commit 36542d99b904673214dcd75c05241646ac08deb0
parent 1a8e6505e90f1b3cb1449e284b00452b8c5cb5ba
Author: Naveen Narayanan <zerous@nocebo.space>
Date: Tue, 19 Oct 2021 23:21:17 +0200
Ignore old entries in the log
Diffstat:
3 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/main.c b/main.c
@@ -19,6 +19,7 @@
int fd_black;
int fd_white;
+int ignore;
static char buf[BUFSZ];
SLIST_HEAD(lhead, attacker) head = SLIST_HEAD_INITIALIZER(head);
@@ -139,6 +140,7 @@ main(int argc, char **argv)
char bf[16];
int fd, found, ret;
struct attacker *a;
+ time_t now;
fd = open(sshlog, O_RDONLY);
if (fd == -1)
@@ -202,16 +204,19 @@ main(int argc, char **argv)
} while (ret != EOF);
fclose(fp);
+ now = time(NULL);
for ( ; ; ) {
while ((line = readline(fd)) == NULL) {
usleep(500000);
continue;
}
- if (parse(line) == -1) {
+ if (parse(line, now) == -1) {
fprintf(stderr, "parse failed\n");
continue;
}
+ if (ignore)
+ continue;
a = NULL;
found = 0;
diff --git a/parser.c b/parser.c
@@ -14,6 +14,8 @@
#define BUFSZ 256
#define MAXTOKENLEN 256
+extern int ignore;
+
char ip[16];
char statmsg[BUFSZ];
static char token[MAXTOKENLEN];
@@ -161,7 +163,7 @@ undoword()
}
static int
-timestamp()
+timestamp(time_t now)
{
struct tm tm;
@@ -176,6 +178,7 @@ timestamp()
tm.tm_year = 121; /* XXX Call time and setup year? */
attack = mktime(&tm);
+ ignore = (attack < now);
return 1;
}
@@ -284,13 +287,13 @@ misc()
}
int
-parse(char *line)
+parse(char *line, time_t now)
{
lp = line;
tp = token;
printf("parse: line: %s\n", lp);
- if (!timestamp()) {
+ if (!timestamp(now)) {
fprintf(stderr, "timestamp not found\n");
return -1;
}
diff --git a/parser.h b/parser.h
@@ -5,6 +5,6 @@ extern char ip[];
extern char statmsg[];
extern time_t attack;
-int parse(char *);
+int parse(char *, time_t);
#endif
