fix issue:
https://github.com/shadowsocks/shadowsocks/issues/995 Command Execution use list instead of string, prevent injection attack.
This commit is contained in:
Shell.Xu
parent
2ab8c6bf5d
commit
a7a60e3452
1 changed files with 4 additions and 4 deletions
|
|
@ -24,9 +24,9 @@
|
||||||
from __future__ import absolute_import, division, print_function, \
|
from __future__ import absolute_import, division, print_function, \
|
||||||
with_statement
|
with_statement
|
||||||
|
|
||||||
import os
|
|
||||||
import sys
|
import sys
|
||||||
import argparse
|
import argparse
|
||||||
|
import subprocess
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='See README')
|
parser = argparse.ArgumentParser(description='See README')
|
||||||
|
|
@ -47,7 +47,7 @@ if __name__ == '__main__':
|
||||||
ips[ip] += 1
|
ips[ip] += 1
|
||||||
if ip not in banned and ips[ip] >= config.count:
|
if ip not in banned and ips[ip] >= config.count:
|
||||||
banned.add(ip)
|
banned.add(ip)
|
||||||
cmd = 'iptables -A INPUT -s %s -j DROP' % ip
|
cmd = ['iptables', '-A', 'INPUT', '-s', ip, '-j', 'DROP']
|
||||||
print(cmd, file=sys.stderr)
|
print(' '.join(cmd), file=sys.stderr)
|
||||||
sys.stderr.flush()
|
sys.stderr.flush()
|
||||||
os.system(cmd)
|
subprocess.call(cmd)
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue