# HG changeset patch # User Matti Hamalainen # Date 1258031449 -7200 # Node ID 4c394e57387d32afa8b140ed0d63cd5f75898123 # Parent d38b77d1e6c83a548e4be0a2e0d34ed931a551fc Added configurable linking to dronebl entries. diff -r d38b77d1e6c8 -r 4c394e57387d maltfilter --- a/maltfilter Thu Nov 12 14:42:38 2009 +0200 +++ b/maltfilter Thu Nov 12 15:10:49 2009 +0200 @@ -13,7 +13,7 @@ use LWP::UserAgent; use IO::Seekable; -my $progversion = "0.20.1"; +my $progversion = "0.20.2"; my $progbanner = "Malicious Attack Livid Termination Filter daemon (maltfilter) v$progversion\n". "Programmed by Matti 'ccr' Hamalainen \n". @@ -62,8 +62,9 @@ "DRONEBL_THRESHOLD" => 3, "DRONEBL_MAX_AGE" => 30, # in minutes "DRONEBL_RPC_URI" => "http://dronebl.org/RPC2", + "DRONEBL_LOOKUP_URL" => "http://www.dronebl.org/lookup?ip=%s", # %s will expand ONCE into the host IP "DRONEBL_RPC_KEY" => "", - "DRONEBL_MAX_ERRORS" => 5, + "DRONEBL_MAX_ERRORS" => 2, "DRONEBL_SUSPEND" => 10, ); @@ -311,6 +312,15 @@ } } +sub get_dronebl_link($) +{ + if ($settings{"DRONEBL_LOOKUP_URL"} ne "") { + return sprintf(" [*]", $_[0]); + } else { + return ""; + } +} + sub print_table1($$$$$$) { my ($m, $f, $table, $keys, $func, $class) = @_; @@ -328,7 +338,7 @@ printElem($m, $f, " "); printTD($m, $f, sprintf(bb($m)."%-10d".eb($m), $table->{$mip}{"hits"})); printElem(!$m, $f, " | "); - printTD($m, $f, sprintf("%-15s", get_link($m, $mip))); + printTD($m, $f, sprintf("%-15s%s", get_link($m, $mip), get_dronebl_link($mip))); printElem(!$m, $f, " | "); printTD($m, $f, get_ago_str($table->{$mip}{"date1"})); printElem(!$m, $f, " | "); @@ -408,7 +418,7 @@ $previp[$_[1]] = $_[0]; my $str = "style=\"background: ".$ipcolors[$ncolor[$_[1]] % scalar @ipcolors].";\""; - printTD($m, $f, sprintf("%-15s", get_link($m, $_[0])), $str); + printTD($m, $f, sprintf("%-15s%s", get_link($m, $_[0]), get_dronebl_link($_[0])), $str); printElem(!$m, $f, " | "); printTD($m, $f, sprintf("%-8d ", $table->{$_[0]}{"hits"}), $blocked); printElem(!$m, $f, " | ");