From 2819e0d7a422d0e89017567cedd79cf541fc5bc7 Mon Sep 17 00:00:00 2001 From: madlep Date: Mon, 17 Jun 2013 08:50:39 +1000 Subject: [PATCH] collapse fail2ban name/discriminator into one argument --- lib/rack/attack/fail2ban.rb | 12 ++++++------ spec/fail2ban_spec.rb | 16 ++++++++-------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/rack/attack/fail2ban.rb b/lib/rack/attack/fail2ban.rb index f186ca6..fb96414 100644 --- a/lib/rack/attack/fail2ban.rb +++ b/lib/rack/attack/fail2ban.rb @@ -2,7 +2,7 @@ module Rack module Attack class Fail2Ban class << self - def filter(name, discriminator, options) + def filter(discriminator, options) bantime = options[:bantime] or raise ArgumentError, "Must pass bantime option" findtime = options[:findtime] or raise ArgumentError, "Must pass findtime option" maxretry = options[:maxretry] or raise ArgumentError, "Must pass maxretry option" @@ -11,13 +11,13 @@ module Rack # Return true for blacklist true elsif yield - fail!(name, discriminator, bantime, findtime, maxretry) + fail!(discriminator, bantime, findtime, maxretry) end end private - def fail!(name, discriminator, bantime, findtime, maxretry) - count = cache.count("#{name}:#{discriminator}", findtime) + def fail!(discriminator, bantime, findtime, maxretry) + count = cache.count("fail2ban:count:#{discriminator}", findtime) if count >= maxretry ban!(discriminator, bantime) end @@ -27,11 +27,11 @@ module Rack end def ban!(discriminator, bantime) - cache.write("fail2ban:#{discriminator}", 1, bantime) + cache.write("fail2ban:ban:#{discriminator}", 1, bantime) end def banned?(discriminator) - cache.read("fail2ban:#{discriminator}") + cache.read("fail2ban:ban:#{discriminator}") end def cache diff --git a/spec/fail2ban_spec.rb b/spec/fail2ban_spec.rb index 84ae839..e19ddee 100644 --- a/spec/fail2ban_spec.rb +++ b/spec/fail2ban_spec.rb @@ -8,7 +8,7 @@ describe 'Rack::Attack.Fail2Ban' do Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new @f2b_options = {:bantime => @bantime, :findtime => @findtime, :maxretry => 2} Rack::Attack.blacklist('pentest') do |req| - Rack::Attack::Fail2Ban.filter("pentest", req.ip, @f2b_options){req.query_string =~ /OMGHAX/} + Rack::Attack::Fail2Ban.filter(req.ip, @f2b_options){req.query_string =~ /OMGHAX/} end end @@ -28,7 +28,7 @@ describe 'Rack::Attack.Fail2Ban' do end it 'increases fail count' do - key = "rack::attack:#{Time.now.to_i/@findtime}:pentest:1.2.3.4" + key = "rack::attack:#{Time.now.to_i/@findtime}:fail2ban:count:1.2.3.4" @cache.store.read(key).must_equal 1 end @@ -50,12 +50,12 @@ describe 'Rack::Attack.Fail2Ban' do end it 'increases fail count' do - key = "rack::attack:#{Time.now.to_i/@findtime}:pentest:1.2.3.4" + key = "rack::attack:#{Time.now.to_i/@findtime}:fail2ban:count:1.2.3.4" @cache.store.read(key).must_equal 2 end it 'is banned' do - key = "rack::attack:fail2ban:1.2.3.4" + key = "rack::attack:fail2ban:ban:1.2.3.4" @cache.store.read(key).must_equal 1 end @@ -87,12 +87,12 @@ describe 'Rack::Attack.Fail2Ban' do end it 'does not increase fail count' do - key = "rack::attack:#{Time.now.to_i/@findtime}:pentest:1.2.3.4" + key = "rack::attack:#{Time.now.to_i/@findtime}:fail2ban:count:1.2.3.4" @cache.store.read(key).must_equal 2 end it 'is still banned' do - key = "rack::attack:fail2ban:1.2.3.4" + key = "rack::attack:fail2ban:ban:1.2.3.4" @cache.store.read(key).must_equal 1 end end @@ -107,12 +107,12 @@ describe 'Rack::Attack.Fail2Ban' do end it 'does not increase fail count' do - key = "rack::attack:#{Time.now.to_i/@findtime}:pentest:1.2.3.4" + key = "rack::attack:#{Time.now.to_i/@findtime}:fail2ban:count:1.2.3.4" @cache.store.read(key).must_equal 2 end it 'is still banned' do - key = "rack::attack:fail2ban:1.2.3.4" + key = "rack::attack:fail2ban:ban:1.2.3.4" @cache.store.read(key).must_equal 1 end end