dan
/
ddosFilter
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

included all map access inside locks, add blocked ip list

This commit is contained in:
Dan Ballard 2020-09-28 10:25:05 -07:00
parent ec7ad148cf
commit 1857b4da76
1 changed files with 37 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
main.go
View File

@ -17,7 +17,13 @@ const SameCookieTimeLimitMins = 10
type Ip2LastSeen map[string]time.Time type Ip2LastSeen map[string]time.Time
var cookiesToIps sync.Map // map [ cookie string] Ip2LastSeen var cookiesToIps map[string]Ip2LastSeen // map [ cookie string] Ip2LastSeen
var cookiesLock sync.Mutex
var blocklistedIps map[string]bool
var blocklistLock sync.Mutex
var counter *Counter var counter *Counter
func main() { func main() {
@ -36,6 +42,9 @@ func main() {
} }
log.Infof("Starting ddosFilter on %v -> %v...\n", *listenPort, *proxyPort) log.Infof("Starting ddosFilter on %v -> %v...\n", *listenPort, *proxyPort)
cookiesToIps = map[string]Ip2LastSeen{}
blocklistedIps = map[string]bool{}
counter = NewCounter() counter = NewCounter()
go logger() go logger()
listen(*listenPort, *proxyPort) listen(*listenPort, *proxyPort)
@ -68,6 +77,16 @@ func filter(res http.ResponseWriter, req *http.Request, listenPort, proxyPort in
ip = realIp ip = realIp
} }
blocklistLock.Lock()
blocked, ok := blocklistedIps[ip]
blocklistLock.Unlock()
if ok && blocked {
log.Debugln("blocked ip, 404ing")
res.WriteHeader(http.StatusNotFound)
fmt.Fprint(res, "404 - suspected botnet")
return
}
//log.Debugf("%v: Request %v %v\n", ip, req.Host, req.URL) //log.Debugf("%v: Request %v %v\n", ip, req.Host, req.URL)
cookieObj, err := req.Cookie("i_like_gogits") cookieObj, err := req.Cookie("i_like_gogits")
log.Debugf("ip: %v cookie: %v\n", ip, cookieObj) log.Debugf("ip: %v cookie: %v\n", ip, cookieObj)
@ -78,41 +97,45 @@ func filter(res http.ResponseWriter, req *http.Request, listenPort, proxyPort in
cookie := cookieObj.Value cookie := cookieObj.Value
ips, ok := cookiesToIps.Load(cookie) cookiesLock.Lock()
ips, ok := cookiesToIps[cookie]
cookiesLock.Unlock()
if !ok { if !ok {
ips := Ip2LastSeen{ip: time.Now()} ips := Ip2LastSeen{ip: time.Now()}
cookiesToIps.Store(cookie, ips) cookiesLock.Lock()
cookiesToIps[cookie] = ips
cookiesLock.Unlock()
pass(res, req, listenPort, proxyPort) pass(res, req, listenPort, proxyPort)
return return
} }
ipsMap := ips.(Ip2LastSeen)
if len(ipsMap) > 1 {
log.Info("More than 1 IP for cookie: %v %v\n", cookie, ipsMap)
}
var mostRecent string = "" var mostRecent string = ""
cookiesLock.Lock()
for ip, lastSeen := range ipsMap { for ip, lastSeen := range ips {
if mostRecent == "" || lastSeen.After(ipsMap[mostRecent]) { if mostRecent == "" || lastSeen.After(ips[mostRecent]) {
mostRecent = ip mostRecent = ip
} }
} }
ips[ip] = time.Now()
ipsMap[ip] = time.Now() cookiesToIps[cookie] = ips
cookiesToIps.Store(cookie, ipsMap) cookiesLock.Unlock()
if mostRecent == "" || mostRecent == ip { if mostRecent == "" || mostRecent == ip {
pass(res, req, listenPort, proxyPort) pass(res, req, listenPort, proxyPort)
return return
} }
timeDiff := time.Now().Sub(ipsMap[mostRecent]) timeDiff := time.Now().Sub(ips[mostRecent])
if timeDiff.Minutes() > SameCookieTimeLimitMins { if timeDiff.Minutes() > SameCookieTimeLimitMins {
pass(res, req, listenPort, proxyPort) pass(res, req, listenPort, proxyPort)
return return
} }
log.Infof("different IP in the last %v minutes, 404ing\n", SameCookieTimeLimitMins) log.Infof("different IP in the last %v minutes, 404ing\n", SameCookieTimeLimitMins)
blocklistLock.Lock()
blocklistedIps[ip] = true
blocklistLock.Unlock()
res.WriteHeader(http.StatusNotFound) res.WriteHeader(http.StatusNotFound)
fmt.Fprint(res, "404 - suspected botnet") fmt.Fprint(res, "404 - suspected botnet")
} }