diff options
| author | Evgeniy Khramtsov <ekhramtsov@process-one.net> | 2018-01-23 10:54:52 +0300 |
|---|---|---|
| committer | Evgeniy Khramtsov <ekhramtsov@process-one.net> | 2018-01-23 10:54:52 +0300 |
| commit | ba2b650464bd3aae2b6b0f3a3177476360cb6d08 (patch) | |
| tree | 5d55501f76edcdcfe145ba0c3367a54ea0314e5c /src/mod_fail2ban.erl | |
| parent | Do not try to start ezlib application too frequently (diff) | |
Introduce new gen_mod callback: mod_options/1
The callback is supposed to provide known options and their default
values, as long as the documentation. Passing default values into
get_mod functions is now deprecated: all defaults should be provided
by the Mod:mod_options/1 callback.
Diffstat (limited to 'src/mod_fail2ban.erl')
| -rw-r--r-- | src/mod_fail2ban.erl | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/src/mod_fail2ban.erl b/src/mod_fail2ban.erl index e8ab076fb..618e4b6e4 100644 --- a/src/mod_fail2ban.erl +++ b/src/mod_fail2ban.erl @@ -34,15 +34,13 @@ -export([init/1, handle_call/3, handle_cast/2, handle_info/2, terminate/2, code_change/3, - mod_opt_type/1, depends/2]). + mod_opt_type/1, mod_options/1, depends/2]). -include_lib("stdlib/include/ms_transform.hrl"). -include("ejabberd.hrl"). -include("logger.hrl"). -include("xmpp.hrl"). --define(C2S_AUTH_BAN_LIFETIME, 3600). %% 1 hour --define(C2S_MAX_AUTH_FAILURES, 20). -define(CLEAN_INTERVAL, timer:minutes(10)). -record(state, {host = <<"">> :: binary()}). @@ -58,11 +56,9 @@ c2s_auth_result(#{ip := {Addr, _}, lserver := LServer} = State, false, _User) -> State; false -> BanLifetime = gen_mod:get_module_opt( - LServer, ?MODULE, c2s_auth_ban_lifetime, - ?C2S_AUTH_BAN_LIFETIME), + LServer, ?MODULE, c2s_auth_ban_lifetime), MaxFailures = gen_mod:get_module_opt( - LServer, ?MODULE, c2s_max_auth_failures, - ?C2S_MAX_AUTH_FAILURES), + LServer, ?MODULE, c2s_max_auth_failures), UnbanTS = p1_time_compat:system_time(seconds) + BanLifetime, Attempts = case ets:lookup(failed_auth, Addr) of [{Addr, N, _, _}] -> @@ -179,7 +175,7 @@ log_and_disconnect(#{ip := {Addr, _}, lang := Lang} = State, Attempts, UnbanTS) {stop, ejabberd_c2s:send(State, Err)}. is_whitelisted(Host, Addr) -> - Access = gen_mod:get_module_opt(Host, ?MODULE, access, none), + Access = gen_mod:get_module_opt(Host, ?MODULE, access), acl:match_rule(Host, Access, Addr) == allow. seconds_to_now(Secs) -> @@ -194,6 +190,9 @@ mod_opt_type(access) -> mod_opt_type(c2s_auth_ban_lifetime) -> fun (T) when is_integer(T), T > 0 -> T end; mod_opt_type(c2s_max_auth_failures) -> - fun (I) when is_integer(I), I > 0 -> I end; -mod_opt_type(_) -> - [access, c2s_auth_ban_lifetime, c2s_max_auth_failures]. + fun (I) when is_integer(I), I > 0 -> I end. + +mod_options(_Host) -> + [{access, none}, + {c2s_auth_ban_lifetime, 3600}, %% one hour + {c2s_max_auth_failures, 20}]. |