Merge pull request #17 from softonic/bugfix/fix-limitation-10-per-exe…

…cution Bugfix/fix limitation 10 per execution
softonic · Feb 1, 2022 · dafad59 · dafad59
2 parents 976d1b5 + 6e27da3
commit dafad59
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 32 deletions.
diff --git a/app/actor/armor_actor.go b/app/actor/armor_actor.go
@@ -124,6 +124,48 @@ func getIPsAlreadyBlockedFromRules(g *GCPArmorActor, securityPolicy string) ([]s
 
 }
 
+func buildQueryObjectArmor(blockStringArray []string, project string, policy string, action string, description string, priority int32, preview bool) *computepb.AddRuleSecurityPolicyRequest {
+
+	versioned := computepb.SecurityPolicyRuleMatcher_SRC_IPS_V1.Enum()
+
+	match := &computepb.SecurityPolicyRuleMatcher{
+		Config: &computepb.SecurityPolicyRuleMatcherConfig{
+			SrcIpRanges: blockStringArray,
+		},
+		VersionedExpr: versioned,
+	}
+
+	req := &computepb.AddRuleSecurityPolicyRequest{
+
+		Project:        project,
+		SecurityPolicy: policy,
+		SecurityPolicyRuleResource: &computepb.SecurityPolicyRule{
+			Action:      &(action),
+			Description: &description,
+			Priority:    &priority,
+			Preview:     &(preview),
+			Match:       match,
+		},
+	}
+
+	return req
+
+}
+
+func executeQueryArmor(client compute.SecurityPoliciesClient, req *computepb.AddRuleSecurityPolicyRequest, ctx context.Context) error {
+
+	resp, err := client.AddRule(ctx, req)
+	if err != nil {
+		klog.Error("\nError: ", err)
+		return err
+	}
+
+	_ = resp
+
+	return nil
+
+}
+
 func (g *GCPArmorActor) BlockIPs(sourceIPs []app.IPCount) error {
 
 	client := g.client
@@ -163,8 +205,6 @@ func (g *GCPArmorActor) BlockIPs(sourceIPs []app.IPCount) error {
 		candidateWithCird = append(candidateWithCird, k+"/32")
 	}
 
-	versioned := computepb.SecurityPolicyRuleMatcher_SRC_IPS_V1.Enum()
-
 	now := time.Now()
 	secs := now.Unix()
 
@@ -176,37 +216,29 @@ func (g *GCPArmorActor) BlockIPs(sourceIPs []app.IPCount) error {
 
 	if len(candidateIPstoBlock) > 0 {
 
-		match := &computepb.SecurityPolicyRuleMatcher{
-			Config: &computepb.SecurityPolicyRuleMatcherConfig{
-				SrcIpRanges: candidateWithCird,
-			},
-			VersionedExpr: versioned,
-		}
+		if len(candidateWithCird) > 10 {
 
-		req := &computepb.AddRuleSecurityPolicyRequest{
-
-			Project:        project,
-			SecurityPolicy: g.policy,
-			SecurityPolicyRuleResource: &computepb.SecurityPolicyRule{
-				Action:      &(action),
-				Description: &description,
-				Priority:    &priority,
-				Preview:     &(preview),
-				Match:       match,
-			},
-		}
+			var j int
+			for i := 0; i < len(candidateWithCird); i += 10 {
+				j += 10
+				if j > len(candidateWithCird) {
+					j = len(candidateWithCird)
+				}
+				// do what do you want to with the sub-slice
+				fmt.Println(candidateWithCird[i:j])
+				req := buildQueryObjectArmor(candidateWithCird[i:j], project, g.policy, action, description, priority, preview)
+				err := executeQueryArmor(*client, req, ctx)
+				if err != nil {
+					klog.Error("\nError: ", err)
+					return err
+				} else {
+					klog.Infof("Adding rule with prio: %d", priority)
+					klog.Infof("Blocked IPs: %v", candidateWithCird)
+				}
+			}
 
-		resp, err := client.AddRule(ctx, req)
-		if err != nil {
-			klog.Error("\nError: ", err)
-			return err
-		} else {
-			klog.Infof("Adding rule with prio: %d", priority)
-			klog.Infof("Blocked IPs: %v", candidateWithCird)
 		}
 
-		_ = resp
-
 		return nil
 
 	}

diff --git a/app/source/elastic_source.go b/app/source/elastic_source.go
@@ -215,6 +215,9 @@ func (s *ElasticSource) GetIPCount(interval int) []app.IPCount {
 	//loop over all queries
 
 	for _, query := range config.Queries {
+
+		var listIPs []app.IPCount
+
 		todayIndexName := getElasticIndex(query.ElasticIndex)
 		read := getQuery(query.QueryFile)
 
@@ -229,9 +232,15 @@ func (s *ElasticSource) GetIPCount(interval int) []app.IPCount {
 			ipCounter[ips]++
 		}
 
+		klog.Infof("This is the ipcounter: %d", ipCounter)
+
 		maxCounter := interval * threshold
 
-		listIPs := orderAndTrimIPs(ipCounter, maxCounter)
+		klog.Infof("This is the counter: %d", maxCounter)
+
+		listIPs = orderAndTrimIPs(ipCounter, maxCounter)
+
+		klog.Infof("These are the listIPs after orderAndTrim: %v", listIPs)
 
 		listIPCandidates = append(listIPCandidates, listIPs...)
 

diff --git a/charts/ip-blocker/Chart.yaml b/charts/ip-blocker/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: ip-blocker
 description: This chart deploys a daemon in k8s for blocking IPs from unwanted bots
 type: application
-version: 0.4.4
-appVersion: 0.4.4
+version: 0.4.5
+appVersion: 0.4.5