Ban a user account if it has been shared to many people

You can share your Lua Scripts with everybody here.

Ban a user account if it has been shared to many people

Postby FTP » Sun Mar 14, 2010 4:07 pm

-- Description: automatically ban a user account for a while if multiple IPs are seen connecting under the same user.
-- By default, auto ban will be triggered If there are 6 IPs logged in within 5 minutes under the same user.
-- Author: Luke
-- Date: 2010-03-14

Code: Select all
do

local nTimePeriod = 300   --time period(seconds)
local nMaxDiffIP = 6      --how many IPs have connected under the same user in the specified time period
local nBlockTime = 300   --temporary banned time

require("luacom")
local dblua_data = {}

function DBOpen(connection_string)
  dblua_data.connection = luacom.CreateObject("ADODB.Connection")
  assert(dblua_data.connection)
  dblua_data.connection.ConnectionString = connection_string
  dblua_data.connection:Open()
end

function DBClose()
  dblua_data.connection:Close()
  dblua_data.connection = nil
  dblua_data.recordset = nil
end

function DBExec(statement)
  if dblua_data.recordset == nil then
    dblua_data.recordset = luacom.CreateObject("ADODB.RecordSet")
  elseif dblua_data.recordset.State ~= 0 then
    dblua_data.recordset:Close()
  end
  dblua_data.recordset:Open(statement, dblua_data.connection)
end

function DBRow()
  if dblua_data.recordset == nil then
    return nil
  elseif dblua_data.recordset.ActiveConnection == nil then
    return nil
  end
  if dblua_data.recordset.EOF == true then
    return nil
  end

  local row = {}
  local fields = dblua_data.recordset.Fields
  local i = 0

  while i < fields.Count do
    local field = fields:Item(i)
    row[i] = field.Value
    row[field.Name] = field.Value
    i = i + 1
  end

  dblua_data.recordset:MoveNext()
  return row
end


--create mdb database if no existing
local source = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=c:/wing_login_db.mdb"
if c_FileExist("c:/wing_login_db.mdb") == false then
  cat = luacom.CreateObject("ADOX.Catalog")
  cat:Create(source)
  DBOpen(source)
  DBExec("create table userlogin ( domainname varchar(64), username varchar(64), loginip varchar(64), logindate varchar(64), logintime int )")
else
  DBOpen(source)
end

--delete old expired records
DBExec("delete from userlogin where logintime < "..(os.time()-nTimePeriod).." ")

--insert record of login info
DBExec("insert into userlogin values ('%Domain', '%Name', '%IP', '"..os.date("%Y-%m-%d %H:%M:%S").."', "..os.time()..")")

--get logged IP count in the specified time period
DBExec("select * from userlogin where logintime >= "..(os.time()-nTimePeriod).." and domainname = '%Domain' and username = '%Name' ")
local IPcount = 0
local IPlist = ""
local tabRow = DBRow()
while tabRow ~= nil do
  if string.find(IPlist,tostring(tabRow.loginip)) == nil then
   IPcount = IPcount + 1
   IPlist = IPlist..","..tostring(tabRow.loginip)
  end
  tabRow = DBRow()
end

--if IP count more than max IP number, then kick it and block IP for a while
if IPcount >= nMaxDiffIP then
   c_KickSession("%Domain",tonumber("%ConnectID"))
   c_AddTempBlockIp("%Domain","%IP",nBlockTime)
end


DBClose()
collectgarbage()

end


You should add the above lua script to the "OnUserLoggedIn" event for FTP(HTTP,SSH).


Here we used a LuaCOM lib, you must download it then unzip it into the working directory of Wing FTP Server, the download URL: http://www.wftpserver.com/bbsres/libcom.zip
FTP
Site Admin
 
posts 1202
 
joined Tue Sep 29, 2009 6:09 am

Return to Lua scripts

Who is online

Users browsing this forum: No registered users and 1 guest