-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathswad_firewall_database.c
114 lines (95 loc) · 4.13 KB
/
swad_firewall_database.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
// swad_firewall_database.c: firewall to mitigate denial of service attacks, operations with database
/*
SWAD (Shared Workspace At a Distance),
is a web platform developed at the University of Granada (Spain),
and used to support university teaching.
This file is part of SWAD core.
Copyright (C) 1999-2025 Antonio Cañas Vargas
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*****************************************************************************/
/********************************* Headers ***********************************/
/*****************************************************************************/
#include <stdlib.h> // For exit
#include "swad_database.h"
#include "swad_firewall.h"
#include "swad_global.h"
#include "swad_parameter.h"
/*****************************************************************************/
/************** External global variables from others modules ****************/
/*****************************************************************************/
extern struct Globals Gbl;
/*****************************************************************************/
/********************* Log access into firewall recent log *******************/
/*****************************************************************************/
void Fir_DB_LogAccess (void)
{
DB_QueryINSERT ("can not log access into firewall_log",
"INSERT INTO fir_log"
" (ClickTime,IP,UsrCod)"
" VALUES"
" (NOW(),'%s',%ld)",
Par_GetIP (),
Gbl.Usrs.Me.UsrDat.UsrCod);
}
/*****************************************************************************/
/********************* Get number of clicks from database ********************/
/*****************************************************************************/
unsigned Fir_DB_GetNumClicksFromLog (void)
{
return (unsigned)
DB_QueryCOUNT ("can not check firewall log",
"SELECT COUNT(*)"
" FROM fir_log"
" WHERE IP='%s'"
" AND UsrCod=%ld"
" AND ClickTime>FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
Par_GetIP (),
Gbl.Usrs.Me.UsrDat.UsrCod,
Fw_CHECK_INTERVAL);
}
/*****************************************************************************/
/********************** Remove old clicks from firewall **********************/
/*****************************************************************************/
void Fir_DB_PurgeFirewallLog (void)
{
DB_QueryDELETE ("can not purge firewall log",
"DELETE LOW_PRIORITY FROM fir_log"
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
(unsigned long) Fw_TIME_TO_DELETE_OLD_CLICKS);
}
/*****************************************************************************/
/********************************* Ban an IP *********************************/
/*****************************************************************************/
void Fir_DB_BanIP (void)
{
DB_QueryINSERT ("can not ban IP",
"INSERT INTO fir_banned"
" (IP,BanTime,UnbanTime)"
" VALUES"
" ('%s',NOW(),FROM_UNIXTIME(UNIX_TIMESTAMP()+%lu))",
Par_GetIP (),
(unsigned long) Fw_TIME_BANNED);
}
/*****************************************************************************/
/***************** Get number of current bans from database ******************/
/*****************************************************************************/
unsigned Fir_DB_GetNumBansIP (void)
{
return (unsigned)
DB_QueryCOUNT ("can not check firewall log",
"SELECT COUNT(*)"
" FROM fir_banned"
" WHERE IP='%s'"
" AND UnbanTime>NOW()",
Par_GetIP ());
}