module T1000
Constants
- VERSION
Public Instance Methods
allow_ips(*ips, name: nil, &block)
click to toggle source
# File lib/t-1000.rb, line 61 def allow_ips(*ips, name: nil, &block) block ||= proc { true } whitelist(humanize __method__, name, *ips) do |req| ips.include?(req.ip) && block.call(req) end end
allow_localhost()
click to toggle source
# File lib/t-1000.rb, line 50 def allow_localhost allow_ips '::1', '127.0.0.1' end
allow_user_agents(*user_agents, name: nil, &block)
click to toggle source
# File lib/t-1000.rb, line 97 def allow_user_agents(*user_agents, name: nil, &block) block ||= proc { true } whitelist(humanize __method__, name, *user_agents) do user_agents.match_any?(req.user_agent) && block.call(req) end end
blacklisted_response(&block)
click to toggle source
# File lib/t-1000.rb, line 111 def blacklisted_response(&block) Middleware.blacklisted_response = block end
block_denial_of_service(name: nil, within: 30, requests: 1_000, lock_for: 6000, &block)
click to toggle source
# File lib/t-1000.rb, line 79 def block_denial_of_service(name: nil, within: 30, requests: 1_000, lock_for: 6000, &block) block ||= proc { true } blacklist(humanize __method__, name) do |req| reqs = TransactionList.for_ip(req.ip, timeout: within) ip_lock = Lock.new(req.ip) ip_lock.lock! lock_for if reqs.within(within).count > requests && block.call(req) ip_lock.locked? end end
block_failures(name: nil, within: 30, retries: 10, lock_for: 6000, &block)
click to toggle source
# File lib/t-1000.rb, line 68 def block_failures(name: nil, within: 30, retries: 10, lock_for: 6000, &block) block ||= proc { true } blacklist(humanize __method__, name) do |req| reqs = TransactionList.for_ip(req.ip, timeout: within) ip_lock = Lock.new(req.ip) ip_lock.lock! lock_for if reqs.within(within).with_error.count > retries && block.call(req) ip_lock.locked? end end
block_ips(*ips, name: nil, &block)
click to toggle source
# File lib/t-1000.rb, line 54 def block_ips(*ips, name: nil, &block) block ||= proc { true } blacklist(humanize __method__, name, *ips) do |req| ips.include?(req.ip) && block.call(req) end end
block_strings(*strings, name: nil, &block)
click to toggle source
# File lib/t-1000.rb, line 90 def block_strings(*strings, name: nil, &block) block ||= proc { true } blacklist(humanize __method__, name, *strings) do |req| strings.match_any?(req.params.map(&:join).join) && block.call(req) end end
block_user_agents(*user_agents, name: nil, &block)
click to toggle source
# File lib/t-1000.rb, line 104 def block_user_agents(*user_agents, name: nil, &block) block ||= proc { true } blacklist(humanize __method__, name, *user_agents) do user_agents.match_any?(req.user_agent) && block.call(req) end end
cache()
click to toggle source
# File lib/t-1000.rb, line 119 def cache @cache ||= Cache.new end
logger()
click to toggle source
# File lib/t-1000.rb, line 127 def logger @logger ||= defined?(Rails) ? Rails.logger : Logger.new(STDOUT) end
logger=(logger)
click to toggle source
# File lib/t-1000.rb, line 123 def logger=(logger) @logger = logger end
notify(name, type)
click to toggle source
# File lib/t-1000.rb, line 131 def notify(name, type) logger.warn case type when :whitelist "T1000 Allowed Request: #{name.inspect}".green when :blacklist "T1000 Terminated Request: #{name.inspect}".red end end
throttled_response(&block)
click to toggle source
# File lib/t-1000.rb, line 115 def throttled_response(&block) Middleware.throttled_response = block end
Private Instance Methods
humanize(meth, name = nil, *vectors)
click to toggle source
# File lib/t-1000.rb, line 147 def humanize(meth, name = nil, *vectors) "#{meth.to_s.split('_').join(' ').capitalize}#{ " (#{name})" if name }#{ ": #{vectors.stringify}" if vectors.length > 0 }" end