Module: Intrusion

Defined in:
lib/intrusion.rb

Overview

Intrusion main module

Instance Method Summary collapse

Instance Method Details

#ids_counter(address) ⇒ Object

return block counter of address



12
13
14
15
 
# File 'lib/intrusion.rb', line 12

def ids_counter(address)
  ids_load.each { |d| return d[:counter] if d[:ip] == address }
  0
end

#ids_is_blocked?(address) ⇒ Boolean

check if ip is blocked

Returns:

  • (Boolean) 


4
5
6
7
8
9
 
# File 'lib/intrusion.rb', line 4

def ids_is_blocked?(address)
  ids_load.each do |d|
    return true if d[:ip] == address && d[:counter] > 9
  end
  false
end

#ids_loadObject

convert yaml string helper



47
48
49
50
51
52
53
 
# File 'lib/intrusion.rb', line 47

def ids_load
  data = ids.blank? ? [] : YAML.safe_load(ids, [Symbol])
  raise 'invalid data in ids field' unless data.is_a?(Array)
  data
rescue RuntimeError
  []
end

#ids_report!(address, block = false) ⇒ Object

report suspicious activity



18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'lib/intrusion.rb', line 18

def ids_report!(address, block = false)
  dt = ids_load
  found = nil
  dt.each { |d| found = d if d[:ip] == address }
  if found
    block ? found[:counter] = 10 : found[:counter] += 1
  else
    dt << { ip: address, counter: block ? 10 : 1 }
  end

  # update record
  update_attributes(ids: dt.to_yaml)
end

#ids_unblock!(address) ⇒ Object

reset counter and stay



33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/intrusion.rb', line 33

def ids_unblock!(address)
  dt = ids_load
  found = false
  dt.each { |d| found = d if d[:ip] == address }

  if found
    dt.delete(found)
    # update
    return update_attributes(ids: dt.to_yaml)
  end
  false
end