From ae3e1d90f9c35d63d086690557ccf1751dd53a34 Mon Sep 17 00:00:00 2001 From: Max Harley Date: Mon, 14 Mar 2022 14:15:14 -0700 Subject: [PATCH] Add geoip data to info log --- satellite/handlers/root.go | 25 +++++++++++++++++++++++ satellite/path/client_identifier.go | 2 +- satellite/path/conditionals.go | 2 +- satellite/path/conditionals_test.go | 31 +++++++++++++++++++++++++++++ satellite/path/paths.go | 10 +++++++--- 5 files changed, 65 insertions(+), 5 deletions(-) diff --git a/satellite/handlers/root.go b/satellite/handlers/root.go index 5bb2589..0d2aca1 100644 --- a/satellite/handlers/root.go +++ b/satellite/handlers/root.go @@ -4,9 +4,12 @@ import ( "crypto/md5" "encoding/hex" "io" + "net" + "strings" log "github.com/sirupsen/logrus" "github.com/t94j0/satellite/net/http" + "github.com/t94j0/satellite/satellite/geoip" "github.com/t94j0/satellite/satellite/path" "github.com/t94j0/satellite/satellite/util" ) @@ -76,8 +79,29 @@ func getJA3(req *http.Request) string { return string(out) } +func parseRemoteAddr(ipPort string) net.IP { + targetIP := strings.Split(ipPort, ":")[0] + return net.ParseIP(targetIP) +} + +func getCountryCode(remoteAddr string, gip *geoip.DB) (string, error) { + targetHost := parseRemoteAddr(remoteAddr) + if gip.HasDB() { + cc, err := gip.CountryCode(targetHost) + if err != nil { + return "", err + } + return cc, nil + } + return "", nil +} + func (h RootHandler) log(req *http.Request, respCode int) { ja3 := getJA3(req) + cc, err := getCountryCode(req.RemoteAddr, &h.paths.GeoipDB) + if err != nil { + log.Error(err) + } log.WithFields(log.Fields{ "method": req.Method, "host": req.Host, @@ -86,5 +110,6 @@ func (h RootHandler) log(req *http.Request, respCode int) { "ja3": ja3, "response": respCode, "user_agent": req.UserAgent(), + "geo_ip": cc, }).Info("request") } diff --git a/satellite/path/client_identifier.go b/satellite/path/client_identifier.go index 1952a28..169be7b 100644 --- a/satellite/path/client_identifier.go +++ b/satellite/path/client_identifier.go @@ -38,7 +38,7 @@ func (c *ClientID) Match(ip net.IP, targetList []string) bool { return false } - lastSubset := list[len(list)-len(targetList) : len(list)] + lastSubset := list[len(list)-len(targetList) : ] for i := range lastSubset { if lastSubset[i] != targetList[i] { diff --git a/satellite/path/conditionals.go b/satellite/path/conditionals.go index 7914aac..868d648 100644 --- a/satellite/path/conditionals.go +++ b/satellite/path/conditionals.go @@ -446,7 +446,7 @@ func (c *RequestConditions) geoipMatch(req *http.Request, gip geoip.DB) bool { if err != nil { log.WithFields(log.Fields{ "error": err, - }).Debug("Error getting country code") + }).Error("Error getting country code") return false } diff --git a/satellite/path/conditionals_test.go b/satellite/path/conditionals_test.go index 821183f..8d9304f 100644 --- a/satellite/path/conditionals_test.go +++ b/satellite/path/conditionals_test.go @@ -1198,3 +1198,34 @@ func TestRequestConditions_ShouldHost_geoip_blacklist(t *testing.T) { t.Error(err) } } + +func TestRequestConditions_ShouldHost_geoip_blacklist_accept(t *testing.T) { + // Create HTTP Request + mockRequest := &http.Request{RemoteAddr: "5.250.176.20:54321"} + + state, file, err := TemporaryDB() + if err != nil { + t.Error(err) + } + + gip, err := createGeoIP() + if err != nil { + t.Error(err) + } + + data := `geoip: + blacklist_countries: + - US` + + conditions, err := NewRequestConditions([]byte(data)) + if err != nil { + t.Error(err) + } + if !conditions.ShouldHost(mockRequest, state, gip) { + t.Fail() + } + + if err := RemoveDB(file); err != nil { + t.Error(err) + } +} diff --git a/satellite/path/paths.go b/satellite/path/paths.go index 917e32e..e7efe1a 100644 --- a/satellite/path/paths.go +++ b/satellite/path/paths.go @@ -20,7 +20,7 @@ type Paths struct { globalConditionsPath string state *State - geoipDB geoip.DB + GeoipDB geoip.DB list []*Path } @@ -66,7 +66,7 @@ func (paths *Paths) AddGeoIP(path string) error { if err != nil { return err } - paths.geoipDB = db + paths.GeoipDB = db return nil } @@ -120,6 +120,10 @@ func (paths *Paths) collectConditionalsDirectory(targetPath string) (RequestCond condsResult := make([]RequestConditions, 0) collectWalkFunc := func(oPath string, info os.FileInfo, err error) error { + if err != nil { + return err + } + if info.IsDir() { return nil } @@ -233,7 +237,7 @@ func (paths *Paths) MatchAndServe(w http.ResponseWriter, req *http.Request) (boo paths.applyGlobalConditionals(matchedPath) - shouldHost := matchedPath.ShouldHost(req, paths.state, paths.geoipDB) + shouldHost := matchedPath.ShouldHost(req, paths.state, paths.GeoipDB) if shouldHost { if err := matchedPath.ServeHTTP(w, req, paths.base); err != nil { return false, err