Mercurial > hg > maltfilter
changeset 53:dc072a56f343
Don't add hits when updating entries from netfilter.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Sun, 16 Aug 2009 05:03:19 +0300 |
parents | 8cfb71b296da |
children | 19dace24ad46 |
files | maltfilter |
diffstat | 1 files changed, 13 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/maltfilter Sun Aug 16 03:36:27 2009 +0300 +++ b/maltfilter Sun Aug 16 05:03:19 2009 +0300 @@ -553,7 +553,7 @@ $blocklist{$2} = $mdate; } $newlist{$2} = $mdate; - update_entry(\%statlist, $mip, -1, "IPTABLES", ""); + update_entry(\%statlist, $mip, -1, "IPTABLES", "", 0); } } close(STATUS); @@ -629,12 +629,17 @@ } ### Update one entry of -sub update_entry($$$$$) +sub update_entry($$$$$$) { - my ($struct, $mip, $mdate, $mclass, $mreason) = @_; + my ($struct, $mip, $mdate, $mclass, $mreason, $addhits) = @_; - my $cnt = $struct->{$mip}{"hits"}++; - $struct->{$mip}{"reason"}{$mclass}{"hits"}++; + if ($addhits) { + $struct->{$mip}{"hits"}++; + $struct->{$mip}{"reason"}{$mclass}{"hits"}++; + } else { + $struct->{$mip}{"hits"} = 1 unless defined($struct->{$mip}{"hits"}); + $struct->{$mip}{"reason"}{$mclass}{"hits"} = 1 unless defined($struct->{$mip}{"reason"}{$mclass}{"hits"}); + } if ($reportmode) { push(@{$struct->{$mip}{"reason"}{$mclass}{"msg"}}, $mreason); @@ -656,7 +661,7 @@ $struct->{$mip}{"reason"}{$mclass}{"date2"} = $mdate; } - return $cnt; + return $struct->{$mip}{"hits"}; } ### Check if given "try count" exceeds treshold and if entry @@ -677,10 +682,10 @@ # If condition is true, we add to regular statlist if ($mcond) { - $cnt = update_entry(\%statlist, $mip, $mdate, $mclass, $mreason); + $cnt = update_entry(\%statlist, $mip, $mdate, $mclass, $mreason, 1); } else { # This is an ignored hit (for disabled test), add to ignorelist - update_entry(\%ignorelist, $mip, $mdate, $mclass, $mreason); + update_entry(\%ignorelist, $mip, $mdate, $mclass, $mreason, 1); return; }