Mercurial > hg > maltfilter

comparison maltfilter @ 109:4c394e57387d maltfilter-0.20.2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added configurable linking to dronebl entries.
author Matti Hamalainen <ccr@tnsp.org>
date Thu, 12 Nov 2009 15:10:49 +0200
parents 3894755d78df
children 4b3b1724c995
comparison
equal deleted inserted replaced
108:d38b77d1e6c8 109:4c394e57387d
11 use Net::IP; 11 use Net::IP;
12 use Net::DNS; 12 use Net::DNS;
13 use LWP::UserAgent; 13 use LWP::UserAgent;
14 use IO::Seekable; 14 use IO::Seekable;
15 15
16 my $progversion = "0.20.1"; 16 my $progversion = "0.20.2";
17 my $progbanner = 17 my $progbanner =
18 "Malicious Attack Livid Termination Filter daemon (maltfilter) v$progversion\n". 18 "Malicious Attack Livid Termination Filter daemon (maltfilter) v$progversion\n".
19 "Programmed by Matti 'ccr' Hamalainen <ccr\@tnsp.org>\n". 19 "Programmed by Matti 'ccr' Hamalainen <ccr\@tnsp.org>\n".
20 "(C) Copyright 2009 Tecnic Software productions (TNSP)\n"; 20 "(C) Copyright 2009 Tecnic Software productions (TNSP)\n";
21 21
60 60
61 "DRONEBL" => 0, 61 "DRONEBL" => 0,
62 "DRONEBL_THRESHOLD" => 3, 62 "DRONEBL_THRESHOLD" => 3,
63 "DRONEBL_MAX_AGE" => 30, # in minutes 63 "DRONEBL_MAX_AGE" => 30, # in minutes
64 "DRONEBL_RPC_URI" => "http://dronebl.org/RPC2", 64 "DRONEBL_RPC_URI" => "http://dronebl.org/RPC2",
65 "DRONEBL_LOOKUP_URL" => "http://www.dronebl.org/lookup?ip=%s", # %s will expand ONCE into the host IP
65 "DRONEBL_RPC_KEY" => "", 66 "DRONEBL_RPC_KEY" => "",
66 "DRONEBL_MAX_ERRORS" => 5, 67 "DRONEBL_MAX_ERRORS" => 2,
67 "DRONEBL_SUSPEND" => 10, 68 "DRONEBL_SUSPEND" => 10,
68 ); 69 );
69 70
70 # List loopback and private netblocks by default here 71 # List loopback and private netblocks by default here
71 my @noaction_ips_def = ( 72 my @noaction_ips_def = (
309 } else { 310 } else {
310 return $_[0]; 311 return $_[0];
311 } 312 }
312 } 313 }
313 314
315 sub get_dronebl_link($)
316 {
317 if ($settings{"DRONEBL_LOOKUP_URL"} ne "") {
318 return sprintf(" [<a href=\"".$settings{"DRONEBL_LOOKUP_URL"}."\">*</a>]", $_[0]);
319 } else {
320 return "";
321 }
322 }
323
314 sub print_table1($$$$$$) 324 sub print_table1($$$$$$)
315 { 325 {
316 my ($m, $f, $table, $keys, $func, $class) = @_; 326 my ($m, $f, $table, $keys, $func, $class) = @_;
317 my $ntotal = 0; 327 my $ntotal = 0;
318 328
326 foreach my $mip (sort { $func->($table, $a, $b) } keys %{$keys}) { 336 foreach my $mip (sort { $func->($table, $a, $b) } keys %{$keys}) {
327 my $blocked = defined($filterlist{$mip}) ? "filtered" : "unfiltered"; 337 my $blocked = defined($filterlist{$mip}) ? "filtered" : "unfiltered";
328 printElem($m, $f, " <tr class=\"$blocked\">"); 338 printElem($m, $f, " <tr class=\"$blocked\">");
329 printTD($m, $f, sprintf(bb($m)."%-10d".eb($m), $table->{$mip}{"hits"})); 339 printTD($m, $f, sprintf(bb($m)."%-10d".eb($m), $table->{$mip}{"hits"}));
330 printElem(!$m, $f, " | "); 340 printElem(!$m, $f, " | ");
331 printTD($m, $f, sprintf("%-15s", get_link($m, $mip))); 341 printTD($m, $f, sprintf("%-15s%s", get_link($m, $mip), get_dronebl_link($mip)));
332 printElem(!$m, $f, " | "); 342 printElem(!$m, $f, " | ");
333 printTD($m, $f, get_ago_str($table->{$mip}{"date1"})); 343 printTD($m, $f, get_ago_str($table->{$mip}{"date1"}));
334 printElem(!$m, $f, " | "); 344 printElem(!$m, $f, " | ");
335 printTD($m, $f, get_ago_str($table->{$mip}{"date2"})); 345 printTD($m, $f, get_ago_str($table->{$mip}{"date2"}));
336 printElem(!$m, $f, " | "); 346 printElem(!$m, $f, " | ");
406 $ncolor[$_[1]]++; 416 $ncolor[$_[1]]++;
407 } 417 }
408 $previp[$_[1]] = $_[0]; 418 $previp[$_[1]] = $_[0];
409 my $str = "style=\"background: ".$ipcolors[$ncolor[$_[1]] % scalar @ipcolors].";\""; 419 my $str = "style=\"background: ".$ipcolors[$ncolor[$_[1]] % scalar @ipcolors].";\"";
410 420
411 printTD($m, $f, sprintf("%-15s", get_link($m, $_[0])), $str); 421 printTD($m, $f, sprintf("%-15s%s", get_link($m, $_[0]), get_dronebl_link($_[0])), $str);
412 printElem(!$m, $f, " | "); 422 printElem(!$m, $f, " | ");
413 printTD($m, $f, sprintf("%-8d ", $table->{$_[0]}{"hits"}), $blocked); 423 printTD($m, $f, sprintf("%-8d ", $table->{$_[0]}{"hits"}), $blocked);
414 printElem(!$m, $f, " | "); 424 printElem(!$m, $f, " | ");
415 printTD($m, $f, sprintf("%-6s ", $drone_status[$table->{$_[0]}{"dronebl"}]), $blocked); 425 printTD($m, $f, sprintf("%-6s ", $drone_status[$table->{$_[0]}{"dronebl"}]), $blocked);
416 printElem(!$m, $f, " | "); 426 printElem(!$m, $f, " | ");