Mercurial > hg > maltfilter
comparison maltfilter @ 24:f22cfa761753
Update_blocklist() was setting timestamp of latest hit, this is incorrect as
we do not know from whence entries already in netfilter are from. Fixed.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Sat, 15 Aug 2009 23:11:20 +0300 |
| parents | cb0a4b747cf0 |
| children | 34dcb7462043 |
comparison
equal
deleted
inserted
replaced
| 23:cb0a4b747cf0 | 24:f22cfa761753 |
|---|---|
| 461 if (!defined($blocklist{$mip})) { | 461 if (!defined($blocklist{$mip})) { |
| 462 mlog(2, "* $mip appeared in iptables.\n"); | 462 mlog(2, "* $mip appeared in iptables.\n"); |
| 463 $blocklist{$2} = $mdate; | 463 $blocklist{$2} = $mdate; |
| 464 } | 464 } |
| 465 $newlist{$2} = $mdate; | 465 $newlist{$2} = $mdate; |
| 466 update_entry(\%statlist, $mip, $mdate, "IPTABLES", ""); | 466 update_entry(\%statlist, $mip, -1, "IPTABLES", ""); |
| 467 } | 467 } |
| 468 } | 468 } |
| 469 close(STATUS); | 469 close(STATUS); |
| 470 | 470 |
| 471 foreach my $mip (keys %blocklist) { | 471 foreach my $mip (keys %blocklist) { |
| 523 push(@{$struct->{$mip}{"reason"}{$mclass}{"msg"}}, $mreason); | 523 push(@{$struct->{$mip}{"reason"}{$mclass}{"msg"}}, $mreason); |
| 524 } else { | 524 } else { |
| 525 $struct->{$mip}{"reason"}{$mclass}{"msg"} = $mreason; | 525 $struct->{$mip}{"reason"}{$mclass}{"msg"} = $mreason; |
| 526 } | 526 } |
| 527 | 527 |
| 528 if (!defined($struct->{$mip}{"date1"})) { | 528 if ($mdate > 0) { |
| 529 $struct->{$mip}{"date1"} = $mdate; | 529 if (!defined($struct->{$mip}{"date1"})) { |
| 530 } | 530 $struct->{$mip}{"date1"} = $mdate; |
| 531 $struct->{$mip}{"date2"} = $mdate; | 531 } |
| 532 $struct->{$mip}{"date2"} = $mdate; | |
| 532 | 533 |
| 533 if (!defined($struct->{$mip}{"reason"}{$mclass}{"date2"})) { | 534 if (!defined($struct->{$mip}{"reason"}{$mclass}{"date2"})) { |
| 535 $struct->{$mip}{"reason"}{$mclass}{"date2"} = $mdate; | |
| 536 } | |
| 534 $struct->{$mip}{"reason"}{$mclass}{"date2"} = $mdate; | 537 $struct->{$mip}{"reason"}{$mclass}{"date2"} = $mdate; |
| 535 } | 538 } |
| 536 $struct->{$mip}{"reason"}{$mclass}{"date2"} = $mdate; | |
| 537 | 539 |
| 538 return $cnt; | 540 return $cnt; |
| 539 } | 541 } |
| 540 | 542 |
| 541 ### Check if given "try count" exceeds treshold and if entry | 543 ### Check if given "try count" exceeds treshold and if entry |