'block' => \&CallBlock,
'unblock' => \&CallUnblock,
'flush' => \&CallFlush,
+ 'reload' => \&main::Reload,
);
# Hash to store addresses and their current count.
my %blockhash = ();
# Hash to store user-defined IP addresses and/or subnets which should be
-# ignored in case any events should be repored for them.
+# ignored in case any events should be repored for them.
my %ignorehash = ();
+# Array to store localhost related IP addresses.
+# They are always white-listed to prevent guardian from blocking
+# any local traffic.
+my @localhost_addresses = ("127.0.0.1", "::1");
+
# This object will contain the reference to the logger object after calling Init.
my $logger;
if (exists($self->{IgnoreFile})) {
# Call function to handle the ignore mechanism.
&GenerateIgnoreList($self->{IgnoreFile});
+ } else {
+ # Whitelist local addresses.
+ %ignorehash = &_whitelist_localhost();
}
# Return the class object.
return;
}
+ # Reset current ignore hash and add
+ # localhost related IP addresses.
+ %ignorehash = &_whitelist_localhost();
+
# Open the given IgnoreFile.
open (IGNORE, $file);
# Close filehandle for the IgnoreFile.
close (IGNORE);
+
+ # Get amount of current elements in hash.
+ my $amount = scalar(keys(%ignorehash));
+
+ # Write out log message.
+ $logger->Log("debug", "Ignore list currently contains $amount entries.");
}
#
return;
}
+#
+## The _whitelist_localhost function.
+#
+## This tiny private function simple generates and returns a hash which contains
+## the clear and binary converted addresses for all array-stored
+## (@localhost_addresses) in an ignorelist compatible format.
+#
+sub _whitelist_localhost () {
+ my %temphash;
+
+ # Loop through the array of localhost related addresses.
+ foreach my $address (@localhost_addresses) {
+ # Validate and convert the addresss into binary format.
+ my @values = &Guardian::Base::IPOrNet2Int($address);
+
+ # Check if any values are returned.
+ if (@values) {
+ # Store the converted binary values in the temporary hash.
+ $temphash{$address} = [@values];
+ }
+ }
+
+ # Return the temporary hash.
+ return %temphash;
+}
+
1;