Class: Wafris::Middleware
- Inherits:
-
Object
- Object
- Wafris::Middleware
- Defined in:
- lib/wafris/middleware.rb
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app) ⇒ Middleware
constructor
A new instance of Middleware.
Constructor Details
#initialize(app) ⇒ Middleware
Returns a new instance of Middleware.
5 6 7 |
# File 'lib/wafris/middleware.rb', line 5 def initialize(app) @app = app end |
Instance Method Details
#call(env) ⇒ Object
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/wafris/middleware.rb', line 9 def call(env) user_defined_proxies = ENV['TRUSTED_PROXY_RANGES'].split(',') if ENV['TRUSTED_PROXY_RANGES'] valid_ipv4_octet = /\.(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])/ trusted_proxies = Regexp.union( /\A127#{valid_ipv4_octet}{3}\z/, # localhost IPv4 range 127.x.x.x, per RFC-3330 /\A::1\z/, # localhost IPv6 ::1 /\Af[cd][0-9a-f]{2}(?::[0-9a-f]{0,4}){0,7}\z/i, # private IPv6 range fc00 .. fdff /\A10#{valid_ipv4_octet}{3}\z/, # private IPv4 range 10.x.x.x /\A172\.(1[6-9]|2[0-9]|3[01])#{valid_ipv4_octet}{2}\z/, # private IPv4 range 172.16.0.0 .. 172.31.255.255 /\A192\.168#{valid_ipv4_octet}{2}\z/, # private IPv4 range 192.168.x.x /\Alocalhost\z|\Aunix(\z|:)/i, # localhost hostname, and unix domain sockets *user_defined_proxies ) Rack::Request.ip_filter = lambda { |ip| trusted_proxies.match?(ip) } request = Rack::Request.new(env) if Wafris.allow_request?(request) @app.call(env) else LogSuppressor.puts_log( "[Wafris] Blocked: #{request.ip} #{request.request_method} #{request.host} #{request.url}}" ) [403, {}, ['Blocked']] end rescue Redis::TimeoutError LogSuppressor.puts_log( "[Wafris] Wafris timed out during processing. Request passed without rules check." ) @app.call(env) rescue StandardError => e LogSuppressor.puts_log( "[Wafris] Redis connection error: #{e.}. Request passed without rules check." ) @app.call(env) end |