Select Git revision
-
Pavel Kácha authoredPavel Kácha authored
IPtables.pm 1.52 KiB
package IPtables;
use strict;
use warnings;
use Data::Dumper;
my %CONSTANTS = (
enabled => "no",
outputfile => "tmp/iptables.txt",
threshold => 250,
excludedip => [],
eventtype => [],
chainname => "BLOCK",
destchain => "DROP",
maxage => "1D",
);
my %FORMAT = ( maxage => qr/\d+[hdmHDM]/, logging => qr/enable|disable/,);
sub run {
my (undef, $modprefix, $cfg, $dbh, $db_engine) = @_;
my $v = Constants::mergeConfigs($cfg, $modprefix, \%CONSTANTS, \%FORMAT);
my $eventtype_query = DB::joinIN("type", \@{$v->{'eventtype'}});
my $excluded_query = DB::joinNotIN("source", \@{$v->{'excludedip'}});
my $condition = substr($excluded_query . $eventtype_query, 0, -5);
my @columns= ("source");
my @params = ($condition, DB::getOldDataDB($db_engine, "NEWER", $v->{'maxage'}));
my $query = DB::getQueryCondThreshold($db_engine, "events", \@columns, \@params, $v->{'threshold'});
my @rows = Utils::fetchall_array_hashref($dbh, $query);
sub header { my $v = shift; return "/sbin/iptables -F $v->{'chainname'}\n"; };
sub record { my ($r, $v) = @_; return "/sbin/iptables -A $v->{'chainname'} -s $r->{'source'}/32 -j $v->{'destchain'}\n"; };
my $ret = Utils::generateOutput($v->{'outputfile'}, \@rows, \&header, \&record, undef, $v);
return $ret;
}
1;