RubyGems - wafris - Versions diffs - 0.4.0 → 0.5.1 - Mend

wafris 0.4.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e843055b9966018647b5c475eeeaedbb70a433fd9fa2328503c873833142dbdb
-  data.tar.gz: 12b6bf55a65413151ddd224c8ce39465c2801fdcc15842cbf8730bc20ebe486f
+  metadata.gz: f036d6e75044057a673540b99fd75c7193076d755ed14ef4d34c56fa235866d1
+  data.tar.gz: 178b201063353d9805b01fa0c2752176e233886a8d8f82c41dc2ea2369bd4986
 SHA512:
-  metadata.gz: 3b499bd7a1421dad5c91e421d804f2ac7af96f329649ad1ba2e0d383790e7bc2e01fbb29e369486e5adb37a96c4c7f998513dbeefcce0b2edc6692555945ff20
-  data.tar.gz: 89f5161f97c7eb3e14bce624d5c9cc76cc00e91e710f64ae466bfe91e28d47ec147a85ff29dc9b4a2a7d539664b86a7a14d079e2f659f39b49d89f5e321d2a6b
+  metadata.gz: 0c8d18daf34e516fcd69ad002060ede527806358776fb3be52ac45d3912a708a2853fedea4dcef59e75117d17f4565d82d63cefe3e146ebd524365a17910830d
+  data.tar.gz: 7b771a0c00567f4bd97054f85c867b0b6d97e2a3f1372f7be7b21121e342092edbfa2e7f894b9a6c2fba00bc3c4beae53955bc45b2dce35e2f16e04c19483c2c

data/lib/lua/dist/wafris_core.lua CHANGED Viewed

@@ -98,10 +98,11 @@ increment_timebucket_for("host:", current_timebucket, host)
 -- BLOCKING LOGIC
 -- Safelist Range Check
-if next(redis.call("ZRANGEBYSCORE", "allowed_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) then
+-- TODO: ZRANGEBYSCORE is deprecated in Redis 6.2+. Replace with ZRANGE
+if not next(redis.call("ZRANGEBYSCORE", "allowed_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) == nil then
   return "Allowed"
 -- Blocklist Range Check
-elseif next(redis.call("ZRANGEBYSCORE", "blocked_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) then
+elseif not next(redis.call("ZRANGEBYSCORE", "blocked_ranges", client_ip_to_decimal, "+inf", "LIMIT", 0, 1)) == nil then
   increment_timebucket_for("wafris:blocked:", current_timebucket, client_ip)
   return "Blocked"
 -- No Matches

data/lib/wafris/configuration.rb CHANGED Viewed

@@ -6,7 +6,10 @@ module Wafris
     attr_accessor :redis_pool_size
     def initialize
-      @redis = Redis.new
+      @redis = Redis.new(
+        url: ENV['REDIS_URL'],
+        ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
+      )
       @redis_pool_size = 20
     end

data/lib/wafris/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Wafris
-  VERSION = "0.4.0"
+  VERSION = "0.5.1"
 end

data/lib/wafris.rb CHANGED Viewed

@@ -32,9 +32,6 @@ module Wafris
     def allow_request?(request)
       configuration.connection_pool.with do |conn|
         time = Time.now.to_f * 1000
-        puts "WAF LOG: headers with http-x-forwarded-for key #{request.get_header(Rack::Request::HTTP_X_FORWARDED_FOR)}"
-        puts "WAF LOG: Client IP #{client_ip(request)}"
-        puts "WAF LOG: Proxy IP #{proxy_ip(request)}"
         status = conn.evalsha(
           configuration.core_sha,
           argv: [

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: wafris
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.1
 platform: ruby
 authors:
 - Micahel Buckbee