vilain.git - Gitblit

			@@ -31,7 +31,7 @@
			import time

			CONFIGFILE = "/etc/vilain.conf"
			VERSION = "0.7"
			VERSION = "0.8"
			vilain_table = "vilain_bruteforce"
			LOGFILE = "/var/log/daemon"

			@@ -183,6 +183,8 @@
			logger.info("{} detected, reason {}, count: {}, maxtries: {}".format(ip, reason, n_ip, maxtries))
			if n_ip >= maxtries:
			ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "add", ip])
			# now we can forget this ip
			self.ip_seen_at.pop(ip)
			logger.info("Blacklisting {}, reason {}, return code:{}".format(ip, reason, ret))
			#for debugging, this line allow us to see if the script run until here
			logger.debug('ban_ips end:{}'.format(self.ip_seen_at))
			@@ -194,15 +196,11 @@
			logger.info('clean_ips started with sleeptime={}'.format(self.sleeptime))
			while True:
			await asyncio.sleep(self.watch_while)
			to_remove = []
			for recorded_ip, data in self.ip_seen_at.items():
			if time.time() - data['time'] >= self.watch_while:
			ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "delete", recorded_ip])
			logger.info("{} not blocked any more, return code:{}".format(recorded_ip, ret))
			to_remove.append(recorded_ip)
			for ip in to_remove:
			self.ip_seen_at.pop(ip)
			self.ip_seen_at.pop(recorded_ip)
			#for debugging, this line allow us to see if the script run until here
			ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "expire", self.watch_while])
			logger.debug('clean_ips end:{}'.format(self.ip_seen_at))

	vilain.conf	5 ●●●●● patch \| view \| raw \| blame \| history
	vilain.py	12 ●●●●● patch \| view \| raw \| blame \| history

			@@ -1,7 +1,6 @@
			[DEFAULT]
			# 24h + 5min
			# Time to keep banned a bad ip
			watch_while = 86700
			# Duration (in sec) to keep banned a bad ip, reduce value if too much memory consumption
			watch_while = 3602
			# Max tries before being banned
			maxtries = 3
			# pf table to keep bad IP.