From 3f025699139a3ee6f315b0e6969f8a4f21368167 Mon Sep 17 00:00:00 2001 From: Alex 'AdUser' Z Date: Wed, 21 Sep 2016 13:02:12 +1000 Subject: [PATCH] * merge f2b_jail_cmd_ip_*() to one function --- src/daemon.c | 10 +++--- src/jail.c | 97 ++++++++++++++++++---------------------------------- src/jail.h | 6 ++-- 3 files changed, 40 insertions(+), 73 deletions(-) diff --git a/src/daemon.c b/src/daemon.c index 18721dc..04b9c3b 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -104,7 +104,7 @@ f2b_cmsg_process(const f2b_cmsg_t *msg, char *res, size_t ressize) { if (msg->type >= CMD_JAIL_STATUS && msg->type <= CMD_MAX_NUMBER) { if ((jail = f2b_jail_find(jails, args[0])) == NULL) { - snprintf(res, ressize, "can't find jail '%s'\n", args[0]); + snprintf(res, ressize, "can't find jail '%s'", args[0]); return; } } @@ -127,13 +127,13 @@ f2b_cmsg_process(const f2b_cmsg_t *msg, char *res, size_t ressize) { strlcat(res, line, ressize); } } else if (msg->type == CMD_JAIL_STATUS) { - f2b_jail_cmd_status(res, ressize, args[0]); + f2b_jail_cmd_status(res, ressize, jail); } else if (msg->type == CMD_JAIL_IP_STATUS) { - f2b_jail_cmd_ip_status(res, ressize, args[0], args[1]); + f2b_jail_cmd_ip_xxx(res, ressize, jail, 0, args[1]); } else if (msg->type == CMD_JAIL_IP_BAN) { - f2b_jail_cmd_ip_ban(res, ressize, args[0], args[1]); + f2b_jail_cmd_ip_xxx(res, ressize, jail, 1, args[1]); } else if (msg->type == CMD_JAIL_IP_RELEASE) { - f2b_jail_cmd_ip_release(res, ressize, args[0], args[1]); + f2b_jail_cmd_ip_xxx(res, ressize, jail, -1, args[1]); } else if (msg->type == CMD_JAIL_FILTER_STATS) { f2b_filter_stats(jail->filter, res, ressize); } else if (msg->type == CMD_JAIL_FILTER_RELOAD) { diff --git a/src/jail.c b/src/jail.c index c1c713b..c8b71e5 100644 --- a/src/jail.c +++ b/src/jail.c @@ -415,8 +415,7 @@ f2b_jail_stop(f2b_jail_t *jail) { } void -f2b_jail_cmd_status(char *res, size_t ressize, const char *name) { - f2b_jail_t *jail = NULL; +f2b_jail_cmd_status(char *res, size_t ressize, f2b_jail_t *jail) { const char *fmt = "name: %s\n" "enabled: %s\n" @@ -433,85 +432,55 @@ f2b_jail_cmd_status(char *res, size_t ressize, const char *name) { " matched: %d\n"; assert(res != NULL); - assert(name != NULL); + assert(jail != NULL); - if ((jail = f2b_jail_find(jails, name)) == NULL) { - snprintf(res, ressize, "can't find jail '%s'", name); - return; - } snprintf(res, ressize, fmt, jail->name, jail->enabled ? "yes" : "no", jail->maxretry, jail->bantime, jail->findtime, jail->expiretime, jail->incr_bantime, jail->incr_findtime, jail->bancount, jail->matchcount); } +/** + * @brief misc operations on ip in given jail + * @param res response buffer (don't change if no error) + * @param ressize response buffer size + * @param jail selected jail + * @param op Type of operation: >0 - ban, 0 - status, <0 - unban + * @param ip IP address + */ void -f2b_jail_cmd_ip_status(char *res, size_t ressize, const char *name, const char *ip) { - f2b_jail_t *jail = NULL; - f2b_ipaddr_t *addr = NULL; - - assert(res != NULL); - assert(name != NULL); - assert(ip != NULL); - - if ((jail = f2b_jail_find(jails, name)) == NULL) { - snprintf(res, ressize, "can't find jail '%s'", name); - return; - } - - if ((addr = f2b_addrlist_lookup(jail->ipaddrs, ip)) == NULL) { - snprintf(res, ressize, "can't find ip '%s' in jail '%s'", ip, name); - return; - } - f2b_ipaddr_status(addr, res, ressize); -} - -void -f2b_jail_cmd_ip_ban(char *res, size_t ressize, const char *name, const char *ip) { - f2b_jail_t *jail = NULL; +f2b_jail_cmd_ip_xxx(char *res, size_t ressize, f2b_jail_t *jail, int op, const char *ip) { f2b_ipaddr_t *addr = NULL; assert(res != NULL); - assert(name != NULL); + assert(jail != NULL); assert(ip != NULL); - if ((jail = f2b_jail_find(jails, name)) == NULL) { - snprintf(res, ressize, "can't find jail '%s'", name); - return; - } - if ((addr = f2b_addrlist_lookup(jail->ipaddrs, ip)) == NULL) { - time_t now = time(NULL); - addr = f2b_ipaddr_create(ip, jail->maxretry); - if (!addr) { - snprintf(res, ressize, "can't parse ip address: %s", ip); + /* address not found in list */ + if (op > 0) { + /* ban */ + time_t now = time(NULL); + addr = f2b_ipaddr_create(ip, jail->maxretry); + if (!addr) { + snprintf(res, ressize, "can't parse ip address: %s", ip); + return; + } + addr->lastseen = now; + f2b_matches_append(&addr->matches, now); + jail->ipaddrs = f2b_addrlist_append(jail->ipaddrs, addr); + } else { + /* unban & status */ + snprintf(res, ressize, "can't find ip '%s' in jail '%s'", ip, jail->name); return; } - addr->lastseen = now; - f2b_matches_append(&addr->matches, now); - jail->ipaddrs = f2b_addrlist_append(jail->ipaddrs, addr); - } - f2b_jail_unban(jail, addr); -} - -void -f2b_jail_cmd_ip_release(char *res, size_t ressize, const char *name, const char *ip) { - f2b_jail_t *jail = NULL; - f2b_ipaddr_t *addr = NULL; - - assert(res != NULL); - assert(name != NULL); - assert(ip != NULL); - - if ((jail = f2b_jail_find(jails, name)) == NULL) { - snprintf(res, ressize, "can't find jail '%s'", name); - return; } - if ((addr = f2b_addrlist_lookup(jail->ipaddrs, ip)) == NULL) { - snprintf(res, ressize, "can't find ip '%s' in jail '%s'", name, ip); - return; + if (op > 0) { + f2b_jail_ban(jail, addr); + } else if (op < 0) { + f2b_jail_unban(jail, addr); + } else { + f2b_ipaddr_status(addr, res, ressize); } - - f2b_jail_unban(jail, addr); } diff --git a/src/jail.h b/src/jail.h index 79d3ece..9a7c5b3 100644 --- a/src/jail.h +++ b/src/jail.h @@ -54,8 +54,6 @@ bool f2b_jail_init (f2b_jail_t *jail, f2b_config_t *config); size_t f2b_jail_process (f2b_jail_t *jail); bool f2b_jail_stop (f2b_jail_t *jail); -void f2b_jail_cmd_status (char *res, size_t ressize, const char *name); -void f2b_jail_cmd_ip_status (char *res, size_t ressize, const char *name, const char *ip); -void f2b_jail_cmd_ip_ban (char *res, size_t ressize, const char *name, const char *ip); -void f2b_jail_cmd_ip_release(char *res, size_t ressize, const char *name, const char *ip); +void f2b_jail_cmd_status (char *res, size_t ressize, f2b_jail_t *jail); +void f2b_jail_cmd_ip_xxx (char *res, size_t ressize, f2b_jail_t *jail, int op, const char *ip); #endif /* F2B_JAIL_H_ */