rack-dedos 0.3.2 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -9
- data/README.md +1 -11
- data/lib/rack/dedos/filters/base.rb +4 -1
- data/lib/rack/dedos/filters/country.rb +2 -2
- data/lib/rack/dedos/version.rb +1 -1
- metadata +5 -26
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a6136473af715369f93cdd16ed44fbbbdc241ee0efa1c7743a5590735ec5d392
|
|
4
|
+
data.tar.gz: cd541b5cfb7cd9dfdb4262670d8190bf942215a65e6a984e48e9e7e7f7db1f6c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: caf872690a89e1e502974fa7560a5e5aa6499545a213cb82b2e03b788cda2075822ae1a8be23e23ff67a220087d56c6fa6d76a7388d6b4887c8f0a6e51f10f0c
|
|
7
|
+
data.tar.gz: 14a31dd383c251c9333968744c91ebb9833e7dc501b68db2cda7e2c1c10b4f44090dafbdb1edf1de1f9042dba0338c44279852478a48a1bbd1a5394b05078b4a
|
data/CHANGELOG.md
CHANGED
|
@@ -2,53 +2,64 @@
|
|
|
2
2
|
|
|
3
3
|
Nothing so far
|
|
4
4
|
|
|
5
|
+
## 0.4.1
|
|
6
|
+
|
|
7
|
+
### Fixes
|
|
8
|
+
* Correctly include details in warnings (i.e. country code)
|
|
9
|
+
|
|
10
|
+
## 0.4.0
|
|
11
|
+
|
|
12
|
+
### Changes
|
|
13
|
+
* Drop certs
|
|
14
|
+
* Add action for trusted release
|
|
15
|
+
|
|
5
16
|
## 0.3.2
|
|
6
17
|
|
|
7
|
-
|
|
18
|
+
### Changes
|
|
8
19
|
* Resolve all paths to prevent problems with relative paths
|
|
9
20
|
|
|
10
21
|
## 0.3.1
|
|
11
22
|
|
|
12
|
-
|
|
23
|
+
### Changes
|
|
13
24
|
* Root `File` operations to prevent clashes with Rack
|
|
14
25
|
|
|
15
26
|
## 0.3.0
|
|
16
27
|
|
|
17
|
-
|
|
28
|
+
### Changes
|
|
18
29
|
* Convert `geoipget` from Bash to Ruby
|
|
19
30
|
|
|
20
31
|
## 0.2.4
|
|
21
32
|
|
|
22
|
-
|
|
33
|
+
### Changes
|
|
23
34
|
* Use Bash for `geoipget` to prevent problems with `/bin/sh` diversity
|
|
24
35
|
|
|
25
36
|
## 0.2.3
|
|
26
37
|
|
|
27
|
-
|
|
38
|
+
### Additions
|
|
28
39
|
* `geoipget` shell script
|
|
29
40
|
|
|
30
41
|
## 0.2.2
|
|
31
42
|
|
|
32
|
-
|
|
43
|
+
### Changes
|
|
33
44
|
* Update to Ruby 3.4
|
|
34
45
|
|
|
35
46
|
## 0.2.1
|
|
36
47
|
|
|
37
|
-
|
|
48
|
+
### Fixes
|
|
38
49
|
|
|
39
50
|
* Fix paths on conditional requires
|
|
40
51
|
* Renew certificate
|
|
41
52
|
|
|
42
53
|
## 0.2.0
|
|
43
54
|
|
|
44
|
-
|
|
55
|
+
### Changes
|
|
45
56
|
|
|
46
57
|
* Determine real client IP
|
|
47
58
|
* Drop autoload and put filters in proper namespace
|
|
48
59
|
|
|
49
60
|
## 0.1.0
|
|
50
61
|
|
|
51
|
-
|
|
62
|
+
### Initial implementation
|
|
52
63
|
|
|
53
64
|
* UserAgent filter
|
|
54
65
|
* Country filter
|
data/README.md
CHANGED
|
@@ -19,16 +19,6 @@ Thank you for supporting free and open-source software by sponsoring on [GitHub]
|
|
|
19
19
|
|
|
20
20
|
## Install
|
|
21
21
|
|
|
22
|
-
### Security
|
|
23
|
-
|
|
24
|
-
This gem is [cryptographically signed](https://guides.rubygems.org/security/#using-gems) in order to assure it hasn't been tampered with. Unless already done, please add the author's public key as a trusted certificate now:
|
|
25
|
-
|
|
26
|
-
```
|
|
27
|
-
gem cert --add <(curl -Ls https://raw.github.com/svoop/rack-dedos/main/certs/svoop.pem)
|
|
28
|
-
```
|
|
29
|
-
|
|
30
|
-
### Bundler
|
|
31
|
-
|
|
32
22
|
Add the following to the <tt>Gemfile</tt> or <tt>gems.rb</tt> of your [Bundler](https://bundler.io) powered Ruby project:
|
|
33
23
|
|
|
34
24
|
```ruby
|
|
@@ -38,7 +28,7 @@ gem 'rack-dedos'
|
|
|
38
28
|
And then install the bundle:
|
|
39
29
|
|
|
40
30
|
```
|
|
41
|
-
bundle install
|
|
31
|
+
bundle install
|
|
42
32
|
```
|
|
43
33
|
|
|
44
34
|
## Configuration
|
|
@@ -12,12 +12,14 @@ module Rack
|
|
|
12
12
|
|
|
13
13
|
attr_reader :app
|
|
14
14
|
attr_reader :options
|
|
15
|
+
attr_reader :details
|
|
15
16
|
|
|
16
17
|
# @param app [#call]
|
|
17
18
|
# @param options [Hash{Symbol => Object}]
|
|
18
19
|
def initialize(app, options = {})
|
|
19
20
|
@app = app
|
|
20
21
|
@options = DEFAULT_OPTIONS.merge(options)
|
|
22
|
+
@details = nil
|
|
21
23
|
end
|
|
22
24
|
|
|
23
25
|
def call(env)
|
|
@@ -26,7 +28,8 @@ module Rack
|
|
|
26
28
|
if allowed?(request, ip)
|
|
27
29
|
app.call(env)
|
|
28
30
|
else
|
|
29
|
-
|
|
31
|
+
message = "rack-dedos: request from #{ip} blocked by #{self.class}"
|
|
32
|
+
warn([message, details].compact.join(": "))
|
|
30
33
|
[options[:status], { 'Content-Type' => 'text/plain' }, [options[:text]]]
|
|
31
34
|
end
|
|
32
35
|
end
|
|
@@ -22,8 +22,8 @@ module Rack
|
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
def allowed?(request, ip)
|
|
25
|
-
if country = maxmind_db
|
|
26
|
-
country_code = country.dig('country', 'iso_code').to_sym
|
|
25
|
+
if country = maxmind_db&.get(ip)
|
|
26
|
+
country_code = @details = country.dig('country', 'iso_code').to_sym
|
|
27
27
|
@countries.include?(country_code) ? @allowed : !@allowed
|
|
28
28
|
else # not found in database
|
|
29
29
|
true
|
data/lib/rack/dedos/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,34 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-dedos
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sven Schwyn
|
|
8
8
|
bindir: exe
|
|
9
|
-
cert_chain:
|
|
10
|
-
-
|
|
11
|
-
-----BEGIN CERTIFICATE-----
|
|
12
|
-
MIIDODCCAiCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQDDBhydWJ5
|
|
13
|
-
L0RDPWJpdGNldGVyYS9EQz1jb20wHhcNMjQxMTIwMjExMDIwWhcNMjUxMTIwMjEx
|
|
14
|
-
MDIwWjAjMSEwHwYDVQQDDBhydWJ5L0RDPWJpdGNldGVyYS9EQz1jb20wggEiMA0G
|
|
15
|
-
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcLg+IHjXYaUlTSU7R235lQKD8ZhEe
|
|
16
|
-
KMhoGlSUonZ/zo1OT3KXcqTCP1iMX743xYs6upEGALCWWwq+nxvlDdnWRjF3AAv7
|
|
17
|
-
ikC+Z2BEowjyeCCT/0gvn4ohKcR0JOzzRaIlFUVInlGSAHx2QHZ2N8ntf54lu7nd
|
|
18
|
-
L8CiDK8rClsY4JBNGOgH9UC81f+m61UUQuTLxyM2CXfAYkj/sGNTvFRJcNX+nfdC
|
|
19
|
-
hM9r2kH1+7wsa8yG7wJ2IkrzNACD8v84oE6qVusN8OLEMUI/NaEPVPbw2LUM149H
|
|
20
|
-
PVa0i729A4IhroNnFNmw4wOC93ARNbM1+LW36PLMmKjKudf5Exg8VmDVAgMBAAGj
|
|
21
|
-
dzB1MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQWBBSfK8MtR62mQ6oN
|
|
22
|
-
yoX/VKJzFjLSVDAdBgNVHREEFjAUgRJydWJ5QGJpdGNldGVyYS5jb20wHQYDVR0S
|
|
23
|
-
BBYwFIEScnVieUBiaXRjZXRlcmEuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQDSeB1x
|
|
24
|
-
8QK8F/ML37isgvwGiQxovDUqu6Sq14cQ1qE9y5prUBmL2AsDuCBpXXctcvamFqNC
|
|
25
|
-
PgfJtj7ZZcXmY0SfKCog7T1btkr6zYxPXpxwUqB45n0I6v5qc0UCNvMEfBzxlak5
|
|
26
|
-
VW7UMNlKD9qukeN55hxuLF2F/sLldMcHUo/ATgdV4zk1t3sK6A9+02wz5K5qfWdM
|
|
27
|
-
Mi+XWXmGd57uojk3RcIXNwBRRP4DTKcKgVXhuyHb7q1vjTXrS6bw1Ortu0KmWOIk
|
|
28
|
-
jTyRsT1gymASS2KHe+BaCTwD74GqO8q4woYLZgXnJ/PvgcFgY2FEi2Kn/sXLp4JE
|
|
29
|
-
boIgxQCMT+nxBHCD
|
|
30
|
-
-----END CERTIFICATE-----
|
|
31
|
-
date: 2025-01-16 00:00:00.000000000 Z
|
|
9
|
+
cert_chain: []
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
32
11
|
dependencies:
|
|
33
12
|
- !ruby/object:Gem::Dependency
|
|
34
13
|
name: rack
|
|
@@ -199,9 +178,9 @@ executables:
|
|
|
199
178
|
- geoipget
|
|
200
179
|
extensions: []
|
|
201
180
|
extra_rdoc_files:
|
|
202
|
-
- README.md
|
|
203
181
|
- CHANGELOG.md
|
|
204
182
|
- LICENSE.txt
|
|
183
|
+
- README.md
|
|
205
184
|
files:
|
|
206
185
|
- CHANGELOG.md
|
|
207
186
|
- LICENSE.txt
|
|
@@ -244,7 +223,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
244
223
|
- !ruby/object:Gem::Version
|
|
245
224
|
version: '0'
|
|
246
225
|
requirements: []
|
|
247
|
-
rubygems_version: 3.6.
|
|
226
|
+
rubygems_version: 3.6.9
|
|
248
227
|
specification_version: 4
|
|
249
228
|
summary: Radical filters to block denial-of-service (DoS) requests.
|
|
250
229
|
test_files: []
|
checksums.yaml.gz.sig
DELETED
|
Binary file
|
data.tar.gz.sig
DELETED
|
Binary file
|
metadata.gz.sig
DELETED
|
Binary file
|