Browse Source

* use flags in jail instead separate boolean fields

master
Alex 'AdUser' Z 8 years ago
parent
commit
f143d41531
  1. 2
      src/daemon.c
  2. 9
      src/jail.c
  3. 5
      src/jail.h

2
src/daemon.c

@ -220,7 +220,7 @@ jails_start(f2b_config_t *config) {
f2b_log_msg(log_error, "can't create jail '%s'", jail_config->name); f2b_log_msg(log_error, "can't create jail '%s'", jail_config->name);
continue; continue;
} }
if (!jail->enabled) { if (jail->flags & JAIL_ENABLED) {
f2b_log_msg(log_debug, "ignoring disabled jail '%s'", jail->name); f2b_log_msg(log_debug, "ignoring disabled jail '%s'", jail->name);
free(jail); free(jail);
continue; continue;

9
src/jail.c

@ -7,7 +7,6 @@
#include "common.h" #include "common.h"
#include "jail.h" #include "jail.h"
#define DEFAULT_STATE false
#define DEFAULT_BANTIME 3600 /* in seconds, 1 hour */ #define DEFAULT_BANTIME 3600 /* in seconds, 1 hour */
#define DEFAULT_FINDTIME 300 /* in seconds, 5 min */ #define DEFAULT_FINDTIME 300 /* in seconds, 5 min */
#define DEFAULT_EXPIRETIME 14400 /* in seconds, 4 hours */ #define DEFAULT_EXPIRETIME 14400 /* in seconds, 4 hours */
@ -16,7 +15,6 @@
f2b_jail_t *jails = NULL; f2b_jail_t *jails = NULL;
static f2b_jail_t defaults = { static f2b_jail_t defaults = {
.enabled = DEFAULT_STATE,
.bantime = DEFAULT_BANTIME, .bantime = DEFAULT_BANTIME,
.findtime = DEFAULT_FINDTIME, .findtime = DEFAULT_FINDTIME,
.maxretry = DEFAULT_MAXRETRY, .maxretry = DEFAULT_MAXRETRY,
@ -53,7 +51,7 @@ f2b_jail_set_param(f2b_jail_t *jail, const char *param, const char *value) {
if (strcmp(param, "enabled") == 0) { if (strcmp(param, "enabled") == 0) {
if (strcmp(value, "yes") == 0) if (strcmp(value, "yes") == 0)
jail->enabled = true; jail->flags |= JAIL_ENABLED;
return true; return true;
} }
if (strcmp(param, "bantime") == 0) { if (strcmp(param, "bantime") == 0) {
@ -425,6 +423,7 @@ void
f2b_jail_cmd_status(char *res, size_t ressize, f2b_jail_t *jail) { f2b_jail_cmd_status(char *res, size_t ressize, f2b_jail_t *jail) {
const char *fmt = const char *fmt =
"name: %s\n" "name: %s\n"
"flags:\n"
" enabled: %s\n" " enabled: %s\n"
"maxretry: %d\n" "maxretry: %d\n"
"times:\n" "times:\n"
@ -441,7 +440,9 @@ f2b_jail_cmd_status(char *res, size_t ressize, f2b_jail_t *jail) {
assert(res != NULL); assert(res != NULL);
assert(jail != NULL); assert(jail != NULL);
snprintf(res, ressize, fmt, jail->name, jail->enabled ? "yes" : "no", jail->maxretry, snprintf(res, ressize, fmt, jail->name,
jail->flags & JAIL_ENABLED ? "yes" : "no",
jail->maxretry,
jail->bantime, jail->findtime, jail->expiretime, jail->bantime, jail->findtime, jail->expiretime,
jail->incr_bantime, jail->incr_findtime, jail->incr_bantime, jail->incr_findtime,
jail->bancount, jail->matchcount); jail->bancount, jail->matchcount);

5
src/jail.h

@ -19,10 +19,13 @@
* This header describes jail definition and related routines * This header describes jail definition and related routines
*/ */
/* jail flags */
#define JAIL_ENABLED 0x01
/** jail metadata struct */ /** jail metadata struct */
typedef struct f2b_jail_t { typedef struct f2b_jail_t {
struct f2b_jail_t *next; /**< pointer to next jail */ struct f2b_jail_t *next; /**< pointer to next jail */
bool enabled; /**< option: is jail enabled */ int flags; /**< jail flags, see above */
time_t bantime; /**< option: ban host for this time if maxretry exceeded */ time_t bantime; /**< option: ban host for this time if maxretry exceeded */
time_t findtime; /**< option: time period for counting matches */ time_t findtime; /**< option: time period for counting matches */
time_t expiretime; /**< option: forget about host after this time with on activity (not including bantime) */ time_t expiretime; /**< option: forget about host after this time with on activity (not including bantime) */

Loading…
Cancel
Save