wafris 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/lua/dist/wafris_core.lua +19 -5
- data/lib/wafris/version.rb +1 -1
- data/lib/wafris.rb +22 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2da3a1b92fba96e01f65433a9388d7dbeb8f24225b352e1958f392cd82fc8522
|
|
4
|
+
data.tar.gz: c8a72dcb1459454890d11d5ba0190f2b4a7f0d13cc63ce9d7038e87cb8ca7af7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ef4e1b43b6ae8f9060e8ba936ebffed084288e3a0df798c487141dd608f9f136e4cde74babc9ed9ab9c908f96a558fd674dcc9b579f94cc0bc95da581a973a20
|
|
7
|
+
data.tar.gz: a252ddc02c510c14c011c23d3127a5f17d7dc97dc6b44a46e889b85b4130e9897c4d9623fb6ad144e6cc32f21524ad5d58f008d9d1b6376c47884c2f42c94008
|
|
@@ -60,28 +60,42 @@ local function add_to_HLL_request_count(timebucket, request_id)
|
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
-- For: Leaderboard of IPs with Request count as score
|
|
63
|
-
local function
|
|
64
|
-
|
|
63
|
+
local function increment_timebucket_for(type, timebucket, property)
|
|
64
|
+
-- TODO: breaking change will to switch to client_ip: prefix
|
|
65
|
+
type = type or "ip-"
|
|
66
|
+
redis.call("ZINCRBY", type .. "leader-sset:" .. timebucket, 1, property)
|
|
65
67
|
end
|
|
66
68
|
|
|
67
69
|
-- Configuration
|
|
68
70
|
local max_requests = 100000
|
|
69
71
|
local max_requests_per_ip = 10000
|
|
70
72
|
|
|
71
|
-
local
|
|
73
|
+
local client_ip = ARGV[1]
|
|
72
74
|
local ip_to_decimal = ARGV[2]
|
|
73
75
|
local unix_time_milliseconds = ARGV[3]
|
|
74
76
|
local unix_time = ARGV[3] / 1000
|
|
77
|
+
local proxy_ip = ARGV[4]
|
|
78
|
+
local user_agent = ARGV[5]
|
|
79
|
+
local request_path = ARGV[6]
|
|
80
|
+
local host = ARGV[7]
|
|
75
81
|
|
|
76
82
|
-- Initialize local variables
|
|
77
|
-
local request_id = get_request_id(nil,
|
|
83
|
+
local request_id = get_request_id(nil, client_ip, max_requests)
|
|
78
84
|
local current_timebucket = get_time_bucket_from_timestamp(unix_time_milliseconds)
|
|
79
85
|
|
|
80
86
|
-- GRAPH DATA COLLECTION
|
|
81
87
|
add_to_HLL_request_count(current_timebucket, request_id)
|
|
82
88
|
|
|
83
89
|
-- LEADERBOARD DATA COLLECTION
|
|
84
|
-
|
|
90
|
+
-- TODO: breaking change will to switch to client_ip: prefix
|
|
91
|
+
increment_timebucket_for(nil, current_timebucket, client_ip)
|
|
92
|
+
if proxy_ip ~= nil then
|
|
93
|
+
increment_timebucket_for(nil, current_timebucket, proxy_ip)
|
|
94
|
+
end
|
|
95
|
+
increment_timebucket_for("proxy_ip:", current_timebucket, proxy_ip)
|
|
96
|
+
increment_timebucket_for("user_agent:", current_timebucket, user_agent)
|
|
97
|
+
increment_timebucket_for("request_path:", current_timebucket, request_path)
|
|
98
|
+
increment_timebucket_for("host:", current_timebucket, host)
|
|
85
99
|
|
|
86
100
|
-- BLOCKING LOGIC
|
|
87
101
|
-- Safelist Range Check
|
data/lib/wafris/version.rb
CHANGED
data/lib/wafris.rb
CHANGED
|
@@ -32,12 +32,18 @@ module Wafris
|
|
|
32
32
|
def allow_request?(request)
|
|
33
33
|
configuration.connection_pool.with do |conn|
|
|
34
34
|
time = Time.now.to_f * 1000
|
|
35
|
+
puts "WAF LOG: Client IP #{client_ip(request)}"
|
|
36
|
+
puts "WAF LOG: Proxy IP #{proxy_ip(request)}"
|
|
35
37
|
status = conn.evalsha(
|
|
36
38
|
configuration.core_sha,
|
|
37
39
|
argv: [
|
|
38
|
-
request
|
|
40
|
+
client_ip(request),
|
|
39
41
|
IPAddr.new(request.ip).to_i,
|
|
40
|
-
time.to_i
|
|
42
|
+
time.to_i,
|
|
43
|
+
proxy_ip(request),
|
|
44
|
+
request.user_agent,
|
|
45
|
+
request.path,
|
|
46
|
+
request.host
|
|
41
47
|
]
|
|
42
48
|
)
|
|
43
49
|
|
|
@@ -48,5 +54,19 @@ module Wafris
|
|
|
48
54
|
end
|
|
49
55
|
end
|
|
50
56
|
end
|
|
57
|
+
|
|
58
|
+
private
|
|
59
|
+
|
|
60
|
+
def client_ip(request)
|
|
61
|
+
return request.ip if request.headers['x-forwarded-for'].nil?
|
|
62
|
+
|
|
63
|
+
request.headers['x-forwarded-for'].split(',').first
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def proxy_ip(request)
|
|
67
|
+
return nil if request.headers['x-forwarded-for'].nil?
|
|
68
|
+
|
|
69
|
+
request.headers['x-forwarded-for'].split(',').last
|
|
70
|
+
end
|
|
51
71
|
end
|
|
52
72
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wafris
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Micahel Buckbee
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2023-05-
|
|
12
|
+
date: 2023-05-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: connection_pool
|