mirror of
https://github.com/acanas/swad-core.git
synced 2024-06-08 01:35:32 +02:00
Version 20.51.9: Mar 18, 2021 Firewall database tables renamed.
This commit is contained in:
parent
6f5e476d7e
commit
0de0a89903
|
@ -638,9 +638,9 @@ CREATE TABLE IF NOT EXISTS fig_figures (
|
||||||
LastUpdate TIMESTAMP,
|
LastUpdate TIMESTAMP,
|
||||||
UNIQUE INDEX(Figure,Scope,Cod));
|
UNIQUE INDEX(Figure,Scope,Cod));
|
||||||
--
|
--
|
||||||
-- Table firewall_banned: stores the banned IPs in order to mitigate denial of service attacks
|
-- Table fir_banned: stores the banned IPs in order to mitigate denial of service attacks
|
||||||
--
|
--
|
||||||
CREATE TABLE IF NOT EXISTS firewall_banned (
|
CREATE TABLE IF NOT EXISTS fir_banned (
|
||||||
IP CHAR(15) NOT NULL,
|
IP CHAR(15) NOT NULL,
|
||||||
BanTime DATETIME NOT NULL,
|
BanTime DATETIME NOT NULL,
|
||||||
UnbanTime DATETIME NOT NULL,
|
UnbanTime DATETIME NOT NULL,
|
||||||
|
@ -648,9 +648,9 @@ CREATE TABLE IF NOT EXISTS firewall_banned (
|
||||||
INDEX(BanTime),
|
INDEX(BanTime),
|
||||||
INDEX(UnbanTime));
|
INDEX(UnbanTime));
|
||||||
--
|
--
|
||||||
-- Table firewall_log: stores the most recent IPs in order to mitigate denial of service attacks
|
-- Table fir_log: stores the most recent IPs in order to mitigate denial of service attacks
|
||||||
--
|
--
|
||||||
CREATE TABLE IF NOT EXISTS firewall_log (
|
CREATE TABLE IF NOT EXISTS fir_log (
|
||||||
ClickTime DATETIME NOT NULL,
|
ClickTime DATETIME NOT NULL,
|
||||||
IP CHAR(15) NOT NULL,
|
IP CHAR(15) NOT NULL,
|
||||||
INDEX(ClickTime),
|
INDEX(ClickTime),
|
||||||
|
|
|
@ -600,13 +600,18 @@ TODO: Salvador Romero Cort
|
||||||
|
|
||||||
TODO: FIX BUG, URGENT! En las fechas como parámetro Dat_WriteParamsIniEndDates(), por ejemplo al cambiar el color de la gráfica de accesos por día y hora, no se respeta la zona horaria.
|
TODO: FIX BUG, URGENT! En las fechas como parámetro Dat_WriteParamsIniEndDates(), por ejemplo al cambiar el color de la gráfica de accesos por día y hora, no se respeta la zona horaria.
|
||||||
*/
|
*/
|
||||||
#define Log_PLATFORM_VERSION "SWAD 20.51.8 (2021-03-18)"
|
#define Log_PLATFORM_VERSION "SWAD 20.51.9 (2021-03-18)"
|
||||||
#define CSS_FILE "swad20.45.css"
|
#define CSS_FILE "swad20.45.css"
|
||||||
#define JS_FILE "swad20.6.2.js"
|
#define JS_FILE "swad20.6.2.js"
|
||||||
/*
|
/*
|
||||||
TODO: Rename CENTRE to CENTER in help wiki.
|
TODO: Rename CENTRE to CENTER in help wiki.
|
||||||
TODO: Rename ASSESSMENT.Announcements to ASSESSMENT.Calls_for_exams
|
TODO: Rename ASSESSMENT.Announcements to ASSESSMENT.Calls_for_exams
|
||||||
|
|
||||||
|
Version 20.51.9: Mar 18, 2021 Firewall database tables renamed. (307724 lines)
|
||||||
|
2 changes necessary in database:
|
||||||
|
RENAME TABLE firewall_banned TO fir_banned;
|
||||||
|
RENAME TABLE firewall_log TO fir_log;
|
||||||
|
|
||||||
Version 20.51.8: Mar 18, 2021 File views database table renamed. (307717 lines)
|
Version 20.51.8: Mar 18, 2021 File views database table renamed. (307717 lines)
|
||||||
1 change necessary in database:
|
1 change necessary in database:
|
||||||
RENAME TABLE file_view TO brw_file_views;
|
RENAME TABLE file_view TO brw_file_views;
|
||||||
|
|
|
@ -1398,9 +1398,9 @@ mysql> DESCRIBE fig_figures;
|
||||||
"LastUpdate TIMESTAMP,"
|
"LastUpdate TIMESTAMP,"
|
||||||
"UNIQUE INDEX(Figure,Scope,Cod))");
|
"UNIQUE INDEX(Figure,Scope,Cod))");
|
||||||
|
|
||||||
/***** Table firewall_banned *****/
|
/***** Table fir_banned *****/
|
||||||
/*
|
/*
|
||||||
mysql> DESCRIBE firewall_banned;
|
mysql> DESCRIBE fir_banned;
|
||||||
+-----------+----------+------+-----+---------+-------+
|
+-----------+----------+------+-----+---------+-------+
|
||||||
| Field | Type | Null | Key | Default | Extra |
|
| Field | Type | Null | Key | Default | Extra |
|
||||||
+-----------+----------+------+-----+---------+-------+
|
+-----------+----------+------+-----+---------+-------+
|
||||||
|
@ -1410,7 +1410,7 @@ mysql> DESCRIBE firewall_banned;
|
||||||
+-----------+----------+------+-----+---------+-------+
|
+-----------+----------+------+-----+---------+-------+
|
||||||
3 rows in set (0.00 sec)
|
3 rows in set (0.00 sec)
|
||||||
*/
|
*/
|
||||||
DB_CreateTable ("CREATE TABLE IF NOT EXISTS firewall_banned ("
|
DB_CreateTable ("CREATE TABLE IF NOT EXISTS fir_banned ("
|
||||||
"IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP
|
"IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP
|
||||||
"BanTime DATETIME NOT NULL,"
|
"BanTime DATETIME NOT NULL,"
|
||||||
"UnbanTime DATETIME NOT NULL,"
|
"UnbanTime DATETIME NOT NULL,"
|
||||||
|
@ -1418,9 +1418,9 @@ mysql> DESCRIBE firewall_banned;
|
||||||
"INDEX(BanTime),"
|
"INDEX(BanTime),"
|
||||||
"INDEX(UnbanTime));");
|
"INDEX(UnbanTime));");
|
||||||
|
|
||||||
/***** Table firewall_log *****/
|
/***** Table fir_log *****/
|
||||||
/*
|
/*
|
||||||
mysql> DESCRIBE firewall_log;
|
mysql> DESCRIBE fir_log;
|
||||||
+-----------+----------+------+-----+---------+-------+
|
+-----------+----------+------+-----+---------+-------+
|
||||||
| Field | Type | Null | Key | Default | Extra |
|
| Field | Type | Null | Key | Default | Extra |
|
||||||
+-----------+----------+------+-----+---------+-------+
|
+-----------+----------+------+-----+---------+-------+
|
||||||
|
@ -1429,7 +1429,7 @@ mysql> DESCRIBE firewall_log;
|
||||||
+-----------+----------+------+-----+---------+-------+
|
+-----------+----------+------+-----+---------+-------+
|
||||||
2 rows in set (0.00 sec)
|
2 rows in set (0.00 sec)
|
||||||
*/
|
*/
|
||||||
DB_CreateTable ("CREATE TABLE IF NOT EXISTS firewall_log ("
|
DB_CreateTable ("CREATE TABLE IF NOT EXISTS fir_log ("
|
||||||
"ClickTime DATETIME NOT NULL,"
|
"ClickTime DATETIME NOT NULL,"
|
||||||
"IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP
|
"IP CHAR(15) NOT NULL," // Cns_MAX_BYTES_IP
|
||||||
"INDEX(ClickTime),"
|
"INDEX(ClickTime),"
|
||||||
|
|
|
@ -59,19 +59,19 @@ extern struct Globals Gbl;
|
||||||
/****************************** Private prototypes ***************************/
|
/****************************** Private prototypes ***************************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
static void FW_BanIP (void);
|
static void Fir_BanIP (void);
|
||||||
|
|
||||||
static void FW_WriteHTML (const char *Title,const char *H1);
|
static void Fir_WriteHTML (const char *Title,const char *H1);
|
||||||
|
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
/************************** Log access into firewall *************************/
|
/************************** Log access into firewall *************************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
void FW_LogAccess (void)
|
void Fir_LogAccess (void)
|
||||||
{
|
{
|
||||||
/***** Log access in firewall recent log *****/
|
/***** Log access in firewall recent log *****/
|
||||||
DB_QueryINSERT ("can not log access into firewall_log",
|
DB_QueryINSERT ("can not log access into firewall_log",
|
||||||
"INSERT INTO firewall_log"
|
"INSERT INTO fir_log"
|
||||||
" (ClickTime,IP)"
|
" (ClickTime,IP)"
|
||||||
" VALUES"
|
" VALUES"
|
||||||
" (NOW(),'%s')",
|
" (NOW(),'%s')",
|
||||||
|
@ -82,11 +82,11 @@ void FW_LogAccess (void)
|
||||||
/********************** Remove old clicks from firewall **********************/
|
/********************** Remove old clicks from firewall **********************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
void FW_PurgeFirewall (void)
|
void Fir_PurgeFirewall (void)
|
||||||
{
|
{
|
||||||
/***** Remove old clicks *****/
|
/***** Remove old clicks *****/
|
||||||
DB_QueryDELETE ("can not purge firewall log",
|
DB_QueryDELETE ("can not purge firewall log",
|
||||||
"DELETE LOW_PRIORITY FROM firewall_log"
|
"DELETE LOW_PRIORITY FROM fir_log"
|
||||||
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
|
" WHERE ClickTime<FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
|
||||||
(unsigned long) Fw_TIME_TO_DELETE_OLD_CLICKS);
|
(unsigned long) Fw_TIME_TO_DELETE_OLD_CLICKS);
|
||||||
}
|
}
|
||||||
|
@ -95,14 +95,16 @@ void FW_PurgeFirewall (void)
|
||||||
/*************************** Check if IP is banned ***************************/
|
/*************************** Check if IP is banned ***************************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
void FW_CheckFirewallAndExitIfBanned (void)
|
void Fir_CheckFirewallAndExitIfBanned (void)
|
||||||
{
|
{
|
||||||
unsigned long NumCurrentBans;
|
unsigned long NumCurrentBans;
|
||||||
|
|
||||||
/***** Get number of current bans from database *****/
|
/***** Get number of current bans from database *****/
|
||||||
NumCurrentBans = DB_QueryCOUNT ("can not check firewall log",
|
NumCurrentBans = DB_QueryCOUNT ("can not check firewall log",
|
||||||
"SELECT COUNT(*) FROM firewall_banned"
|
"SELECT COUNT(*)"
|
||||||
" WHERE IP='%s' AND UnbanTime>NOW()",
|
" FROM fir_banned"
|
||||||
|
" WHERE IP='%s'"
|
||||||
|
" AND UnbanTime>NOW()",
|
||||||
Gbl.IP);
|
Gbl.IP);
|
||||||
|
|
||||||
/***** Exit with status 403 if banned *****/
|
/***** Exit with status 403 if banned *****/
|
||||||
|
@ -114,7 +116,7 @@ void FW_CheckFirewallAndExitIfBanned (void)
|
||||||
/* Return status 403 Forbidden */
|
/* Return status 403 Forbidden */
|
||||||
fprintf (stdout,"Content-Type: text/html; charset=windows-1252\n"
|
fprintf (stdout,"Content-Type: text/html; charset=windows-1252\n"
|
||||||
"Status: 403\r\n\r\n");
|
"Status: 403\r\n\r\n");
|
||||||
FW_WriteHTML ("Forbidden","You are temporarily banned");
|
Fir_WriteHTML ("Forbidden","You are temporarily banned");
|
||||||
|
|
||||||
/* Close database connection and exit */
|
/* Close database connection and exit */
|
||||||
DB_CloseDBConnection ();
|
DB_CloseDBConnection ();
|
||||||
|
@ -126,13 +128,14 @@ void FW_CheckFirewallAndExitIfBanned (void)
|
||||||
/**************** Check if too many connections from this IP *****************/
|
/**************** Check if too many connections from this IP *****************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
void FW_CheckFirewallAndExitIfTooManyRequests (void)
|
void Fir_CheckFirewallAndExitIfTooManyRequests (void)
|
||||||
{
|
{
|
||||||
unsigned long NumClicks;
|
unsigned long NumClicks;
|
||||||
|
|
||||||
/***** Get number of clicks from database *****/
|
/***** Get number of clicks from database *****/
|
||||||
NumClicks = DB_QueryCOUNT ("can not check firewall log",
|
NumClicks = DB_QueryCOUNT ("can not check firewall log",
|
||||||
"SELECT COUNT(*) FROM firewall_log"
|
"SELECT COUNT(*)"
|
||||||
|
" FROM fir_log"
|
||||||
" WHERE IP='%s'"
|
" WHERE IP='%s'"
|
||||||
" AND ClickTime>FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
|
" AND ClickTime>FROM_UNIXTIME(UNIX_TIMESTAMP()-%lu)",
|
||||||
Gbl.IP,
|
Gbl.IP,
|
||||||
|
@ -145,14 +148,14 @@ void FW_CheckFirewallAndExitIfTooManyRequests (void)
|
||||||
if (NumClicks > Fw_MAX_CLICKS_IN_INTERVAL)
|
if (NumClicks > Fw_MAX_CLICKS_IN_INTERVAL)
|
||||||
{
|
{
|
||||||
/* Ban this IP */
|
/* Ban this IP */
|
||||||
FW_BanIP ();
|
Fir_BanIP ();
|
||||||
|
|
||||||
/* Return status 429 Too Many Requests */
|
/* Return status 429 Too Many Requests */
|
||||||
fprintf (stdout,"Content-Type: text/html; charset=windows-1252\n"
|
fprintf (stdout,"Content-Type: text/html; charset=windows-1252\n"
|
||||||
"Retry-After: %lu\n"
|
"Retry-After: %lu\n"
|
||||||
"Status: 429\r\n\r\n",
|
"Status: 429\r\n\r\n",
|
||||||
(unsigned long) Fw_TIME_BANNED);
|
(unsigned long) Fw_TIME_BANNED);
|
||||||
FW_WriteHTML ("Too Many Requests","Please stop that");
|
Fir_WriteHTML ("Too Many Requests","Please stop that");
|
||||||
|
|
||||||
/* Close database connection and exit */
|
/* Close database connection and exit */
|
||||||
DB_CloseDBConnection ();
|
DB_CloseDBConnection ();
|
||||||
|
@ -164,11 +167,11 @@ void FW_CheckFirewallAndExitIfTooManyRequests (void)
|
||||||
/********************************* Ban an IP *********************************/
|
/********************************* Ban an IP *********************************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
static void FW_BanIP (void)
|
static void Fir_BanIP (void)
|
||||||
{
|
{
|
||||||
/***** Insert IP into table of banned IPs *****/
|
/***** Insert IP into table of banned IPs *****/
|
||||||
DB_QueryINSERT ("can not ban IP",
|
DB_QueryINSERT ("can not ban IP",
|
||||||
"INSERT INTO firewall_banned"
|
"INSERT INTO fir_banned"
|
||||||
" (IP,BanTime,UnbanTime)"
|
" (IP,BanTime,UnbanTime)"
|
||||||
" VALUES"
|
" VALUES"
|
||||||
" ('%s',NOW(),FROM_UNIXTIME(UNIX_TIMESTAMP()+%lu))",
|
" ('%s',NOW(),FROM_UNIXTIME(UNIX_TIMESTAMP()+%lu))",
|
||||||
|
@ -179,7 +182,7 @@ static void FW_BanIP (void)
|
||||||
/********************************* Ban an IP *********************************/
|
/********************************* Ban an IP *********************************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
static void FW_WriteHTML (const char *Title,const char *H1)
|
static void Fir_WriteHTML (const char *Title,const char *H1)
|
||||||
{
|
{
|
||||||
fprintf (stdout,"<html>"
|
fprintf (stdout,"<html>"
|
||||||
"<head>"
|
"<head>"
|
||||||
|
|
|
@ -35,10 +35,10 @@
|
||||||
/***************************** Public prototypes *****************************/
|
/***************************** Public prototypes *****************************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
void FW_LogAccess (void);
|
void Fir_LogAccess (void);
|
||||||
void FW_PurgeFirewall (void);
|
void Fir_PurgeFirewall (void);
|
||||||
|
|
||||||
void FW_CheckFirewallAndExitIfBanned (void);
|
void Fir_CheckFirewallAndExitIfBanned (void);
|
||||||
void FW_CheckFirewallAndExitIfTooManyRequests (void);
|
void Fir_CheckFirewallAndExitIfTooManyRequests (void);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -1622,7 +1622,7 @@ void Lay_RefreshNotifsAndConnected (void)
|
||||||
if (!(Gbl.PID % 11))
|
if (!(Gbl.PID % 11))
|
||||||
Ntf_SendPendingNotifByEMailToAllUsrs (); // Send pending notifications by email
|
Ntf_SendPendingNotifByEMailToAllUsrs (); // Send pending notifications by email
|
||||||
else if (!(Gbl.PID % 19))
|
else if (!(Gbl.PID % 19))
|
||||||
FW_PurgeFirewall (); // Remove old clicks from firewall
|
Fir_PurgeFirewall (); // Remove old clicks from firewall
|
||||||
else if (!(Gbl.PID % 23))
|
else if (!(Gbl.PID % 23))
|
||||||
Fil_RemoveOldTmpFiles (Cfg_PATH_FILE_BROWSER_TMP_PUBLIC ,Cfg_TIME_TO_DELETE_BROWSER_TMP_FILES ,false); // Remove the oldest temporary public directories used for downloading
|
Fil_RemoveOldTmpFiles (Cfg_PATH_FILE_BROWSER_TMP_PUBLIC ,Cfg_TIME_TO_DELETE_BROWSER_TMP_FILES ,false); // Remove the oldest temporary public directories used for downloading
|
||||||
else if (!(Gbl.PID % 101))
|
else if (!(Gbl.PID % 101))
|
||||||
|
|
|
@ -115,9 +115,9 @@ int main (void)
|
||||||
Par_GetMainParams ();
|
Par_GetMainParams ();
|
||||||
|
|
||||||
/***** Mitigate DoS attacks *****/
|
/***** Mitigate DoS attacks *****/
|
||||||
FW_CheckFirewallAndExitIfBanned ();
|
Fir_CheckFirewallAndExitIfBanned ();
|
||||||
FW_LogAccess ();
|
Fir_LogAccess ();
|
||||||
FW_CheckFirewallAndExitIfTooManyRequests ();
|
Fir_CheckFirewallAndExitIfTooManyRequests ();
|
||||||
|
|
||||||
Hie_InitHierarchy ();
|
Hie_InitHierarchy ();
|
||||||
if (!Gbl.WebService.IsWebService)
|
if (!Gbl.WebService.IsWebService)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user