From 0ae817bf49e1a66f774ee810db554e9679589b2c Mon Sep 17 00:00:00 2001
From: pi4 <luosam@yandex.com>
Date: Fri, 26 Aug 2022 11:17:40 +1000
Subject: [PATCH] add report_addr_ok for ip passed auth

---
 src/server.c | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)

diff --git a/src/server.c b/src/server.c
index 73b65996..9b5b71ca 100644
--- a/src/server.c
+++ b/src/server.c
@@ -506,6 +506,79 @@ report_addr(int fd, const char *info)
 #endif
 }
 
+//////////////////////
+// local change
+//
+// buffer size 8k * 8 = 64k
+uint32_t lookup[8000];
+int lookup_size = sizeof(lookup) / sizeof(lookup[0]);
+struct sockaddr_in a[1];
+
+int search_ip(char * addr){
+   int r = inet_pton(AF_INET, addr, &(a[0].sin_addr));
+   int size = sizeof (lookup) / sizeof (uint32_t);
+   if (r == 1){
+       for (int i=0; i < size; i++){
+        if (lookup[i] == a[0].sin_addr.s_addr){
+            return i;
+        }
+       }
+   }
+   return -1;
+}
+
+int append_ip(char * addr){
+    int r = inet_pton(AF_INET, addr, &(a[0].sin_addr));
+    if (r == 1){
+
+        for (int i = 0; i < lookup_size; i++ ){
+            // already in lookup
+            if (lookup[i] == a[0].sin_addr.s_addr ){
+                return i;
+            // empty slot
+            }else if (lookup[i] == 0){
+                lookup[i] = a[0].sin_addr.s_addr;
+                return i;
+            }
+        } //for
+
+        // lookup buffer full, remove old item from head
+        for (int i=0;i < lookup_size -1;i ++){
+            lookup[i] = lookup[i+1];
+        }
+
+        // append at last
+        lookup[lookup_size-1] = a[0].sin_addr.s_addr;
+        return lookup_size -1;
+
+    }
+    return 0;
+}
+
+static void
+report_addr_ok(int fd, const char *info)
+{
+    char *peer_name;
+    peer_name = get_peer_name(fd);
+    if (peer_name != NULL) {
+        // ip not seen
+        if (search_ip(peer_name) < 0){
+            int pos = append_ip(peer_name);
+            LOGI("passed handshake with %s: %d %s", peer_name, pos, info);
+        }
+    }
+
+#ifdef USE_NFTABLES
+    struct sockaddr_in6 addr;
+    socklen_t len = sizeof(struct sockaddr_in6);
+    if (!getpeername(fd, (struct sockaddr *)&addr, &len))
+        nftbl_report_addr((struct sockaddr *)&addr);
+#endif
+}
+
+
+// end
+/////////////////////
 int
 setfastopen(int fd)
 {
@@ -988,6 +1061,9 @@ server_recv_cb(EV_P_ ev_io *w, int revents)
         return;
     }
 
+    // report ip
+    report_addr_ok(server->fd, "authentication ok");
+
     // handshake and transmit data
     if (server->stage == STAGE_STREAM) {
         int s = send(remote->fd, remote->buf->data, remote->buf->len, 0);