Mercurial > hg > maltfilter
comparison maltfilter @ 68:bac5931b8312
Cleanups.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Tue, 18 Aug 2009 03:47:16 +0300 |
| parents | 8df5d52436a1 |
| children | b090ddfccdab |
comparison
equal
deleted
inserted
replaced
| 67:8df5d52436a1 | 68:bac5931b8312 |
|---|---|
| 311 | 311 |
| 312 "Hits | IP-address | First hit | Latest hit | Reason(s)\n" | 312 "Hits | IP-address | First hit | Latest hit | Reason(s)\n" |
| 313 ); | 313 ); |
| 314 | 314 |
| 315 foreach my $mip (sort { $func->($table, $a, $b) } keys %{$keys}) { | 315 foreach my $mip (sort { $func->($table, $a, $b) } keys %{$keys}) { |
| 316 my $blocked = defined($filterlist{$mip}) ? "blocked" : "unblocked"; | 316 my $blocked = defined($filterlist{$mip}) ? "filtered" : "unfiltered"; |
| 317 printElem($m, $f, " <tr class=\"$blocked\">"); | 317 printElem($m, $f, " <tr class=\"$blocked\">"); |
| 318 printTD($m, $f, sprintf(bb($m)."%-10d".eb($m), $table->{$mip}{"hits"})); | 318 printTD($m, $f, sprintf(bb($m)."%-10d".eb($m), $table->{$mip}{"hits"})); |
| 319 printElem(!$m, $f, " | "); | 319 printElem(!$m, $f, " | "); |
| 320 printTD($m, $f, sprintf("%-15s", get_link($m, $mip))); | 320 printTD($m, $f, sprintf("%-15s", get_link($m, $mip))); |
| 321 printElem(!$m, $f, " | "); | 321 printElem(!$m, $f, " | "); |
| 386 | 386 |
| 387 my @previp = ("0.0.0.0", "0.0.0.0"); | 387 my @previp = ("0.0.0.0", "0.0.0.0"); |
| 388 my @ncolor = (0, 0); | 388 my @ncolor = (0, 0); |
| 389 | 389 |
| 390 my $printEntry = sub { | 390 my $printEntry = sub { |
| 391 my $blocked = "class=\"".(defined($filterlist{$_[0]}) ? "blocked" : "unblocked")."\""; | 391 my $blocked = "class=\"".(defined($filterlist{$_[0]}) ? "filtered" : "unfiltered")."\""; |
| 392 if (test_ips($previp[$_[1]], $_[0]) < 3) { | 392 if (test_ips($previp[$_[1]], $_[0]) < 3) { |
| 393 $ncolor[$_[1]]++; | 393 $ncolor[$_[1]]++; |
| 394 } | 394 } |
| 395 $previp[$_[1]] = $_[0]; | 395 $previp[$_[1]] = $_[0]; |
| 396 my $str = "style=\"background: ".$ipcolors[$ncolor[$_[1]] % scalar @ipcolors].";\""; | 396 my $str = "style=\"background: ".$ipcolors[$ncolor[$_[1]] % scalar @ipcolors].";\""; |
| 487 printP($m, $f, | 487 printP($m, $f, |
| 488 "Generated ".bb($m).get_time_str(time()).eb($m).". Data computed from ". | 488 "Generated ".bb($m).get_time_str(time()).eb($m).". Data computed from ". |
| 489 ($reportmode ? "complete logfile scan" : "a period of last $period").".\n"); | 489 ($reportmode ? "complete logfile scan" : "a period of last $period").".\n"); |
| 490 | 490 |
| 491 printP($m, $f, "The hit classes marked as 'IPTABLES' are a pseudo-class meaning an\n". | 491 printP($m, $f, "The hit classes marked as 'IPTABLES' are a pseudo-class meaning an\n". |
| 492 "blocked IP that was in Netfilter before Maltfilter was started.\n"); | 492 "filtered IP that was in Netfilter before Maltfilter was started.\n"); |
| 493 | 493 |
| 494 printH($m, $f, 2, "Currently filtered entries"); | 494 if ($settings{"FILTER"} > 0) { |
| 495 $period = get_period($settings{"FILTER_MAX_AGE"}); | 495 printH($m, $f, 2, "Currently filtered entries"); |
| 496 printP($m, $f, "List of IPs that are currently filtered (or would be, if this is\n". | 496 $period = get_period($settings{"FILTER_MAX_AGE"}); |
| 497 "a report-only mode). Data from period of $period.\n"); | 497 printP($m, $f, "List of IPs that are currently filtered (or would be, if this is\n". |
| 498 print_table1($m, $f, \%statlist, \%filterlist, \&cmp_hits, "blocked"); | 498 "a report-only mode). Data from period of $period.\n"); |
| 499 | 499 print_table1($m, $f, \%statlist, \%filterlist, \&cmp_hits, "filtered"); |
| 500 printH($m, $f, 2, "Summary of non-ignored entries"); | 500 } |
| 501 | |
| 502 printH($m, $f, 2, "Summary of entries"); | |
| 501 printP($m, $f, "List of 'hits' of suspicious activity noticed by Maltfilter, but not\n". | 503 printP($m, $f, "List of 'hits' of suspicious activity noticed by Maltfilter, but not\n". |
| 502 "necessarily acted upon. Sorted by descending IP address.\n"); | 504 "necessarily acted upon. Sorted by descending IP address.\n"); |
| 503 print_table2($m, $f, \%statlist, \%statlist, \&cmp_ips, "global"); | 505 print_table2($m, $f, \%statlist, \%statlist, \&cmp_ips, "global"); |
| 504 | 506 |
| 505 printH($m, $f, 2, "Ignored entries"); | 507 printH($m, $f, 2, "Ignored entries"); |