summaryrefslogtreecommitdiff
path: root/app/models/intruder.rb
blob: 9a1c39abd172aae7b7da34d77e77b15c87b06d30 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
class Intruder < ActiveRecord::Base
  attr_accessible :list_type, :key, :points, :bans, :ban_last, :ban_end, :contact_ip, :contact_port, :contact_count, :contact_last, :contacts_per_second, :contacts_per_second_max, :user_agent, :to_user, :comment

  LIST_TYPES = ['blacklist', 'whitelist']

  validates :list_type,
            :presence => true,
            :inclusion => { :in => LIST_TYPES }

  validates :key,
            :presence => true,
            :uniqueness => true

  validates :contact_ip,
            :presence => true,
            :uniqueness => true

  before_validation :set_key_if_empty

  after_create :check_if_new_entry_relevant
  after_update :check_if_update_relevant
  after_destroy :check_if_delete_relevant

  def to_s
    key
  end

  def whois(ip_address = self.contact_ip)
    if ! ip_address.blank?
      begin
        return Whois.whois(ip_address).to_s.gsub(/[^\u{0000}-\u{007F}]/, '')
      rescue
        return nil
      end
    end
  end

  def to_hash
    return {
      :key => self.key, 
      :points => self.points, 
      :bans => self.bans, 
      :received_port => self.contact_port, 
      :received_ip => self.contact_ip,
      :contact_count => self.contact_count, 
      :user_agent => self.user_agent, 
      :to_user => self.to_user, 
      :comment => self.comment,
      :date => DateTime.now.strftime('%Y-%m-%d %X')
    }
  end

  private
  def set_key_if_empty
    if self.key.blank?
      self.key = self.contact_ip
    end
  end

  def expand_variables(line, variables)
    return line.gsub(/\{([a-z_]+)\}/) do |m| 
      variables[$1.to_sym]
    end
  end

  def write_firewall_list
    firewall_blacklist_file = GsParameter.get('blacklist_file', 'perimeter', 'general')
    blacklist_entry_template = GsParameter.get('blacklist_file_entry', 'perimeter', 'general')
    whitelist_entry_template = GsParameter.get('whitelist_file_entry', 'perimeter', 'general')
    comment_template = GsParameter.get('blacklist_file_comment', 'perimeter', 'general')
    File.open(firewall_blacklist_file, 'w') do |file|
      Intruder.where(:list_type => ['whitelist', 'blacklist']).order('list_type DESC, contact_last ASC').all.each do |entry|
        if !whitelist_entry_template.blank? && entry.list_type == 'whitelist'
          if ! comment_template.blank?
            file.write(expand_variables(comment_template, entry.to_hash) + "\n")
          end
          file.write(expand_variables(whitelist_entry_template, entry.to_hash) + "\n")
        elsif !blacklist_entry_template.blank? && entry.list_type == 'blacklist' && entry.bans.to_i > 0
          if ! comment_template.blank?
            file.write(expand_variables(comment_template, entry.to_hash) + "\n")
          end
          file.write(expand_variables(blacklist_entry_template, entry.to_hash) + "\n")
        end
      end
    end
  end

  def restart_firewall
    command = GsParameter.get('ban_command', 'perimeter', 'general')
    if !command.blank?
      system expand_variables(command, self.to_hash)
    end
  end

  def check_if_update_relevant
    if key_changed? || contact_ip_changed? || list_type_changed? || bans_changed? || points_changed?
      if !GsParameter.get("#{self.list_type}_file_entry", 'perimeter', 'general').blank?
        write_firewall_list
        restart_firewall
      end
    end
  end

  def check_if_new_entry_relevant
    if !GsParameter.get("#{self.list_type}_file_entry", 'perimeter', 'general').blank?
      if self.list_type != 'blacklist' || self.bans.to_i > 0
        write_firewall_list
        restart_firewall
      end
    end
  end

  def check_if_delete_relevant
    if !GsParameter.get("#{self.list_type}_file_entry", 'perimeter', 'general').blank?
      if self.list_type != 'blacklist' || self.bans.to_i > 0
        write_firewall_list
        restart_firewall
      end
    end
  end 
end