Add a rack middleware to forbid access to unsafe IP addresses

master
Guillaume DOTT 2013-01-02 15:49:27 +01:00
parent 8dcb7f76c0
commit 475b749cf6
4 changed files with 27 additions and 5 deletions

View File

@ -1,7 +1,8 @@
require 'net/dns' require 'net/dns'
require "project_honeypot/url" require "project_honeypot/url"
require "project_honeypot/base" require "project_honeypot/base"
require "project_honeypot/rack" require "project_honeypot/rack/header"
require "project_honeypot/rack/forbidden"
module ProjectHoneypot module ProjectHoneypot
class << self class << self

View File

@ -0,0 +1,21 @@
module ProjectHoneypot::Rack
class Forbidden
def initialize(app, options={})
@app = app
raise ArgumentError, 'Must specify an API key' unless options[:api_key]
ProjectHoneypot.api_key = options[:api_key]
end
def call(env)
request = ::Rack::Request.new(env)
url = ProjectHoneypot.lookup(request.ip)
if url.safe?
@app.call(request.env)
else
[403, {"Content-Type" => "text/html"}, ["Forbidden"]]
end
end
end
end

View File

@ -1,5 +1,5 @@
module ProjectHoneypot module ProjectHoneypot::Rack
class Rack class Header
def initialize(app, options={}) def initialize(app, options={})
@app = app @app = app