netfilter.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: ratheesh k <ratheesh.ksz@gmail.com>
To: netfilter@vger.kernel.org
Subject: removing black listed ip
Date: Sat, 10 Apr 2010 22:33:36 +0530	[thread overview]
Message-ID: <z2xcfeab66d1004101003j5eb39eb1t38ec3b31ce3ce4b@mail.gmail.com> (raw)

Hi ,

 I need to remove black listed ip if   last seen packet is  x time
ago  . I have changed code , but here it is comparing with first seen
packet time . i need to compare last seen packet .

**************************************************************************************************

--- xt_recent.c.old	2010-04-11 03:51:10.000000000 +0530
+++ xt_recent.c	2010-04-11 03:50:06.000000000 +0530
@@ -113,12 +113,13 @@
 	       (ip_list_hash_size - 1);
 }

+static void recent_entry_remove(struct recent_table *, struct recent_entry *);
 static struct recent_entry *
 recent_entry_lookup(const struct recent_table *table,
 		    const union nf_inet_addr *addrp, u_int16_t family,
 		    u_int8_t ttl)
 {
-	struct recent_entry *e;
+	struct recent_entry *e ,*next;
 	unsigned int h;

 	if (family == NFPROTO_IPV4)
@@ -126,7 +127,17 @@
 	else
 		h = recent_entry_hash6(addrp);

-	list_for_each_entry(e, &table->iphash[h], list)
+	
+          list_for_each_entry_safe(e,next , &table->iphash[h], list) {
+          if (e->family == family && (jiffies - e->stamps[0] > 10000 )  ) {
+                       printk("\n Removing one entry  %lu  %lu \n" ,
e->stamps[0] ,jiffies);
+                       printk(KERN_INFO "\nRemoving  ip entry:
%d.%d.%d.%d\n", NIPQUAD(e->addr));
+                      recent_entry_remove(table, e);
+                      }
+
+          }
+
+        list_for_each_entry(e, &table->iphash[h], list)
 		if (e->family == family &&
 		    memcmp(&e->addr, addrp, sizeof(e->addr)) == 0 &&
 		    (ttl == e->ttl || ttl == 0 || e->ttl == 0))
@@ -178,6 +189,10 @@
 		e->nstamps = e->index;
 	e->index %= ip_pkt_list_tot;
 	list_move_tail(&e->lru_list, &t->lru_list);
+
+
+
+
 }

 static struct recent_table *recent_table_lookup(const char *name)


***************************************************************************************

             reply	other threads:[~2010-04-10 17:03 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-04-10 17:03 ratheesh k [this message]
2010-04-10 17:12 ` removing black listed ip Jan Engelhardt
2010-04-10 17:20   ` ratheesh k
2010-04-10 17:42     ` Jan Engelhardt
2010-04-12  6:24       ` ratheesh k
2010-04-12 12:30         ` Jan Engelhardt
2010-04-20  2:46           ` ratheesh k
2010-04-20  8:06             ` Jan Engelhardt
2010-04-20 11:21               ` ratheesh k

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=z2xcfeab66d1004101003j5eb39eb1t38ec3b31ce3ce4b@mail.gmail.com \
    --to=ratheesh.ksz@gmail.com \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).