JoshS/Cloudflare-WAF-To-AbuseIPDB
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update (not finished yet)

Browse source
This commit is contained in:
Sefinek 2024-09-05 19:13:02 +02:00
parent f37cacbfd1
commit e08922a19e
2 changed files with 41 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
scripts/csv.js
View file

@ -17,15 +17,13 @@ const checkCSVSize = () => {
}; };
const escapeCSVValue = value => { const escapeCSVValue = value => {
if (typeof value === 'string' && value.includes(',')) { if (typeof value === 'string' && value.includes(',')) return `"${value.replace(/"/g, '""')}"`;
return `"${value.replace(/"/g, '""')}"`; return value || '';
}
return value;
}; };
const logToCSV = (rayId, ip, hostname, endpoint, useragent, action, country, sefinekAPI) => { const logToCSV = (rayId, ip, hostname, endpoint, useragent, action, country, sefinekAPI) => {
checkCSVSize(); checkCSVSize();
const logLine = `${new Date().toISOString()},${rayId},${ip},${hostname},${escapeCSVValue(endpoint)},${escapeCSVValue(useragent || '')},${action},${country},${sefinekAPI || false}`; const logLine = `${new Date().toISOString()},${rayId},${ip},${hostname},${escapeCSVValue(endpoint)},${escapeCSVValue(useragent)},${action},${country || 'N/A'},${sefinekAPI || false}`;
fs.appendFileSync(CSV_FILE_PATH, logLine + '\n'); fs.appendFileSync(CSV_FILE_PATH, logLine + '\n');
}; };
@ -38,9 +36,22 @@ const readReportedIPs = () => {
.slice(1) .slice(1)
.filter(line => line.trim() !== '') .filter(line => line.trim() !== '')
.map(line => { .map(line => {
const [timestamp, rayId, ip, hostname, endpoint, useragent, action, country, sefinekAPI] = line.split(','); const parts = line.match(/(".*?"|[^",\s]+)(?=\s*,|\s*$)/g);
return { timestamp: new Date(timestamp), rayId, ip, hostname, endpoint, useragent, action, country, sefinekAPI }; if (!parts || parts.length < 9) return null;
});
return {
timestamp: new Date(parts[0]),
rayId: parts[1],
ip: parts[2],
hostname: parts[3],
endpoint: parts[4],
useragent: parts[5],
action: parts[6],
country: parts[7],
sefinekAPI: parts[8]
};
})
.filter(item => item !== null);
}; };
const updateSefinekAPIInCSV = (rayId, reportedToSefinekAPI) => { const updateSefinekAPIInCSV = (rayId, reportedToSefinekAPI) => {
@ -53,11 +64,10 @@ const updateSefinekAPIInCSV = (rayId, reportedToSefinekAPI) => {
const lines = content.split('\n'); const lines = content.split('\n');
const updatedLines = lines.map(line => { const updatedLines = lines.map(line => {
if (line.includes(rayId)) { const parts = line.split(/,(?=(?:[^"]*"[^"]*")*[^"]*$)/g);
const [timestamp, rayIdExisting, ip, hostname, endpoint, useragent, action, country] = line.split(','); if (parts.length >= 9 && parts[1] === rayId) {
if (rayIdExisting === rayId) { parts[8] = reportedToSefinekAPI;
return `${timestamp},${rayId},${ip},${hostname},${escapeCSVValue(endpoint)},${escapeCSVValue(useragent)},${action},${country},${reportedToSefinekAPI}`; return parts.join(',');
}
} }
return line; return line;
}); });

25
scripts/sefinekAPI.js
View file

@ -5,18 +5,32 @@ const log = require('./log.js');
const SEFINEK_API_URL = `${process.env.NODE_ENV === 'production' ? 'https://api.sefinek.net' : 'http://127.0.0.1:4010'}/api/v2/cloudflare-waf-abuseipdb/post`; const SEFINEK_API_URL = `${process.env.NODE_ENV === 'production' ? 'https://api.sefinek.net' : 'http://127.0.0.1:4010'}/api/v2/cloudflare-waf-abuseipdb/post`;
module.exports = async () => { module.exports = async () => {
const reportedIPs = readReportedIPs(); const reportedIPs = readReportedIPs().filter(ip => ip.action === 'Reported' && ip.sefinekAPI === 'false');
if (reportedIPs.length === 0) { if (reportedIPs.length === 0) {
log('info', 'No reported IPs to send to Sefinek API.'); log('info', 'No reported IPs with action "Reported" and SefinekAPI false to send to Sefinek API.');
return;
}
const uniqueLogs = reportedIPs.reduce((acc, ip) => {
if (!acc.seen.has(ip.ip)) {
acc.seen.add(ip.ip);
acc.logs.push(ip);
}
return acc;
}, { seen: new Set(), logs: [] }).logs;
if (uniqueLogs.length === 0) {
log('info', 'No unique IPs to send.');
return; return;
} }
try { try {
const res = await axios.post(SEFINEK_API_URL, { const res = await axios.post(SEFINEK_API_URL, {
reportedIPs: reportedIPs.map(ip => ({ reportedIPs: uniqueLogs.map(ip => ({
rayId: ip.rayId, rayId: ip.rayId,
ip: ip.ip, ip: ip.ip,
endpoint: ip.endpoint, endpoint: ip.endpoint,
useragent: ip.useragent.replace(/"/g, ''),
action: ip.action, action: ip.action,
country: ip.country country: ip.country
})) }))
@ -24,10 +38,7 @@ module.exports = async () => {
log('info', `Logs (${res.data.count}) sent to Sefinek API. Status: ${res.status}`); log('info', `Logs (${res.data.count}) sent to Sefinek API. Status: ${res.status}`);
reportedIPs.forEach(ip => { uniqueLogs.forEach(ip => updateSefinekAPIInCSV(ip.rayId, true));
updateSefinekAPIInCSV(ip.rayId, true);
});
} catch (err) { } catch (err) {
log('error', `Failed to send logs to Sefinek API. Error: ${err.message}`); log('error', `Failed to send logs to Sefinek API. Error: ${err.message}`);
} }