79 lines
3.1 KiB
Perl
79 lines
3.1 KiB
Perl
package My::parser::block;
|
|
use strict;
|
|
use warnings;
|
|
use My::parser::addtolist;
|
|
use My::parser::stats;
|
|
use POSIX qw(ceil floor);
|
|
|
|
sub new {
|
|
my $class = shift;
|
|
my $self = {};
|
|
bless ($self, $class);
|
|
$self->{'config'} = shift;
|
|
$self->{'addtolist'} = My::parser::addtolist->new($self->{'config'});
|
|
$self->{'stats'} = My::parser::stats->new($self->{'config'});
|
|
return $self;
|
|
}
|
|
|
|
sub blocklogic {
|
|
my $self = shift;
|
|
my $result = shift;
|
|
return { retval => 0, retmsg => 'Too few arguments to blocklogic' } unless($result);
|
|
my $host = $result->{'host'};
|
|
my $service = $result->{'service'};
|
|
my $geoip = $result->{'geoip'};
|
|
my $short = $self->{'config'}->get_as_single_val('config','short');
|
|
my $long = $self->{'config'}->get_as_single_val('config','long');
|
|
my $retstr;
|
|
my $stats;
|
|
my $logline;
|
|
my $modifier = 0;
|
|
|
|
my $fromreject = $self->{'addtolist'}->add( { list => 'reject', host => $host, service => $service, asn => $geoip->{'asn'}, iso => $geoip->{'iso'} } );
|
|
return { retval => 0, hostile => 0, retmsg => $fromreject->{'retmsg'} } unless($fromreject->{'retval'});
|
|
if ($stats = $self->{'stats'}->checker({ host => $host, asn => $geoip->{'asn'}, iso => $geoip->{'iso'} })) {
|
|
$self->{'config'}->{'logger'}->log($stats->{'retmsg'}) unless($stats->{'retval'});
|
|
my $hrs = $stats->{$short}->{'reject'} || 0;
|
|
my $ars = $stats->{$short}->{'asn'} || 0;
|
|
my $irs = $stats->{$short}->{'iso'} || 0;
|
|
my $hbs = $stats->{$short}->{'blocks'} || 0;
|
|
my $abs = $stats->{$short}->{'block_asn'} || 0;
|
|
my $ibs = $stats->{$short}->{'block_iso'} || 0;
|
|
my $hrl = $stats->{$long}->{'reject'} || 0;
|
|
my $arl = $stats->{$long}->{'asn'} || 0;
|
|
my $irl = $stats->{$long}->{'iso'} || 0;
|
|
my $hbl = $stats->{$long}->{'blocks'} || 0;
|
|
my $abl = $stats->{$long}->{'block_asn'} || 0;
|
|
my $ibl = $stats->{$long}->{'block_iso'} || 0;
|
|
my $hostile = 0;
|
|
my $shortrejectpoints = ($hrs * 100) + ($ars * 50) + ($irs * 25);
|
|
my $shortblockpoints = ($hbs * 750) + ($abs * 250) + ($ibs * 50);
|
|
my $longrejectpoints = ($hrl * 30) + ($arl * 10) + ($irl);
|
|
my $longblockpoints = ($hbl * 150) + ($abl * 75) + ($ibl * 10);
|
|
my $points = $shortrejectpoints + $shortblockpoints + $longrejectpoints + $longblockpoints;
|
|
if (my $recent_hostile = $self->{'stats'}->recent_hostile()) {
|
|
unless($recent_hostile->{'retval'}) {
|
|
$self->{'config'}->{'logger'}->log($recent_hostile->{'retmsg'})
|
|
} else {
|
|
my $rh = $recent_hostile->{'rows'} - 1;
|
|
if($rh > 0) {
|
|
$modifier = 1 + ($rh / 5);
|
|
$points = floor($points * $modifier);
|
|
}
|
|
}
|
|
}
|
|
$hostile++ if($points > 999);
|
|
|
|
my $fromblack = $self->{'addtolist'}->add( { list => 'black', host => $host, asn => $geoip->{'asn'}, iso => $geoip->{'iso'} } ) if($hostile);
|
|
$self->{'config'}->{'logger'}->log($fromblack->{'retmsg'}) unless($fromblack->{'retval'});
|
|
$logline .= $fromblack->{'retmsg'}.', ' if($fromblack->{'retmsg'});
|
|
$logline .= "Points: $points";
|
|
$logline .= '(mod='.$modifier.')' if($modifier);
|
|
return { retval => 1, hostile => $hostile, retmsg => $logline };
|
|
} else {
|
|
return { retval => 0, hostile => 0, retmsg => 'Blocklogic failed, no idea why:)' };
|
|
}
|
|
}
|
|
|
|
1;
|