From a85307b3d3c76c6742336c1ee701a76f1cc030ec Mon Sep 17 00:00:00 2001
From: mrroman <mrroman@devsite.pl>
Date: Thu, 28 Dec 2023 21:28:38 +0000
Subject: [PATCH] Use ksh instead of sh in rc script

---
 vilain.py |   15 +++++++--------
 1 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/vilain.py b/vilain.py
old mode 100755
new mode 100644
index 082b15f..07f5f4d
--- a/vilain.py
+++ b/vilain.py
@@ -5,6 +5,7 @@
 """
 Author :      thuban <thuban@yeuxdelibad.net>
               Vincent <vincent.delft@gmail.com>
+              Yax https://blogduyax.madyanne.fr/
 Licence :     MIT
 Require : python >= 3.5
 
@@ -30,7 +31,7 @@
 import time
 
 CONFIGFILE = "/etc/vilain.conf"
-VERSION = "0.7"
+VERSION = "0.8.1"
 vilain_table = "vilain_bruteforce"
 LOGFILE = "/var/log/daemon"
 
@@ -94,7 +95,7 @@
         self.watch_while, self.default_maxtries, self.vilain_table, self.ignore_ips, self.sleeptime = load_config(config, config_dict)
         self.ip_seen_at = {}
         self.load_bad_ips()
-        self.bad_ip_queue = asyncio.Queue(loop=self.loop)
+        self.bad_ip_queue = asyncio.Queue()
 
         for entry in load_sections(config):
             logger.info("Start vilain for {}".format(entry))
@@ -182,6 +183,8 @@
             logger.info("{} detected, reason {}, count: {}, maxtries: {}".format(ip, reason, n_ip, maxtries))
             if n_ip >= maxtries:
                 ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "add", ip])
+                # now we can forget this ip
+                self.ip_seen_at.pop(ip)
                 logger.info("Blacklisting {}, reason {}, return code:{}".format(ip, reason, ret))
             #for debugging, this line allow us to see if the script run until here
             logger.debug('ban_ips end:{}'.format(self.ip_seen_at))
@@ -193,15 +196,11 @@
         logger.info('clean_ips started with sleeptime={}'.format(self.sleeptime))
         while True:
             await asyncio.sleep(self.watch_while)
-            to_remove = []
             for recorded_ip, data in self.ip_seen_at.items():
                 if time.time() - data['time'] >= self.watch_while:
-                    ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "delete", recorded_ip])
-                    logger.info("{} not blocked any more, return code:{}".format(recorded_ip, ret))
-                    to_remove.append(recorded_ip)
-            for ip in to_remove:
-                self.ip_seen_at.pop(ip)
+                    self.ip_seen_at.pop(recorded_ip)
             #for debugging, this line allow us to see if the script run until here
+            ret = subprocess.call(["pfctl", "-t", self.vilain_table, "-T", "expire", self.watch_while])
             logger.debug('clean_ips end:{}'.format(self.ip_seen_at))
 
 

--
Gitblit v1.9.3