MODRET lmd_deny_blacklist_post_pass(cmd_rec *cmd) { /* mod_authを通過するまでは session.userは空の様子 const char *account = session.user; */ const char *account = NULL; const char *remote_ip = NULL; /* return IP unless found hostname */ account = get_param_ptr(cmd->server->conf, "UserName", FALSE); remote_ip = pr_netaddr_get_ipstr(pr_netaddr_get_sess_remote_addr()); if(false == is_set_server) { pr_log_auth(PR_LOG_WARNING, "%s: memcached_server not set", MODULE_NAME); lmd_cleanup(); return PR_DECLINED(cmd); } if(is_allowed_user(cmd, account) == true) { pr_log_auth(PR_LOG_NOTICE, "%s: '%s' is allowed to login. skip last process", MODULE_NAME, account); lmd_cleanup(); return PR_DECLINED(cmd); } /* allow explicily */ if(is_allowed(cmd, session.c->remote_addr) == true) { return PR_DECLINED(cmd); } /* check whether account is registerd in blacklist or not */ if(is_cache_exits(memcached_deny_blacklist_mmc, account) == true) { pr_log_auth(PR_LOG_NOTICE, "%s: denied '%s@%s'. Account found in blacklist(memcached)", MODULE_NAME, account, remote_ip); pr_response_send(R_530, _("Login denied temporary (Account found in blacklist)")); end_login(0); } /* check whether remote IP is registerd in blacklist or not */ if(is_cache_exits(memcached_deny_blacklist_mmc, remote_ip) == true) { pr_log_auth(PR_LOG_NOTICE, "%s: denied '%s@%s'. IP found in blacklist(memcached)", MODULE_NAME, account, remote_ip); pr_response_send(R_530, _("Login denied temporary (IP found in blacklist)")); end_login(0); } pr_log_debug(DEBUG2, "%s: not found in blaclist. '%s@%s' is allowed to Login", MODULE_NAME, account, remote_ip); lmd_cleanup(); return PR_DECLINED(cmd); }
int is_allowed(const char * url) { if (is_allowed_user(getuid())) return 1; if (is_ipv4_addr(url)) return 1; if (is_ipv6_addr(url)) return 1; if (is_allowed_url(url)) return 1; log_blocked(url); return 0; }