Sha256: 933163edc5b0a9e060a4025315d25554652e90a36c4f8828fd377287af83a1c7
Contents?: true
Size: 1.18 KB
Versions: 45
Compression:
Stored size: 1.18 KB
Contents
# Copyright (c) 2015 Sqreen. All Rights Reserved.
# Please refer to our terms for more information: https://www.sqreen.io/terms.html
require 'ipaddr'
require 'sqreen/rule_callback'
module Sqreen
module Rules
# Looks for a blacklisted ip and block
class BlacklistIPsCB < RuleCB
def initialize(klass, method, rule_hash)
super(klass, method, rule_hash)
@ips = Hash[@data['values'].map { |v| [v, IPAddr.new(v)] }]
raise ArgumentError.new("no ips given") if @ips.empty?
end
def pre(_inst, *_args, &_block)
return unless framework
ip = framework.client_ip
return unless ip
found = find_blacklisted_ip(ip)
return unless found
Sqreen.log.debug { "Found blacklisted IP #{ip} - found: #{found}" }
record_observation('blacklisted', found, 1)
advise_action(:raise)
end
protected
# Is this a blacklisted ip?
# return the ip blacklisted range that match ip
def find_blacklisted_ip(rip)
ret = (@ips || {}).find do |_, ip|
ip.include?(rip)
end
return nil unless ret
ret.first
rescue
nil
end
end
end
end
Version data entries
45 entries across 45 versions & 2 rubygems