Browse Source

* merge f2b_jail_cmd_ip_*() to one function

master
Alex 'AdUser' Z 8 years ago
parent
commit
3f02569913
  1. 10
      src/daemon.c
  2. 97
      src/jail.c
  3. 6
      src/jail.h

10
src/daemon.c

@ -104,7 +104,7 @@ f2b_cmsg_process(const f2b_cmsg_t *msg, char *res, size_t ressize) {
if (msg->type >= CMD_JAIL_STATUS && msg->type <= CMD_MAX_NUMBER) { if (msg->type >= CMD_JAIL_STATUS && msg->type <= CMD_MAX_NUMBER) {
if ((jail = f2b_jail_find(jails, args[0])) == NULL) { if ((jail = f2b_jail_find(jails, args[0])) == NULL) {
snprintf(res, ressize, "can't find jail '%s'\n", args[0]); snprintf(res, ressize, "can't find jail '%s'", args[0]);
return; return;
} }
} }
@ -127,13 +127,13 @@ f2b_cmsg_process(const f2b_cmsg_t *msg, char *res, size_t ressize) {
strlcat(res, line, ressize); strlcat(res, line, ressize);
} }
} else if (msg->type == CMD_JAIL_STATUS) { } else if (msg->type == CMD_JAIL_STATUS) {
f2b_jail_cmd_status(res, ressize, args[0]); f2b_jail_cmd_status(res, ressize, jail);
} else if (msg->type == CMD_JAIL_IP_STATUS) { } else if (msg->type == CMD_JAIL_IP_STATUS) {
f2b_jail_cmd_ip_status(res, ressize, args[0], args[1]); f2b_jail_cmd_ip_xxx(res, ressize, jail, 0, args[1]);
} else if (msg->type == CMD_JAIL_IP_BAN) { } else if (msg->type == CMD_JAIL_IP_BAN) {
f2b_jail_cmd_ip_ban(res, ressize, args[0], args[1]); f2b_jail_cmd_ip_xxx(res, ressize, jail, 1, args[1]);
} else if (msg->type == CMD_JAIL_IP_RELEASE) { } else if (msg->type == CMD_JAIL_IP_RELEASE) {
f2b_jail_cmd_ip_release(res, ressize, args[0], args[1]); f2b_jail_cmd_ip_xxx(res, ressize, jail, -1, args[1]);
} else if (msg->type == CMD_JAIL_FILTER_STATS) { } else if (msg->type == CMD_JAIL_FILTER_STATS) {
f2b_filter_stats(jail->filter, res, ressize); f2b_filter_stats(jail->filter, res, ressize);
} else if (msg->type == CMD_JAIL_FILTER_RELOAD) { } else if (msg->type == CMD_JAIL_FILTER_RELOAD) {

97
src/jail.c

@ -415,8 +415,7 @@ f2b_jail_stop(f2b_jail_t *jail) {
} }
void void
f2b_jail_cmd_status(char *res, size_t ressize, const char *name) { f2b_jail_cmd_status(char *res, size_t ressize, f2b_jail_t *jail) {
f2b_jail_t *jail = NULL;
const char *fmt = const char *fmt =
"name: %s\n" "name: %s\n"
"enabled: %s\n" "enabled: %s\n"
@ -433,85 +432,55 @@ f2b_jail_cmd_status(char *res, size_t ressize, const char *name) {
" matched: %d\n"; " matched: %d\n";
assert(res != NULL); assert(res != NULL);
assert(name != NULL); assert(jail != NULL);
if ((jail = f2b_jail_find(jails, name)) == NULL) {
snprintf(res, ressize, "can't find jail '%s'", name);
return;
}
snprintf(res, ressize, fmt, jail->name, jail->enabled ? "yes" : "no", jail->maxretry, snprintf(res, ressize, fmt, jail->name, jail->enabled ? "yes" : "no", jail->maxretry,
jail->bantime, jail->findtime, jail->expiretime, jail->bantime, jail->findtime, jail->expiretime,
jail->incr_bantime, jail->incr_findtime, jail->incr_bantime, jail->incr_findtime,
jail->bancount, jail->matchcount); jail->bancount, jail->matchcount);
} }
/**
* @brief misc operations on ip in given jail
* @param res response buffer (don't change if no error)
* @param ressize response buffer size
* @param jail selected jail
* @param op Type of operation: >0 - ban, 0 - status, <0 - unban
* @param ip IP address
*/
void void
f2b_jail_cmd_ip_status(char *res, size_t ressize, const char *name, const char *ip) { f2b_jail_cmd_ip_xxx(char *res, size_t ressize, f2b_jail_t *jail, int op, const char *ip) {
f2b_jail_t *jail = NULL;
f2b_ipaddr_t *addr = NULL;
assert(res != NULL);
assert(name != NULL);
assert(ip != NULL);
if ((jail = f2b_jail_find(jails, name)) == NULL) {
snprintf(res, ressize, "can't find jail '%s'", name);
return;
}
if ((addr = f2b_addrlist_lookup(jail->ipaddrs, ip)) == NULL) {
snprintf(res, ressize, "can't find ip '%s' in jail '%s'", ip, name);
return;
}
f2b_ipaddr_status(addr, res, ressize);
}
void
f2b_jail_cmd_ip_ban(char *res, size_t ressize, const char *name, const char *ip) {
f2b_jail_t *jail = NULL;
f2b_ipaddr_t *addr = NULL; f2b_ipaddr_t *addr = NULL;
assert(res != NULL); assert(res != NULL);
assert(name != NULL); assert(jail != NULL);
assert(ip != NULL); assert(ip != NULL);
if ((jail = f2b_jail_find(jails, name)) == NULL) {
snprintf(res, ressize, "can't find jail '%s'", name);
return;
}
if ((addr = f2b_addrlist_lookup(jail->ipaddrs, ip)) == NULL) { if ((addr = f2b_addrlist_lookup(jail->ipaddrs, ip)) == NULL) {
time_t now = time(NULL); /* address not found in list */
addr = f2b_ipaddr_create(ip, jail->maxretry); if (op > 0) {
if (!addr) { /* ban */
snprintf(res, ressize, "can't parse ip address: %s", ip); time_t now = time(NULL);
addr = f2b_ipaddr_create(ip, jail->maxretry);
if (!addr) {
snprintf(res, ressize, "can't parse ip address: %s", ip);
return;
}
addr->lastseen = now;
f2b_matches_append(&addr->matches, now);
jail->ipaddrs = f2b_addrlist_append(jail->ipaddrs, addr);
} else {
/* unban & status */
snprintf(res, ressize, "can't find ip '%s' in jail '%s'", ip, jail->name);
return; return;
} }
addr->lastseen = now;
f2b_matches_append(&addr->matches, now);
jail->ipaddrs = f2b_addrlist_append(jail->ipaddrs, addr);
}
f2b_jail_unban(jail, addr);
}
void
f2b_jail_cmd_ip_release(char *res, size_t ressize, const char *name, const char *ip) {
f2b_jail_t *jail = NULL;
f2b_ipaddr_t *addr = NULL;
assert(res != NULL);
assert(name != NULL);
assert(ip != NULL);
if ((jail = f2b_jail_find(jails, name)) == NULL) {
snprintf(res, ressize, "can't find jail '%s'", name);
return;
} }
if ((addr = f2b_addrlist_lookup(jail->ipaddrs, ip)) == NULL) { if (op > 0) {
snprintf(res, ressize, "can't find ip '%s' in jail '%s'", name, ip); f2b_jail_ban(jail, addr);
return; } else if (op < 0) {
f2b_jail_unban(jail, addr);
} else {
f2b_ipaddr_status(addr, res, ressize);
} }
f2b_jail_unban(jail, addr);
} }

6
src/jail.h

@ -54,8 +54,6 @@ bool f2b_jail_init (f2b_jail_t *jail, f2b_config_t *config);
size_t f2b_jail_process (f2b_jail_t *jail); size_t f2b_jail_process (f2b_jail_t *jail);
bool f2b_jail_stop (f2b_jail_t *jail); bool f2b_jail_stop (f2b_jail_t *jail);
void f2b_jail_cmd_status (char *res, size_t ressize, const char *name); void f2b_jail_cmd_status (char *res, size_t ressize, f2b_jail_t *jail);
void f2b_jail_cmd_ip_status (char *res, size_t ressize, const char *name, const char *ip); void f2b_jail_cmd_ip_xxx (char *res, size_t ressize, f2b_jail_t *jail, int op, const char *ip);
void f2b_jail_cmd_ip_ban (char *res, size_t ressize, const char *name, const char *ip);
void f2b_jail_cmd_ip_release(char *res, size_t ressize, const char *name, const char *ip);
#endif /* F2B_JAIL_H_ */ #endif /* F2B_JAIL_H_ */

Loading…
Cancel
Save