diff --git a/auto_block.py b/auto_block.py index e7d97103..d0daa5d2 100644 --- a/auto_block.py +++ b/auto_block.py @@ -19,11 +19,11 @@ def get_ip(text): - if match_ipv4_address(text) != None: - return match_ipv4_address(text) + if common.match_ipv4_address(text) != None: + return common.match_ipv4_address(text) else: - if match_ipv6_address(text) != None: - return match_ipv6_address(text) + if common.match_ipv6_address(text) != None: + return common.match_ipv6_address(text) return None def file_len(fname): @@ -116,8 +116,8 @@ def auto_block_thread(): if str(node) == str(configloader.get_config().NODE_ID): if configloader.get_config().ANTISSATTACK == 1 and configloader.get_config().CLOUDSAFE == 1 and ip not in denyed_ip_list: - if is_ip(ip) != False: - if is_ip(ip) == socket.AF_INET: + if common.is_ip(ip) != False: + if common.is_ip(ip) == socket.AF_INET: os.system('route add -host %s gw 127.0.0.1' % str(ip)) deny_str = deny_str + "\nALL: " + str(ip) else: @@ -126,8 +126,8 @@ def auto_block_thread(): logging.info("Remote Block ip:" + str(ip)) else: - if is_ip(ip) != False: - if is_ip(ip) == socket.AF_INET: + if common.is_ip(ip) != False: + if common.is_ip(ip) == socket.AF_INET: os.system('route add -host %s gw 127.0.0.1' % str(ip)) deny_str = deny_str + "\nALL: " + str(ip) else: @@ -169,8 +169,8 @@ def auto_block_thread(): ip = str(row[1]) if line.find(ip) != -1: del deny_lines[i] - if is_ip(ip) != False: - if is_ip(ip) == socket.AF_INET: + if common.is_ip(ip) != False: + if common.is_ip(ip) == socket.AF_INET: os.system('route del -host %s gw 127.0.0.1' % str(ip)) else: os.system('ip -6 route del ::1/128 via %s/128' % str(ip)) diff --git a/db_transfer.py b/db_transfer.py index ecc8c7e6..da574421 100644 --- a/db_transfer.py +++ b/db_transfer.py @@ -108,12 +108,12 @@ def update_all_user(self, dt_transfer): for ip in wrong_iplist[id]: realip = "" is_ipv6 = False - if is_ip(ip) != False: - if(is_ip(ip) == socket.AF_INET): + if common.is_ip(ip) != False: + if(common.is_ip(ip) == socket.AF_INET): realip = ip else: - if match_ipv4_address(ip) != None: - realip = match_ipv4_address(ip) + if common.match_ipv4_address(ip) != None: + realip = common.match_ipv4_address(ip) else: is_ipv6 = True realip = ip @@ -135,13 +135,13 @@ def update_all_user(self, dt_transfer): cur = conn.cursor() cur.execute("INSERT INTO `blockip` (`id`, `nodeid`, `ip`, `datetime`) VALUES (NULL, '" + str(get_config().NODE_ID) + "', '" + str(realip) + "', unix_timestamp())") cur.close() - if get_config().CLOUDSAFE == 0: - if is_ipv6 == False: - os.system('route add -host %s gw 127.0.0.1' % str(realip)) - deny_str = deny_str + "\nALL: " + str(realip) - else: - os.system('ip -6 route add ::1/128 via %s/128' % str(realip)) - deny_str = deny_str + "\nALL: [" + str(realip) +"]/128" + else: + if is_ipv6 == False: + os.system('route add -host %s gw 127.0.0.1' % str(realip)) + deny_str = deny_str + "\nALL: " + str(realip) + else: + os.system('ip -6 route add ::1/128 via %s/128' % str(realip)) + deny_str = deny_str + "\nALL: [" + str(realip) +"]/128" if get_config().CLOUDSAFE == 0: deny_file=open('/etc/hosts.deny','a') fcntl.flock(deny_file.fileno(),fcntl.LOCK_EX) diff --git a/server_pool.py b/server_pool.py index 71018405..0b2b50c0 100644 --- a/server_pool.py +++ b/server_pool.py @@ -288,25 +288,25 @@ def get_server_wrong(self, port): if port in self.tcp_servers_pool: templist = self.tcp_servers_pool[port].wrong_iplist.copy() for ip in templist: - if ip not in ret and templist[ip] < time.time()-300: + if ip not in ret and templist[ip] < time.time() - 60: ret.append(ip) self.tcp_servers_pool[port].wrong_iplist_clean() - if port in self.udp_servers_pool and templist[ip] < time.time()-300: + if port in self.udp_servers_pool: templist = self.udp_servers_pool[port].wrong_iplist.copy() for ip in templist: - if ip not in ret: + if ip not in ret and templist[ip] < time.time() - 60: ret.append(ip) self.udp_servers_pool[port].wrong_iplist_clean() - if port in self.tcp_ipv6_servers_pool and templist[ip] < time.time()-300: + if port in self.tcp_ipv6_servers_pool: templist = self.tcp_ipv6_servers_pool[port].wrong_iplist.copy() for ip in templist: - if ip not in ret: + if ip not in ret and templist[ip] < time.time() - 60: ret.append(ip) self.tcp_ipv6_servers_pool[port].wrong_iplist_clean() - if port in self.udp_ipv6_servers_pool and templist[ip] < time.time()-300: + if port in self.udp_ipv6_servers_pool: templist = self.udp_ipv6_servers_pool[port].wrong_iplist.copy() for ip in templist: - if ip not in ret: + if ip not in ret and templist[ip] < time.time() - 60: ret.append(ip) self.udp_ipv6_servers_pool[port].wrong_iplist_clean() return ret diff --git a/shadowsocks/common.py b/shadowsocks/common.py index b2079c6d..66fce074 100644 --- a/shadowsocks/common.py +++ b/shadowsocks/common.py @@ -118,22 +118,17 @@ def is_ip(address): pass return False -def match_ipv4_address(address): - pat = re.compile("\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}") - test = pat.match(hostIP) - if test: - return test.group(1) - else: - return None - -def match_ipv6_address(address): - pat = re.compile("(?:[A-F0-9]{1,4}:){7}[A-F0-9]{1,4}") - test = pat.match(hostIP) - if test: - return test.group(1) - else: - return None - +def match_ipv4_address(text): + reip = re.compile(r'(? time.time()-300: + if self.wrong_iplist[key] > time.time() - 60: temp_new_list[key] = self.wrong_iplist[key] self.wrong_iplist = temp_new_list.copy() diff --git a/shadowsocks/udprelay.py b/shadowsocks/udprelay.py index 1e1edb45..c18efbf0 100644 --- a/shadowsocks/udprelay.py +++ b/shadowsocks/udprelay.py @@ -1462,7 +1462,7 @@ def wrong_iplist_clean(self): temp_new_list = {} for key in self.wrong_iplist: - if self.wrong_iplist[key] > time.time()-300: + if self.wrong_iplist[key] > time.time() - 60: temp_new_list[key] = self.wrong_iplist[key] self.wrong_iplist = temp_new_list.copy()