/usr/share/perl5/Apache/Ocsinventory/Server/Capacities/Filter.pm is in ocsinventory-server 2.0.5-1.1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 | ################################################################################
## OCSINVENTORY-NG
## Copyleft Pascal DANEK 2005
## Web : http://www.ocsinventory-ng.org
##
## This code is open source and may be copied and modified as long as the source
## code is always made freely available.
## Please refer to the General Public Licence http://www.gnu.org/ or Licence.txt
################################################################################
# This core module is used to implement what filter you want.
package Apache::Ocsinventory::Server::Capacities::Filter;
use strict;
BEGIN{
if($ENV{'OCS_MODPERL_VERSION'} == 1){
require Apache::Ocsinventory::Server::Modperl1;
Apache::Ocsinventory::Server::Modperl1->import();
}elsif($ENV{'OCS_MODPERL_VERSION'} == 2){
require Apache::Ocsinventory::Server::Modperl2;
Apache::Ocsinventory::Server::Modperl2->import();
}
}
use Apache::Ocsinventory::Server::System;
use Apache::Ocsinventory::Server::Communication;
use Apache::Ocsinventory::Server::Constants;
# Initialize option
push @{$Apache::Ocsinventory::OPTIONS_STRUCTURE},{
'HANDLER_PROLOG_READ' => \&filter_prolog,
'HANDLER_PROLOG_RESP' => undef,
'HANDLER_PRE_INVENTORY' => \&filter_inventory,
'HANDLER_POST_INVENTORY' => undef,
'REQUEST_NAME' => undef,
'HANDLER_REQUEST' => undef,
'HANDLER_DUPLICATE' => undef,
'TYPE' => OPTION_TYPE_SYNC,
'XML_PARSER_OPT' => {
'ForceArray' => []
}
};
sub filter_prolog{
# ON/OFF
return PROLOG_CONTINUE unless $ENV{'OCS_OPT_PROLOG_FILTER_ON'};
my $current_context = shift;
return PROLOG_CONTINUE if $current_context->{IS_TRUSTED};
my @filters = ( );
for( @filters ){
if ( &$_( $current_context ) == PROLOG_STOP ){
return PROLOG_STOP;
}
}
return PROLOG_CONTINUE;
}
sub filter_inventory{
# ON/OFF
return INVENTORY_CONTINUE unless $ENV{'OCS_OPT_INVENTORY_FILTER_ON'};
my $current_context = shift;
return INVENTORY_CONTINUE if $current_context->{IS_TRUSTED};
my @filters = ( \&filter_flood_ip_killer );
for( @filters ){
if ( &$_( $current_context ) == INVENTORY_STOP ){
return INVENTORY_STOP;
}
}
return INVENTORY_CONTINUE;
}
sub filter_flood_ip_killer{
return INVENTORY_CONTINUE unless $ENV{'OCS_OPT_INVENTORY_FILTER_FLOOD_IP'};
my $current_context = shift;
my $dbh = $current_context->{DBI_HANDLE};
# In seconds
my $flushEverySeconds = $ENV{OCS_OPT_INVENTORY_FILTER_FLOOD_IP_CACHE_TIME};
# Clear cache
$dbh->do( 'DELETE FROM conntrack WHERE (UNIX_TIMESTAMP()-UNIX_TIMESTAMP(TIMESTAMP))>?', {}, $flushEverySeconds );
# If we cannot insert ipadress, we consider that it is in cache, then forbid transmission
if( !($current_context->{EXIST_FL}) && !( $dbh->do('INSERT INTO conntrack(IP,TIMESTAMP) VALUES(?,NULL)', {}, $current_context->{IPADDRESS})) ){
&_log(519,'filter_flood_ip_killer','new device forbidden') if $ENV{'OCS_OPT_LOGLEVEL'};
return INVENTORY_STOP;
}
else{
# Everything is ok
return INVENTORY_CONTINUE;
}
}
1;
|