From d0e76fa6ebfb01cd715ad106dbf26a8cded3096c Mon Sep 17 00:00:00 2001 From: Jeff Becker Date: Thu, 24 Nov 2016 08:22:55 -0500 Subject: [PATCH] update baddies detector --- baddie-detector/baddiefinder/processor.py | 9 ++++----- baddie-detector/baddiefinder/util.py | 4 +++- baddie-detector/baddies.ini | 2 +- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/baddie-detector/baddiefinder/processor.py b/baddie-detector/baddiefinder/processor.py index c9ffc94..cec8951 100644 --- a/baddie-detector/baddiefinder/processor.py +++ b/baddie-detector/baddiefinder/processor.py @@ -10,15 +10,14 @@ class BaddieProcessor: def hook(self, entry): + now = datetime.datetime.now() for f in self._filters: if f.process(entry) is True: - self.add_baddie(entry, 'detected by {}'.format(f.name)) + self.add_baddie(entry, 'detected by {} on {}'.format(f.name, now.strftime("%c").replace(":",'-'))) def add_baddie(self, entry, reason): - addr = util.getaddress(entry) - if addr not in self._baddies: - self._baddies[addr] = '' - self._baddies[addr] += reason + ' ' + addr = util.getaddress(entry).decode('ascii') + self._baddies[addr] = reason def write_blocklist(self, f): f.write('# baddies blocklist generated on {}\n'.format(datetime.datetime.now())) diff --git a/baddie-detector/baddiefinder/util.py b/baddie-detector/baddiefinder/util.py index 64bf22f..3c4292d 100644 --- a/baddie-detector/baddiefinder/util.py +++ b/baddie-detector/baddiefinder/util.py @@ -5,7 +5,9 @@ def getaddress(info): for addr in info.addrs: opts = addr.options if b'host' in opts: - return opts[b'host'] + h = opts[b'host'] + if b':' not in h: + return h def getcaps(info): """ diff --git a/baddie-detector/baddies.ini b/baddie-detector/baddies.ini index 5b2a330..a558c3a 100644 --- a/baddie-detector/baddies.ini +++ b/baddie-detector/baddies.ini @@ -1,2 +1,2 @@ [thresholds] -max_floodfills_per_ip = 2 \ No newline at end of file +max_floodfills_per_ip = 3 \ No newline at end of file