diff --git a/sql/swad.sql b/sql/swad.sql index 8c404851..9a959b82 100644 --- a/sql/swad.sql +++ b/sql/swad.sql @@ -638,9 +638,9 @@ CREATE TABLE IF NOT EXISTS fig_figures ( LastUpdate TIMESTAMP, UNIQUE INDEX(Figure,Scope,Cod)); -- --- Table firewall_banned: stores the banned IPs in order to mitigate denial of service attacks +-- Table fir_banned: stores the banned IPs in order to mitigate denial of service attacks -- -CREATE TABLE IF NOT EXISTS firewall_banned ( +CREATE TABLE IF NOT EXISTS fir_banned ( IP CHAR(15) NOT NULL, BanTime DATETIME NOT NULL, UnbanTime DATETIME NOT NULL, @@ -648,9 +648,9 @@ CREATE TABLE IF NOT EXISTS firewall_banned ( INDEX(BanTime), INDEX(UnbanTime)); -- --- Table firewall_log: stores the most recent IPs in order to mitigate denial of service attacks +-- Table fir_log: stores the most recent IPs in order to mitigate denial of service attacks -- -CREATE TABLE IF NOT EXISTS firewall_log ( +CREATE TABLE IF NOT EXISTS fir_log ( ClickTime DATETIME NOT NULL, IP CHAR(15) NOT NULL, INDEX(ClickTime), diff --git a/swad_changelog.h b/swad_changelog.h index bccd3781..8f089858 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -600,13 +600,18 @@ TODO: Salvador Romero Cort TODO: FIX BUG, URGENT! En las fechas como parámetro Dat_WriteParamsIniEndDates(), por ejemplo al cambiar el color de la gráfica de accesos por día y hora, no se respeta la zona horaria. */ -#define Log_PLATFORM_VERSION "SWAD 20.51.8 (2021-03-18)" +#define Log_PLATFORM_VERSION "SWAD 20.51.9 (2021-03-18)" #define CSS_FILE "swad20.45.css" #define JS_FILE "swad20.6.2.js" /* TODO: Rename CENTRE to CENTER in help wiki. TODO: Rename ASSESSMENT.Announcements to ASSESSMENT.Calls_for_exams + Version 20.51.9: Mar 18, 2021 Firewall database tables renamed. (307724 lines) + 2 changes necessary in database: +RENAME TABLE firewall_banned TO fir_banned; +RENAME TABLE firewall_log TO fir_log; + Version 20.51.8: Mar 18, 2021 File views database table renamed. (307717 lines) 1 change necessary in database: RENAME TABLE file_view TO brw_file_views; diff --git a/swad_database.c b/swad_database.c index 24d70905..b4a48aa5 100644 --- a/swad_database.c +++ b/swad_database.c @@ -1398,9 +1398,9 @@ mysql> DESCRIBE fig_figures; "LastUpdate TIMESTAMP," "UNIQUE INDEX(Figure,Scope,Cod))"); - /***** Table firewall_banned *****/ + /***** Table fir_banned *****/ /* -mysql> DESCRIBE firewall_banned; +mysql> DESCRIBE fir_banned; +-----------+----------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-----------+----------+------+-----+---------+-------+ @@ -1410,7 +1410,7 @@ mysql> DESCRIBE firewall_banned; +-----------+----------+------+-----+---------+-------+ 3 rows in set (0.00 sec) */ - DB_CreateTable ("CREATE TABLE IF NOT EXISTS firewall_banned (" + DB_CreateTable ("CREATE TABLE IF NOT EXISTS fir_banned (" "IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP "BanTime DATETIME NOT NULL," "UnbanTime DATETIME NOT NULL," @@ -1418,9 +1418,9 @@ mysql> DESCRIBE firewall_banned; "INDEX(BanTime)," "INDEX(UnbanTime));"); - /***** Table firewall_log *****/ + /***** Table fir_log *****/ /* -mysql> DESCRIBE firewall_log; +mysql> DESCRIBE fir_log; +-----------+----------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +-----------+----------+------+-----+---------+-------+ @@ -1429,7 +1429,7 @@ mysql> DESCRIBE firewall_log; +-----------+----------+------+-----+---------+-------+ 2 rows in set (0.00 sec) */ - DB_CreateTable ("CREATE TABLE IF NOT EXISTS firewall_log (" + DB_CreateTable ("CREATE TABLE IF NOT EXISTS fir_log (" "ClickTime DATETIME NOT NULL," "IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP "INDEX(ClickTime)," diff --git a/swad_firewall.c b/swad_firewall.c index c5e9d806..6354e647 100644 --- a/swad_firewall.c +++ b/swad_firewall.c @@ -59,19 +59,19 @@ extern struct Globals Gbl; /****************************** Private prototypes ***************************/ /*****************************************************************************/ -static void FW_BanIP (void); +static void Fir_BanIP (void); -static void FW_WriteHTML (const char *Title,const char *H1); +static void Fir_WriteHTML (const char *Title,const char *H1); /*****************************************************************************/ /************************** Log access into firewall *************************/ /*****************************************************************************/ -void FW_LogAccess (void) +void Fir_LogAccess (void) { /***** Log access in firewall recent log *****/ DB_QueryINSERT ("can not log access into firewall_log", - "INSERT INTO firewall_log" + "INSERT INTO fir_log" " (ClickTime,IP)" " VALUES" " (NOW(),'%s')", @@ -82,11 +82,11 @@ void FW_LogAccess (void) /********************** Remove old clicks from firewall **********************/ /*****************************************************************************/ -void FW_PurgeFirewall (void) +void Fir_PurgeFirewall (void) { /***** Remove old clicks *****/ DB_QueryDELETE ("can not purge firewall log", - "DELETE LOW_PRIORITY FROM firewall_log" + "DELETE LOW_PRIORITY FROM fir_log" " WHERE ClickTimeNOW()", + "SELECT COUNT(*)" + " FROM fir_banned" + " WHERE IP='%s'" + " AND UnbanTime>NOW()", Gbl.IP); /***** Exit with status 403 if banned *****/ @@ -114,7 +116,7 @@ void FW_CheckFirewallAndExitIfBanned (void) /* Return status 403 Forbidden */ fprintf (stdout,"Content-Type: text/html; charset=windows-1252\n" "Status: 403\r\n\r\n"); - FW_WriteHTML ("Forbidden","You are temporarily banned"); + Fir_WriteHTML ("Forbidden","You are temporarily banned"); /* Close database connection and exit */ DB_CloseDBConnection (); @@ -126,13 +128,14 @@ void FW_CheckFirewallAndExitIfBanned (void) /**************** Check if too many connections from this IP *****************/ /*****************************************************************************/ -void FW_CheckFirewallAndExitIfTooManyRequests (void) +void Fir_CheckFirewallAndExitIfTooManyRequests (void) { unsigned long NumClicks; /***** Get number of clicks from database *****/ NumClicks = DB_QueryCOUNT ("can not check firewall log", - "SELECT COUNT(*) FROM firewall_log" + "SELECT COUNT(*)" + " FROM fir_log" " WHERE IP='%s'" " AND ClickTime>FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)", Gbl.IP, @@ -145,14 +148,14 @@ void FW_CheckFirewallAndExitIfTooManyRequests (void) if (NumClicks > Fw_MAX_CLICKS_IN_INTERVAL) { /* Ban this IP */ - FW_BanIP (); + Fir_BanIP (); /* Return status 429 Too Many Requests */ fprintf (stdout,"Content-Type: text/html; charset=windows-1252\n" "Retry-After: %lu\n" "Status: 429\r\n\r\n", (unsigned long) Fw_TIME_BANNED); - FW_WriteHTML ("Too Many Requests","Please stop that"); + Fir_WriteHTML ("Too Many Requests","Please stop that"); /* Close database connection and exit */ DB_CloseDBConnection (); @@ -164,11 +167,11 @@ void FW_CheckFirewallAndExitIfTooManyRequests (void) /********************************* Ban an IP *********************************/ /*****************************************************************************/ -static void FW_BanIP (void) +static void Fir_BanIP (void) { /***** Insert IP into table of banned IPs *****/ DB_QueryINSERT ("can not ban IP", - "INSERT INTO firewall_banned" + "INSERT INTO fir_banned" " (IP,BanTime,UnbanTime)" " VALUES" " ('%s',NOW(),FROM_UNIXTIME(UNIX_TIMESTAMP()+%lu))", @@ -179,7 +182,7 @@ static void FW_BanIP (void) /********************************* Ban an IP *********************************/ /*****************************************************************************/ -static void FW_WriteHTML (const char *Title,const char *H1) +static void Fir_WriteHTML (const char *Title,const char *H1) { fprintf (stdout,"" "" diff --git a/swad_firewall.h b/swad_firewall.h index 4f616328..efec23af 100644 --- a/swad_firewall.h +++ b/swad_firewall.h @@ -35,10 +35,10 @@ /***************************** Public prototypes *****************************/ /*****************************************************************************/ -void FW_LogAccess (void); -void FW_PurgeFirewall (void); +void Fir_LogAccess (void); +void Fir_PurgeFirewall (void); -void FW_CheckFirewallAndExitIfBanned (void); -void FW_CheckFirewallAndExitIfTooManyRequests (void); +void Fir_CheckFirewallAndExitIfBanned (void); +void Fir_CheckFirewallAndExitIfTooManyRequests (void); #endif diff --git a/swad_layout.c b/swad_layout.c index f03dd6a4..ee99d281 100644 --- a/swad_layout.c +++ b/swad_layout.c @@ -1622,7 +1622,7 @@ void Lay_RefreshNotifsAndConnected (void) if (!(Gbl.PID % 11)) Ntf_SendPendingNotifByEMailToAllUsrs (); // Send pending notifications by email else if (!(Gbl.PID % 19)) - FW_PurgeFirewall (); // Remove old clicks from firewall + Fir_PurgeFirewall (); // Remove old clicks from firewall else if (!(Gbl.PID % 23)) Fil_RemoveOldTmpFiles (Cfg_PATH_FILE_BROWSER_TMP_PUBLIC ,Cfg_TIME_TO_DELETE_BROWSER_TMP_FILES ,false); // Remove the oldest temporary public directories used for downloading else if (!(Gbl.PID % 101)) diff --git a/swad_main.c b/swad_main.c index 111ab03f..f1d2d12c 100644 --- a/swad_main.c +++ b/swad_main.c @@ -115,9 +115,9 @@ int main (void) Par_GetMainParams (); /***** Mitigate DoS attacks *****/ - FW_CheckFirewallAndExitIfBanned (); - FW_LogAccess (); - FW_CheckFirewallAndExitIfTooManyRequests (); + Fir_CheckFirewallAndExitIfBanned (); + Fir_LogAccess (); + Fir_CheckFirewallAndExitIfTooManyRequests (); Hie_InitHierarchy (); if (!Gbl.WebService.IsWebService)