Class: Reader

Inherits:

EventMachine::FileTail

• Object
• EventMachine::FileTail
• Reader

Defined in:

lib/block/reader.rb

Instance Method Summary

• #firewall(ip) ⇒ Object
• #initialize(path, startpos = -1)) ⇒ Reader constructor

  A new instance of Reader.

• #log_search(line, pattern) ⇒ Object
• #receive_data(data) ⇒ Object

Constructor Details

#initialize(path, startpos = -1)) ⇒ Reader

Returns a new instance of Reader.

# File 'lib/block/reader.rb', line 5

def initialize(path, startpos=-1)
  super(path, startpos)
  @buffer = BufferedTokenizer.new
end

Instance Method Details

#firewall(ip) ⇒ Object

# File 'lib/block/reader.rb', line 32

def firewall(ip)
 if ($redis.sismember "ips", "#{ip}")
   puts "Already firewalled"
 else
   unless ($options[:disable] == true)
     puts "Firewalling: #{ip}"
     system "/sbin/iptables -I INPUT -s #{ip} -j DROP"
     $redis.sadd "ips", "#{ip}"
   else
     puts "Adding rules disabled for: #{ip}"
   end
 end
end

#log_search(line, pattern) ⇒ Object

# File 'lib/block/reader.rb', line 10

def log_search(line, pattern)
  if line.split(' ').grep(/#{pattern}/).length > 0
    array = line.split(" ")
    count = $redis.incr array.first.to_s
    $redis.expire array.first.to_s, $options[:expiry]
    puts "\nIP: #{array.first.to_s} on #{pattern} (#{count})"
    if (count > $options[:threshold])
      firewall(array.first.to_s)
    end
  else
    print "."
  end
end

#receive_data(data) ⇒ Object

# File 'lib/block/reader.rb', line 24

def receive_data(data)
  @buffer.extract(data).each do |line|
    $search.each do |search|
      log_search(line, "#{search}")
    end
  end
end