This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.
MIT No Attribution
512
stars
235
forks
source link
waf-block-bad-behaving doens't remove IP from Auto Block Set #4
Hello, I did install waf-block-bad-behaving, but it occured that blocked IP were never removed from Auto Block Set. After checking parser.py, I couldn't find in the code where they were removed from this set, and I did fix this issue by replacing:
if total_diff_min > (BLACKLIST_BLOCK_PERIOD):
print "[merge_current_blocked_requesters] \t\tExpired BLOCK %s rule"%k
outstanding_requesters['block'][k] = v
With :
if total_diff_min > (BLACKLIST_BLOCK_PERIOD):
print "[merge_current_blocked_requesters] \t\tExpired BLOCK %s rule"%k
else:
print "[merge_current_blocked_requesters] \t\tKeeping data of BLOCK %s rule"%k
outstanding_requesters['block'][k] = v
Hello, I did install waf-block-bad-behaving, but it occured that blocked IP were never removed from Auto Block Set. After checking parser.py, I couldn't find in the code where they were removed from this set, and I did fix this issue by replacing:
if total_diff_min > (BLACKLIST_BLOCK_PERIOD): print "[merge_current_blocked_requesters] \t\tExpired BLOCK %s rule"%k outstanding_requesters['block'][k] = v
With :
if total_diff_min > (BLACKLIST_BLOCK_PERIOD): print "[merge_current_blocked_requesters] \t\tExpired BLOCK %s rule"%k else: print "[merge_current_blocked_requesters] \t\tKeeping data of BLOCK %s rule"%k outstanding_requesters['block'][k] = v
Regards