Mercurial > syslog2iptables
diff src/syslogconfig.h @ 58:b45dddebe8fc
Add exponential increase in penalty for repeat offenders
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Tue, 10 Jun 2014 08:48:53 -0700 |
parents | 206448c00b55 |
children | 60f59936fabb |
line wrap: on
line diff
--- a/src/syslogconfig.h Wed Aug 17 10:16:17 2011 -0700 +++ b/src/syslogconfig.h Tue Jun 10 08:48:53 2014 -0700 @@ -40,21 +40,23 @@ struct bucket { int count; - bool latch; // true iff ever count>threshold + bool blocked; // true iff ever count>threshold }; typedef map<int, bucket, ltint> ip_buckets; class IPR { int reference_count; // number of contexts using this recorder + int daily_timer; // track daily cycle to reduce repeat offenders penalties ip_buckets violations; + ip_buckets repeat_offenders; public: IPR(); int reference(int delta) {reference_count += delta; return reference_count;}; void add(int ip, int amount, CONTEXT &con, const char *file_name, int pattern_index, const char *message); void leak(int amount, CONTEXT &con); void free_all(CONTEXT &con); - void update(int ip, bool added, const char *file_name, int pattern_index, const char *message); + void update(int ip, bool added, int scale, const char *file_name, int pattern_index, const char *message); void changed(CONTEXT &con, int ip, bool added); static IPR* find(const char* name); static void release(const char* name);