Compare commits
No commits in common. "544b7cfa49abc61902d9cda4af0251644a35e8bd" and "64c491f24581283718bcbbba354ff1c45ae35b31" have entirely different histories.
544b7cfa49
...
64c491f245
@ -2,7 +2,7 @@
|
|||||||
-- PostgreSQL database dump
|
-- PostgreSQL database dump
|
||||||
--
|
--
|
||||||
|
|
||||||
\restrict f7Q5mSLZ6vWDok89gagYtp9j07wIocFgGXfuMOImRKtOLNzZO3glMcFoPsKcwyf
|
\restrict egAwyE4B3wEnHssUVHxJ464Lb0Kmj4HSy1kjprHurOlkfHG9LdbCjmrWhLywb8F
|
||||||
|
|
||||||
-- Dumped from database version 16.11 (df20cf9)
|
-- Dumped from database version 16.11 (df20cf9)
|
||||||
-- Dumped by pg_dump version 16.10
|
-- Dumped by pg_dump version 16.10
|
||||||
@ -387,5 +387,5 @@ ALTER TABLE ONLY public.public_blacklist_ips
|
|||||||
-- PostgreSQL database dump complete
|
-- PostgreSQL database dump complete
|
||||||
--
|
--
|
||||||
|
|
||||||
\unrestrict f7Q5mSLZ6vWDok89gagYtp9j07wIocFgGXfuMOImRKtOLNzZO3glMcFoPsKcwyf
|
\unrestrict egAwyE4B3wEnHssUVHxJ464Lb0Kmj4HSy1kjprHurOlkfHG9LdbCjmrWhLywb8F
|
||||||
|
|
||||||
|
|||||||
@ -22,8 +22,8 @@ SyslogIdentifier=ids-auto-block
|
|||||||
NoNewPrivileges=true
|
NoNewPrivileges=true
|
||||||
PrivateTmp=true
|
PrivateTmp=true
|
||||||
|
|
||||||
# Timeout: max 8 minuti per detection+blocking
|
# Timeout: max 5 minuti per detection+blocking
|
||||||
TimeoutStartSec=480
|
TimeoutStartSec=300
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|||||||
@ -58,7 +58,7 @@ def auto_block():
|
|||||||
"limit": 200,
|
"limit": 200,
|
||||||
"list_name": "ddos_blocked"
|
"list_name": "ddos_blocked"
|
||||||
},
|
},
|
||||||
timeout=300
|
timeout=120
|
||||||
)
|
)
|
||||||
|
|
||||||
if response.status_code == 200:
|
if response.status_code == 200:
|
||||||
@ -85,7 +85,7 @@ def auto_block():
|
|||||||
print(f"[{timestamp}] ERRORE: Node.js backend non raggiungibile su {NODE_API_URL}")
|
print(f"[{timestamp}] ERRORE: Node.js backend non raggiungibile su {NODE_API_URL}")
|
||||||
return 1
|
return 1
|
||||||
except requests.exceptions.Timeout:
|
except requests.exceptions.Timeout:
|
||||||
print(f"[{timestamp}] ERRORE: Timeout blocco IP (300s)")
|
print(f"[{timestamp}] ERRORE: Timeout blocco IP (120s)")
|
||||||
return 1
|
return 1
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
print(f"[{timestamp}] ERRORE imprevisto: {type(e).__name__}: {e}")
|
print(f"[{timestamp}] ERRORE imprevisto: {type(e).__name__}: {e}")
|
||||||
|
|||||||
@ -20,7 +20,7 @@ async function mikrotikRequest(
|
|||||||
method: string,
|
method: string,
|
||||||
path: string,
|
path: string,
|
||||||
body?: any,
|
body?: any,
|
||||||
timeoutMs: number = 8000
|
timeoutMs: number = 10000
|
||||||
): Promise<{ status: number; data: any }> {
|
): Promise<{ status: number; data: any }> {
|
||||||
const useHttps = router.apiPort === 443;
|
const useHttps = router.apiPort === 443;
|
||||||
const protocol = useHttps ? "https" : "http";
|
const protocol = useHttps ? "https" : "http";
|
||||||
@ -239,21 +239,14 @@ export async function bulkBlockIps(
|
|||||||
return { blocked: 0, failed: 0, skipped: 0, details: [] };
|
return { blocked: 0, failed: 0, skipped: 0, details: [] };
|
||||||
}
|
}
|
||||||
|
|
||||||
console.log(`[BULK-BLOCK] Starting: ${ipList.length} IPs on ${enabled.length} routers (${enabled.map(r => r.ipAddress).join(', ')})`);
|
console.log(`[BULK-BLOCK] Starting: ${ipList.length} IPs on ${enabled.length} routers`);
|
||||||
|
|
||||||
const routerStatus = new Map<string, { ok: number; fail: number; skip: number }>();
|
|
||||||
for (const r of enabled) {
|
|
||||||
routerStatus.set(r.ipAddress, { ok: 0, fail: 0, skip: 0 });
|
|
||||||
}
|
|
||||||
|
|
||||||
const existingCache = new Map<string, Set<string>>();
|
const existingCache = new Map<string, Set<string>>();
|
||||||
await Promise.allSettled(
|
await Promise.allSettled(
|
||||||
enabled.map(async (router) => {
|
enabled.map(async (router) => {
|
||||||
const start = Date.now();
|
|
||||||
const existing = await getExistingBlockedIps(router, listName);
|
const existing = await getExistingBlockedIps(router, listName);
|
||||||
const elapsed = Date.now() - start;
|
|
||||||
existingCache.set(router.ipAddress, existing);
|
existingCache.set(router.ipAddress, existing);
|
||||||
console.log(`[BULK-BLOCK] Router ${router.ipAddress}: ${existing.size} IPs already in list (${elapsed}ms)`);
|
console.log(`[BULK-BLOCK] Router ${router.ipAddress}: ${existing.size} IPs already in list`);
|
||||||
})
|
})
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -286,23 +279,8 @@ export async function bulkBlockIps(
|
|||||||
const routerResults = await Promise.allSettled(
|
const routerResults = await Promise.allSettled(
|
||||||
enabled.map(async (router) => {
|
enabled.map(async (router) => {
|
||||||
const existing = existingCache.get(router.ipAddress) || new Set();
|
const existing = existingCache.get(router.ipAddress) || new Set();
|
||||||
if (existing.has(ip)) {
|
if (existing.has(ip)) return true;
|
||||||
const st = routerStatus.get(router.ipAddress);
|
|
||||||
if (st) st.skip++;
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
const start = Date.now();
|
|
||||||
const result = await addToAddressList(router, ip, listName, `${commentPrefix} ${ip}`, timeoutDuration);
|
const result = await addToAddressList(router, ip, listName, `${commentPrefix} ${ip}`, timeoutDuration);
|
||||||
const elapsed = Date.now() - start;
|
|
||||||
const st = routerStatus.get(router.ipAddress);
|
|
||||||
if (result.success) {
|
|
||||||
if (st) st.ok++;
|
|
||||||
} else {
|
|
||||||
if (st) st.fail++;
|
|
||||||
if (elapsed > 5000) {
|
|
||||||
console.warn(`[BULK-BLOCK] SLOW: Router ${router.ipAddress} took ${elapsed}ms for IP ${ip}: ${result.error}`);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return result.success;
|
return result.success;
|
||||||
})
|
})
|
||||||
);
|
);
|
||||||
@ -333,10 +311,6 @@ export async function bulkBlockIps(
|
|||||||
details.push({ ip, status: "already_blocked" });
|
details.push({ ip, status: "already_blocked" });
|
||||||
}
|
}
|
||||||
|
|
||||||
// Report per-router
|
|
||||||
routerStatus.forEach((st, routerIp) => {
|
|
||||||
console.log(`[BULK-BLOCK] Router ${routerIp}: ${st.ok} blocked, ${st.fail} failed, ${st.skip} skipped`);
|
|
||||||
});
|
|
||||||
console.log(`[BULK-BLOCK] Done: ${blocked} blocked, ${failed} failed, ${skippedIps.length} skipped`);
|
console.log(`[BULK-BLOCK] Done: ${blocked} blocked, ${failed} failed, ${skippedIps.length} skipped`);
|
||||||
|
|
||||||
return { blocked, failed, skipped: skippedIps.length, details };
|
return { blocked, failed, skipped: skippedIps.length, details };
|
||||||
|
|||||||
16
version.json
16
version.json
@ -1,13 +1,7 @@
|
|||||||
{
|
{
|
||||||
"version": "1.0.119",
|
"version": "1.0.118",
|
||||||
"lastUpdate": "2026-02-17T07:32:28.004Z",
|
"lastUpdate": "2026-02-16T18:28:03.809Z",
|
||||||
"changelog": [
|
"changelog": [
|
||||||
{
|
|
||||||
"version": "1.0.119",
|
|
||||||
"date": "2026-02-17",
|
|
||||||
"type": "patch",
|
|
||||||
"description": "Deployment automatico v1.0.119"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"version": "1.0.118",
|
"version": "1.0.118",
|
||||||
"date": "2026-02-16",
|
"date": "2026-02-16",
|
||||||
@ -301,6 +295,12 @@
|
|||||||
"date": "2025-11-25",
|
"date": "2025-11-25",
|
||||||
"type": "patch",
|
"type": "patch",
|
||||||
"description": "Deployment automatico v1.0.70"
|
"description": "Deployment automatico v1.0.70"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"version": "1.0.69",
|
||||||
|
"date": "2025-11-25",
|
||||||
|
"type": "patch",
|
||||||
|
"description": "Deployment automatico v1.0.69"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue
Block a user