httpbl 0.1.3 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG +2 -0
- data/README +22 -2
- data/httpbl.gemspec +4 -5
- data/lib/httpbl.rb +28 -13
- metadata +6 -4
data/CHANGELOG
CHANGED
data/README
CHANGED
@@ -13,11 +13,12 @@ crawling, comment-spamming, dictionary attacks, and email-harvesting.
|
|
13
13
|
behavior after a customizable period of days.
|
14
14
|
* Identify common search engines by IP address (not User-Agent), and
|
15
15
|
disallow access to a specific subset.
|
16
|
+
* Optionally use memcached to avoid repeated look-ups per client-session
|
16
17
|
|
17
18
|
Installation
|
18
19
|
------------
|
19
20
|
|
20
|
-
gem install
|
21
|
+
gem install httpbl
|
21
22
|
|
22
23
|
Basic Usage
|
23
24
|
------------
|
@@ -52,11 +53,13 @@ To customize HttpBL's filtering behavior, use the available options:
|
|
52
53
|
:threat_level_threshold => 0,
|
53
54
|
:age_threshold => 5,
|
54
55
|
:blocked_search_engines => [0],
|
56
|
+
:memcached_server => "127.0.0.1:11211",
|
57
|
+
:memcached_options => {see: memcached-client documentation}
|
55
58
|
|
56
59
|
Available Options:
|
57
60
|
|
58
61
|
The following options (shown with default values) are available to
|
59
|
-
customize the
|
62
|
+
customize the behavior of the httpbl middleware filter:
|
60
63
|
|
61
64
|
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128]
|
62
65
|
|
@@ -136,6 +139,23 @@ customize the particular types of suspicious activity you wish to thwart:
|
|
136
139
|
10: Cuil
|
137
140
|
11: InfoSeek
|
138
141
|
|
142
|
+
:memcached_server => nil
|
143
|
+
:memcached_options => {}
|
144
|
+
|
145
|
+
When using httpbl in a production environment, it is *strongly* recommended
|
146
|
+
that you configure httpbl to use memcached to temporarily store the blacklist
|
147
|
+
status of client ip addresses. This greatly enhances the efficiency of the
|
148
|
+
filter because it need only look up each client ip address once per session,
|
149
|
+
instead of once per request. It also reduces the potential burden of a
|
150
|
+
popular web application that uses httpbl on project honeypot's api services.
|
151
|
+
|
152
|
+
Simply set :memcached_server and :memcached_options according to the
|
153
|
+
conventions of the memcache-client ruby library; for example:
|
154
|
+
:memcached_server => '127.0.0.1:11211', :memcached_options => {:namespace => 'my_app'}
|
155
|
+
|
156
|
+
memcache-client is included in rails by default, but if you're using rack
|
157
|
+
without rails, you will need to install and require the memcache-client gem.
|
158
|
+
|
139
159
|
:dns_timeout => 0.5
|
140
160
|
|
141
161
|
DNS requests to the Http:BL service should NEVER take this long, but if
|
data/httpbl.gemspec
CHANGED
@@ -2,26 +2,25 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.name = %q{httpbl}
|
5
|
-
s.version = "0.1.
|
5
|
+
s.version = "0.1.6"
|
6
6
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
8
8
|
s.authors = ["Brandon Palmen"]
|
9
|
-
s.date = %q{2009-
|
9
|
+
s.date = %q{2009-05-28}
|
10
10
|
s.description = %q{A Rack middleware IP filter that uses Http:BL to exclude suspicious robots.}
|
11
11
|
s.email = %q{}
|
12
12
|
s.extra_rdoc_files = ["README", "lib/httpbl.rb", "CHANGELOG", "LICENSE"]
|
13
13
|
s.files = ["README", "lib/httpbl.rb", "Rakefile", "httpbl.gemspec", "CHANGELOG", "LICENSE", "Manifest"]
|
14
|
-
s.has_rdoc = true
|
15
14
|
s.homepage = %q{http://github.com/bpalmen/httpbl}
|
16
15
|
s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Httpbl", "--main", "README"]
|
17
16
|
s.require_paths = ["lib"]
|
18
17
|
s.rubyforge_project = %q{httpbl}
|
19
|
-
s.rubygems_version = %q{1.3.
|
18
|
+
s.rubygems_version = %q{1.3.3}
|
20
19
|
s.summary = %q{A Rack middleware IP filter that uses Http:BL to exclude suspicious robots.}
|
21
20
|
|
22
21
|
if s.respond_to? :specification_version then
|
23
22
|
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
24
|
-
s.specification_version =
|
23
|
+
s.specification_version = 3
|
25
24
|
|
26
25
|
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
27
26
|
s.add_runtime_dependency(%q<rack>, [">= 0"])
|
data/lib/httpbl.rb
CHANGED
@@ -8,12 +8,16 @@ class HttpBL
|
|
8
8
|
@options = {:blocked_search_engines => [],
|
9
9
|
:age_threshold => 10,
|
10
10
|
:threat_level_threshold => 2,
|
11
|
-
# 8..128 aren't used as of 3/2009, but might be used in the future
|
12
|
-
:
|
13
|
-
|
14
|
-
|
11
|
+
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128], # 8..128 aren't used as of 3/2009, but might be used in the future
|
12
|
+
:dns_timeout => 0.5,
|
13
|
+
:memcached_server => nil,
|
14
|
+
:memcached_options => {}
|
15
15
|
}.merge(options)
|
16
16
|
raise "Missing :api_key for Http:BL middleware" unless @options[:api_key]
|
17
|
+
if @options[:memcached_server]
|
18
|
+
require 'memcache'
|
19
|
+
@cache = MemCache.new(@options[:memcached_server], @options[:memcached_options])
|
20
|
+
end
|
17
21
|
end
|
18
22
|
|
19
23
|
def call(env)
|
@@ -22,7 +26,7 @@ class HttpBL
|
|
22
26
|
|
23
27
|
def _call(env)
|
24
28
|
request = Rack::Request.new(env)
|
25
|
-
bl_status =
|
29
|
+
bl_status = check(request.ip)
|
26
30
|
if bl_status and blocked?(bl_status)
|
27
31
|
[403, {"Content-Type" => "text/html"}, "<h1>403 Forbidden</h1> Request IP is listed as suspicious by <a href='http://projecthoneypot.org/ip_#{request.ip}'>Project Honeypot</a>"]
|
28
32
|
else
|
@@ -31,10 +35,24 @@ class HttpBL
|
|
31
35
|
|
32
36
|
end
|
33
37
|
|
38
|
+
def check(ip)
|
39
|
+
@cache ? cache_check(ip) : resolve(ip)
|
40
|
+
end
|
41
|
+
|
42
|
+
def cache_check(ip)
|
43
|
+
cache = @cache.clone if @cache
|
44
|
+
unless response = cache.get("httpbl_#{ip}")
|
45
|
+
response = resolve(ip)
|
46
|
+
cache.set("httpbl_#{ip}", (response || "0.0.0.0"), 1.hour)
|
47
|
+
end
|
48
|
+
return response
|
49
|
+
end
|
50
|
+
|
34
51
|
def resolve(ip)
|
35
52
|
query = @options[:api_key] + '.' + ip.split('.').reverse.join('.') + '.dnsbl.httpbl.org'
|
36
53
|
Timeout::timeout(@options[:dns_timeout]) do
|
37
|
-
Resolv::DNS.new.getaddress(query).to_s rescue
|
54
|
+
Resolv::DNS.new.getaddress(query).to_s rescue false
|
55
|
+
puts "resolving"
|
38
56
|
end
|
39
57
|
rescue Timeout::Error, Errno::ECONNREFUSED
|
40
58
|
end
|
@@ -43,14 +61,11 @@ class HttpBL
|
|
43
61
|
response = response.split('.').collect!(&:to_i)
|
44
62
|
if response[0] == 127
|
45
63
|
if response[3] == 0
|
46
|
-
@blocked =
|
64
|
+
@blocked = @options[:blocked_search_engines].include?(response[2])
|
47
65
|
else
|
48
|
-
@
|
49
|
-
@
|
50
|
-
@options[:
|
51
|
-
@deny = true if response[3] & key == key
|
52
|
-
end
|
53
|
-
@blocked = true if @deny and @threat and @age
|
66
|
+
@blocked = @options[:deny_types].collect{|key| response[3] & key == key }.any?
|
67
|
+
@blocked = @blocked and response[2] > @options[:threat_level_threshold]
|
68
|
+
@blocked = @blocked and response[1] < @options[:age_threshold]
|
54
69
|
end
|
55
70
|
end
|
56
71
|
return @blocked
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: httpbl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brandon Palmen
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-
|
12
|
+
date: 2009-05-28 00:00:00 -04:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
@@ -43,6 +43,8 @@ files:
|
|
43
43
|
- Manifest
|
44
44
|
has_rdoc: true
|
45
45
|
homepage: http://github.com/bpalmen/httpbl
|
46
|
+
licenses: []
|
47
|
+
|
46
48
|
post_install_message:
|
47
49
|
rdoc_options:
|
48
50
|
- --line-numbers
|
@@ -68,9 +70,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
68
70
|
requirements: []
|
69
71
|
|
70
72
|
rubyforge_project: httpbl
|
71
|
-
rubygems_version: 1.3.
|
73
|
+
rubygems_version: 1.3.3
|
72
74
|
signing_key:
|
73
|
-
specification_version:
|
75
|
+
specification_version: 3
|
74
76
|
summary: A Rack middleware IP filter that uses Http:BL to exclude suspicious robots.
|
75
77
|
test_files: []
|
76
78
|
|