* @license http://www.gnu.org/licenses/lgpl.html LGPL * @version Release: $Id:Ips.php 517 2011-07-29 15:04:13Z bernieberg $ */ class IDS_Ips { /** * Holds the data from the log file * * @var array */ private $data = array(); /** * how long an ip will be blocked from their last hit * * @var int */ private $blocked_duration = 7200; /** * How many negative hits until they are blocked * * @var int */ private $blocked_count = 5; /** * location of the ip log file * * @var string */ private $ip_file = null; /** * Constructor * * Sets up the object with the passed arguments * * @param string $ip_file location of the ip log file * @param int $duration how long, in seconds, to keep an ip blocked * @param int $count how many hits until be block this ip * * @return void */ public function __construct($ip_file, $duration = 7200, $count = 5) { $this->blocked_duration = $duration; $this->blocked_count = $count; $this->ip_file = $ip_file; if (!file_exists($ip_file)) { $this->data = array(); return; } // 0 = ip address // 1 = count // 2 = last date // 3 = ban count $handle = fopen($ip_file, "r"); $good_data = array(); while (($data = fgetcsv($handle, 0, ",")) !== FALSE) { $good_data[$data[0]] = $data; } fclose($handle); $this->data = $good_data; } public function tempBlock($ip_address) { if (!array_key_exists($ip_address, $this->data)) { $this->data[$ip_address] = array($ip_address, $this->blocked_count + 1, time(), 0, false); } else { $this->data[$ip_address][1] += $this->blocked_count; $this->data[$ip_address][2] = time(); } $this->writeLog(); return true; } /** * isBlocked * * Is the passed ip address blocked? * * @param string $ip_address ip we are checking * * @return boolean */ public function isBlocked($ip_address) { if (!array_key_exists($ip_address, $this->data)) { return array(false, 0); } $blocked_time = time()-$this->blocked_duration; $ip_data = $this->data[$ip_address]; //print_r($ip_data); if ($ip_data[1]>=$this->blocked_count && $ip_data[2]>=$blocked_time) { $this->incCount($ip_address); $this->writeLog(); return array(true, $ip_data[3]); } elseif($ip_data[2] <= $blocked_time && $ip_data[4] == 1) { //$this->unBlock($ip_address); $this->resetCount($ip_address); $this->writeLog(); } return array(false, 0); } /** * blockCount * * increase ban count, you should run writeLog after this * * @param string $ip_address ip we are checking * * @return void */ public function resetCount($ip_address) { if (array_key_exists($ip_address, $this->data)) { //unset($this->data[$ip_address]); $this->data[$ip_address][1] = 0; $this->data[$ip_address][4] = false; } } /** * blockCount * * increase ban count, you should run writeLog after this * * @param string $ip_address ip we are checking * * @return void */ public function incCount($ip_address) { if (array_key_exists($ip_address, $this->data) && $this->data[$ip_address][4] == false) { $this->data[$ip_address][3]++; $this->data[$ip_address][4] = true; } } /** * unBlock * * remove the passed ip address, you should run writeLog after this * * @param string $ip_address ip we are checking * * @return void */ public function unBlock($ip_address) { echo "UNBLOCKED !"; if (array_key_exists($ip_address, $this->data)) { unset($this->data[$ip_address]); } } /** * logHit * * log and increment a negative hit for this ip address * * @param string $ip_address ip we are checking * * @return void */ public function logHit($ip_address) { if (!array_key_exists($ip_address, $this->data)) { $this->data[$ip_address] = array($ip_address, 1, time(), 0, false); } else { $this->data[$ip_address][1]++; $this->data[$ip_address][2] = time(); } } /** * writeLog * * write the ip log file * * @return void */ public function writeLog() { $fp = fopen($this->ip_file, 'w'); foreach ($this->data as $fields) { fputcsv($fp, $fields); } fclose($fp); return true; } } ?>