3 files changed, 9 insertions, 8 deletions

diff --git a/apache.txr b/apache.txr
index 3a715f4..bf16662 100644
--- a/apache.txr
+++ b/apache.txr
@@ -6,9 +6,9 @@
 @  (and)
 @    (if (search-regex agent #/Googlebot|bingbot|baidu/))
 @      (bind points nil)
-@    (elif (search-regex (downcase-str agent)
-                         #/ezoom|bot|spider|crawler|scan|yandex|coccoc|github|python/))
-@      (bind points 9)
+@    (elif (or (equal err "500")
+               (search-str uri "honeypot")))
+@      (bind points 1)
 @    (elif (and (not (memqual err '("200" "206" "301" "302" "304")))
                 (not (or (mequal (short-suffix uri) "ico" "jpg" "png" "gif")))))
 )))
@@ -17,9 +17,10 @@
 @      (bind points 0)
 @    (end)
 @  (end)
+@  (require (nequal ip "::1"))
 @  (do
-     (let ((time (make-time year month day hour min sec :auto)))
-       (if points
-         (report ip time points)
+     (let ((time (make-time-utc year month day hour min sec :auto)))
+       (if (or points (contains "cgit" uri))
+         (report ip time (or points 0))
          (do-expiry time))))
 @(end)
diff --git a/exim.txr b/exim.txr
index 95bb703..0b74d3b 100644
--- a/exim.txr
+++ b/exim.txr
@@ -30,7 +30,7 @@ host lookup failed@(skip)
 @        (accept continue)
 @      (end)
 @      (do
-         (let ((time (make-time year month day hour min sec :auto)))
+         (let ((time (make-time-utc year month day hour min sec :auto)))
            (report ip time points)))
 @    (end)
 @  (end)
diff --git a/ssh.txr b/ssh.txr
index 632e858..7d300d7 100644
--- a/ssh.txr
+++ b/ssh.txr
@@ -9,7 +9,7 @@
 @(repeat)
 @  (all)
 @(m month) @(n day) @(n year) @(n hour):@(n min):@(n sec) @(skip)
-@    (bind time @(make-time year month day hour min sec :auto))
+@    (bind time @(make-time-utc year month day hour min sec :auto))
 @  (and)
 @    (cases)
 @nil @nil @nil @nil localhost sshd[@nil]: Failed password for @user from @ip port @(skip)