2014-08-15 11:40:04 +02:00
|
|
|
%%%-------------------------------------------------------------------
|
|
|
|
%%% @author Evgeny Khramtsov <ekhramtsov@process-one.net>
|
|
|
|
%%% @copyright (C) 2014, Evgeny Khramtsov
|
|
|
|
%%% @doc
|
|
|
|
%%%
|
|
|
|
%%% @end
|
|
|
|
%%% Created : 15 Aug 2014 by Evgeny Khramtsov <ekhramtsov@process-one.net>
|
|
|
|
%%%-------------------------------------------------------------------
|
|
|
|
-module(mod_fail2ban).
|
|
|
|
|
|
|
|
-behaviour(gen_mod).
|
|
|
|
|
|
|
|
%% API
|
2014-08-15 14:13:04 +02:00
|
|
|
-export([start/2, stop/1, c2s_auth_result/4, check_bl_c2s/2]).
|
2014-08-15 11:40:04 +02:00
|
|
|
|
|
|
|
%%%===================================================================
|
|
|
|
%%% API
|
|
|
|
%%%===================================================================
|
|
|
|
start(Host, _Opts) ->
|
2014-08-15 14:13:04 +02:00
|
|
|
catch ets:new(failed_auth, [named_table, public]),
|
|
|
|
ejabberd_hooks:add(c2s_auth_result, Host, ?MODULE, c2s_auth_result, 100),
|
|
|
|
ejabberd_hooks:add(check_bl_c2s, ?MODULE, check_bl_c2s, 100).
|
2014-08-15 11:40:04 +02:00
|
|
|
|
|
|
|
stop(Host) ->
|
2014-08-15 14:13:04 +02:00
|
|
|
ejabberd_hooks:delete(c2s_auth_result, Host, ?MODULE, c2s_auth_result, 100),
|
|
|
|
ejabberd_hooks:delete(check_bl_c2s, ?MODULE, check_bl_c2s, 100).
|
2014-08-15 11:40:04 +02:00
|
|
|
|
|
|
|
%%%===================================================================
|
|
|
|
%%% Internal functions
|
|
|
|
%%%===================================================================
|
2014-08-15 14:13:04 +02:00
|
|
|
c2s_auth_result(false, _User, _Server, {Addr, _Port}) ->
|
|
|
|
case ets:lookup(failed_auth, Addr) of
|
|
|
|
[] ->
|
|
|
|
ets:insert(failed_auth, {Addr, 1});
|
2014-08-15 11:40:04 +02:00
|
|
|
_ ->
|
2014-08-15 14:13:04 +02:00
|
|
|
ets:update_counter(failed_auth, Addr, 1)
|
|
|
|
end,
|
|
|
|
timer:sleep(3);
|
|
|
|
c2s_auth_result(true, _User, _Server, _AddrPort) ->
|
|
|
|
ok.
|
|
|
|
|
|
|
|
check_bl_c2s(_Acc, Addr) ->
|
|
|
|
case ets:lookup(failed_auth, Addr) of
|
|
|
|
[{Addr, N}] when N >= 100 ->
|
|
|
|
{stop, true};
|
2014-08-15 11:40:04 +02:00
|
|
|
_ ->
|
2014-08-15 14:13:04 +02:00
|
|
|
false
|
2014-08-15 11:40:04 +02:00
|
|
|
end.
|