def get_queryset(self):
ident = self.kwargs['ident']
timeout = int(self.request.QUERY_PARAMS.get('timeout', 0))
if not timeout:
return BHRDB().block_queue(ident, limit=200)
end = time.time() + timeout
while time.time() < end:
blocks = BHRDB().block_queue(ident, limit=200)
if blocks:
return blocks
time.sleep(1.0)
return blocks
def get_queryset(self):
ident = self.kwargs['ident']
timeout = int(self.request.query_params.get('timeout', 0))
added_since = self.request.query_params.get('added_since', '2014-09-01')
if not timeout:
return BHRDB().block_queue(ident, limit=200, added_since=added_since)
end = time.time() + timeout
while time.time() < end:
blocks = BHRDB().block_queue(ident, limit=200, added_since=added_since)
if list(blocks):
return blocks
time.sleep(1.0)
return blocks
def validate_cidr(self, value):
cidr = value
b = BHRDB().get_block(cidr)
if not b:
raise serializers.ValidationError("%s is not currently blocked" %
cidr)
return cidr
def post(self, request):
serializer = UnblockNowSerializer(data=request.DATA)
if serializer.is_valid():
d = serializer.data
BHRDB().unblock_now(d['cidr'], request.user, d['why'])
return Response({'status': 'ok'})
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def stats(request):
db = BHRDB()
stats = db.stats()
stats['sources'] = db.source_stats()
return Response(stats)
def get(self, request):
resp = []
blocks = BHRDB().expected().values_list('cidr', 'who__username',
'source', 'why', 'added',
'unblock_at')
return respond_csv(
blocks, ["cidr", "who", "source", "why", "added", "unblock_at"])
def get_context_data(self, source, *args):
all_blocks = BHRDB().expected()
blocks = all_blocks.filter(source=source).order_by("-added")[:500]
return {
'source': source,
'blocks': query_to_blocklist(blocks),
}
def validate_cidr(self, attrs, source):
cidr = attrs[source]
b = BHRDB().get_block(cidr)
if not b:
raise serializers.ValidationError("%s is not currently blocked" %
cidr)
return attrs
def get_context_data(self, *args):
all_blocks = BHRDB().expected()
manual_blocks = all_blocks.filter(Q(source="web") | Q(source="cli"))
local_blocks = filter_local_networks(all_blocks)
return {
'manual_blocks': query_to_blocklist(manual_blocks),
'local_blocks': query_to_blocklist(local_blocks),
}
def post(self, request):
context = {"request": request}
serializer = BlockRequestSerializer(data=request.data)
if serializer.is_valid():
b = BHRDB().add_block(who=request.user, **serializer.validated_data)
return Response(BlockSerializer(b, context=context).data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
context = {"request": request}
serializer = BlockRequestSerializer(data=request.data, many=True)
created = []
if serializer.is_valid():
created = BHRDB().add_block_multi(who=request.user, blocks=serializer.validated_data)
return Response(BlockSerializer(created, many=True, context=context).data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def get(self, request):
# TODO: http://www.django-rest-framework.org/api-guide/filtering/ ?
source = self.request.query_params.get('source', None)
since = self.request.query_params.get('since', None)
queryset = BHRDB().expected()
if source:
queryset = queryset.filter(source=source)
if since:
queryset = queryset.filter(added__gte=since).order_by('added')
blocks = queryset.values_list('cidr', 'who__username', 'source', 'why', 'added', 'unblock_at')
return respond_csv(blocks, ["cidr", "who", "source", "why", "added", "unblock_at"])
def get_context_data(self, *args):
all_blocks = BHRDB().expected()
manual_blocks = all_blocks.filter(Q(source="web") | Q(source="cli"))
local_blocks = filter_local_networks(all_blocks)
auto_blocks = all_blocks.filter(~Q(source="web") | Q(source="cli")).order_by("-added")[:50]
return {
'manual_blocks': query_to_blocklist(manual_blocks),
'local_blocks': query_to_blocklist(local_blocks),
'auto_blocks': query_to_blocklist(auto_blocks),
'query': 'list',
}
def set_blocked(self, request, pk=None):
if not request.user.has_perm('bhr.add_blockentry'):
raise PermissionDenied()
block = self.get_object()
serializer = SetBlockedSerializer(data=request.data)
if serializer.is_valid():
ident = serializer.validated_data['ident']
BHRDB().set_blocked(block, ident)
return Response({'status': 'ok'})
else:
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
def get(self, request):
if self.request.GET:
form = QueryBlockForm(self.request.GET)
else:
form = QueryBlockForm()
if not form.is_valid():
return render(self.request, "bhr/query.html", {"form": form})
query = form.cleaned_data['query']
blocks = BHRDB().get_history(query).prefetch_related("blockentry_set")
return render(self.request, self.result_template_name, {"query": query, "form": form, "blocks": blocks})
def post(self, request):
context = {"request": request}
serializer = BlockRequestSerializer(data=request.data, many=True)
created = []
if serializer.is_valid():
#FIXME: move this into BHRDB directly
with transaction.atomic():
for block in serializer.validated_data:
b = BHRDB().add_block(who=request.user, **block)
created.append(b)
return Response(BlockSerializer(created, many=True, context=context).data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def metrics(request):
"""Export metrics in a format that prometheus can understand"""
db = BHRDB()
stats = db.stats()
source_stats = db.source_stats()
now = int(1000 * time.time())
out = []
def add(k, v):
out.append("bhr_{} {} {}\n".format(k, v, now))
out.append('''
# HELP bhr_blocked_total total hosts blocked
# TYPE bhr_blocked_total gauge
''')
add('blocked_total{type="current"}', stats["current"])
add('blocked_total{type="expected"}', stats["expected"])
out.append('''
# HELP bhr_pending_total total hosts pending
# TYPE bhr_pending_total gauge
''')
add('pending_total{type="block"}', stats["block_pending"])
add('pending_total{type="unblock"}', stats["unblock_pending"])
out.append('''
# HELP bhr_blocked_total_by_source total hosts blocked by each source
# TYPE bhr_blocked_total_by_source gauge
''')
for source, count in source_stats.items():
add('blocked_total_by_source{source="%s"}' % source, count)
resp = "".join(out)
return HttpResponse(resp, content_type="text/plain")
def form_valid(self, form):
block_request = form.cleaned_data
block_request['cidr'] = str(block_request['cidr'])
BHRDB().add_block(who=self.request.user, source='web', **block_request)
return redirect(reverse("query") + "?query=" + block_request["cidr"])
def post(self, request, ident):
ids = request.data['ids']
BHRDB().set_blocked_multi(ident, ids)
return Response({'status': 'ok'})
def setUp(self):
self.db = BHRDB()
self.user = User.objects.create_user('admin', '*****@*****.**', 'admin')
def bhlistpub(request):
resp = []
blocks = BHRDB().expected().values_list('cidr', 'added', 'unblock_at')
return respond_csv(blocks, ["cidr", "added", "unblock_at"])
def stats(request):
stats = BHRDB().stats()
return Response(stats)
def post(self, request):
ids = request.DATA['ids']
BHRDB().set_unblocked_multi(ids)
return Response({'status': 'ok'})
def get_context_data(self, *args):
blocks = BHRDB().expected().values('id', 'cidr', 'who__username',
'source', 'why', 'added',
'unblock_at')
return {'blocks': blocks}
def get_context_data(self, *args):
db = BHRDB()
return {
'stats': db.stats(),
'source_stats': db.source_stats(),
}
def get_queryset(self):
ident = self.kwargs['ident']
return BHRDB().unblock_queue(ident)[:200]
