Class: Fluent::DosBlockAclOutput
- Inherits:
-
TimeSlicedOutput
- Object
- TimeSlicedOutput
- Fluent::DosBlockAclOutput
- Defined in:
- lib/fluent/plugin/out_dos_block_acl.rb
Instance Method Summary collapse
- #configure(conf) ⇒ Object
- #format(tag, time, record) ⇒ Object
-
#initialize ⇒ DosBlockAclOutput
constructor
A new instance of DosBlockAclOutput.
- #shutdown ⇒ Object
- #start ⇒ Object
- #write(chunk) ⇒ Object
Constructor Details
#initialize ⇒ DosBlockAclOutput
Returns a new instance of DosBlockAclOutput.
16 17 18 19 20 |
# File 'lib/fluent/plugin/out_dos_block_acl.rb', line 16 def initialize super require 'aws-sdk-v1' require 'pathname' end |
Instance Method Details
#configure(conf) ⇒ Object
22 23 24 25 26 27 28 29 30 |
# File 'lib/fluent/plugin/out_dos_block_acl.rb', line 22 def configure(conf) super @white_list = @white_list.split(',') unless eval(@deny_rule_numbers_range).class == Range raise Fluent::ConfigError, "out_dos_block_acl: @deny_rule_numbers_range is not Range!" end @deny_rule_numbers_range = eval(@deny_rule_numbers_range).to_a @acl_entry_limit = @deny_rule_numbers_range.size end |
#format(tag, time, record) ⇒ Object
60 61 62 |
# File 'lib/fluent/plugin/out_dos_block_acl.rb', line 60 def format(tag, time, record) [tag, time, record].to_msgpack end |
#shutdown ⇒ Object
53 54 55 56 57 58 |
# File 'lib/fluent/plugin/out_dos_block_acl.rb', line 53 def shutdown super unless @state_file.nil? save_status(@state_file) end end |
#start ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/fluent/plugin/out_dos_block_acl.rb', line 32 def start super AWS.config(access_key_id: @aws_key_id, secret_access_key: @aws_sec_key, region: @region) @ec2 = AWS::EC2::Client.new acls = @ec2.describe_network_acls(network_acl_ids: [@network_acl_id]) @allow_any_rule_number = acls[:network_acl_set].first[:entry_set].select {|r| !r[:egress] && r[:cidr_block] == "0.0.0.0/0" && r[:rule_action] == "allow" }.first[:rule_number] state = @state_file ? load_status(@state_file) : nil if state.nil? @rule_numbers = get_deny_rule_numbers @next_rule_index = get_next_rule_index else @rule_numbers = state[:rule_numbers] @next_rule_index = state[:next_rule_index] end $log.info("out_dos_block_acl: use deny rule numbers => #{@rule_numbers}") end |
#write(chunk) ⇒ Object
64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/fluent/plugin/out_dos_block_acl.rb', line 64 def write(chunk) begin ip_addresses = [] chunk.msgpack_each do |(tag,time,record)| ip_addresses << record[@ip_address_key] end counts = group_count(ip_addresses) dos_hash = counts.select {|k, v| v >= @dos_threshold } regist_deny_acl(dos_hash.keys) rescue => e $log.error("\n#{e.}\n#{e.backtrace.join("\n")}") end end |