This is the BHR site / API endpoint.
It does not make any policy decisions except for the block duration auto scaling.
It basically acts as a message queue between bhr clients adding blocks, and bhr clients implementing blocks.
Blocks flow through the system like so:
- A BHR Client calls
block(cidr='192.168.254.254', source='readme', why='because!', duration=300)
- This entry is now in the system but not marked as blocked.
- A BHR Client calls
get_block_queue()
which will return a list containing that record - That BHR Client will then add a firewall rule, bgp entry, whatever
- That BHR Client calls
set_blocked
and marks it as blocked
300 seconds pass
- A BHR client calls
get_unblock_queue
which returns a list containing that record - That BHR client will remove the firewall rule, bgp entry, whatever
- That BHR client calls
set_unblocked
and marks it as unblocked
Bhr clients have an 'ident' associated with them, and blocks/unblocks are tracked per ident. This enables a single BHR system to be used to apply blocks across multiple backend systems.
Create bhr_site/settings_local.py
with something like:
LOCAL_SETTINGS = True # do not touch
from settings import * # do not touch
DEBUG = False
ALLOWED_HOSTS = ['bhr.example.com', 'bhr']
STATIC_ROOT="/home/bhr/static"
ADMINS = (("You", "root@localhost"), )
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'bhr',
}
}
BHR = {
'time_multiplier': 2.0,
'time_window_factor': 2.0,
'minimum_time_window': 43200.0,
'penalty_time_multiplier': 2.0,
'return_to_base_multiplier': 2.0,
'return_to_base_factor': 2.0,
}
And configure apache similar to examples/apache.conf
- bhr-client - BHR python client
- bhr-client-exabgp - ExaBGP block manager
- bhr-bro - Basic Bro integration for BHR