1 | #include "globals.h"
|
---|
2 | #include "oscam-net.h"
|
---|
3 | #include "oscam-string.h"
|
---|
4 |
|
---|
5 | static int32_t cs_check_v(IN_ADDR_T ip, int32_t port, int32_t add, char *info) {
|
---|
6 | int32_t result = 0;
|
---|
7 |
|
---|
8 | if (!cfg.failbantime)
|
---|
9 | return 0;
|
---|
10 |
|
---|
11 | if (!cfg.v_list)
|
---|
12 | cfg.v_list = ll_create("v_list");
|
---|
13 |
|
---|
14 | time_t now = time(NULL);
|
---|
15 | LL_ITER itr = ll_iter_create(cfg.v_list);
|
---|
16 | V_BAN *v_ban_entry;
|
---|
17 | int32_t ftime = cfg.failbantime * 60;
|
---|
18 |
|
---|
19 | //run over all banned entries to do housekeeping:
|
---|
20 | while ((v_ban_entry=ll_iter_next(&itr))) {
|
---|
21 | // housekeeping:
|
---|
22 | if ((now - v_ban_entry->v_time) >= ftime) { // entry out of time->remove
|
---|
23 | free(v_ban_entry->info);
|
---|
24 | ll_iter_remove_data(&itr);
|
---|
25 | continue;
|
---|
26 | }
|
---|
27 |
|
---|
28 | if (IP_EQUAL(ip, v_ban_entry->v_ip) && port == v_ban_entry->v_port) {
|
---|
29 | result = 1;
|
---|
30 | if (!info)
|
---|
31 | info = v_ban_entry->info;
|
---|
32 | else if (!v_ban_entry->info) {
|
---|
33 | v_ban_entry->info = cs_strdup(info);
|
---|
34 | }
|
---|
35 |
|
---|
36 | if (!add) {
|
---|
37 | if (v_ban_entry->v_count >= cfg.failbancount) {
|
---|
38 | cs_debug_mask(D_TRACE, "failban: banned ip %s:%d - %ld seconds left%s%s",
|
---|
39 | cs_inet_ntoa(v_ban_entry->v_ip), v_ban_entry->v_port,
|
---|
40 | ftime - (now - v_ban_entry->v_time), info?", info: ":"", info?info:"");
|
---|
41 | } else {
|
---|
42 | cs_debug_mask(D_TRACE, "failban: ip %s:%d chance %d of %d%s%s",
|
---|
43 | cs_inet_ntoa(v_ban_entry->v_ip), v_ban_entry->v_port,
|
---|
44 | v_ban_entry->v_count, cfg.failbancount, info?", info: ":"", info?info:"");
|
---|
45 | v_ban_entry->v_count++;
|
---|
46 | }
|
---|
47 | } else {
|
---|
48 | cs_debug_mask(D_TRACE, "failban: banned ip %s:%d - already exist in list%s%s",
|
---|
49 | cs_inet_ntoa(v_ban_entry->v_ip), v_ban_entry->v_port, info?", info: ":"", info?info:"");
|
---|
50 | }
|
---|
51 | }
|
---|
52 | }
|
---|
53 |
|
---|
54 | if (add && !result) {
|
---|
55 | if (cs_malloc(&v_ban_entry, sizeof(V_BAN))) {
|
---|
56 | v_ban_entry->v_time = time((time_t *)0);
|
---|
57 | v_ban_entry->v_ip = ip;
|
---|
58 | v_ban_entry->v_port = port;
|
---|
59 | v_ban_entry->v_count = 1;
|
---|
60 | if (info)
|
---|
61 | v_ban_entry->info = cs_strdup(info);
|
---|
62 | ll_iter_insert(&itr, v_ban_entry);
|
---|
63 | cs_debug_mask(D_TRACE, "failban: ban ip %s:%d with timestamp %ld%s%s",
|
---|
64 | cs_inet_ntoa(v_ban_entry->v_ip), v_ban_entry->v_port, v_ban_entry->v_time,
|
---|
65 | info ? ", info: ":"", info ? info : "");
|
---|
66 | }
|
---|
67 | }
|
---|
68 |
|
---|
69 | return result;
|
---|
70 | }
|
---|
71 |
|
---|
72 | int32_t cs_check_violation(IN_ADDR_T ip, int32_t port) {
|
---|
73 | return cs_check_v(ip, port, 0, NULL);
|
---|
74 | }
|
---|
75 |
|
---|
76 | int32_t cs_add_violation_by_ip(IN_ADDR_T ip, int32_t port, char *info) {
|
---|
77 | return cs_check_v(ip, port, 1, info);
|
---|
78 | }
|
---|
79 |
|
---|
80 | void cs_add_violation(struct s_client *cl, char *info) {
|
---|
81 | struct s_module *module = get_module(cl);
|
---|
82 | cs_add_violation_by_ip(cl->ip, module->ptab ? module->ptab->ports[cl->port_idx].s_port : 0, info);
|
---|
83 | }
|
---|