spanx 0.1.1 → 0.3.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5c017e3394baa42289958507173ac915803057d2
+  data.tar.gz: 207763061ed579e4bc95da27f12c81349e568b0c
+SHA512:
+  metadata.gz: c0b1431c0d6dd273e559dcc67a2d6a297b6212e1e7eca50cf61eca24569dd97677fb19548564d6070df087faa819c8d55d966aafec2030d4c460719028dc5a81
+  data.tar.gz: 6439de18b7f3fffadacd21739a63d614faec491e4085e7c85516e64cb0066fb9b4cadbc3401954648ee7e1703c4e92efdaa106595dbd3b25dce8b58a7affddbb

data/Gemfile

@@ -2,3 +2,13 @@ source 'https://rubygems.org'
 
 # Specify your gem's dependencies in spanx.gemspec
 gemspec
+
+group :test do
+  gem 'rspec', '~> 2.14'
+  gem 'fakeredis'
+  gem 'timecop'
+  gem 'webmock'
+  gem 'guard-rspec'
+  gem 'rb-fsevent'
+  gem 'webmachine-test'
+end

data/Guardfile

@@ -4,10 +4,10 @@
 # A sample Guardfile
 # More info at https://github.com/guard/guard#readme
 
-guard 'rspec' do
-  watch(%r{^spanx\.gemspec}) { "spec"}
+guard 'rspec', cmd: 'bundle exec rspec' do
+  watch(%r{^spanx\.gemspec}) { 'spec' }
   watch(%r{^spec/.+_spec\.rb$})
-  watch(%r{^lib/(.+)\.rb$}) { "spec" }
-  watch('spec/spec_helper.rb')  { "spec" }
+  watch(%r{^lib/(.+)\.rb$}) { 'spec' }
+  watch('spec/spec_helper.rb')  { 'spec' }
 end
 

data/README.md

@@ -1,6 +1,7 @@
 Spanx
 =====
 
+[![Gem Version](https://badge.fury.io/rb/spanx.png)](http://badge.fury.io/rb/spanx)
 [![Build status](https://secure.travis-ci.org/wanelo/spanx.png)](http://travis-ci.org/wanelo/spanx)
 
 Spank down IP spam: IP-based rate limiting for web applications behind HTTP server such as nginx or Apache.
@@ -43,9 +44,7 @@ If you have multiple web servers, you need to run watcher on each server, and an
 ### Alerts
 
 Besides actually writing out IPs to a block list file, Spanx supports notifiers that will be called when a new IP
-is blocked.  Currently supported are audit log notifier (that writes that information to a log file), a Campfire
-Chat notifier, which will print IP blocking information into your Campfire chat room, and an Email notifier. It is
-very easy to write additional notifiers.
+is blocked.  Currently supported are audit log notifier (that writes that information to a log file), both a Campfire and Slack chat notifier (which will print IP blocking information into each respective chat room), and an Email notifier. It is very easy to write additional notifiers.
 
 ## Installation
 
@@ -146,6 +145,41 @@ Usage: [bundle exec] spanx flush [options]
     -h, --help                       Show this message
 ```
 
+### api
+
+This starts an HTTP server with endpoints for managing blocked ips. Your
+application (or admin interface) can connect to this, for example.
+
+```bash
+Usage: [bundle exec] spanx api [options]
+    -c, --config CONFIG              Path to config file (YML) (required)
+    -g, --debug                      Log status to STDOUT
+    -h, --help                       Show this message
+    -h, --host                       Host for the HTTP server to listen on
+    -p, --port                       Port for the HTTP server to listen on
+```
+
+#### Endpoints:
+
+To retrieve a list of currently blocked ips:
+
+```
+GET /ips/blocked
+[
+  "127.0.0.1",
+  "11.100.193.12"
+]
+```
+
+To unblock a specific ip:
+
+This will remove the IP from redis and shortly afterwards it will be removed
+from the nginx block files.
+
+```
+DELETE /ips/blocked/11.100.193.12
+```
+
 ## Examples
 
 If you have only one load balancer, you may want to centralize all work into a single process, as such:

data/conf/spanx-config.yml.example

@@ -18,6 +18,7 @@
     - "Spanx::Notifier::AuditLog"
     - "Spanx::Notifier::Campfire"
     - "Spanx::Notifier::Email"
+    - "Spanx::Notifier::Slack"
   :period_checks:
     - :period_seconds: 3600
       :max_allowed: 2000
@@ -35,6 +36,10 @@
   :room_id: 1111
   :token: aaffdfsdfadfasdfasdfasdf
   :account: test
+:slack:
+  :enabled: true
+  :token: aaffdfsdfadfasdfasdfasdf
+  :base_url: 'https://wanelo.slack.com'
 :email:
   :enabled: true
   :to: "everyone@mycompany.com"

data/lib/spanx.rb

@@ -13,6 +13,7 @@ require 'spanx/notifier/base'
 require 'spanx/notifier/campfire'
 require 'spanx/notifier/audit_log'
 require 'spanx/notifier/email'
+require 'spanx/notifier/slack'
 
 require 'spanx/actor/log_reader'
 require 'spanx/actor/collector'

data/lib/spanx/actor/analyzer.rb

@@ -2,6 +2,7 @@ require 'spanx/logger'
 require 'spanx/helper/timing'
 require 'spanx/notifier/base'
 require 'spanx/notifier/campfire'
+require 'spanx/notifier/slack'
 require 'spanx/notifier/audit_log'
 require 'spanx/notifier/email'
 

data/lib/spanx/actor/log_reader.rb

@@ -3,36 +3,37 @@ require 'file-tail'
 module Spanx
   module Actor
     class LogReader
-      attr_accessor :file, :queue, :whitelist
+      attr_accessor :files, :queue, :whitelist, :threads
 
-      def initialize file, queue, interval = 1, whitelist = nil
-        @file = Spanx::Actor::File.new(file)
-        @file.interval = interval
-        @file.backward(0)
+      def initialize files, queue, interval = 1, whitelist = nil
+        @files = Array(files).uniq.map { |file| Spanx::Actor::File.new(file) }
+        @files.each do |file|
+          file.interval = interval
+          file.backward(0)
+        end
         @whitelist = whitelist
         @queue = queue
+        @threads = []
       end
 
       def run
-        Thread.new do
-          Thread.current[:name] = "log_reader"
-          Logger.log "tailing the log file #{file.path}...."
-          self.read do |line|
-            queue << [line, Time.now.to_i ] if line
+        files.each_with_index do |file, i|
+          threads << Thread.new do
+            Thread.current[:name] = "log_reader.#{i}"
+            Logger.log "tailing the log file #{file.path}...."
+            self.read(file) do |line|
+              queue << [line, Time.now.to_i] if line
+            end
           end
         end
       end
 
-      def read &block
-        @file.tail do |line|
-          block.call(extract_ip(line)) unless whitelist && whitelist.match?(line)
+      def read file
+        file.tail do |line|
+          yield extract_ip(line) unless whitelist && whitelist.match?(line)
         end
       end
 
-      def close
-        (@file.close if @file) rescue nil
-      end
-
       def extract_ip line
         matchers = line.match(/^((\d{1,3}\.?){4})/)
         matchers[1] unless matchers.nil?

data/lib/spanx/api.rb

@@ -0,0 +1,7 @@
+require 'reel'
+require 'webmachine'
+
+module Spanx
+  module API
+  end
+end

data/lib/spanx/api/machine.rb

@@ -0,0 +1,20 @@
+require 'webmachine'
+
+require 'spanx/api/resources/blocked_ips'
+require 'spanx/api/resources/unblock_ip'
+
+module Spanx
+  module API
+    Machine = Webmachine::Application.new do |app|
+      app.routes do
+        # DELETE /ips/blocked/127.0.0.1
+        add ["ips", "blocked", :ip],
+            ->(req) { req.method == "DELETE" },
+            Resources::UnblockIP
+
+        # GET /ips/blocked
+        add ["ips", "blocked"], Resources::BlockedIps
+     end
+    end
+  end
+end

data/lib/spanx/api/resources/blocked_ips.rb

@@ -0,0 +1,15 @@
+require 'webmachine'
+require 'spanx'
+
+module Spanx
+  module API
+    module Resources
+      class BlockedIps < Webmachine::Resource
+        def to_html
+          ips = Spanx::IPChecker.rate_limited_identifiers
+          JSON.generate(ips)
+        end
+      end
+    end
+  end
+end

data/lib/spanx/api/resources/unblock_ip.rb

@@ -0,0 +1,17 @@
+module Spanx
+  module API
+    module Resources
+      class UnblockIP < Webmachine::Resource
+        def allowed_methods
+          %W[DELETE]
+        end
+
+        def delete_resource
+          Spanx::IPChecker.new(request.path_info[:ip]).unblock 
+          JSON.generate({ok: true})
+        end
+      end
+    end
+  end
+end
+

data/lib/spanx/cli.rb

@@ -20,9 +20,14 @@ module Spanx
     private
 
     def validate!
-      error_exit_with_msg("No command given") if args.empty?
+      error_exit_with_msg('No command given') if args.empty?
       @command = args.first
-      error_exit_with_msg("No command found matching #{@command}") unless Spanx::CLI.subclasses.include?(@command)
+      if !@command.eql?('-h') && !@command.eql?('--help')
+        error_exit_with_msg("No command found matching #{@command}") unless Spanx::CLI.subclasses.include?(@command)
+      else
+        help_exit
+      end
+
     end
 
     def generate_config(argv)
@@ -35,13 +40,13 @@ module Spanx
       end
 
       Spanx::Logger.enable if config[:debug]
+    rescue OptionParser::InvalidOption => e
+      error_exit_with_msg "Whoops, #{e.message}"
     end
 
   end
 end
 
-require 'spanx/cli/watch'
-require 'spanx/cli/analyze'
-require 'spanx/cli/disable'
-require 'spanx/cli/enable'
-require 'spanx/cli/flush'
+Dir.glob("#{File.expand_path('../cli', __FILE__)}/*.rb").each do |file|
+  require file
+end

data/lib/spanx/cli/analyze.rb

@@ -6,11 +6,12 @@ require 'spanx/runner'
 
 class Spanx::CLI::Analyze < Spanx::CLI
 
-  banner "Usage: spanx analyze [options]"
+  banner 'Usage: spanx analyze [options]'
+  description 'Analyze IP traffic and save blocked IPs into Redis'
 
   option :daemonize,
-         :short => "-d",
-         :long => "--daemonize",
+         :short => '-d',
+         :long => '--daemonize',
          :boolean => true,
          :default => false
 
@@ -35,9 +36,9 @@ class Spanx::CLI::Analyze < Spanx::CLI
          :required => false
 
   option :help,
-         :short => "-h",
-         :long => "--help",
-         :description => "Show this message",
+         :short => '-h',
+         :long => '--help',
+         :description => 'Show this message',
          :on => :tail,
          :boolean => true,
          :show_options => true,

data/lib/spanx/cli/api.rb

@@ -0,0 +1,70 @@
+require 'thread'
+require 'mixlib/cli'
+require 'daemons/daemonize'
+require 'spanx/logger'
+require 'spanx/api/machine'
+
+class Spanx::CLI::Api < Spanx::CLI
+
+  banner 'Usage: spanx api [options]'
+  description 'Start HTTP server for controlling Spanx (experimental)'
+
+  option :daemonize,
+         :short => '-d',
+         :long => '--daemonize',
+         :boolean => true,
+         :default => false
+
+  option :config_file,
+         :short => '-c CONFIG',
+         :long => '--config CONFIG',
+         :description => 'Path to config file (YML)',
+         :required => true
+
+  option :debug,
+         :short => '-g',
+         :long => '--debug',
+         :description => 'Log status to STDOUT',
+         :boolean => true,
+         :required => false,
+         :default => false
+
+  option :host,
+         :short => '-h HOST',
+         :long  => '--host HOST',
+         :description => 'Host for the api to listen on.',
+         :default => '127.0.0.1',
+         :required => false
+
+  option :port,
+         :short => '-p PORT',
+         :long  => '--port PORT',
+         :description => "Port for the api to listen on.",
+         :default => 6060,
+         :required => false
+
+  option :help,
+         :short => "-h",
+         :long => "--help",
+         :description => "Show this message",
+         :on => :tail,
+         :boolean => true,
+         :show_options => true,
+         :exit => 0
+
+  def run(argv = ARGV)
+    generate_config(argv)
+
+    puts "Starting Spanx API on #{config[:host]}:#{config[:port]}.."
+
+    Daemonize.daemonize if config[:daemonize]
+
+    Spanx::API::Machine.configure do |c|
+      c.port = config[:port]
+      c.ip = config[:host]
+    end
+
+    Spanx::API::Machine.run
+  end
+end
+

data/lib/spanx/cli/disable.rb

@@ -3,7 +3,8 @@ require 'spanx/logger'
 
 class Spanx::CLI::Disable < Spanx::CLI
 
-  banner "Usage: spanx disable [options]"
+  banner 'Usage: spanx disable [options]'
+  description 'Disable IP blocking if enabled'
 
   option :config_file,
          :short => '-c CONFIG',

data/lib/spanx/cli/enable.rb

@@ -3,7 +3,8 @@ require 'spanx/logger'
 
 class Spanx::CLI::Enable < Spanx::CLI
 
-  banner "Usage: spanx enable [options]"
+  banner 'Usage: spanx enable [options]'
+  description 'Enable IP Blocking, if disabled'
 
   option :config_file,
          :short => '-c CONFIG',

data/lib/spanx/cli/flush.rb

@@ -3,7 +3,20 @@ require 'spanx/logger'
 
 class Spanx::CLI::Flush < Spanx::CLI
 
-  banner "Usage: spanx flush [options]"
+  banner 'Usage: spanx flush [ -a | -i IPADDRESS ] [options]'
+  description 'Remove a specific IP block, or all blocked IPs'
+
+  option :ip,
+         :short => '-i IPADDRESS',
+         :long => '--ip IPADDRESS',
+         :description => 'Unblock specific IP',
+         :required => false
+
+  option :all,
+         :short => '-a',
+         :long => '--all',
+         :description => 'Unblock all IPs',
+         :required => false
 
   option :config_file,
          :short => '-c CONFIG',
@@ -31,6 +44,18 @@ class Spanx::CLI::Flush < Spanx::CLI
 
   def run(argv = ARGV)
     generate_config(argv)
-    Spanx::IPChecker.unblock_all
+    out = ''
+    keys = if config[:ip] =~ /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/
+      out << "unblocking ip #{config[:ip]}: "
+      Spanx::IPChecker.new(config[:ip]).unblock
+    elsif config[:all]
+      out << 'unblocking all IPs: ' if config[:debug]
+      Spanx::IPChecker.unblock_all
+    else
+      error_exit_with_msg 'Either -i or -a flag is required now'
+    end
+    out << "deleted #{keys} IPs that matched"
+    puts out if config[:debug]
+    out
   end
 end