syslog2iptables: src/syslogconfig.h comparison

Add exponential increase in penalty for repeat offenders

author	Carl Byington <carl@five-ten-sg.com>
date	Tue, 10 Jun 2014 08:48:53 -0700
parents	206448c00b55
children	60f59936fabb

comparison

equal deleted inserted replaced

-:c95acc20f7ed
+:b45dddebe8fc
 }
 };
 struct bucket {
 int  count;
-bool latch; // true iff ever count>threshold
+bool blocked; // true iff ever count>threshold
 };
 typedef map<int, bucket, ltint>   ip_buckets;
 class IPR {
 int         reference_count;    // number of contexts using this recorder
+int         daily_timer;        // track daily cycle to reduce repeat offenders penalties
 ip_buckets  violations;
+ip_buckets  repeat_offenders;
 public:
 IPR();
 int  reference(int delta)   {reference_count += delta; return reference_count;};
 void add(int ip, int amount, CONTEXT &con, const char *file_name, int pattern_index, const char *message);
 void leak(int amount, CONTEXT &con);
 void free_all(CONTEXT &con);
-void update(int ip, bool added, const char *file_name, int pattern_index, const char *message);
+void update(int ip, bool added, int scale, const char *file_name, int pattern_index, const char *message);
 void changed(CONTEXT &con, int ip, bool added);
 static IPR* find(const char* name);
 static void release(const char* name);
 };

Mercurial > syslog2iptables