daily pastebin goal
64%
SHARE
TWEET

Untitled

a guest Dec 7th, 2017 48 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. // PHP settings
  3. ini_set("display_errors", 1);
  4. set_time_limit(0);
  5. ini_set('memory_limit', '1024M');
  6.  
  7. // CONFIG
  8. include("config.php");
  9.  
  10. function DEBUG($msg)
  11. {
  12.     global $debugMode;
  13.     if (!$debugMode)
  14.         return;
  15.     echo "$msg\n";
  16. }
  17.  
  18. // get tcpdump output
  19. $tmp = file_get_contents("/root/flood/out.txt");
  20. preg_match_all('/ IP ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+).*?> ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/', $tmp, $out);
  21. $ips = array();
  22. $ipTarget = array();
  23. foreach ($out[1] as $k => $ip)
  24. {
  25.     $ipTarget[$ip] = $out[2][$k];
  26.     $cur = &$ips[$ip];
  27.     if (isset($cur))
  28.         $cur++;
  29.     else
  30.         $cur = 1;
  31. }
  32.  
  33. function getNextRule()
  34. {
  35.     global $usedRules;
  36.     for ($i = 10; $i <= 490000; $i += 10)
  37.         if (!in_array($i, $usedRules))
  38.         {
  39.             $usedRules[] = $i; // mark current rule as used
  40.             return $i;
  41.         }
  42.     return 10;
  43. }
  44.  
  45. // get next available rule and expired rules
  46. $commandsToExecute = array();
  47. $usedRules = array();
  48. $time = time();
  49. include("config_sql.php");
  50. if (count($ips))
  51. {
  52.     $sql = mysql_query("SELECT rule, time, ip FROM filters");
  53.     $expectedRule = 10;
  54.     while ($r = mysql_fetch_row($sql))
  55.     {
  56.         $rule = $r[0];
  57.         $usedRules[] = $rule;
  58.         $timeForRule = $r[1];
  59.         $ip = $r[2];
  60.         if ($timeForRule + $expiration < $time)
  61.         {
  62.             DEBUG("$ip @ rule $rule expired !");
  63.             mysql_query("DELETE FROM filters WHERE rule = $rule");
  64.             $commandsToExecute[] = "no $rule";
  65.         }
  66.     }
  67. }
  68.  
  69. $sql = mysql_query("SELECT `1` FROM pending_filter");
  70. $onePending = false;
  71. while ($r = mysql_fetch_row($sql))
  72. {
  73.     $onePending = true;
  74.     $ip = $r[0];
  75.     $ips[$ip] = 9999999;
  76. }
  77. if ($onePending)
  78.     mysql_query("TRUNCATE TABLE pending_filter");
  79.  
  80. $debugOutput = "";
  81. foreach ($ips as $ip => $count)
  82. {
  83.     if (@substr($ipTarget[$ip], 0, 9) == "89.39.15.")
  84.         continue;
  85.     //if (@substr($ip == "89.39.14.254")
  86.     //    continue;
  87.     if (@substr($ipTarget[$ip], 0, 12) == "93.119.26.250")
  88.     //if (@substr($ip == "93.119.26.250")
  89.         continue ;
  90.     //if ($ip == "81.180.226.98")
  91.     //    echo "$ip - total: $count, pps: " . intval($count / $analyzeDuration) . "\n";
  92.     $debugOutput .= intval($count / $analyzeDuration) . " - $ip\n";
  93.     if ($count >= $limit)
  94.     {
  95.         DEBUG("Found $ip with count $count");
  96.         $timeForIP = @mysql_fetch_row(mysql_query("SELECT time FROM filters WHERE ip = '$ip'"));
  97.         $timeForIP = @$timeForIP[0];
  98.         if ($timeForIP)
  99.         {
  100.             DEBUG("   already in filters list, expires in " . ($timeForIP + $expiration - $time) . "s");
  101.             continue;
  102.         }
  103.         if ($saveLogs)
  104.         {
  105.             copy("/root/flood/out.txt", "/root/flood/logs/$ip.txt");
  106.             if ($saveLogs == 2)
  107.             {
  108.                 chdir("logs");
  109.                 `tar czvf $ip.tar.gz $ip.txt`;
  110.                 `rm $ip.txt`;
  111.                 chdir("..");
  112.             }
  113.         }
  114.         $nextRule = getNextRule();
  115.         @mysql_query("INSERT INTO filters VALUES ($nextRule, '$ip', '', $count, '{$ipTarget[$ip]}', $time)");
  116.         $commandsToExecute[] = "$nextRule deny ip host $ip any";
  117.     }
  118. }
  119. //file_put_contents("/root/flood/out2.txt", $debugOutput);
  120.  
  121. // execute pending commands
  122. if (count($commandsToExecute))
  123. {
  124.     DEBUG("Executing " . count($commandsToExecute) . " pending commands");
  125.     include("telnet.php");
  126. }
  127. ?>
RAW Paste Data
Top