def block(self): block_pending = self.model.get_block_pending() if not block_pending: return c = self.get_connection() current = set(c.nullroute_list()) to_block = {} for b in block_pending: if IP(b.ip) in current: logger.warning("already blocked %s" % b.ip) else: logger.info("blocking %s (%s)" % (b.ip, b.who)) to_block[IP(b.ip)] = b notify_block(b) if to_block: for batch in util.window(to_block.keys(), 250): c.nullroute_add_many(batch) current = set(c.nullroute_list()) for b in block_pending: if IP(b.ip) in current: b.set_blocked() else: logger.error("error blocking %s" % b.ip)
def unblock(self): unblock_pending = self.model.get_unblock_pending() if not unblock_pending: return c = self.get_connection() current = set(c.nullroute_list()) to_unblock = {} for b in unblock_pending: if IP(b.ip) not in current: logger.warning("already unblocked %s" % b.ip) else: logger.info("unblocking %s (%s)" % (b.ip, b.who)) to_unblock[IP(b.ip)] = b if to_unblock: for batch in util.window(to_unblock.keys(), 250): c.nullroute_remove_many(batch) current = set(c.nullroute_list()) for b in unblock_pending: if IP(b.ip) not in current: b.set_unblocked() else: logger.error("error unblocking %s" % b.ip) out = c.write_mem() out = ' '.join(out) logger.info("write mem: %s" % out)
def block(self): """call get_records() and block each record returned. If must_exist_in_source is True, unblock any addresses that were previously blocked, but are no longer in the source""" all = self.get_records() logger.debug("Got %d ips" % len(all)) all_ips = set(self.get_ip_from_record(r) for r in all) if self.must_exist_in_source: for b in self.model.get_all_that_should_be_blocked(): if b.who == self.blocker and b.ip not in all_ips: self.model.unblock_ip(b.ip, forced=False) logger.info("DB-unblocking %s" % b.ip) for r in all: msg = self.serialize_record(r) ip = self.get_ip_from_record(r) duration = self.get_duration_from_record(r) flag_traffic = self.get_flag_from_record(r) if not self.model.ok_to_block(ip): logger.debug("Not DB-blocking %s" % ip) continue block_record = self.model.get_blocked_ip(ip) if self.reblockable or not block_record: if block_record: logger.debug("DB-re-blocking %s" % ip) else: logger.info("DB-blocking %s" % ip) self.model.block_ip(ip=ip, who=self.blocker, comment=msg, duration=duration,flag_traffic=flag_traffic) if self.model.get_block_pending() or self.model.get_unblock_pending(): util.wakeup_backend() self.model.disconnect()
def block(self): """call get_records() and block each record returned. If must_exist_in_source is True, unblock any addresses that were previously blocked, but are no longer in the source""" all = self.get_records() logger.debug("Got %d ips" % len(all)) all_ips = set(self.get_ip_from_record(r) for r in all) if self.must_exist_in_source: for b in self.model.get_all_that_should_be_blocked(): if b.who == self.blocker and b.ip not in all_ips: self.model.unblock_ip(b.ip, forced=False) logger.info("DB-unblocking %s" % b.ip) for r in all: msg = self.serialize_record(r) ip = self.get_ip_from_record(r) duration = self.get_duration_from_record(r) flag_traffic = self.get_flag_from_record(r) if not self.model.ok_to_block(ip): logger.debug("Not DB-blocking %s" % ip) continue block_record = self.model.get_blocked_ip(ip) if self.reblockable or not block_record: if block_record: logger.debug("DB-re-blocking %s" % ip) else: logger.info("DB-blocking %s" % ip) self.model.block_ip(ip=ip, who=self.blocker, comment=msg, duration=duration, flag_traffic=flag_traffic) if self.model.get_block_pending() or self.model.get_unblock_pending(): util.wakeup_backend() self.model.disconnect()