Cool project!

We are running multiple machines behind a load balancer. Ideally infractions would be counted across the cluster, rather than per machine.

At first sight I don't see any storage. Is a thing like this possible?

The problem

In many cases, it's perfectly acceptable to increase infractions monotonically. However, it may be desirable to clear a bad actor's infraction record on certain events before they're jailed. For example, I would like to be able to reset a requestor's infractions on a successful login, since there may be overriding reasons why infractions were made despite the client having the correct password.

This is also, for example, how Windows domain login works to determine account lockout.

Recommended Solution

A new function should be exposed on the Studio called ClearInfraction which allows clearing all infractions for a specific actor/rule combo.

Hello Jared,

very nice library, thanks for your effort!

I would like to use Action.WhenJailed to report violations via email. For this I would need the name of the blocked actor. Is there a way to read this from *Actor? It would be very convenient.

Thank you very much and best regards!

Is there any possibility to reset infraction (maybe when log succeded?)

I was just wondering if you might have interest in writing a Caddy plugin layer for this lib? Apparently you know @mholt! 😄

We've had some users ask for guides/instructions/help with integrating Caddy with fail2ban, but our log formats don't necessarily lend well to "legacy" tools that typically read apache/nginx style logs.

Since this seems to work as a ServeHTTP middleware, it should be pretty easy to integrate into Caddy as a request handler! I'm sure many users could find this useful 😁

I think the crash occurs when reaping for the first time.

Stack trace:

goroutine 8 [running]:
github.com/jaredfolkins/badactor.(*Director).maintenance(0xc4200fcab0, 0xc42017a720, 0xc)
        /Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/director.go:181 +0x72
github.com/jaredfolkins/badactor.(*Director).lMaintenance(0xc4200fcab0)
        /Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/director.go:38 +0xad
github.com/jaredfolkins/badactor.(*Studio).StartReaper.func1(0xc42001c380, 0xc4200e0e70)
        /Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/studio.go:118 +0x132
created by github.com/jaredfolkins/badactor.(*Studio).StartReaper
        /Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/studio.go:127 +0x57

Configuration:

	st := badactor.NewStudio(256)

	ru := &badactor.Rule{
		Name:        "RequestLimit",
		Message:     "Too many requests",
		StrikeLimit: rpts,
		ExpireBase:  time.Second * 10,
		Sentence:    time.Minute * 5,
	}

	st.AddRule(ru)

	err := st.CreateDirectors(256)
	if err != nil {
		fmt.Print(err)
	}

	st.StartReaper(time.Minute * time.Duration(60))

I'm seeing the following crash after my application is running for some time.

>panic: runtime error: invalid memory address or nil pointer dereference
>[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x8c3fc2]
>
>goroutine 9 [running]:
[PATH]/vendor/github.com/jaredfolkins/badactor.(*Director).maintenance(0xc420283710, 0xc436b3f2b0, 0xc)
       [PATH]/vendor/github.com/jaredfolkins/badactor/director.go:181 +0x72
[PATH]/vendor/github.com/jaredfolkins/badactor.(*Director).lMaintenance(0xc420283710)
        [PATH]/vendor/github.com/jaredfolkins/badactor/director.go:38 +0xad
[PATH]/vendor/github.com/jaredfolkins/badactor.(*Studio).StartReaper.func1(0xc4201f26c0, 0xc4202448a0)
        [PATH]/vendor/github.com/jaredfolkins/badactor/studio.go:118 +0x132
created by [PATH]/vendor/github.com/jaredfolkins/badactor.(*Studio).StartReaper
        [PATH]/vendor/github.com/jaredfolkins/badactor/studio.go:127 +0x57

While several fields in the Rule struct are fairly self-explanatory, they're not explicitly documented. In particular, I'm confused as to the difference between ExpireBase and Sentence. In most of the tests, they seem to be set to the same value.