Mercurial > hg > maltfilter
comparison maltfilter @ 100:075b2b626d17 maltfilter-0.20.0
Fix check for number of SCANFILEs and SCANFILE_ONCEs.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Sun, 06 Sep 2009 22:02:36 +0300 |
| parents | 3dbd9d392986 |
| children | df68cf1eaf39 |
comparison
equal
deleted
inserted
replaced
| 99:ca0fd7f3909b | 100:075b2b626d17 |
|---|---|
| 11 use Net::IP; | 11 use Net::IP; |
| 12 use Net::DNS; | 12 use Net::DNS; |
| 13 use LWP::UserAgent; | 13 use LWP::UserAgent; |
| 14 use IO::Seekable; | 14 use IO::Seekable; |
| 15 | 15 |
| 16 my $progversion = "0.19.4"; | 16 my $progversion = "0.20.0"; |
| 17 my $progbanner = | 17 my $progbanner = |
| 18 "Malicious Attack Livid Termination Filter daemon (maltfilter) v$progversion\n". | 18 "Malicious Attack Livid Termination Filter daemon (maltfilter) v$progversion\n". |
| 19 "Programmed by Matti 'ccr' Hamalainen <ccr\@tnsp.org>\n". | 19 "Programmed by Matti 'ccr' Hamalainen <ccr\@tnsp.org>\n". |
| 20 "(C) Copyright 2009 Tecnic Software productions (TNSP)\n"; | 20 "(C) Copyright 2009 Tecnic Software productions (TNSP)\n"; |
| 21 | 21 |
| 338 foreach my $class (sort keys %{$table->{$mip}{"reason"}}) { | 338 foreach my $class (sort keys %{$table->{$mip}{"reason"}}) { |
| 339 my $msgs; | 339 my $msgs; |
| 340 if ($class ne "IPTABLES") { | 340 if ($class ne "IPTABLES") { |
| 341 if ($reportmode) { | 341 if ($reportmode) { |
| 342 my @tmp = reverse(@{$table->{$mip}{"reason"}{$class}{"msg"}}); | 342 my @tmp = reverse(@{$table->{$mip}{"reason"}{$class}{"msg"}}); |
| 343 if ($#tmp > 5) { $#tmp = 5; } | 343 if (scalar @tmp > 5) { $#tmp = 5; } |
| 344 foreach (@tmp) { $_ = htmlentities($_); } | 344 foreach (@tmp) { $_ = htmlentities($_); } |
| 345 $msgs = join(" ".bb($m)."|".eb($m)." ", @tmp); | 345 $msgs = join(" ".bb($m)."|".eb($m)." ", @tmp); |
| 346 } else { | 346 } else { |
| 347 $msgs = $table->{$mip}{"reason"}{$class}{"msg"}; | 347 $msgs = $table->{$mip}{"reason"}{$class}{"msg"}; |
| 348 } | 348 } |
| 537 | 537 |
| 538 sub dronebl_process | 538 sub dronebl_process |
| 539 { | 539 { |
| 540 return unless ($settings{"DRONEBL"} > 0); | 540 return unless ($settings{"DRONEBL"} > 0); |
| 541 | 541 |
| 542 # If suspended, bail out until it's time to retry | |
| 542 if ($dronebl_suspend > 0) { | 543 if ($dronebl_suspend > 0) { |
| 543 $dronebl_suspend--; | 544 $dronebl_suspend--; |
| 544 return; | 545 return; |
| 545 } | 546 } |
| 546 | 547 |
| 634 sub dronebl_queue($$$) | 635 sub dronebl_queue($$$) |
| 635 { | 636 { |
| 636 my ($mip, $mdate, $mtype) = @_; | 637 my ($mip, $mdate, $mtype) = @_; |
| 637 | 638 |
| 638 return unless ($settings{"DRONEBL"} > 0); | 639 return unless ($settings{"DRONEBL"} > 0); |
| 640 | |
| 641 # Check against noaction IPs | |
| 639 return if check_hosts_array(\@noaction_ips, $mip); | 642 return if check_hosts_array(\@noaction_ips, $mip); |
| 640 | 643 |
| 644 # If we have the host/IP in "recent memory", and it has been submitted | |
| 645 # or queued already, do not requeue. | |
| 641 if (defined($statlist{$mip}) && defined($statlist{$mip}{"dronebl"})) { | 646 if (defined($statlist{$mip}) && defined($statlist{$mip}{"dronebl"})) { |
| 642 return if ($statlist{$mip}{"dronebl"} > 0); | 647 return if ($statlist{$mip}{"dronebl"} > 0); |
| 643 } | 648 } |
| 644 | 649 |
| 645 if (!defined($dronebl{$mip})) { | 650 if (!defined($dronebl{$mip})) { |
| 1227 | 1232 |
| 1228 mlog(-1, "Not acting on IPs: ".join(", ", @noaction_ips)."\n"); | 1233 mlog(-1, "Not acting on IPs: ".join(", ", @noaction_ips)."\n"); |
| 1229 | 1234 |
| 1230 # Check if we have anything to do | 1235 # Check if we have anything to do |
| 1231 if ($reportmode) { | 1236 if ($reportmode) { |
| 1232 mdie("Nothing to do, no SCANFILE(s) or SCANFILE_ONCE(s) defined in configuration.\n") unless ($#scanfiles > 0 || $#scanfiles_once > 0); | 1237 mdie("Nothing to do, no SCANFILE(s) or SCANFILE_ONCE(s) defined in configuration.\n") unless (scalar @scanfiles > 0 || scalar @scanfiles_once > 0); |
| 1233 } else { | 1238 } else { |
| 1234 mdie("Nothing to do, no SCANFILE(s) defined in configuration.\n") unless ($#scanfiles > 0); | 1239 mdie("Nothing to do, no SCANFILE(s) defined in configuration.\n") unless (scalar @scanfiles > 0); |
| 1235 } | 1240 } |
| 1236 | 1241 |
| 1237 # General settings | 1242 # General settings |
| 1238 my $val = $settings{"STATS_MAX_AGE"}; | 1243 my $val = $settings{"STATS_MAX_AGE"}; |
| 1239 mdie("Invalid STATS_MAX_AGE value $val, must be > 0.\n") unless ($val > 0); | 1244 mdie("Invalid STATS_MAX_AGE value $val, must be > 0.\n") unless ($val > 0); |