Mercurial > syslog2iptables

diff src/syslogconfig.cpp @ 36:6a2f26976898

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
shutdown removes iptables entries that we added
author carl
date Thu, 08 Nov 2007 10:52:56 -0800
parents d2ceebcf6595
children e4eb969dfc4a
line wrap: on
line diff
--- a/src/syslogconfig.cpp	Tue Sep 18 09:54:22 2007 -0700
+++ b/src/syslogconfig.cpp	Thu Nov 08 10:52:56 2007 -0800
@@ -1,22 +1,10 @@
-/***************************************************************************
- *	 Copyright (C) 2005 by 510 Software Group							   *
- *																		   *
- *																		   *
- *	 This program is free software; you can redistribute it and/or modify  *
- *	 it under the terms of the GNU General Public License as published by  *
- *	 the Free Software Foundation; either version 2 of the License, or	   *
- *	 (at your option) any later version.								   *
- *																		   *
- *	 This program is distributed in the hope that it will be useful,	   *
- *	 but WITHOUT ANY WARRANTY; without even the implied warranty of 	   *
- *	 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the		   *
- *	 GNU General Public License for more details.						   *
- *																		   *
- *	 You should have received a copy of the GNU General Public License	   *
- *	 along with this program; if not, write to the						   *
- *	 Free Software Foundation, Inc.,									   *
- *	 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.			   *
- ***************************************************************************/
+/*
+
+Copyright (c) 2007 Carl Byington - 510 Software Group, released under
+the GPL version 3 or any later version at your choice available at
+http://www.gnu.org/licenses/gpl-3.0.txt
+
+*/
 
 #include "includes.h"
 #include <fcntl.h>
@@ -65,6 +53,7 @@
 public:
 	void add(int ip, int amount, CONFIG &con, char *file_name, int pattern_index, char *message);
 	void leak(int amount, CONFIG &con);
+    void free_all(CONFIG &con);
 	void update(int ip, bool added, char *file_name, int pattern_index, char *message);
 	void changed(CONFIG &con, int ip, bool added);
 };
@@ -123,6 +112,19 @@
 }
 
 
+void IPR::free_all(CONFIG &con) {
+    for (ip_buckets::iterator i=violations.begin(); i!=violations.end(); i++) {
+        int    ip = (*i).first;
+        bucket &b = (*i).second;
+        if (b.latch) {
+            update(ip, false, NULL, 0, NULL);
+            changed(con, ip, false);
+        }
+    }
+    violations.clear();
+}
+
+
 void IPR::update(int ip, bool added, char *file_name, int pattern_index, char *message) {
 	if (debug_syslog > 2) {
 		char buf[maxlen];
@@ -310,6 +312,10 @@
 }
 
 
+void CONFIG::free_all() {
+    recorder.free_all(*this);
+}
+
 bool CONFIG::looking(int ip) {
 	for (ippair_list::iterator i=ignore.begin(); i!=ignore.end(); i++) {
 		IPPAIR &p = *i;