summaryrefslogtreecommitdiff
path: root/misc/freeswitch/scripts/common
diff options
context:
space:
mode:
authorspag <spag@golwen.net>2013-02-04 09:39:42 +0100
committerspag <spag@golwen.net>2013-02-04 09:39:42 +0100
commit0db4c7250feab288018d42cbd5c7d12657d60e3a (patch)
tree0961aa3967e2f3bfb646c27fab1daa3eec3c2065 /misc/freeswitch/scripts/common
parent947d4a71a17518b734c32a148617bef15a42fed1 (diff)
check calls
Diffstat (limited to 'misc/freeswitch/scripts/common')
-rw-r--r--misc/freeswitch/scripts/common/perimeter.lua23
1 files changed, 15 insertions, 8 deletions
diff --git a/misc/freeswitch/scripts/common/perimeter.lua b/misc/freeswitch/scripts/common/perimeter.lua
index 5de86bf..0670fee 100644
--- a/misc/freeswitch/scripts/common/perimeter.lua
+++ b/misc/freeswitch/scripts/common/perimeter.lua
@@ -42,6 +42,8 @@ function Perimeter.setup(self, event)
self.ban_command = 'sudo /sbin/service shorewall refresh';
self.ban_threshold = 20;
self.ban_tries = 1;
+ self.checks = { register = {}, call = {} };
+ self.bad_headers = { register = {}, call = {} };
if config and config.general then
for key, value in pairs(config.general) do
@@ -49,8 +51,10 @@ function Perimeter.setup(self, event)
end
end
- self.checks = config.checks;
- self.bad_headers = config.bad_headers;
+ self.checks.register = config.checks_register or {};
+ self.checks.call = config.checks_call or {};
+ self.bad_headers.register = config.bad_headers_register;
+ self.bad_headers.call = config.bad_headers_call;
self.log:info('[perimeter] PERIMETER - setup perimeter defense');
end
@@ -66,7 +70,7 @@ function Perimeter.record_load(self, event)
span_start = event.timestamp,
points = 0,
banned = 0,
- }
+ };
end
return self.sources[event.key];
@@ -90,11 +94,14 @@ end
function Perimeter.check(self, event)
- event.record = self:record_load(event);
- -- self.log:debug('[', event.key, '/', event.sequence, '] PERIMETER_CHECK - received: ', event.received_ip, ':', event.received_port, ', contacts: ', event.record.contact_count, ', since: ', self:format_date(event.record.contact_first), ', points: ', event.record.points);
-
+ if not event or not event.key then
+ self.log:warning('[perimeter] PERIMETER_CHECK - no event/key');
+ return;
+ end
+
+ event.record = self:record_load(event);
if event.record.banned <= self.ban_tries then
- for check_name, check_points in pairs(self.checks) do
+ for check_name, check_points in pairs(self.checks[event.action]) do
if self.checks_available[check_name] then
local result = self.checks_available[check_name](self, event);
if tonumber(result) then
@@ -169,7 +176,7 @@ end
function Perimeter.check_bad_headers(self, event)
local points = nil;
- for name, pattern in pairs(self.bad_headers) do
+ for name, pattern in pairs(self.bad_headers[event.action]) do
local success, result = pcall(string.find, event[name], pattern);
if success and result then
self.log:info('[', event.key, '/', event.sequence, '] PERIMETER_BAD_HEADERS - ', name, '=', event[name], ' ~= ', pattern);