wafris 0.4.0 → 0.5.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/lua/dist/wafris_core.lua +3 -2
  3. data/lib/wafris/configuration.rb +4 -1
  4. data/lib/wafris/version.rb +1 -1
  5. data/lib/wafris.rb +0 -3
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e843055b9966018647b5c475eeeaedbb70a433fd9fa2328503c873833142dbdb
4
- data.tar.gz: 12b6bf55a65413151ddd224c8ce39465c2801fdcc15842cbf8730bc20ebe486f
3
+ metadata.gz: f036d6e75044057a673540b99fd75c7193076d755ed14ef4d34c56fa235866d1
4
+ data.tar.gz: 178b201063353d9805b01fa0c2752176e233886a8d8f82c41dc2ea2369bd4986
5
5
  SHA512:
6
- metadata.gz: 3b499bd7a1421dad5c91e421d804f2ac7af96f329649ad1ba2e0d383790e7bc2e01fbb29e369486e5adb37a96c4c7f998513dbeefcce0b2edc6692555945ff20
7
- data.tar.gz: 89f5161f97c7eb3e14bce624d5c9cc76cc00e91e710f64ae466bfe91e28d47ec147a85ff29dc9b4a2a7d539664b86a7a14d079e2f659f39b49d89f5e321d2a6b
6
+ metadata.gz: 0c8d18daf34e516fcd69ad002060ede527806358776fb3be52ac45d3912a708a2853fedea4dcef59e75117d17f4565d82d63cefe3e146ebd524365a17910830d
7
+ data.tar.gz: 7b771a0c00567f4bd97054f85c867b0b6d97e2a3f1372f7be7b21121e342092edbfa2e7f894b9a6c2fba00bc3c4beae53955bc45b2dce35e2f16e04c19483c2c
data/lib/lua/dist/wafris_core.lua CHANGED
@@ -98,10 +98,11 @@ increment_timebucket_for("host:", current_timebucket, host)
98
98
 
99
99
  -- BLOCKING LOGIC
100
100
  -- Safelist Range Check
101
- if next(redis.call("ZRANGEBYSCORE", "allowed_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) then
101
+ -- TODO: ZRANGEBYSCORE is deprecated in Redis 6.2+. Replace with ZRANGE
102
+ if not next(redis.call("ZRANGEBYSCORE", "allowed_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) == nil then
102
103
  return "Allowed"
103
104
  -- Blocklist Range Check
104
- elseif next(redis.call("ZRANGEBYSCORE", "blocked_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) then
105
+ elseif not next(redis.call("ZRANGEBYSCORE", "blocked_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) == nil then
105
106
  increment_timebucket_for("wafris:blocked:", current_timebucket, client_ip)
106
107
  return "Blocked"
107
108
  -- No Matches
data/lib/wafris/configuration.rb CHANGED
@@ -6,7 +6,10 @@ module Wafris
6
6
  attr_accessor :redis_pool_size
7
7
 
8
8
  def initialize
9
- @redis = Redis.new
9
+ @redis = Redis.new(
10
+ url: ENV['REDIS_URL'],
11
+ ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
12
+ )
10
13
  @redis_pool_size = 20
11
14
  end
12
15
 
data/lib/wafris/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Wafris
4
- VERSION = "0.4.0"
4
+ VERSION = "0.5.1"
5
5
  end
data/lib/wafris.rb CHANGED
@@ -32,9 +32,6 @@ module Wafris
32
32
  def allow_request?(request)
33
33
  configuration.connection_pool.with do |conn|
34
34
  time = Time.now.to_f * 1000
35
- puts "WAF LOG: headers with http-x-forwarded-for key #{request.get_header(Rack::Request::HTTP_X_FORWARDED_FOR)}"
36
- puts "WAF LOG: Client IP #{client_ip(request)}"
37
- puts "WAF LOG: Proxy IP #{proxy_ip(request)}"
38
35
  status = conn.evalsha(
39
36
  configuration.core_sha,
40
37
  argv: [
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: wafris
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Micahel Buckbee