diff --git a/mdig/mdig.c b/mdig/mdig.c index 6145e17..fe22974 100644 --- a/mdig/mdig.c +++ b/mdig/mdig.c @@ -80,15 +80,15 @@ static bool dom_valid(char *dom) { if (!dom || *dom=='.') return false; for (; *dom; dom++) - if (*dom < 0x20 || (*dom & 0x80) || !(*dom == '.' || *dom == '-' || *dom == '_' || (*dom >= '0' && *dom <= '9') || (*dom >= 'a' && *dom <= 'z') || (*dom >= 'A' && *dom <= 'Z'))) - return false; + if (!(*dom == '.' || *dom == '-' || *dom == '_' || (*dom >= '0' && *dom <= '9') || (*dom >= 'a' && *dom <= 'z') || (*dom >= 'A' && *dom <= 'Z'))) + return false; return true; } static void invalid_domain_beautify(char *dom) { for (int i = 0; *dom && i < 64; i++, dom++) - if (*dom < 0x20 || *dom<0) *dom = '?'; + if (*dom < 0x20 || (*dom & 0x80)) *dom = '?'; if (*dom) *dom = 0; } @@ -436,7 +436,7 @@ int dns_parse_query() _setmode(_fileno(stdin), _O_BINARY); #endif l = fread(a,1,sizeof(a),stdin); - if (!l || !feof(stdin)) + if (!l || ferror(stdin)) { fprintf(stderr, "could not read DNS reply blob from stdin\n"); return 10; diff --git a/nfq2/desync.c b/nfq2/desync.c index 738b119..cdcb9aa 100644 --- a/nfq2/desync.c +++ b/nfq2/desync.c @@ -1154,7 +1154,7 @@ static uint8_t dpi_desync_tcp_packet_play( return verdict; } - HostFailPoolPurgeRateLimited(&dp->hostlist_auto_fail_counters); + HostFailPoolPurgeRateLimited(&dp->hostlist_auto_fail_counters, &dp->hostlist_auto_last_purge); //ConntrackPoolDump(¶ms.conntrack); @@ -1690,7 +1690,7 @@ static uint8_t dpi_desync_udp_packet_play( return verdict; } - HostFailPoolPurgeRateLimited(&dp->hostlist_auto_fail_counters); + HostFailPoolPurgeRateLimited(&dp->hostlist_auto_fail_counters, &dp->hostlist_auto_last_purge); //ConntrackPoolDump(¶ms.conntrack); if (bReverseFixed) diff --git a/nfq2/helpers.c b/nfq2/helpers.c index e307919..a249874 100644 --- a/nfq2/helpers.c +++ b/nfq2/helpers.c @@ -606,7 +606,7 @@ void fill_random_bytes(uint8_t *p,size_t sz) void fill_random_az(uint8_t *p,size_t sz) { size_t k; - for(k=0;kto || from>47 || to>47) luaL_error(L, "bit range invalid"); - what = (what >> from) & ~((lua_Integer)-1 << (to-from+1)); + what = (what >> from) & ~((uint64_t)-1 << (to-from+1)); lua_pushlint(L,what); return 1; diff --git a/nfq2/params.h b/nfq2/params.h index d536656..195cb12 100644 --- a/nfq2/params.h +++ b/nfq2/params.h @@ -85,6 +85,7 @@ struct desync_profile bool hostlist_auto_retrans_reset; hostfail_pool *hostlist_auto_fail_counters; + time_t hostlist_auto_last_purge; struct func_list_head lua_desync; }; diff --git a/nfq2/pools.c b/nfq2/pools.c index f7fe2a7..d206cbf 100644 --- a/nfq2/pools.c +++ b/nfq2/pools.c @@ -112,15 +112,14 @@ void HostFailPoolPurge(hostfail_pool **pp) HostFailPoolDel(pp, elem); } } -static time_t host_fail_purge_prev=0; -void HostFailPoolPurgeRateLimited(hostfail_pool **pp) +void HostFailPoolPurgeRateLimited(hostfail_pool **pp, time_t *purge_prev) { time_t now = time(NULL); // do not purge too often to save resources - if (host_fail_purge_prev != now) + if (*purge_prev != now) { HostFailPoolPurge(pp); - host_fail_purge_prev = now; + *purge_prev = now; } } void HostFailPoolDump(hostfail_pool *p) diff --git a/nfq2/pools.h b/nfq2/pools.h index 4adedce..e3ecdd3 100644 --- a/nfq2/pools.h +++ b/nfq2/pools.h @@ -75,9 +75,9 @@ void funclist_destroy(struct func_list_head *head); typedef struct hostfail_pool { - char *str; /* key */ - int counter; /* value */ - time_t expire; /* when to expire record (unixtime) */ + char *str; + int counter; + time_t expire; // when to expire record (unixtime) UT_hash_handle hh; /* makes this structure hashable */ } hostfail_pool; @@ -86,7 +86,7 @@ hostfail_pool *HostFailPoolAdd(hostfail_pool **pp,const char *s,int fail_time); hostfail_pool *HostFailPoolFind(hostfail_pool *p,const char *s); void HostFailPoolDel(hostfail_pool **pp, hostfail_pool *elem); void HostFailPoolPurge(hostfail_pool **pp); -void HostFailPoolPurgeRateLimited(hostfail_pool **pp); +void HostFailPoolPurgeRateLimited(hostfail_pool **pp, time_t *purge_prev); void HostFailPoolDump(hostfail_pool *p);