# HG changeset patch # User Matti Hamalainen # Date 1250388199 -10800 # Node ID dc072a56f3436a107e7d474f4fb1c81b1ebbb977 # Parent 8cfb71b296da8f62182e66a50b10a7bdf90ae5ed Don't add hits when updating entries from netfilter. diff -r 8cfb71b296da -r dc072a56f343 maltfilter --- a/maltfilter Sun Aug 16 03:36:27 2009 +0300 +++ b/maltfilter Sun Aug 16 05:03:19 2009 +0300 @@ -553,7 +553,7 @@ $blocklist{$2} = $mdate; } $newlist{$2} = $mdate; - update_entry(\%statlist, $mip, -1, "IPTABLES", ""); + update_entry(\%statlist, $mip, -1, "IPTABLES", "", 0); } } close(STATUS); @@ -629,12 +629,17 @@ } ### Update one entry of -sub update_entry($$$$$) +sub update_entry($$$$$$) { - my ($struct, $mip, $mdate, $mclass, $mreason) = @_; + my ($struct, $mip, $mdate, $mclass, $mreason, $addhits) = @_; - my $cnt = $struct->{$mip}{"hits"}++; - $struct->{$mip}{"reason"}{$mclass}{"hits"}++; + if ($addhits) { + $struct->{$mip}{"hits"}++; + $struct->{$mip}{"reason"}{$mclass}{"hits"}++; + } else { + $struct->{$mip}{"hits"} = 1 unless defined($struct->{$mip}{"hits"}); + $struct->{$mip}{"reason"}{$mclass}{"hits"} = 1 unless defined($struct->{$mip}{"reason"}{$mclass}{"hits"}); + } if ($reportmode) { push(@{$struct->{$mip}{"reason"}{$mclass}{"msg"}}, $mreason); @@ -656,7 +661,7 @@ $struct->{$mip}{"reason"}{$mclass}{"date2"} = $mdate; } - return $cnt; + return $struct->{$mip}{"hits"}; } ### Check if given "try count" exceeds treshold and if entry @@ -677,10 +682,10 @@ # If condition is true, we add to regular statlist if ($mcond) { - $cnt = update_entry(\%statlist, $mip, $mdate, $mclass, $mreason); + $cnt = update_entry(\%statlist, $mip, $mdate, $mclass, $mreason, 1); } else { # This is an ignored hit (for disabled test), add to ignorelist - update_entry(\%ignorelist, $mip, $mdate, $mclass, $mreason); + update_entry(\%ignorelist, $mip, $mdate, $mclass, $mreason, 1); return; }