RubyGems - honeypot - Versions diffs - 0.0.1 → 0.0.2 - Mend

honeypot 0.0.1 → 0.0.2

Files changed (13) hide show

data/README.rdoc +31 -48
data/Rakefile +4 -2
data/VERSION +1 -1
data/honeypot.gemspec +20 -12
data/lib/honeypot.rb +48 -4
data/lib/honeypot/ipaddr_ext.rb +18 -0
data/lib/honeypot/rack.rb +17 -0
data/lib/honeypot/railtie.rb +10 -0
data/lib/{remote_host.rb → honeypot/remote_host.rb} +0 -9
data/lib/{remote_request.rb → honeypot/remote_request.rb} +0 -2
data/test/test_honeypot.rb +5 -2
metadata +63 -18
data/lib/remote_request_logger.rb +0 -36

data/README.rdoc CHANGED Viewed

@@ -2,46 +2,59 @@
 Catch bad guys when they stick their hands in the honey.
-== models
+== rails 3 only
-copy gemdir/models/*.rb to your models dir
+uses rack
-== requestables interface
+== honeypot models
-requestables (like User, Vote, etc.) should define #actor
+honeypots (aka requestables like User, Vote, etc.) should define #actor
   class User < ActiveRecord::Base
-    include RemoteRequestLogger
+    has_many :votes
+    include Honeypot
     def actor; self; end
   end
   class Vote < ActiveRecord::Base
     belongs_to :user
-    include RemoteRequestLogger
+    include Honeypot
     def actor; user; end
   end
 == usage in controllers
-put this in your application controller so it has a maximum chance of grabbing the ip
+when somebody touches a honeypot, make sure to log it:
-  class ApplicationController < ActionController::Base
-    # this is safe enough for engineyard cloud, where internal ip addresses always start with 10.
-    def ensure_remote_ip
-      session[:remote_ip] = request.remote_ip unless request.remote_ip.starts_with?('10.')
+  class UsersController < ApplicationController
+    def create
+      # [...]
+      @user.log_remote_request(session, request)
+      # [...]
+    end
+  end
+  class VotesController < ApplicationController
+    def create
+      # [...]
+      @vote.log_remote_request(session, request)
+      # [...]
     end
-    prepend_before_filter :ensure_remote_ip
   end
-then you invoke log_remote_request with both session and request
+and be creative...
-  class SessionsController < ApplicationController
+  class SessionController < ApplicationController
+    # notice when a User logs in
     def create
-      # @user = [...]
-      @user.log_remote_request session, request
+      # [...]
+      current_user.log_remote_request(session, request)
+      # [...]
     end
   end
+you pass both the session and the request so that you have the maximum chance of getting a real remote ip
 == migration
   create_table "remote_hosts" do |t|
@@ -69,39 +82,9 @@ then you invoke log_remote_request with both session and request
   add_index "remote_requests", ["remote_host_id"], :name => "index_remote_requests_on_remote_host_id"
   add_index "remote_requests", ["requestable_type", "requestable_id"], :name => "index_remote_requests_on_requestable"
-== helper for active-scaffold
-  def remote_requests_column(record)
-    str = '<ul>'
-    str << record.remote_requests.map { |x| content_tag :li, x.to_label }.join
-    str << '</ul>'
-    str
-  end
+== Acknowledgements
-== remote hosts controller with active-scaffold
-  class RemoteHostsController < ApplicationController
-    allow_access :admin
-    layout 'admin'
-    helper :remote_hosts
-    active_scaffold :remote_host do |config|
-      config.list.per_page = 100
-      config.actions.exclude :search, :create, :update, :delete
-      config.columns.add :remote_requests_count
-      config.columns[:remote_requests_count].sort_by :sql => "(SELECT COUNT(remote_requests.id) FROM remote_requests WHERE remote_requests.remote_host_id = remote_hosts.id)"
-      config.columns.add :last_remote_request_at
-      config.columns[:last_remote_request_at].sort_by :sql => "(SELECT MAX(remote_requests.updated_at) FROM remote_requests WHERE remote_requests.remote_host_id = remote_hosts.id)"
-      config.list.columns = %w{
-        hostname
-        ip_address
-        country_code
-        state_name
-        city
-        remote_requests_count
-        last_remote_request_at
-      }
-    end
-  end
+in production use at http://brighterplanet.com
 == Copyright

data/Rakefile CHANGED Viewed

@@ -10,8 +10,10 @@ begin
     gem.email = "seamus@abshere.net"
     gem.homepage = "http://github.com/seamusabshere/honeypot"
     gem.authors = ["Seamus Abshere"]
-    gem.add_dependency 'fast_timestamp', '0.0.4'
-    gem.add_dependency 'geokit', '1.5.0'
+    gem.add_dependency 'fast_timestamp', '>=0.0.4'
+    gem.add_dependency 'geokit', '>=1.5.0'
+    gem.add_dependency 'activesupport', '>=3.0.0beta2'
+    gem.add_dependency 'activerecord', '>=3.0.0beta2'
     # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
   end
   Jeweler::GemcutterTasks.new

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.0.1
1	+ 0.0.2

data/honeypot.gemspec CHANGED Viewed

@@ -5,11 +5,11 @@
 Gem::Specification.new do |s|
   s.name = %q{honeypot}
-  s.version = "0.0.1"
+  s.version = "0.0.2"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Seamus Abshere"]
-  s.date = %q{2010-02-02}
+  s.date = %q{2010-05-10}
   s.description = %q{Catch bad guys when they stick their hands in the honey.}
   s.email = %q{seamus@abshere.net}
   s.extra_rdoc_files = [
@@ -25,16 +25,18 @@ Gem::Specification.new do |s|
      "VERSION",
      "honeypot.gemspec",
      "lib/honeypot.rb",
-     "lib/remote_host.rb",
-     "lib/remote_request.rb",
-     "lib/remote_request_logger.rb",
+     "lib/honeypot/ipaddr_ext.rb",
+     "lib/honeypot/rack.rb",
+     "lib/honeypot/railtie.rb",
+     "lib/honeypot/remote_host.rb",
+     "lib/honeypot/remote_request.rb",
      "test/helper.rb",
      "test/test_honeypot.rb"
   ]
   s.homepage = %q{http://github.com/seamusabshere/honeypot}
   s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.5}
+  s.rubygems_version = %q{1.3.6}
   s.summary = %q{Track remote requests to catch fraud.}
   s.test_files = [
     "test/helper.rb",
@@ -46,15 +48,21 @@ Gem::Specification.new do |s|
     s.specification_version = 3
     if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<fast_timestamp>, ["= 0.0.4"])
-      s.add_runtime_dependency(%q<geokit>, ["= 1.5.0"])
+      s.add_runtime_dependency(%q<fast_timestamp>, [">= 0.0.4"])
+      s.add_runtime_dependency(%q<geokit>, [">= 1.5.0"])
+      s.add_runtime_dependency(%q<activesupport>, [">= 3.0.0beta2"])
+      s.add_runtime_dependency(%q<activerecord>, [">= 3.0.0beta2"])
     else
-      s.add_dependency(%q<fast_timestamp>, ["= 0.0.4"])
-      s.add_dependency(%q<geokit>, ["= 1.5.0"])
+      s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
+      s.add_dependency(%q<geokit>, [">= 1.5.0"])
+      s.add_dependency(%q<activesupport>, [">= 3.0.0beta2"])
+      s.add_dependency(%q<activerecord>, [">= 3.0.0beta2"])
     end
   else
-    s.add_dependency(%q<fast_timestamp>, ["= 0.0.4"])
-    s.add_dependency(%q<geokit>, ["= 1.5.0"])
+    s.add_dependency(%q<fast_timestamp>, [">= 0.0.4"])
+    s.add_dependency(%q<geokit>, [">= 1.5.0"])
+    s.add_dependency(%q<activesupport>, [">= 3.0.0beta2"])
+    s.add_dependency(%q<activerecord>, [">= 3.0.0beta2"])
   end
 end

data/lib/honeypot.rb CHANGED Viewed

@@ -1,4 +1,48 @@
-# auto-loaded by rails
-# require 'remote_host'
-# require 'remote_request'
-# require 'remote_request_logger'
+require 'ipaddr'
+require 'set'
+require 'active_support'
+require 'active_record'
+require 'honeypot/ipaddr_ext'
+require 'honeypot/remote_request'
+require 'honeypot/remote_host'
+require 'honeypot/rack'
+require 'honeypot/railtie' if defined?(Rails::Railtie)
+module Honeypot
+  def self.included(base)
+    base.class_eval do
+      has_many :remote_requests, :as => :requestable, :dependent => :destroy
+      has_many :remote_hosts, :through => :remote_requests, :uniq => true
+    end
+  end
+  def log_remote_request(session, request)
+    effective_ip_address = session['honeypot.last_known_remote_ip'].present? ? session['honeypot.last_known_remote_ip'] : request.remote_ip
+    remote_host = RemoteHost.find_or_create_by_ip_address effective_ip_address
+    remote_request = remote_requests.find_or_create_by_remote_host_id remote_host.id
+    remote_request.last_http_referer = request.referer if request.referer.present?
+    remote_request.last_request_uri = request.request_uri if request.request_uri.present?
+    remote_request.increment :hits
+    remote_request.save!
+    true
+  end
+  def related_requestables(seen_remote_host_ids = [])
+    set = Set.new
+    conditions = seen_remote_host_ids.present? ? [ "remote_hosts.id NOT IN (?)", seen_remote_host_ids ] : nil
+    remote_hosts.where(conditions).find_in_batches do |batch|
+      batch.each do |remote_host|
+        seen_remote_host_ids << remote_host.id
+        remote_host.remote_requests.all(:include => :requestable).each do |remote_request|
+          set << remote_request.requestable
+        end
+      end
+    end
+    if respond_to?(:actor) and actor != self
+      set += actor.related_requestables(seen_remote_host_ids)
+    end
+    set.delete self
+    set
+  end
+end

data/lib/honeypot/ipaddr_ext.rb ADDED Viewed

@@ -0,0 +1,18 @@
+# http://codesnippets.joyent.com/posts/show/7546
+class IPAddr
+  PRIVATE_RANGES = [
+    IPAddr.new('127.0.0.1/32'),
+    IPAddr.new('10.0.0.0/8'),
+    IPAddr.new('172.16.0.0/12'),
+    IPAddr.new('192.168.0.0/16')
+  ]
+  def private?
+    return false unless self.ipv4?
+    PRIVATE_RANGES.any? { |ipr| ipr.include? self }
+  end
+  def public?
+    !private?
+  end
+end

data/lib/honeypot/rack.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# inspired by hoptoad_notifier
+# http://charlesmaxwood.com/sessions-in-rack-and-rails-metal/
+module Honeypot
+  # Middleware for Rack applications. Remote hosts will be tied together with remote requests.
+  class Rack
+    def initialize(app)
+      @app = app
+    end
+    def call(env)
+      session = env['rack.session']
+      remote_ip = IPAddr.new env['action_dispatch.remote_ip'].to_s
+      session['honeypot.last_known_remote_ip'] = remote_ip.to_s if remote_ip.public?
+      @app.call env
+    end
+  end
+end

data/lib/honeypot/railtie.rb ADDED Viewed

@@ -0,0 +1,10 @@
+require 'honeypot'
+require 'rails'
+module Honeypot
+  class Railtie < Rails::Railtie
+    initializer "honeypot.configure_rails_initialization" do |app|
+      app.middleware.use Honeypot::Rack
+    end
+  end
+end

data/lib/{remote_host.rb → honeypot/remote_host.rb} RENAMED Viewed

@@ -1,15 +1,6 @@
 class RemoteHost < ActiveRecord::Base
   has_many :remote_requests, :dependent => :destroy
-  # start active-scaffold interface
-  def remote_requests_count
-    remote_requests.count
-  end
-  def last_remote_request_at
-    remote_requests.calculate :max, :updated_at
-  end
-  # end active-scaffold interface
   include FastTimestamp
   def lookup_hostname

data/lib/{remote_request.rb → honeypot/remote_request.rb} RENAMED Viewed

@@ -1,6 +1,4 @@
 class RemoteRequest < ActiveRecord::Base
   belongs_to :requestable, :polymorphic => :true
   belongs_to :remote_host
-  delegate :to_label, :to => :requestable
 end

data/test/test_honeypot.rb CHANGED Viewed

@@ -1,7 +1,10 @@
 require 'helper'
 class TestHoneypot < Test::Unit::TestCase
-  def test_something_for_real
-    flunk "hey buddy, you should probably rename this file and start testing for real"
+  def test_ip_is_recognized_as_public_or_private
+    assert IPAddr.new('192.168.1.1').private?
+    assert IPAddr.new('10.0.0.2').private?
+    assert IPAddr.new('172.16.0.2').private?
+    assert IPAddr.new('88.122.122.122').public?
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,12 @@
 --- !ruby/object:Gem::Specification
 name: honeypot
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  prerelease: false
+  segments:
+  - 0
+  - 0
+  - 2
+  version: 0.0.2
 platform: ruby
 authors:
 - Seamus Abshere
@@ -9,29 +14,65 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-02-02 00:00:00 -05:00
+date: 2010-05-10 00:00:00 -04:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fast_timestamp
-  type: :runtime
-  version_requirement:
-  version_requirements: !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement
     requirements:
-    - - "="
+    - - ">="
       - !ruby/object:Gem::Version
+        segments:
+        - 0
+        - 0
+        - 4
         version: 0.0.4
-    version:
+  type: :runtime
+  version_requirements: *id001
 - !ruby/object:Gem::Dependency
   name: geokit
-  type: :runtime
-  version_requirement:
-  version_requirements: !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement
     requirements:
-    - - "="
+    - - ">="
       - !ruby/object:Gem::Version
+        segments:
+        - 1
+        - 5
+        - 0
         version: 1.5.0
-    version:
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        segments:
+        - 3
+        - 0
+        - 0beta2
+        version: 3.0.0beta2
+  type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        segments:
+        - 3
+        - 0
+        - 0beta2
+        version: 3.0.0beta2
+  type: :runtime
+  version_requirements: *id004
 description: Catch bad guys when they stick their hands in the honey.
 email: seamus@abshere.net
 executables: []
@@ -50,9 +91,11 @@ files:
 - VERSION
 - honeypot.gemspec
 - lib/honeypot.rb
-- lib/remote_host.rb
-- lib/remote_request.rb
-- lib/remote_request_logger.rb
+- lib/honeypot/ipaddr_ext.rb
+- lib/honeypot/rack.rb
+- lib/honeypot/railtie.rb
+- lib/honeypot/remote_host.rb
+- lib/honeypot/remote_request.rb
 - test/helper.rb
 - test/test_honeypot.rb
 has_rdoc: true
@@ -68,18 +111,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      segments:
+      - 0
       version: "0"
-  version:
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      segments:
+      - 0
       version: "0"
-  version:
 requirements: []
 rubyforge_project:
-rubygems_version: 1.3.5
+rubygems_version: 1.3.6
 signing_key:
 specification_version: 3
 summary: Track remote requests to catch fraud.

data/lib/remote_request_logger.rb DELETED Viewed

@@ -1,36 +0,0 @@
-module RemoteRequestLogger
-  def self.included(base)
-    base.class_eval do
-      has_many :remote_requests, :as => :requestable, :dependent => :destroy
-      has_many :remote_hosts, :through => :remote_requests, :uniq => true
-    end
-  end
-  def log_remote_request(session, request)
-    effective_ip_address = session[:remote_ip].present? ? session[:remote_ip] : request.remote_ip
-    x = remote_requests.find_or_create_by_remote_host_id RemoteHost.find_or_create_by_ip_address(effective_ip_address).id
-    x.last_http_referer = request.referer if request.referer.present?
-    x.last_request_uri = request.request_uri if request.request_uri.present?
-    x.increment :hits
-    x.save!
-    true
-  end
-  def related_requestables(seen_remote_host_ids = [])
-    set = Set.new
-    conditions = seen_remote_host_ids.present? ? [ "remote_hosts.id NOT IN (?)", seen_remote_host_ids ] : nil
-    remote_hosts.scoped(:conditions => conditions).find_in_batches do |batch|
-      batch.each do |remote_host|
-        seen_remote_host_ids << remote_host.id
-        remote_host.remote_requests.all(:include => :requestable).each do |remote_request|
-          set << remote_request.requestable
-        end
-      end
-    end
-    if respond_to?(:actor) and actor != self
-      set += actor.related_requestables(seen_remote_host_ids)
-    end
-    set.delete self
-    set
-  end
-end