log denied IP addresses

author S.Çağlar Onur <caglar@cs.princeton.edu>

Wed, 10 Nov 2010 16:33:46 +0000 (11:33 -0500)

committer S.Çağlar Onur <caglar@cs.princeton.edu>

Wed, 10 Nov 2010 16:33:46 +0000 (11:33 -0500)
author S.Çağlar Onur <caglar@cs.princeton.edu>
Wed, 10 Nov 2010 16:33:46 +0000 (11:33 -0500)
committer S.Çağlar Onur <caglar@cs.princeton.edu>
Wed, 10 Nov 2010 16:33:46 +0000 (11:33 -0500)
diff --git a/PLCAPI.spec b/PLCAPI.spec

index df59eff..de70344 100644 (file)
--- a/PLCAPI.spec
+++ b/PLCAPI.spec
@@ -124,6 +124,10 @@ install -D -m 755 omf/omf_slicemgr.py $RPM_BUILD_ROOT/usr/bin/omf_slicemgr.py
  install -D -m 755 omf/reset_xmpp_pubsub_nodes.py $RPM_BUILD_ROOT/usr/bin/reset_xmpp_pubsub_nodes.py
  mkdir -p $RPM_BUILD_ROOT/var/log/omf
  
+# Install ratelimit log
+touch $RPM_BUILD_ROOT/var/log/api_ratelimit.log
+chown apache:apache $RPM_BUILD_ROOT/var/log/api_ratelimit.log
+
  %clean
  rm -rf $RPM_BUILD_ROOT
  
diff --git a/aspects/ratelimitaspects.py b/aspects/ratelimitaspects.py

index 04d8a96..fe123fa 100644 (file)
--- a/aspects/ratelimitaspects.py
+++ b/aspects/ratelimitaspects.py
@@ -10,6 +10,7 @@ class BaseRateLimit(object):
      def __init__(self):
          self.config = Config("/etc/planetlab/plc_config")
  
+        # FIXME: change with Config values
          self.prefix = "ratelimit"
          self.minutes = 5 # The time period
          self.requests = 50 # Number of allowed requests in that time period
@@ -28,11 +29,11 @@ class BaseRateLimit(object):
          if api_method_source == None or api_method_source[0] == self.config.PLC_API_IP:
              return
  
-        mc = memcache.Client(['%s:11211' % self.config.PLC_API_HOST])
+        mc = memcache.Client(["%s:11211" % self.config.PLC_API_HOST])
          now = datetime.now()
-        current_key = '%s_%s_%s' % (self.prefix, api_method_source[0], now.strftime('%Y%m%d%H%M'))
+        current_key = "%s_%s_%s" % (self.prefix, api_method_source[0], now.strftime("%Y%m%d%H%M"))
  
-        keys_to_check = ['%s_%s_%s' % (self.prefix, api_method_source[0], (now - timedelta(minutes = minute)).strftime('%Y%m%d%H%M')) for minute in range(self.minutes + 1)]
+        keys_to_check = ["%s_%s_%s" % (self.prefix, api_method_source[0], (now - timedelta(minutes = minute)).strftime("%Y%m%d%H%M")) for minute in range(self.minutes + 1)]
  
          try:
              mc.incr(current_key)
@@ -45,6 +46,10 @@ class BaseRateLimit(object):
              total_requests += result[i]
  
          if total_requests > self.requests:
+            log = open("/var/log/api_ratelimit.log", "a")
+            date = datetime.now().strftime("%d/%m/%y %H:%M")
+            log.write("%s - %s\n" % (date, api_method_source[0]))
+            log.flush()
              raise PLCPermissionDenied, "Maximum allowed number of API calls exceeded"
  
      def after(self, wobj, data, *args, **kwargs):
author	S.Çağlar Onur <caglar@cs.princeton.edu>
	Wed, 10 Nov 2010 16:33:46 +0000 (11:33 -0500)
committer	S.Çağlar Onur <caglar@cs.princeton.edu>
	Wed, 10 Nov 2010 16:33:46 +0000 (11:33 -0500)
PLCAPI.spec		patch \| blob \| history
aspects/ratelimitaspects.py		patch \| blob \| history