RubyGems - paraxial - Versions diffs - 0.8.0 → 0.9.1 - Mend

paraxial 0.8.0 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/lib/paraxial/checker.rb +87 -15
data/lib/paraxial/free_tier.rb +34 -0
data/lib/paraxial/helpers.rb +20 -0
data/lib/paraxial/initializers/marshal_patch.rb +1 -1
data/lib/paraxial/initializers/startup.rb +2 -0
data/lib/paraxial/version.rb +1 -1
data/lib/paraxial.rb +84 -0
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a8acee8353bb32e2bebce880b05661b968904d02f9e0748b6041325d8f24491b
-  data.tar.gz: 4ef0694246bc93ae69c1f88a439be89e5fdbd29bcd0ee53406de63d19a791257
+  metadata.gz: be68560342effbc4099f126d85e25acf0400e0b27dc636f4173192a9a634d3da
+  data.tar.gz: 489450bae67581a1738754843a8ce3b6128ad098aa88228d1823bf41ce0ebada
 SHA512:
-  metadata.gz: 8127e330796dcea327b3b8b029831c4b851e548df33bf114a4a7b07039e34ed1f48687525747ce11ce08298771a28f95edc0d420bae07d776f08e5b812fdd566
-  data.tar.gz: 40a7c37df1123e0f8dfc87d31e950f8fc35fbea1729f436405ae18c8af9d1f77d76217450e0e21cb44fd3a713afb6bf49d16bcfda8f5ad5ab00c87c42e492712
+  metadata.gz: edd5307bcc69fcff116b2873d5571b035808f76bf508447403da5a1064d7faea2d230ceb12f0e6318469815b18d23254a6b4adf914b6c0bca009ac807f35d8fd
+  data.tar.gz: f473320f53f772245dad48f68edeb47271ebe22e921b73b6cfe74506b6e5ccc8925ebf6621f2a4a46f0b6f9c2282c9580f498572f85dc6214fe21359d59dcc52

data/lib/paraxial/checker.rb CHANGED Viewed

@@ -3,24 +3,61 @@ module Paraxial
   module Checker
     @allows = { 'v4' => Patricia.new, 'v6' => Patricia.new(:AF_INET6) }
     @bans = { 'v4' => Patricia.new, 'v6' => Patricia.new(:AF_INET6) }
+    @buffer = Queue.new
+    @mutex = Mutex.new
+    @headers = { 'Content-Type': 'application/json' }
     if Paraxial::Helpers.get_api_key
       @thread = Thread.new do
         loop do
           get_abr
           sleep(10)
+          flush_buffer
+        end
+      end
+    end
+    def self.req_to_buff(req_hash)
+      @buffer << req_hash
+    end
+    def self.flush_buffer
+      @mutex.synchronize do
+        requests = []
+        until @buffer.empty?
+          requests << @buffer.pop(true) rescue nil
+        end
+        send_async_request(requests) unless requests.empty?
+      end
+    end
+    def self.send_async_request(requests)
+      body =
+        {
+          http_requests: requests,
+          private_api_key: Paraxial::Helpers.get_api_key
+        }
+      # Do not send HTTP events when free tier is set to true
+      ft = Paraxial::FreeTier.is_free_tier
+      if ft
+        puts "[Paraxial] HTTP ingest not supported on free tier"
+      else
+        Thread.new do
+          uri = URI.parse(Paraxial::Helpers.get_ingest_url)
+          Net::HTTP.post(uri, body.to_json, @headers)
         end
       end
     end
     def self.get_abr
-      uri = URI.parse(Paraxial::Helpers.get_paraxial_url + '/api/abr')
-      headers = { 'Content-Type': 'application/json' }
+      uri = URI.parse(Paraxial::Helpers.get_abr_url)
       body = { api_key: Paraxial::Helpers.get_api_key }
       begin
-        r = Net::HTTP.post(uri, body.to_json, headers)
+        r = Net::HTTP.post(uri, body.to_json, @headers)
         if r.code == '200'
           put_abr(JSON.parse(r.body))
         else
@@ -92,7 +129,53 @@ module Paraxial
       end
     end
+    def self.ban_ip_msg(ip, length, msg)
+      local_ban(ip)
+      uri = URI.parse(Paraxial::Helpers.get_ruby_ban_url)
+      body =
+        {
+          bad_ip: ip,
+          ban_length: length,
+          msg: msg,
+          api_key: Paraxial::Helpers.get_api_key
+        }
+      r = Net::HTTP.post(uri, body.to_json, @headers)
+      if r.code == '200'
+        :ok
+      else
+        :error
+      end
+    end
+    def self.honeypot_ban(ip, length)
+      local_ban(ip)
+      uri = URI.parse(Paraxial::Helpers.get_honeypot_url)
+      body = { api_key: Paraxial::Helpers.get_api_key, bad_ip: ip, ban_length: length }
+      r = Net::HTTP.post(uri, body.to_json, @headers)
+      if r.code == '200'
+        :ok
+      else
+        :error
+      end
+    end
     def self.ban_ip(ip)
+      local_ban(ip)
+      uri = URI.parse(Paraxial::Helpers.get_ban_url)
+      body = { api_key: Paraxial::Helpers.get_api_key, ip_address: ip }
+      r = Net::HTTP.post(uri, body.to_json, @headers)
+      if r.code == '200'
+        :ok
+      else
+        :error
+      end
+    end
+    def self.local_ban(ip)
       if ip.include?('.')
         # IPv4
         current_t = @bans['v4']
@@ -104,17 +187,6 @@ module Paraxial
         current_t.add(ip)
         @bans['v6'] = current_t
       end
-      uri = URI.parse(Paraxial::Helpers.get_ban_url)
-      headers = { 'Content-Type': 'application/json' }
-      body = { api_key: Paraxial::Helpers.get_api_key, ip_address: ip }
-      r = Net::HTTP.post(uri, body.to_json, headers)
-      if r.code == '200'
-        :ok
-      else
-        :error
-      end
     end
     def self.allow_ip?(ip)

data/lib/paraxial/free_tier.rb ADDED Viewed

@@ -0,0 +1,34 @@
+require 'net/http'
+require 'json'
+module Paraxial
+  module FreeTier
+    class << self
+      attr_reader :is_free_tier
+      def initialize
+        @is_free_tier = true
+        check_free_tier_status
+      end
+      private
+      # Kicks off an async HTTP request
+      def check_free_tier_status
+        Thread.new do
+          uri = URI.parse(Paraxial::Helpers.get_free_tier_url())
+          headers = { 'Content-Type': 'application/json' }
+          body = { api_key: Paraxial::Helpers.get_api_key }
+          r = Net::HTTP.post(uri, body.to_json, headers)
+          result = JSON.parse(r.body)
+          # Assume the API response contains a field `free_tier` (true/false)
+          @is_free_tier = result['free_tier']
+        rescue StandardError => e
+          # Handle any errors (network issues, parsing errors, etc.)
+          puts "Error fetching free tier status: #{e.message}"
+          @is_free_tier = true
+        end
+      end
+    end
+  end
+end

data/lib/paraxial/helpers.rb CHANGED Viewed

@@ -12,6 +12,26 @@ module Paraxial
       get_paraxial_url + '/api/exploit'
     end
+    def self.get_free_tier_url
+      get_paraxial_url + '/api/free_tier'
+    end
+    def self.get_abr_url
+      get_paraxial_url + '/api/abr'
+    end
+    def self.get_ingest_url
+      get_paraxial_url + '/api/ingest'
+    end
+    def self.get_honeypot_url
+      get_paraxial_url + '/api/honeypot_ban_x'
+    end
+    def self.get_ruby_ban_url
+      get_paraxial_url + '/api/ruby_ban_x'
+    end
     def self.get_api_key
       @paraxial_api_key ||= ENV['PARAXIAL_API_KEY']
     end

data/lib/paraxial/initializers/marshal_patch.rb CHANGED Viewed

@@ -6,7 +6,7 @@ unless Rails.env.test? || File.basename($0) == 'rake' || defined?(Rails::Generat
       def load(source, proc = nil)
         exg = Paraxial.configuration&.exploit_guard || nil
         if [:monitor, :block].include?(exg)
-          if source.is_a?(String) && source.match?(/ActionView|Net::BufferedIO|ERB|ActiveSupport/)
+          if source.is_a?(String) && source.match?(/ActionView|Net::BufferedIO|ERB/)
             puts "[Paraxial] Exploit Guard triggered, malicious input to Marshal.load"
             puts source

data/lib/paraxial/initializers/startup.rb CHANGED Viewed

@@ -3,6 +3,7 @@ require 'paraxial'
 require 'rpatricia'
 require_relative '../helpers'
 require_relative '../checker'
+require_relative '../free_tier'
 Bundler.setup
@@ -20,6 +21,7 @@ unless Rails.env.test? || File.basename($0) == 'rake' || defined?(Rails::Generat
         puts '[Paraxial] API key detected, agent starting'
         Paraxial.check_exploit_guard
+        Paraxial::FreeTier.initialize
         deps_and_licenses = []
         Bundler.load.specs.each do |spec|

data/lib/paraxial/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Paraxial
-  VERSION = '0.8.0'
+  VERSION = '0.9.1'
 end

data/lib/paraxial.rb CHANGED Viewed

@@ -44,7 +44,65 @@ module Paraxial
     utc_time.strftime('%Y-%m-%d %H:%M:%S.%6N') + 'Z'
   end
+  def self.record(request, status)
+    return if Paraxial::Helpers.get_api_key.nil?
+    req_hash =
+      {
+        ip_address: request.remote_ip,
+        http_method: request.request_method,
+        path: request.path,
+        user_agent: request.user_agent,
+        allowed: !request.env['paraxial.deny'],
+        status_code: status,
+        inserted_at: get_timestamp,
+        cloud_ip: request.env['paraxial.cloud_ip'],
+        host: request.host
+      }
+    Paraxial::Checker.req_to_buff(req_hash)
+  end
+  # routes = ['/login', '/users/:id']
+  def self.block_cloud_ip(request, routes)
+    return if Paraxial::Helpers.get_api_key.nil?
+    ip = request.remote_ip
+    cloud_provider = get_cloud_provider(ip)
+    if cloud_provider
+      request.env['paraxial.cloud_ip'] = cloud_provider
+    else
+      request.env['paraxial.cloud_ip'] = nil
+    end
+    route_patterns = routes.map do |route|
+      Regexp.new("^" + route.gsub(/:\w+/, '\d+') + "$")
+    end
+    match = route_patterns.any? { |pattern| pattern.match?(request.path) }
+    if match and cloud_provider
+      request.env['paraxial.deny'] = true
+    end
+  end
+  def self.req_allowed?(request)
+    return if Paraxial::Helpers.get_api_key.nil?
+    if request.env['paraxial.deny'] == true
+      false
+    elsif Paraxial::Checker.allow_ip?(request.remote_ip) == true
+      request.env['paraxial.deny'] = false
+      true
+    else
+      request.env['paraxial.deny'] = true
+      false
+    end
+  end
   def self.cloud_ip?(ip)
+    return if Paraxial::Helpers.get_api_key.nil?
     if ip.include?('.')
       !!PARAXIAL_IPV4.search_best(ip)
     else
@@ -52,11 +110,37 @@ module Paraxial
     end
   end
+  def self.get_cloud_provider(ip)
+    return if Paraxial::Helpers.get_api_key.nil?
+    if ip.include?('.')
+      PARAXIAL_IPV4.search_best(ip)&.data
+    else
+      PARAXIAL_IPV6.search_best(ip)&.data
+    end
+  end
   def self.ban_ip(ip)
+    return if Paraxial::Helpers.get_api_key.nil?
     Paraxial::Checker.ban_ip(ip)
   end
+  def self.ban_ip_msg(ip, length, msg)
+    return if Paraxial::Helpers.get_api_key.nil?
+    Paraxial::Checker.ban_ip_msg(ip, length, msg)
+  end
+  def self.honeypot_ban(ip, length = :week)
+    return if Paraxial::Helpers.get_api_key.nil?
+    Paraxial::Checker.honeypot_ban(ip, length)
+  end
   def self.allow_ip?(ip)
+    return if Paraxial::Helpers.get_api_key.nil?
     Paraxial::Checker.allow_ip?(ip)
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: paraxial
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.9.1
 platform: ruby
 authors:
 - Michael Lubas
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-09-17 00:00:00.000000000 Z
+date: 2024-09-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -97,6 +97,7 @@ files:
 - lib/paraxial/checker.rb
 - lib/paraxial/cli.rb
 - lib/paraxial/engine.rb
+- lib/paraxial/free_tier.rb
 - lib/paraxial/helpers.rb
 - lib/paraxial/initializers/marshal_patch.rb
 - lib/paraxial/initializers/startup.rb