added safety in ipblc
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Paul 2023-12-26 13:13:30 +01:00
parent 2e6e7efdbf
commit ce6ca78087
4 changed files with 45 additions and 39 deletions

View File

@ -169,39 +169,41 @@ impl Context {
}
pub async fn update_blocklist(&mut self, ipevent: &IpEvent) -> Option<IpEvent> {
let ipdata = &ipevent.ipdata.clone().unwrap();
match self.cfg.sets.get(&ipdata.src) {
Some(set) => {
let starttime = DateTime::parse_from_rfc3339(ipdata.date.as_str())
.unwrap()
.with_timezone(&chrono::Local);
let blocktime = set.blocktime;
if ipevent.mode == "file".to_string() && gethostname(true) == ipevent.hostname {
let block =
match &ipevent.ipdata {
Some(ipdata) => match self.cfg.sets.get(&ipdata.src) {
Some(set) => {
let starttime = DateTime::parse_from_rfc3339(ipdata.date.as_str())
.unwrap()
.with_timezone(&chrono::Local);
let blocktime = set.blocktime;
if ipevent.mode == "file".to_string() && gethostname(true) == ipevent.hostname {
let block =
self.blocklist
.entry(ipdata.ip.to_string())
.or_insert(BlockIpData {
ipdata: ipdata.clone(),
tryfail: 0,
starttime,
blocktime,
});
block.tryfail += 1;
block.blocktime = blocktime;
if block.tryfail >= set.tryfail {
return Some(ipevent.clone());
}
} else {
self.blocklist
.entry(ipdata.ip.to_string())
.or_insert(BlockIpData {
ipdata: ipdata.clone(),
tryfail: 0,
tryfail: set.tryfail,
starttime,
blocktime,
});
block.tryfail += 1;
block.blocktime = blocktime;
if block.tryfail >= set.tryfail {
return Some(ipevent.clone());
}
} else {
self.blocklist
.entry(ipdata.ip.to_string())
.or_insert(BlockIpData {
ipdata: ipdata.clone(),
tryfail: set.tryfail,
starttime,
blocktime,
});
}
}
None => {}
},
None => {}
}
None

View File

@ -65,13 +65,6 @@ pub async fn run() {
let ctxclone = Arc::clone(&ctxarc);
let ipe = ipevent!("ping", "ws", gethostname(true));
if !send_to_ipbl_websocket(&mut wssocketrr, &ipe).await {
wssocketrr.close(None).unwrap();
wssocketrr = websocketreqrep(&ctxwsrr).await;
continue;
}
tokio::select! {
ipevent = ipeventrx.recv() => {
let received_ip = ipevent.unwrap();
@ -85,6 +78,7 @@ pub async fn run() {
for ip_to_send in toblock {
let ipe = ipevent!("init","ws",gethostname(true),Some(ip_to_send));
if !send_to_ipbl_websocket(&mut wssocketrr, &ipe).await {
wssocketrr.close(None).unwrap();
wssocketrr = websocketreqrep(&ctxwsrr).await;
break;
}
@ -104,13 +98,20 @@ pub async fn run() {
let ipe = ipevent!("add","ws",gethostname(true),ipevent.ipdata);
send_to_ipbl_api(&server.clone(), &ipe).await;
if !send_to_ipbl_websocket(&mut wssocketrr, &ipe).await {
wssocketrr.close(None).unwrap();
wssocketrr = websocketreqrep(&ctxwsrr).await;
continue;
}
}
}
}
_val = sleep_s(LOOP_MAX_WAIT) => {}
_val = sleep_s(LOOP_MAX_WAIT) => {
let ipe = ipevent!("ping", "ws", gethostname(true));
if !send_to_ipbl_websocket(&mut wssocketrr, &ipe).await {
wssocketrr.close(None).unwrap();
wssocketrr = websocketreqrep(&ctxwsrr).await;
}
}
};
let ctxclone = Arc::clone(&ctxarc);

View File

@ -21,6 +21,11 @@ pub async fn sleep_s(s: u64) {
sleep(Duration::from_secs(s)).await;
}
#[allow(dead_code)]
pub async fn sleep_ms(m: u64) {
sleep(Duration::from_millis(m)).await;
}
pub fn gethostname(show_fqdn: bool) -> String {
let hostname_cstr = unistd::gethostname().expect("Failed getting hostname");
let fqdn = hostname_cstr

View File

@ -59,7 +59,10 @@ pub async fn websocketpubsub(
txps.send(tosend).await.unwrap();
}
}
None => {}
None => {
let txps = txpubsub.read().await;
txps.send(tosend.clone()).await.unwrap();
}
}
}
Err(e) => {
@ -111,14 +114,11 @@ pub async fn send_to_ipbl_websocket(
Ok(_) => {}
Err(e) => {
println!("err send read: {e:?}");
ws.close(None).unwrap_or(());
return false;
}
};
} else {
println!("can't write to socket");
ws.close(None).unwrap_or(());
sleep_s(1);
return false;
};
@ -127,15 +127,13 @@ pub async fn send_to_ipbl_websocket(
Ok(_) => {}
Err(e) => {
println!("err send read: {e:?}");
ws.close(None).unwrap_or(());
return false;
}
};
} else {
println!("can't read from socket");
sleep_s(1);
ws.close(None).unwrap_or(());
return false;
};
true
}