From a8e98c18392496fc86bcab2c13b4f713d5c88de3 Mon Sep 17 00:00:00 2001 From: Tanguy Pruvot Date: Fri, 15 Dec 2017 23:48:20 +0100 Subject: [PATCH] stratum: ipset function to block botnets can be (manually) used, if needed, in client_authorize --- stratum/client.h | 1 + stratum/client_core.cpp | 10 ++++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/stratum/client.h b/stratum/client.h index 661c0cb..f2d150d 100644 --- a/stratum/client.h +++ b/stratum/client.h @@ -122,6 +122,7 @@ void get_random_key(char *key); void client_sort(); void client_block_ip(YAAMP_CLIENT *client, const char *reason); +void client_block_ipset(YAAMP_CLIENT *client, const char *ipset_name); bool client_reset_multialgo(YAAMP_CLIENT *client, bool first); bool client_initialize_multialgo(YAAMP_CLIENT *client); diff --git a/stratum/client_core.cpp b/stratum/client_core.cpp index 84521ae..c7732a7 100644 --- a/stratum/client_core.cpp +++ b/stratum/client_core.cpp @@ -125,11 +125,17 @@ int client_ask(YAAMP_CLIENT *client, const char *method, const char *format, ... void client_block_ip(YAAMP_CLIENT *client, const char *reason) { char buffer[1024]; - sprintf(buffer, "iptables -A INPUT -s %s -p tcp --dport %d -j REJECT", client->sock->ip, g_tcp_port); int s = system(buffer); + stratumlog("%s: %s blocked (%s)\n", g_stratum_algo, client->sock->ip, reason); +} - stratumlog("%s %s blocked (%s)\n", client->sock->ip, client->username, reason); +void client_block_ipset(YAAMP_CLIENT *client, const char *ipset_name) +{ + char buffer[1024]; + sprintf(buffer, "ipset -q -A %s %s", ipset_name, client->sock->ip); + int s = system(buffer); + stratumlog("%s: %s blocked via ipset %s\n", g_stratum_algo, client->sock->ip, ipset_name); } bool client_reset_multialgo(YAAMP_CLIENT *client, bool first)