增加解除IP封禁的选项

linux_kernel/client_msg.c

@@ -1,12 +1,18 @@
 #include "client_msg.h"
 
 void dispath_client_msg(struct client_msg_t* msg) {
+    uint32_t target_ip_address;
+    size_t block_time;
     switch (msg->type) {
         case SD_MSG_TYPE_CLIENT_BLOCK_IP:
-            const size_t target_ip_address = msg->u.ip_address.src_ip;
-            const size_t block_time = msg->u.ip_address.block_time;
+            target_ip_address = msg->u.ip_address.src_ip;
+            block_time = msg->u.ip_address.block_time;
             block_ip_address(target_ip_address, block_time);
             break;
+        case SD_MSG_TYPE_CLIENT_UNBLOCK_IP:
+            target_ip_address = msg->u.ip_address.src_ip;
+            unblock_ip_address(target_ip_address);
+            break;
         default:
             printk(KERN_INFO "Unknown msg type: %d\n", msg->type);
             break;

linux_kernel/msg.h

@@ -7,6 +7,7 @@ typedef enum _msg_type {
     SD_MSG_TYPE_SYN_ATTACK = 1,
     SD_MSG_TYPE_CLIENT_BLOCK_IP = 2,
     SD_MSG_TYPE_SSH_BF_ATTACK = 3,
+    SD_MSG_TYPE_CLIENT_UNBLOCK_IP = 4,
 };
 
 typedef struct kernel_msg_t {

linux_kernel/network.c

@@ -24,6 +24,13 @@ bool check_is_blacklist_ip(u32 ip_address) {
     }
     return data->info.ip_meta_info.is_attack;
 }
+void unblock_ip_address(u32 ip_address) {
+    struct ip_hashmap_node_t *data = get_ipdata_by_hashmap(ip_address);
+    if (data == NULL) {
+        return;
+    }
+    data->info.ip_meta_info.is_attack = false;
+}
 bool check_syn_attack(struct iphdr *ip_header, struct sk_buff *skb) {
     bool is_block = false;
     do {

linux_kernel/network.h

@@ -13,3 +13,4 @@ extern unsigned int network_callback(const struct nf_hook_ops *ops,
                                      int (*okfn)(struct sk_buff *));
 extern void block_ip_address(u32 ip_address, size_t time_sec);
 extern bool check_is_blacklist_ip(u32 ip_address);
+extern void unblock_ip_address(u32 ip_address);