jaredfolkins / badactor Goto Github PK
View Code? Open in Web Editor NEWBadActor.org An in-memory application driven jailer written in Go
Home Page: https://badactor.org
License: MIT License
BadActor.org An in-memory application driven jailer written in Go
Home Page: https://badactor.org
License: MIT License
Cool project!
We are running multiple machines behind a load balancer. Ideally infractions would be counted across the cluster, rather than per machine.
At first sight I don't see any storage. Is a thing like this possible?
In many cases, it's perfectly acceptable to increase infractions monotonically. However, it may be desirable to clear a bad actor's infraction record on certain events before they're jailed. For example, I would like to be able to reset a requestor's infractions on a successful login, since there may be overriding reasons why infractions were made despite the client having the correct password.
This is also, for example, how Windows domain login works to determine account lockout.
A new function should be exposed on the Studio
called ClearInfraction
which allows clearing all infractions for a specific actor/rule combo.
Hello Jared,
very nice library, thanks for your effort!
I would like to use Action.WhenJailed to report violations via email. For this I would need the name of the blocked actor. Is there a way to read this from *Actor? It would be very convenient.
Thank you very much and best regards!
Is there any possibility to reset infraction (maybe when log succeded?)
I was just wondering if you might have interest in writing a Caddy plugin layer for this lib? Apparently you know @mholt! ๐
We've had some users ask for guides/instructions/help with integrating Caddy with fail2ban, but our log formats don't necessarily lend well to "legacy" tools that typically read apache/nginx style logs.
Since this seems to work as a ServeHTTP
middleware, it should be pretty easy to integrate into Caddy as a request handler! I'm sure many users could find this useful ๐
I think the crash occurs when reaping for the first time.
Stack trace:
goroutine 8 [running]:
github.com/jaredfolkins/badactor.(*Director).maintenance(0xc4200fcab0, 0xc42017a720, 0xc)
/Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/director.go:181 +0x72
github.com/jaredfolkins/badactor.(*Director).lMaintenance(0xc4200fcab0)
/Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/director.go:38 +0xad
github.com/jaredfolkins/badactor.(*Studio).StartReaper.func1(0xc42001c380, 0xc4200e0e70)
/Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/studio.go:118 +0x132
created by github.com/jaredfolkins/badactor.(*Studio).StartReaper
/Users/chris/dev/go-workspace/src/github.com/jaredfolkins/badactor/studio.go:127 +0x57
Configuration:
st := badactor.NewStudio(256)
ru := &badactor.Rule{
Name: "RequestLimit",
Message: "Too many requests",
StrikeLimit: rpts,
ExpireBase: time.Second * 10,
Sentence: time.Minute * 5,
}
st.AddRule(ru)
err := st.CreateDirectors(256)
if err != nil {
fmt.Print(err)
}
st.StartReaper(time.Minute * time.Duration(60))
I'm seeing the following crash after my application is running for some time.
>panic: runtime error: invalid memory address or nil pointer dereference
>[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x8c3fc2]
>
>goroutine 9 [running]:
[PATH]/vendor/github.com/jaredfolkins/badactor.(*Director).maintenance(0xc420283710, 0xc436b3f2b0, 0xc)
[PATH]/vendor/github.com/jaredfolkins/badactor/director.go:181 +0x72
[PATH]/vendor/github.com/jaredfolkins/badactor.(*Director).lMaintenance(0xc420283710)
[PATH]/vendor/github.com/jaredfolkins/badactor/director.go:38 +0xad
[PATH]/vendor/github.com/jaredfolkins/badactor.(*Studio).StartReaper.func1(0xc4201f26c0, 0xc4202448a0)
[PATH]/vendor/github.com/jaredfolkins/badactor/studio.go:118 +0x132
created by [PATH]/vendor/github.com/jaredfolkins/badactor.(*Studio).StartReaper
[PATH]/vendor/github.com/jaredfolkins/badactor/studio.go:127 +0x57
While several fields in the Rule
struct are fairly self-explanatory, they're not explicitly documented. In particular, I'm confused as to the difference between ExpireBase
and Sentence
. In most of the tests, they seem to be set to the same value.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.