76 řádky
1.9 KiB
C++
76 řádky
1.9 KiB
C++
/**
|
|
* @PROJECT ForbidHosts
|
|
* @COPYRIGHT See COPYING in the top level directory
|
|
* @FILE forbidhosts.h
|
|
* @PURPOSE Tool for checking IPv4 & IPv6 failed connections
|
|
* @DEVELOPERS Pierre Schweitzer <pierre@reactos.org>
|
|
* Rafal Kupiec <belliash@asiotec.eu.org>
|
|
*/
|
|
|
|
#define MAXATTEMPTS 5
|
|
#define HOSTEXPIRE 10
|
|
#define FAILUREPENALTY 1
|
|
#define DENYFILE "/etc/hosts.deny"
|
|
#define LOGFILE "/var/log/auth.log"
|
|
#define PIDFILE "/var/run/forbidhosts.pid"
|
|
|
|
#define FHVERSION "1.6"
|
|
|
|
#define assertHard(e) if (!(e)) assertException(__FILE__, __LINE__, #e, true)
|
|
#define assertSoft(e) if (!(e)) assertException(__FILE__, __LINE__, #e, false)
|
|
|
|
using namespace std;
|
|
|
|
struct hf_t {
|
|
unsigned int max_attempts;
|
|
unsigned int host_expire;
|
|
unsigned int failure_penalty;
|
|
string banned_names;
|
|
string debug;
|
|
string deny_file;
|
|
string log_file;
|
|
string pid_file;
|
|
string protocol;
|
|
};
|
|
hf_t global;
|
|
|
|
struct banned_t {
|
|
string ipaddr;
|
|
time_t expires;
|
|
|
|
banned_t(time_t date, const string &address) {
|
|
ipaddr = address;
|
|
expires = date + 12 * 60 * 60;
|
|
}
|
|
};
|
|
|
|
struct host_t {
|
|
string ipaddr;
|
|
unsigned int attempts;
|
|
time_t first_seen;
|
|
time_t expires;
|
|
|
|
host_t(time_t date, const string &address) {
|
|
attempts = 1;
|
|
ipaddr = address;
|
|
first_seen = date;
|
|
expires = date + global.host_expire * 60;
|
|
}
|
|
};
|
|
|
|
int logfile;
|
|
|
|
void assertException(const char *file, unsigned int line, const char *assert, bool critical);
|
|
void assignGlobalVars();
|
|
bool compare(const host_t &lhs, const host_t &rhs);
|
|
void daemonize(string workdir);
|
|
void debug(const char *msg, ...);
|
|
void denyHost(string host);
|
|
void printVersion();
|
|
unsigned int readLine(int file, vector<host_t> &hosts, vector<banned_t> &banned);
|
|
void shutdown(int code);
|
|
void signalHandler(int signal);
|
|
bool updateHost(const string &host, vector<host_t> &hosts, vector<banned_t> &banned, unsigned int repeated, bool loggedin);
|
|
bool validateEntry(char *entry, char **address, unsigned int *length, bool *loggedin);
|
|
unsigned int validateRepeated(char *line);
|