📄 mod_evasive.c
字号:
node = NULL; } if (new_node == NULL) { parent = node; node = node->next; } } if (new_node != NULL) { new_node->timestamp = timestamp; new_node->count = 0; return new_node; } /* Create a new node */ new_node = ntt_node_create(key); new_node->timestamp = timestamp; new_node->timestamp = 0; ntt->items++; /* Insert */ if (parent) { /* Existing parent */ parent->next = new_node; return new_node; /* Return the locked node */ } /* No existing parent; add directly to hash table */ ntt->tbl[hash_code] = new_node; return new_node;}/* Tree destructor */int ntt_destroy(struct ntt *ntt) { struct ntt_node *node, *next; struct ntt_c c; if (ntt == NULL) return -1; node = c_ntt_first(ntt, &c); while(node != NULL) { next = c_ntt_next(ntt, &c); ntt_delete(ntt, node->key); node = next; } free(ntt->tbl); free(ntt); ntt = (struct ntt *) NULL; return 0;}/* Delete a single node in the tree */int ntt_delete(struct ntt *ntt, const char *key) { long hash_code; struct ntt_node *parent = NULL; struct ntt_node *node; struct ntt_node *del_node = NULL; if (ntt == NULL) return -1; hash_code = ntt_hashcode(ntt, key); node = ntt->tbl[hash_code]; while (node != NULL) { if (strcmp(key, node->key) == 0) { del_node = node; node = NULL; } if (del_node == NULL) { parent = node; node = node->next; } } if (del_node != NULL) { if (parent) { parent->next = del_node->next; } else { ntt->tbl[hash_code] = del_node->next; } free(del_node->key); free(del_node); ntt->items--; return 0; } return -5;}/* Point cursor to first item in tree */struct ntt_node *c_ntt_first(struct ntt *ntt, struct ntt_c *c) { c->iter_index = 0; c->iter_next = (struct ntt_node *)NULL; return(c_ntt_next(ntt, c));}/* Point cursor to next iteration in tree */struct ntt_node *c_ntt_next(struct ntt *ntt, struct ntt_c *c) { long index; struct ntt_node *node = c->iter_next; if (ntt == NULL) return NULL; if (node) { if (node != NULL) { c->iter_next = node->next; return (node); } } if (! node) { while (c->iter_index < ntt->size) { index = c->iter_index++; if (ntt->tbl[index]) { c->iter_next = ntt->tbl[index]->next; return(ntt->tbl[index]); } } } return((struct ntt_node *)NULL);}/* END NTT (Named Pointer Tree) Functions *//* BEGIN Configuration Functions */static const char *get_hash_tbl_size(cmd_parms *cmd, void *dconfig, char *value) { long n = strtol(value, NULL, 0); if (n<=0) hash_table_size = DEFAULT_HASH_TBL_SIZE; else hash_table_size = n; return NULL;}static const char *get_page_count(cmd_parms *cmd, void *dconfig, char *value) { long n = strtol(value, NULL, 0); if (n<=0) page_count = DEFAULT_PAGE_COUNT; else page_count = n; return NULL;}static const char *get_site_count(cmd_parms *cmd, void *dconfig, char *value) { long n = strtol(value, NULL, 0); if (n<=0) site_count = DEFAULT_SITE_COUNT; else site_count = n; return NULL;}static const char *get_page_interval(cmd_parms *cmd, void *dconfig, char *value) { long n = strtol(value, NULL, 0); if (n<=0) page_interval = DEFAULT_PAGE_INTERVAL; else page_interval = n; return NULL;}static const char *get_site_interval(cmd_parms *cmd, void *dconfig, char *value) { long n = strtol(value, NULL, 0); if (n<=0) site_interval = DEFAULT_SITE_INTERVAL; else site_interval = n; return NULL;}static const char *get_blocking_period(cmd_parms *cmd, void *dconfig, char *value) { long n = strtol(value, NULL, 0); if (n<=0) blocking_period = DEFAULT_BLOCKING_PERIOD; else blocking_period = n; return NULL;}static const char *get_log_dir(cmd_parms *cmd, void *dconfig, char *value) { if (value != NULL && value[0] != 0) { if (log_dir != NULL) free(log_dir); log_dir = strdup(value); } return NULL;}static const char *get_email_notify(cmd_parms *cmd, void *dconfig, char *value) { if (value != NULL && value[0] != 0) { if (email_notify != NULL) free(email_notify); email_notify = strdup(value); } return NULL;}static const char *get_sys_command(cmd_parms *cmd, void *dconfig, char *value) { if (value != NULL && value[0] != 0) { if (sys_command != NULL) free(sys_command); sys_command = strdup(value); } return NULL;} static const char *whitelist(cmd_parms *cmd, void *mconfig, char *ip) { char entry[128]; if (white_list == NULL) white_list = ntt_create(53ul); snprintf(entry, sizeof(entry), "%s", ip); ntt_insert(white_list, entry, time(NULL)); return NULL;}/* END Configuration Functions */int is_whitelisted(const char *ip) { char hashkey[128]; char octet[4][4]; char *dip; char *oct; int i = 0; memset(octet, 0, 16); dip = strdup(ip); if (dip == NULL) return 0; oct = strtok(dip, "."); while(oct != NULL && i<4) { if (strlen(oct)<=3) strcpy(octet[i], oct); i++; oct = strtok(NULL, "."); } free(dip); /* Exact Match */ snprintf(hashkey, sizeof(hashkey), "%s", ip); if (ntt_find(white_list, hashkey)!=NULL) return 1; /* IPv4 Wildcards */ snprintf(hashkey, sizeof(hashkey), "%s.*.*.*", octet[0]); if (ntt_find(white_list, hashkey)!=NULL) return 1; snprintf(hashkey, sizeof(hashkey), "%s.%s.*.*", octet[0], octet[1]); if (ntt_find(white_list, hashkey)!=NULL) return 1; snprintf(hashkey, sizeof(hashkey), "%s.%s.%s.*", octet[0], octet[1], octet[2]); if (ntt_find(white_list, hashkey)!=NULL) return 1; /* No match */ return 0;}static command_rec command_table[] = { { "DOSWhitelist", whitelist, NULL, RSRC_CONF, ITERATE, "Whitelist an IP or Wildcard. "}, { "DOSHashTableSize", get_hash_tbl_size, NULL, RSRC_CONF, TAKE1, "Set size of hash table. " }, { "DOSPageCount", get_page_count, NULL, RSRC_CONF, TAKE1, "Set maximum page hit count per interval. " }, { "DOSSiteCount", get_site_count, NULL, RSRC_CONF, TAKE1, "Set maximum site hit count per interval. " }, { "DOSPageInterval", get_page_interval, NULL, RSRC_CONF, TAKE1, "Set page interval. " }, { "DOSSiteInterval", get_site_interval, NULL, RSRC_CONF, TAKE1, "Set site interval. " }, { "DOSLogDir", get_log_dir, NULL, RSRC_CONF, TAKE1, "Set log dir. "}, { "DOSEmailNotify", get_email_notify, NULL, RSRC_CONF, TAKE1, "Set email notification. "}, { "DOSSystemCommand", get_sys_command, NULL, RSRC_CONF, TAKE1, "Set system command. "}, { "DOSBlockingPeriod", get_blocking_period, NULL, RSRC_CONF, TAKE1, "Set blocking period for detected DoS IPs. "}, { NULL }};module MODULE_VAR_EXPORT evasive_module = { STANDARD_MODULE_STUFF, NULL, /* initializer */ NULL, /* dir config creator */ NULL, /* dir config merger */ NULL, /* server config creator */ NULL, /* server config merger */ command_table, /* command table */ NULL, /* handlers */ NULL, /* filename translation */ NULL, /* check_user_id */ NULL, /* check auth */ check_access, /* check access */ NULL, /* type_checker */ NULL, /* fixups */ NULL, /* logger */ NULL, /* header parser */ evasive_child_init, /* child_init */ evasive_child_exit, /* child_exit */ NULL /* post read-request */};⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -