict accept));
|
|
||||||
batch6.add(&rule6, nftnl::MsgType::Add);
|
|
||||||
|
|
||||||
// build and add rules
|
// build and add rules
|
||||||
for ipdata in ips_add.clone() {
|
for ipdata in ips_add.clone() {
|
||||||
match ipdata.t {
|
createrules!(ipdata, chain4, batch4);
|
||||||
4 => {
|
createrules!(ipdata, chain6, batch6);
|
||||||
let ip = ipdata.ip.parse::<Ipv4Addr>().unwrap();
|
|
||||||
let mut rule = Rule::new(&chain4);
|
|
||||||
rule.add_expr(&nft_expr!(payload ipv4 saddr));
|
|
||||||
rule.add_expr(&nft_expr!(cmp == ip));
|
|
||||||
rule.add_expr(&nft_expr!(ct state));
|
|
||||||
rule.add_expr(&nft_expr!(bitwise mask 10u32, xor 0u32));
|
|
||||||
rule.add_expr(&nft_expr!(cmp != 0u32));
|
|
||||||
rule.add_expr(&nft_expr!(counter));
|
|
||||||
rule.add_expr(&nft_expr!(verdict drop));
|
|
||||||
batch4.add(&rule, nftnl::MsgType::Add);
|
|
||||||
}
|
|
||||||
6 => {
|
|
||||||
let ip = ipdata.ip.parse::<Ipv6Addr>().unwrap();
|
|
||||||
let mut rule = Rule::new(&chain6);
|
|
||||||
rule.add_expr(&nft_expr!(payload ipv6 saddr));
|
|
||||||
rule.add_expr(&nft_expr!(cmp == ip));
|
|
||||||
rule.add_expr(&nft_expr!(ct state));
|
|
||||||
rule.add_expr(&nft_expr!(bitwise mask 10u32, xor 0u32));
|
|
||||||
rule.add_expr(&nft_expr!(cmp != 0u32));
|
|
||||||
rule.add_expr(&nft_expr!(counter));
|
|
||||||
rule.add_expr(&nft_expr!(verdict drop));
|
|
||||||
batch6.add(&rule, nftnl::MsgType::Add);
|
|
||||||
}
|
|
||||||
_ => {
|
|
||||||
todo!()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// validate and send batch
|
// validate and send batch
|
||||||
|
37
src/ip.rs
37
src/ip.rs
@ -54,6 +54,19 @@ pub struct IpData {
|
|||||||
pub hostname: String,
|
pub hostname: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[macro_export]
|
||||||
|
macro_rules! ipdata {
|
||||||
|
($t:expr,$ip:expr,$src:expr,$date:expr,$hostname:expr) => {
|
||||||
|
IpData {
|
||||||
|
t: $t.clone(),
|
||||||
|
ip: $ip.clone(),
|
||||||
|
src: $src.clone(),
|
||||||
|
date: $date.clone(),
|
||||||
|
hostname: $hostname.clone(),
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
impl PartialEq for IpData {
|
impl PartialEq for IpData {
|
||||||
fn eq(&self, other: &IpData) -> bool {
|
fn eq(&self, other: &IpData) -> bool {
|
||||||
self.ip.as_bytes() == other.ip.as_bytes() && self.src == other.src
|
self.ip.as_bytes() == other.ip.as_bytes() && self.src == other.src
|
||||||
@ -123,6 +136,14 @@ pub fn filter(
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
let ipaddr: IpAddr = match s_ipaddr.parse() {
|
||||||
|
Ok(ip) => ip,
|
||||||
|
Err(err) => {
|
||||||
|
println!("unparseable IP: {err} {s_ipaddr}");
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
let s_date: DateTime<Local>;
|
let s_date: DateTime<Local>;
|
||||||
match R_DATE.captures(l.as_str()) {
|
match R_DATE.captures(l.as_str()) {
|
||||||
Some(sdt) => {
|
Some(sdt) => {
|
||||||
@ -136,22 +157,8 @@ pub fn filter(
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
let ipaddr: IpAddr = match s_ipaddr.parse() {
|
|
||||||
Ok(ip) => ip,
|
|
||||||
Err(err) => {
|
|
||||||
println!("unparseable IP: {err} {s_ipaddr}");
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
if !is_trusted(&ipaddr, &trustnets) {
|
if !is_trusted(&ipaddr, &trustnets) {
|
||||||
iplist.push(IpData {
|
iplist.push(ipdata!(t, s_ipaddr, src, s_date.to_rfc3339(), hostname));
|
||||||
ip: s_ipaddr,
|
|
||||||
t: t,
|
|
||||||
src: src.to_owned(),
|
|
||||||
date: s_date.to_rfc3339().to_owned(),
|
|
||||||
hostname: hostname.to_owned(),
|
|
||||||
});
|
|
||||||
ips += 1;
|
ips += 1;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
38
src/ipblc.rs
38
src/ipblc.rs
@ -69,12 +69,10 @@ pub async fn run() {
|
|||||||
ipevent = ipeventrx.recv() => {
|
ipevent = ipeventrx.recv() => {
|
||||||
let received_ip = ipevent.unwrap();
|
let received_ip = ipevent.unwrap();
|
||||||
|
|
||||||
let (toblock,server);
|
let (toblock,server) = {
|
||||||
{
|
|
||||||
let ctx = ctxclone.read().await;
|
let ctx = ctxclone.read().await;
|
||||||
toblock = ctx.get_blocklist_toblock().await;
|
(ctx.get_blocklist_toblock().await,ctx.flags.server.clone())
|
||||||
server = ctx.flags.server.clone();
|
};
|
||||||
}
|
|
||||||
|
|
||||||
if received_ip.msgtype == "bootstrap".to_string() {
|
if received_ip.msgtype == "bootstrap".to_string() {
|
||||||
for ip_to_send in toblock {
|
for ip_to_send in toblock {
|
||||||
@ -88,11 +86,9 @@ pub async fn run() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// refresh context blocklist
|
// refresh context blocklist
|
||||||
let filtered_ipevent;
|
let filtered_ipevent = {
|
||||||
{
|
ctxarc.write().await.update_blocklist(&received_ip).await
|
||||||
let mut ctx = ctxarc.write().await;
|
};
|
||||||
filtered_ipevent = ctx.update_blocklist(&received_ip).await;
|
|
||||||
}
|
|
||||||
|
|
||||||
// send ip list to api and ws sockets
|
// send ip list to api and ws sockets
|
||||||
if let Some(ipevent) = filtered_ipevent {
|
if let Some(ipevent) = filtered_ipevent {
|
||||||
@ -132,9 +128,8 @@ async fn handle_cfg_reload(
|
|||||||
) {
|
) {
|
||||||
let now_cfg_reload = Local::now().trunc_subsecs(0);
|
let now_cfg_reload = Local::now().trunc_subsecs(0);
|
||||||
if (now_cfg_reload - *last_cfg_reload) > Duration::seconds(LOOP_MAX_WAIT as i64) {
|
if (now_cfg_reload - *last_cfg_reload) > Duration::seconds(LOOP_MAX_WAIT as i64) {
|
||||||
let mut ctx = ctxclone.write().await;
|
|
||||||
let inotify = inoarc.read().await;
|
let inotify = inoarc.read().await;
|
||||||
match ctx.load(&inotify).await {
|
match ctxclone.write().await.load(&inotify).await {
|
||||||
Ok(_) => {
|
Ok(_) => {
|
||||||
*last_cfg_reload = Local::now().trunc_subsecs(0);
|
*last_cfg_reload = Local::now().trunc_subsecs(0);
|
||||||
}
|
}
|
||||||
@ -201,19 +196,16 @@ async fn compare_files_changes(
|
|||||||
let modfiles = inrx.recv().await.unwrap();
|
let modfiles = inrx.recv().await.unwrap();
|
||||||
let mut iplist: Vec<IpData> = vec![];
|
let mut iplist: Vec<IpData> = vec![];
|
||||||
|
|
||||||
let sask;
|
let sas = {
|
||||||
let sas;
|
|
||||||
{
|
|
||||||
let ctx = ctxarc.read().await;
|
let ctx = ctxarc.read().await;
|
||||||
sas = ctx.sas.clone();
|
|
||||||
sask = sas.keys();
|
|
||||||
tnets = ctx.cfg.build_trustnets();
|
tnets = ctx.cfg.build_trustnets();
|
||||||
}
|
ctx.sas.clone()
|
||||||
|
};
|
||||||
|
|
||||||
match modfiles.inevent.name {
|
match modfiles.inevent.name {
|
||||||
Some(name) => {
|
Some(name) => {
|
||||||
let filename = name.to_str().unwrap();
|
let filename = name.to_str().unwrap();
|
||||||
for sak in sask {
|
for sak in sas.clone().keys() {
|
||||||
let sa = sas.get(sak).unwrap();
|
let sa = sas.get(sak).unwrap();
|
||||||
if modfiles.inevent.wd == sa.wd {
|
if modfiles.inevent.wd == sa.wd {
|
||||||
let handle: String;
|
let handle: String;
|
||||||
@ -225,13 +217,11 @@ async fn compare_files_changes(
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
let (filesize, sizechanged);
|
let (filesize, sizechanged) = {
|
||||||
{
|
|
||||||
let mut ctx = ctxarc.write().await;
|
let mut ctx = ctxarc.write().await;
|
||||||
let sa = ctx.sas.get_mut(sak).unwrap();
|
let sa = ctx.sas.get_mut(sak).unwrap();
|
||||||
(filesize, sizechanged) =
|
get_last_file_size(&mut sa.watchedfiles, &handle).await
|
||||||
get_last_file_size(&mut sa.watchedfiles, &handle).await;
|
};
|
||||||
}
|
|
||||||
|
|
||||||
if !sizechanged {
|
if !sizechanged {
|
||||||
continue;
|
continue;
|
||||||
|
@ -9,16 +9,18 @@ use tokio::sync::RwLock;
|
|||||||
|
|
||||||
pub async fn apiserver(ctxarc: &Arc<RwLock<Context>>) -> io::Result<()> {
|
pub async fn apiserver(ctxarc: &Arc<RwLock<Context>>) -> io::Result<()> {
|
||||||
let ctxarc = ctxarc.clone();
|
let ctxarc = ctxarc.clone();
|
||||||
let addr;
|
let addr = { ctxarc.read().await.cfg.api.parse().unwrap() };
|
||||||
{
|
|
||||||
let ctx = ctxarc.read().await;
|
|
||||||
addr = ctx.cfg.api.parse().unwrap();
|
|
||||||
}
|
|
||||||
|
|
||||||
let socket = TcpSocket::new_v4().unwrap();
|
let socket = TcpSocket::new_v4().unwrap();
|
||||||
socket.bind(addr).unwrap();
|
match socket.bind(addr) {
|
||||||
|
Ok(_) => {}
|
||||||
|
Err(_) => {
|
||||||
|
println!("can't bind monitoring socket, exiting...");
|
||||||
|
std::process::exit(1);
|
||||||
|
}
|
||||||
|
}
|
||||||
socket.set_reuseaddr(true).unwrap();
|
socket.set_reuseaddr(true).unwrap();
|
||||||
let listener = socket.listen(1024).unwrap();
|
let listener = socket.listen(128).unwrap();
|
||||||
|
|
||||||
tokio::spawn(async move {
|
tokio::spawn(async move {
|
||||||
loop {
|
loop {
|
||||||
|
28
src/old.rs
Normal file
28
src/old.rs
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
pub fn _search_subfolders(path: &Path) -> Vec<String> {
|
||||||
|
let dirs = std::fs::read_dir(path).unwrap();
|
||||||
|
let mut folders: Vec<String> = vec![];
|
||||||
|
for dir in dirs {
|
||||||
|
let dirpath = dir.unwrap().path();
|
||||||
|
let path = Path::new(dirpath.as_path());
|
||||||
|
if path.is_dir() {
|
||||||
|
folders.push(dirpath.to_str().unwrap().to_string());
|
||||||
|
for f in _search_subfolders(path) {
|
||||||
|
folders.push(f);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
folders
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn _dedup<T: Ord + PartialOrd>(list: &mut Vec<T>) -> usize {
|
||||||
|
// Begin with sorting entries
|
||||||
|
list.sort();
|
||||||
|
// Then deduplicate
|
||||||
|
list.dedup();
|
||||||
|
// Return the length
|
||||||
|
list.len()
|
||||||
|
}
|
||||||
|
|
||||||
|
pub async fn _sleep_ms(ms: u64) {
|
||||||
|
sleep(Duration::from_millis(ms)).await;
|
||||||
|
}
|
36
src/utils.rs
36
src/utils.rs
@ -1,16 +1,9 @@
|
|||||||
use lazy_static::lazy_static;
|
|
||||||
use nix::unistd;
|
use nix::unistd;
|
||||||
use regex::Regex;
|
|
||||||
use std::boxed::Box;
|
use std::boxed::Box;
|
||||||
use std::fs::File;
|
use std::fs::File;
|
||||||
use std::io::*;
|
use std::io::*;
|
||||||
use std::path::Path;
|
|
||||||
use tokio::time::{sleep, Duration};
|
use tokio::time::{sleep, Duration};
|
||||||
|
|
||||||
lazy_static! {
|
|
||||||
static ref R_FILE_GZIP: Regex = Regex::new(r".*\.gz.*").unwrap();
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn read_lines(filename: &String, offset: u64) -> Option<Box<dyn Read>> {
|
pub fn read_lines(filename: &String, offset: u64) -> Option<Box<dyn Read>> {
|
||||||
let mut file = match File::open(filename) {
|
let mut file = match File::open(filename) {
|
||||||
Ok(f) => f,
|
Ok(f) => f,
|
||||||
@ -24,19 +17,6 @@ pub fn read_lines(filename: &String, offset: u64) -> Option<Box<dyn Read>> {
|
|||||||
Some(lines)
|
Some(lines)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn _dedup<T: Ord + PartialOrd>(list: &mut Vec<T>) -> usize {
|
|
||||||
// Begin with sorting entries
|
|
||||||
list.sort();
|
|
||||||
// Then deduplicate
|
|
||||||
list.dedup();
|
|
||||||
// Return the length
|
|
||||||
list.len()
|
|
||||||
}
|
|
||||||
|
|
||||||
pub async fn _sleep_ms(ms: u64) {
|
|
||||||
sleep(Duration::from_millis(ms)).await;
|
|
||||||
}
|
|
||||||
|
|
||||||
pub async fn sleep_s(s: u64) {
|
pub async fn sleep_s(s: u64) {
|
||||||
sleep(Duration::from_secs(s)).await;
|
sleep(Duration::from_secs(s)).await;
|
||||||
}
|
}
|
||||||
@ -53,19 +33,3 @@ pub fn gethostname(show_fqdn: bool) -> String {
|
|||||||
}
|
}
|
||||||
hostname[0].to_string()
|
hostname[0].to_string()
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn _search_subfolders(path: &Path) -> Vec<String> {
|
|
||||||
let dirs = std::fs::read_dir(path).unwrap();
|
|
||||||
let mut folders: Vec<String> = vec![];
|
|
||||||
for dir in dirs {
|
|
||||||
let dirpath = dir.unwrap().path();
|
|
||||||
let path = Path::new(dirpath.as_path());
|
|
||||||
if path.is_dir() {
|
|
||||||
folders.push(dirpath.to_str().unwrap().to_string());
|
|
||||||
for f in _search_subfolders(path) {
|
|
||||||
folders.push(f);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
folders
|
|
||||||
}
|
|
||||||
|
Loading…
Reference in New Issue
Block a user