class Backend
Public Class Methods
activity(connection, actor)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 47 def self.activity(connection, actor) connection.lrange("#{actor}:requests", 0, -1) end
blacklist_total(connection)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 2 def self.blacklist_total(connection) connection.smembers("repsheet:blacklist:history").size end
blacklisted?(connection, ip)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 10 def self.blacklisted?(connection, ip) connection.exists("#{ip}:repsheet:blacklist") end
breakdown(connection)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 36 def self.breakdown(connection) data = Hash.new(0) offenders = connection.keys("*:repsheet").map {|o| o.split(":").first} offenders.each do |offender| connection.zrange("#{offender}:detected", 0, -1).each do |rule| data[rule] += connection.zscore("#{offender}:detected", rule).to_i end end data.take(10) end
ofdp_score(connection, ip)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 14 def self.ofdp_score(connection, ip) connection.get("#{ip}:score") end
summary(connection)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 18 def self.summary(connection) if connection.exists("offenders") suspects, blacklisted = optimized(connection) else suspects, blacklisted = standard(connection) end [suspects.sort_by{|k,v| -v[:total]}.take(10), blacklisted] end
suspects(connection)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 28 def self.suspects(connection) if connection.exists("offenders") suspects = optimized(connection) else suspects = standard(connection) end end
whitelisted?(connection, ip)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 6 def self.whitelisted?(connection, ip) connection.exists("#{ip}:repsheet:whitelist") end
worldview(connection, database)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 51 def self.worldview(connection, database) data = {} offenders = connection.keys("*:repsheet:blacklist").map {|o| o.split(":").first} offenders.each do |address| details = database.country(address) next if details.nil? data[address] = [details.latitude, details.longitude] end data end
Private Class Methods
blacklist(connection, optimized=false)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 100 def self.blacklist(connection, optimized=false) blacklisted = {} connection.keys("*:*:blacklist").map {|d| d.split(":").first}.reject {|ip| ip.empty?}.each do |actor| next unless connection.get("#{actor}:repsheet:blacklist") == "true" detected = triggered_rules(connection, actor) blacklisted[actor] = Hash.new 0 blacklisted[actor][:detected] = detected.join(", ") blacklisted[actor][:total] = score_actor(connection, actor, detected, optimized) blacklisted[actor][:requests] = connection.llen("#{actor}:requests") end blacklisted end
optimized(connection)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 68 def self.optimized(connection) suspects = {} connection.zrevrangebyscore("offenders", "+inf", "0").each do |actor| next if connection.get("#{actor}:repsheet:blacklist") == "true" suspects[actor] = Hash.new 0 suspects[actor][:detected] = triggered_rules(connection, actor).join(", ") suspects[actor][:total] = score_actor(connection, actor, nil, true) suspects[actor][:requests] = connection.llen("#{actor}:requests") end [suspects, blacklist(connection)] end
score_actor(connection, actor, detected, optimized=false)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 119 def self.score_actor(connection, actor, detected, optimized=false) return connection.zscore("offenders", "#{actor}").to_i if optimized detected.reduce(0) do |memo, rule| memo += connection.zscore("#{actor}:detected", rule).to_i end end
standard(connection)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 82 def self.standard(connection) suspects = {} connection.keys("*:requests").map {|d| d.split(":").first}.reject {|ip| ip.empty?}.each do |actor| detected = triggered_rules(connection, actor) blacklist = connection.get("#{actor}:repsheet:blacklist") if !detected.empty? && blacklist != "true" suspects[actor] = Hash.new 0 suspects[actor][:detected] = detected.join(", ") suspects[actor][:total] = score_actor(connection, actor, detected) suspects[actor][:requests] = connection.llen("#{actor}:requests") end end [suspects, blacklist(connection)] end
triggered_rules(connection, actor)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 64 def self.triggered_rules(connection, actor) connection.zrange("#{actor}:detected", 0, -1) end
whitelist(connection)
click to toggle source
# File lib/repsheet_visualizer/application/backend.rb, line 115 def self.whitelist(connection) connection.keys("*:*:whitelist").map {|record| record.split(":").first}.reject {|ip| ip.empty?} end