def block(self):
block_pending = self.model.get_block_pending()
if not block_pending:
return
c = self.get_connection()
current = set(c.nullroute_list())
to_block = {}
for b in block_pending:
if IP(b.ip) in current:
logger.warning("already blocked %s" % b.ip)
else:
logger.info("blocking %s (%s)" % (b.ip, b.who))
to_block[IP(b.ip)] = b
notify_block(b)
if to_block:
for batch in util.window(to_block.keys(), 250):
c.nullroute_add_many(batch)
current = set(c.nullroute_list())
for b in block_pending:
if IP(b.ip) in current:
b.set_blocked()
else:
logger.error("error blocking %s" % b.ip)
def unblock(self):
unblock_pending = self.model.get_unblock_pending()
if not unblock_pending:
return
c = self.get_connection()
current = set(c.nullroute_list())
to_unblock = {}
for b in unblock_pending:
if IP(b.ip) not in current:
logger.warning("already unblocked %s" % b.ip)
else:
logger.info("unblocking %s (%s)" % (b.ip, b.who))
to_unblock[IP(b.ip)] = b
if to_unblock:
for batch in util.window(to_unblock.keys(), 250):
c.nullroute_remove_many(batch)
current = set(c.nullroute_list())
for b in unblock_pending:
if IP(b.ip) not in current:
b.set_unblocked()
else:
logger.error("error unblocking %s" % b.ip)
out = c.write_mem()
out = ' '.join(out)
logger.info("write mem: %s" % out)
def block(self):
block_pending = self.model.get_block_pending()
if not block_pending:
return
c = self.get_connection()
current = set(c.nullroute_list())
to_block = {}
for b in block_pending:
if IP(b.ip) in current:
logger.warning("already blocked %s" % b.ip)
else:
logger.info("blocking %s (%s)" % (b.ip, b.who))
to_block[IP(b.ip)] = b
notify_block(b)
if to_block:
for batch in util.window(to_block.keys(), 250):
c.nullroute_add_many(batch)
current = set(c.nullroute_list())
for b in block_pending:
if IP(b.ip) in current:
b.set_blocked()
else:
logger.error("error blocking %s" % b.ip)
def unblock(self):
unblock_pending = self.model.get_unblock_pending()
if not unblock_pending:
return
c = self.get_connection()
current = set(c.nullroute_list())
to_unblock = {}
for b in unblock_pending:
if IP(b.ip) not in current:
logger.warning("already unblocked %s" % b.ip)
else:
logger.info("unblocking %s (%s)" % (b.ip, b.who))
to_unblock[IP(b.ip)] = b
if to_unblock:
for batch in util.window(to_unblock.keys(), 250):
c.nullroute_remove_many(batch)
current = set(c.nullroute_list())
for b in unblock_pending:
if IP(b.ip) not in current:
b.set_unblocked()
else:
logger.error("error unblocking %s" % b.ip)
out = c.write_mem()
out = ' '.join(out)
logger.info("write mem: %s" % out)
def block(self):
"""call get_records() and block each record returned. If must_exist_in_source
is True, unblock any addresses that were previously blocked, but are no longer
in the source"""
all = self.get_records()
logger.debug("Got %d ips" % len(all))
all_ips = set(self.get_ip_from_record(r) for r in all)
if self.must_exist_in_source:
for b in self.model.get_all_that_should_be_blocked():
if b.who == self.blocker and b.ip not in all_ips:
self.model.unblock_ip(b.ip, forced=False)
logger.info("DB-unblocking %s" % b.ip)
for r in all:
msg = self.serialize_record(r)
ip = self.get_ip_from_record(r)
duration = self.get_duration_from_record(r)
flag_traffic = self.get_flag_from_record(r)
if not self.model.ok_to_block(ip):
logger.debug("Not DB-blocking %s" % ip)
continue
block_record = self.model.get_blocked_ip(ip)
if self.reblockable or not block_record:
if block_record:
logger.debug("DB-re-blocking %s" % ip)
else:
logger.info("DB-blocking %s" % ip)
self.model.block_ip(ip=ip, who=self.blocker, comment=msg, duration=duration,flag_traffic=flag_traffic)
if self.model.get_block_pending() or self.model.get_unblock_pending():
util.wakeup_backend()
self.model.disconnect()
def block(self):
"""call get_records() and block each record returned. If must_exist_in_source
is True, unblock any addresses that were previously blocked, but are no longer
in the source"""
all = self.get_records()
logger.debug("Got %d ips" % len(all))
all_ips = set(self.get_ip_from_record(r) for r in all)
if self.must_exist_in_source:
for b in self.model.get_all_that_should_be_blocked():
if b.who == self.blocker and b.ip not in all_ips:
self.model.unblock_ip(b.ip, forced=False)
logger.info("DB-unblocking %s" % b.ip)
for r in all:
msg = self.serialize_record(r)
ip = self.get_ip_from_record(r)
duration = self.get_duration_from_record(r)
flag_traffic = self.get_flag_from_record(r)
if not self.model.ok_to_block(ip):
logger.debug("Not DB-blocking %s" % ip)
continue
block_record = self.model.get_blocked_ip(ip)
if self.reblockable or not block_record:
if block_record:
logger.debug("DB-re-blocking %s" % ip)
else:
logger.info("DB-blocking %s" % ip)
self.model.block_ip(ip=ip,
who=self.blocker,
comment=msg,
duration=duration,
flag_traffic=flag_traffic)
if self.model.get_block_pending() or self.model.get_unblock_pending():
util.wakeup_backend()
self.model.disconnect()
