func storeRequest(r *http.Request) { ip := connections.FindIp(r) resource := r.URL.Path key := lastSerialized.String() + DELIMETER + ip + DELIMETER + resource mutex.Lock() // increment count of times this ip/resource pair has been seen userResourceCounts[key] = userResourceCounts[key] + 1 mutex.Unlock() runtime.Gosched() // if we hit the serialization time .. if time.Now().After(lastSerialized.Add(serializationDuration)) { glog.Infof("Purging now - comparing %s + ms (%s) <--> %s", lastSerialized.String(), serializationDuration.String(), lastSerialized.Add(serializationDuration).String(), time.Now()) serializedTimestampString := lastSerialized.String() // update last serialized for next batch lastSerialized = time.Now() flushToRedis(serializedTimestampString) } }
func AddAttack(category string, label string, r *http.Request) { // grab ip from request and use for username and ip address ip := connections.FindIp(r) attack := &Attack{ User: User{ Username: ip, IpAddress: IpAddress{ Address: ip, }, }, DetectionPoint: DetectionPoint{ Category: category, Label: label, }, Timestamp: time.Now().Format(time.RFC3339), DetectionSystem: DetectionSystem{ DetectionSystemId: RestHeaderValue, IpAddress: IpAddress{ Address: ClientIp, }, }, } json, err := json.Marshal(attack) if err != nil { fmt.Println(err) return } request := gorequest.New() // resp, body, errs := request.Post(RestUrl+"/attacks"). Set(RestHeaderName, RestHeaderValue). Send(string(json)). End() }
func Block(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ip := connections.FindIp(r) resource := r.URL.Path shouldBlock := false for _, element := range blocks.StoredBlocks.Flatten() { var block blocks.Block if err := json.Unmarshal([]byte(element.(string)), &block); err != nil { panic(err) } if block.Applies(ip, resource, time.Now()) { shouldBlock = true glog.Info("Found a matching block - denying request: ", block) break } } if shouldBlock { // deny access w.WriteHeader(http.StatusForbidden) w.Write([]byte("Access Denied")) } else { next.ServeHTTP(w, r) } }) }