From 2fa8c5b3a7c3f262df076b7245e8536f7b164af1 Mon Sep 17 00:00:00 2001
From: Thuban <thuban@yeuxdelibad.net>
Date: Sat, 27 Apr 2019 07:15:40 +0000
Subject: [PATCH] add new dovecot rule
---
vilain.py | 12 +++++-------
1 files changed, 5 insertions(+), 7 deletions(-)
diff --git a/vilain.py b/vilain.py
index 44f8fdb..1748f4a 100644
--- a/vilain.py
+++ b/vilain.py
@@ -31,7 +31,7 @@
import time
CONFIGFILE = "/etc/vilain.conf"
-VERSION = "0.7"
+VERSION = "0.8.1"
vilain_table = "vilain_bruteforce"
LOGFILE = "/var/log/daemon"
@@ -183,6 +183,8 @@
logger.info("{} detected, reason {}, count: {}, maxtries: {}".format(ip, reason, n_ip, maxtries))
if n_ip >= maxtries:
ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "add", ip])
+ # now we can forget this ip
+ self.ip_seen_at.pop(ip)
logger.info("Blacklisting {}, reason {}, return code:{}".format(ip, reason, ret))
#for debugging, this line allow us to see if the script run until here
logger.debug('ban_ips end:{}'.format(self.ip_seen_at))
@@ -194,15 +196,11 @@
logger.info('clean_ips started with sleeptime={}'.format(self.sleeptime))
while True:
await asyncio.sleep(self.watch_while)
- to_remove = []
for recorded_ip, data in self.ip_seen_at.items():
if time.time() - data['time'] >= self.watch_while:
- ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "delete", recorded_ip])
- logger.info("{} not blocked any more, return code:{}".format(recorded_ip, ret))
- to_remove.append(recorded_ip)
- for ip in to_remove:
- self.ip_seen_at.pop(ip)
+ self.ip_seen_at.pop(recorded_ip)
#for debugging, this line allow us to see if the script run until here
+ ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "expire", self.watch_while])
logger.debug('clean_ips end:{}'.format(self.ip_seen_at))
--
Gitblit v1.9.3