Add support for custom categories lists

- Extend malware hosts from list - Read web mining hosts from list and generate alerts
2026-05-02 08:50:12 +00:00 · 2018-05-10 17:07:02 +02:00 · 2018-05-10 17:07:02 +02:00 · 89d203883f
commit 89d203883f
parent 0a0d2d76ee
20 changed files with 2262 additions and 111 deletions
--- a/scripts/lua/modules/blacklist_utils.lua
+++ b/scripts/lua/modules/blacklist_utils.lua
@ -2,6 +2,10 @@
 -- (C) 2016-18 - ntop.org
 --

+-- NOTE: see lists_utils.lua
+
+local blacklist_utils = {}
+
 local blacklistURLs = {
   "https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt"
 }
@ -26,26 +30,40 @@ local function loadBlackListFromURL(url)
   end
 end

+local function shouldReload(force_purge)
+   return blacklist_utils.isBlacklistEnabled() or (force_purge)
+end
+
 -- ##################################################################

-function loadHostBlackList(force_purge)
+function blacklist_utils.isBlacklistEnabled()
+   local bl = ntop.getPref("ntopng.prefs.host_blacklist")
+   return (bl ~= "0")
+end
+
+-- ##################################################################
+
+function blacklist_utils.beginLoad(force_purge)
   local bl = ntop.getCache("ntopng.prefs.host_blacklist")
   local bl_enabled = ((bl == "1") or (bl == "enabled"))
-   local should_reload = ((bl_enabled) or (force_purge))

-   if should_reload then
+   if shouldReload(force_purge) then
      ntop.allocHostBlacklist()
   end

-   if bl_enabled then
+   if blacklist_utils.isBlacklistEnabled() then
      for _,url in pairs(blacklistURLs) do
 	 loadBlackListFromURL(url)
      end
   end
+end

-   if should_reload then
+-- ##################################################################
+
+function blacklist_utils.endLoad(force_purge)
+   if shouldReload(force_purge) then
      ntop.swapHostBlacklist()
   end
 end

-
+return blacklist_utils