added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban)
now after some incorrent login attempts your IP can be banned or blocked
(see new config variables)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
19
core/app.cpp
19
core/app.cpp
@@ -15,6 +15,8 @@
|
||||
#include <cstdio>
|
||||
#include <fetch.h>
|
||||
#include <signal.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#include "app.h"
|
||||
#include "plugin.h"
|
||||
@@ -55,6 +57,7 @@ App::App()
|
||||
functions.SetSystem(&system);
|
||||
functions.SetTemplates(&templates);
|
||||
functions.SetSynchro(&synchro);
|
||||
functions.SetSessionManager(&session_manager);
|
||||
|
||||
system.SetConfig(&config);
|
||||
system.SetCur(&cur);
|
||||
@@ -149,6 +152,7 @@ bool App::Init()
|
||||
|
||||
// init notify after templates (it uses locales from templates)
|
||||
system.notify.ReadTemplates();
|
||||
session_manager.InitBanList();
|
||||
session_manager.InitTmpSession();
|
||||
session_manager.LoadSessions();
|
||||
|
||||
@@ -461,6 +465,7 @@ void App::CheckPostRedirect()
|
||||
|
||||
// zmienic nazwe np na ProcessRequest
|
||||
// !! ta nazwa chyba juz zajeta...
|
||||
// !! IMPROVE ME need some refactoring
|
||||
void App::Make()
|
||||
{
|
||||
if( cur.request->dir_tab.empty() )
|
||||
@@ -469,6 +474,16 @@ void App::Make()
|
||||
return;
|
||||
}
|
||||
|
||||
if( cur.session->ip_ban && cur.session->ip_ban->IsIPBanned() )
|
||||
{
|
||||
PT::Date date(cur.session->ip_ban->expires);
|
||||
|
||||
log << log2 << "App: this IP address is banned until to: " << date << " UTC" << logend;
|
||||
slog << logerror << T("this_ip_is_banned_until") << ' ' << date << " UTC" << logend;
|
||||
|
||||
cur.request->status = WINIX_ERR_PERMISSION_DENIED;
|
||||
}
|
||||
|
||||
// cur.request->status can be changed by function_parser
|
||||
if( cur.request->status == WINIX_ERR_OK )
|
||||
plugin.Call(WINIX_PREPARE_REQUEST);
|
||||
@@ -553,7 +568,7 @@ void App::ReadRequest()
|
||||
CheckKonqueror();
|
||||
|
||||
if( cur.request->using_ssl )
|
||||
log << log3 << "App: SSL enabled" << logend;
|
||||
log << log3 << "App: connection secure through SSL" << logend;
|
||||
|
||||
if( cur.request->role == Request::authorizer )
|
||||
log << log3 << "App: fast cgi role: authorizer" << logend;
|
||||
@@ -588,6 +603,8 @@ void App::ReadEnvVariables()
|
||||
SetEnv(cur.request->env_content_type, "CONTENT_TYPE");
|
||||
SetEnv(cur.request->env_http_accept_encoding, "HTTP_ACCEPT_ENCODING");
|
||||
SetEnv(cur.request->env_https, "HTTPS");
|
||||
|
||||
cur.request->ip = (int)inet_addr(cur.request->env_remote_addr);
|
||||
}
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user