Add blocklist functionality.

This commit is contained in:
Simon Howard 2016-03-18 00:21:19 +00:00
parent a7f9439578
commit 118c62ba4b
2 changed files with 17 additions and 2 deletions

View file

@ -27,6 +27,7 @@ import simplejson
from select import select from select import select
from time import time, strftime from time import time, strftime
from master_config import * from master_config import *
from fnmatch import fnmatch
import secure_demo import secure_demo
# Maximum length of a query response. # Maximum length of a query response.
@ -124,7 +125,7 @@ class MasterServer:
self.log_file.write("%s %s %s\n" % (timestamp, addr_str, s)) self.log_file.write("%s %s %s\n" % (timestamp, addr_str, s))
self.log_file.flush() self.log_file.flush()
def __init__(self, server_address, query_address): def __init__(self, server_address, query_address, block_patterns=[]):
""" Initialise a new master server. """ """ Initialise a new master server. """
self.servers = {} self.servers = {}
@ -133,6 +134,7 @@ class MasterServer:
self.sock = self.open_socket(server_address) self.sock = self.open_socket(server_address)
self.query_sock = self.open_socket(query_address) self.query_sock = self.open_socket(query_address)
self.block_patterns = block_patterns
if secure_demo.available and SIGNING_KEY: if secure_demo.available and SIGNING_KEY:
self.signer = secure_demo.SecureSigner(SIGNING_KEY) self.signer = secure_demo.SecureSigner(SIGNING_KEY)
@ -366,11 +368,18 @@ class MasterServer:
elif packet_type == NET_MASTER_PACKET_TYPE_SIGN_END: elif packet_type == NET_MASTER_PACKET_TYPE_SIGN_END:
self.sign_end_message(data[2:], addr) self.sign_end_message(data[2:], addr)
def is_blocked(self, addr):
addr_str = "%s:%i" % addr
return any(fnmatch(addr_str, block) for block in self.block_patterns)
def rx_packet(self): def rx_packet(self):
""" Invoked when a packet is received. """ """ Invoked when a packet is received. """
data, addr = self.sock.recvfrom(1400) data, addr = self.sock.recvfrom(1400)
if self.is_blocked(addr):
return
try: try:
self.process_packet(data, addr) self.process_packet(data, addr)
except Exception, e: except Exception, e:
@ -430,6 +439,6 @@ class MasterServer:
self.rx_packet_query_sock() self.rx_packet_query_sock()
if __name__ == "__main__": if __name__ == "__main__":
server = MasterServer(SERVER_ADDRESS, QUERY_ADDRESS) server = MasterServer(SERVER_ADDRESS, QUERY_ADDRESS, BLOCK_ADDRESSES)
server.run() server.run()

View file

@ -46,3 +46,9 @@ QUERY_ADDRESS = None
SIGNING_KEY = None SIGNING_KEY = None
# Blocked IP addresses which will be ignored by the master server.
# These are Python fnmatch glob patterns.
BLOCK_ADDRESSES = [
]