gods

a simple blocklist for ssh
Log | Files | Refs | README | LICENSE
commit 4c209f8d9694e8c1ccfbd42efb33e21afd45fdf0
parent 48123cd8c6a20947f46d21d5faa0cb3b8ae23b2e
Author: Naveen Narayanan <zerous@nocebo.space>
Date:   Sun, 10 Oct 2021 13:40:32 +0200

Add support for black/whitelist

Attackers found in blacklist are eternally banned and
those found in whitelist are eternally allowed access.

Diffstat:

Mmain.c | 45++++++++++++++++++++++++++++++++++++++++++++-


1 file changed, 44 insertions(+), 1 deletion(-)

diff --git a/main.c b/main.c
@@ -120,8 +120,10 @@ foverlap(int fd1, int fd2)
 int
 main(int argc, char **argv)
 {
+	FILE *fp;
 	char *line;
-	int fd, found;
+	char bf[16];
+	int fd, found, ret;
 	struct attacker *a;
 
 	fd = open(sshlog, O_RDONLY);
@@ -141,6 +143,47 @@ main(int argc, char **argv)
 	if (foverlap(fd_black, fd_white))
 		errx(1, "blacklist and whitelist are not mutually exclusive.");
 
+	fp = fopen(black_list, "r");
+	if (!fp)
+		err(1, "fopen failed: %s", black_list);
+	do {
+		ret = fscanf(fp, "%s\n", bf);
+		if (ret == EOF)
+			break;
+		a = malloc(sizeof(struct attacker));
+		if (!a)
+			err(1, "malloc failed");
+		/*
+		 * Attackers generated from blacklist
+		 * will have nban and last set to 0
+		 */
+		strcpy(a->ip, bf);
+		a->list = BLACK;
+		fw_block(a->ip);
+		SLIST_INSERT_HEAD(&head, a, attackers);
+	} while (ret != EOF);
+	fclose(fp);
+
+	fp = fopen(white_list, "r");
+	if (!fp)
+		err(1, "fopen failed: %s", white_list);
+	do {
+		ret = fscanf(fp, "%s\n", bf);
+		if (ret == EOF)
+			break;
+		a = malloc(sizeof(struct attacker));
+		if (!a)
+			err(1, "malloc failed");
+		/*
+		 * Attackers generated from whitelist
+		 * will have nban and last set to 0
+		 */
+		strcpy(a->ip, bf);
+		a->list = WHITE;
+		SLIST_INSERT_HEAD(&head, a, attackers);
+	} while (ret != EOF);
+	fclose(fp);
+
 	for ( ; ; ) {
 		while ((line = readline(fd)) == NULL) {
 			usleep(500000);