Swap from amazon to hetzner ip

split up rejects
Add support for exceeded LoginGraceTime
2025-10-05 20:54:36 +02:00 · 2025-10-05 20:53:08 +02:00 · 2025-08-14 00:11:46 +02:00 · 2025-07-24 22:58:40 +02:00 · 2025-07-06 15:23:44 +02:00 · 2025-07-01 20:15:19 +02:00
5 changed files with 38 additions and 11 deletions
--- a/lib/db.pm
+++ b/lib/db.pm
@@ -17,8 +17,6 @@ sub new {

 sub init {
 	my $self	= shift;
-	my $parser	= shift; ## not needed for this module as the db-connection is for all modules
-	$self->connect() || die "Could not connect to db";
 	return $self->{'config'}->get_dbh();
 }

@@ -31,18 +29,18 @@ sub connect {
 	my $db		= $config->get_as_single_val('config','db');
 	my $dbh;
 	if($usr && $pwd && $host && $db) {
+		my $logstr = 'Connecting to DB...';
 		my $i = 0;
-		$self->{'config'}->{'logger'}->log('Connecting to DB');
 		while(1) {
 			last if($dbh = DBI->connect("DBI:mysql:database=$db;host=$host",$usr,$pwd, { PrintError => 1, mysql_auto_reconnect=>0, AutoCommit => 1 }));
 			sleep($i);
 			$i++;
 			unless ($i % 10) {
-				$self->{'config'}->{'logger'}->log('Cannot connect to DB, reconnect retry '.$i);
+				$self->{'config'}->{'logger'}->log($logstr.'timed out, retry #'.$i);
 			}
 		}
 		$config->set_dbh($dbh);
-		#$self->{'config'}->{'logger'}->log("Sucsessfully connected to db"); FIXME add debug to config?
+		$self->{'config'}->{'logger'}->log($logstr.'done');
 		return $config->get_dbh();
 	} else {
 		$self->{'config'}->{'logger'}->log("Unable to connect to db, not enough parameters");
--- a/lib/exim_parser.pm
+++ b/lib/exim_parser.pm
@@ -48,9 +48,25 @@ sub parser {
 			m/(\ \[($re_host)\]\ )/gcix && do {
 				$host	= $2;
 			};
-	} elsif($string =~ m/\ rejected (AUTH|MAIL)\ /) {
+	} elsif($string =~ m/\ rejected (EHLO|HELO)\ /) {
 		$_		= $string;
-		$reply		= 'Rejected MAIL or AUTH';
+		$reply		= 'Rejected HELO/EHLO';
+		$hostile	= 1;
+		PARSER:
+			m/(\ \[($re_host)\](\:|\ ))/gcix && do {
+				$host	= $2;
+			};
+	} elsif($string =~ m/\ rejected AUTH\ /) {
+		$_		= $string;
+		$reply		= 'Rejected AUTH';
+		$hostile	= 1;
+		PARSER:
+			m/(\ \[($re_host)\]\ )/gcix && do {
+				$host	= $2;
+			};
+	} elsif($string =~ m/\ rejected MAIL\ /) {
+		$_		= $string;
+		$reply		= 'Rejected MAIL';
 		$hostile	= 1;
 		PARSER:
 			m/(\ \[($re_host)\]\ )/gcix && do {
--- a/lib/localcheck.pm
+++ b/lib/localcheck.pm
@@ -13,7 +13,7 @@ sub islocal {
 	my $self	= shift;
 	my $host	= shift;
 	#SSL Labs - 64.41.200.0/24
-	my @local_nets	= ('127\.','10\.','192\.168\.','172\.((1[6-9])|(2[0-9])|(3[0-1]))\.','64\.41\.200\.', '213.236.200.10','18.200.56.156'); # array of regexes matching networks considered local and to be ignored
+	my @local_nets	= ('127\.','10\.','192\.168\.','172\.((1[6-9])|(2[0-9])|(3[0-1]))\.','64\.41\.200\.', '213.236.200.10','65.109.7.147'); # array of regexes matching networks considered local and to be ignored
 	my $local	= 0;
 	foreach my $test(@local_nets) {
 		$local = 1 if($host =~ m/^$test/);
--- a/lib/parser.pm
+++ b/lib/parser.pm
@@ -20,7 +20,6 @@ sub new {
 	$self->{'localcheck'}		= My::parser::localcheck->new;
 	$self->{'block'}		= My::parser::block->new($self->{'config'});
 	$self->{'db'}			= My::parser::db->new($self->{'config'});
-	$self->{'db'}->init();
 	$self->{'config'}->set_db($self->{'db'});
 	return $self;
 }
@@ -109,7 +108,6 @@ sub dyninit {
 	my $parser		= shift;
 	if(my $initr = $self->init($fetcher_loaded,$parser)) {
 		$self->{'config'}->set('fetchers',$fetcher_needed,$fetcher_loaded);
-		#$self->{'config'}->{'logger'}->log("Dependency $fetcher_needed initialized");
 		return 1;
 	}
 	return 0;
@@ -139,7 +137,6 @@ sub init {
 	my $self	= shift;
 	my $fetcher	= shift;
 	my $parser	= shift;
-	$self->{'config'}->{'logger'}->log("Initializing $fetcher for $parser");
 	return 1 if($fetcher->init($parser));
 	return 0;
 }
--- a/lib/ssh_parser.pm
+++ b/lib/ssh_parser.pm
@@ -183,6 +183,22 @@ sub parser {
 		$reply		= 'Reverse check failed';
 	} elsif($string =~ m/but this does not map back to the address/) {
 		$reply		= 'Reverse map failure';
+	} elsif($string =~ m/Timeout before authentication for connection from/) {
+		$_		= $string;
+		$hostile	= 1;
+		$reply		= 'Timeout before authentication';
+		PARSER:
+			m/from\ ($re_host)\ to\ ($re_host),\ pid/gcix && do {
+				$host	= $1;
+			};
+	} elsif($string =~ m/penalty\: exceeded LoginGraceTime/) {
+		$_		= $string;
+		$hostile	= 1;
+		$reply		= 'exceeded LoginGraceTime';
+		PARSER:
+			m/drop\ connection\ \#([0-9]{1,9})\ from\ \[($re_host)\]:([0-9]{1,9})\ on\ \[($re_host)\]:([0-9]{1,9})\ penalty:\ exceeded\ LoginGraceTime/gcix && do {
+				$host	= $2;
+			};
 	} else {
 		$reply	= 'No match for '.$string;
 	}
Author	SHA1	Message	Date
Daniel Lysfjord	219b536913	Swap from amazon to hetzner ip	2025-10-05 20:54:36 +02:00
Daniel Lysfjord	77c046f0c2	split up rejects	2025-10-05 20:53:08 +02:00
Daniel Lysfjord	68d2e267b2	Add support for exceeded LoginGraceTime	2025-08-14 00:11:46 +02:00
Daniel Lysfjord	0d1bdf84e1	Add support for timeout before authentication message	2025-07-24 22:58:40 +02:00
Daniel Lysfjord	058792486c	Make db->init() more sensible, config->db_connect is the only one handling the db connection (remote db->init from config->new)	2025-07-06 15:23:44 +02:00
Daniel Lysfjord	2806ce4948	Remove unneeded logging	2025-07-01 20:15:19 +02:00