178 lines
No EOL
6.9 KiB
JavaScript
178 lines
No EOL
6.9 KiB
JavaScript
require('dotenv').config();
|
|
|
|
const { axios, moduleVersion } = require('./services/axios.js');
|
|
const { CYCLE_INTERVAL, REPORTED_IP_COOLDOWN_MS, MAX_URL_LENGTH, SUCCESS_COOLDOWN, SEFINEK_API_INTERVAL, REPORT_TO_SEFINEK_API } = require('./scripts/config.js');
|
|
const PAYLOAD = require('./services/payload.js');
|
|
const generateComment = require('./scripts/generateComment.js');
|
|
const SefinekAPI = require('./services/sefinekAPI.js');
|
|
const isImageRequest = require('./scripts/isImageRequest.js');
|
|
const headers = require('./scripts/headers.js');
|
|
const { logToCSV, readReportedIPs, wasImageRequestLogged } = require('./services/csv.js');
|
|
const formatDelay = require('./scripts/formatDelay.js');
|
|
const clientIp = require('./services/clientIp.js');
|
|
const whitelist = require('./whitelist.js');
|
|
const log = require('./scripts/log.js');
|
|
|
|
const fetchBlockedIPs = async () => {
|
|
try {
|
|
const { data, status } = await axios.post('https://api.cloudflare.com/client/v4/graphql', PAYLOAD(), { headers: headers.CLOUDFLARE });
|
|
const events = data?.data?.viewer?.zones[0]?.firewallEventsAdaptive;
|
|
if (events) {
|
|
log('log', `Fetched ${events.length} events from Cloudflare`);
|
|
return events;
|
|
} else {
|
|
throw new Error(`Failed to retrieve data from Cloudflare (status ${status}); ${JSON.stringify(data?.errors)}`);
|
|
}
|
|
} catch (err) {
|
|
log('error', err.response?.data ? `${err.response.status} HTTP ERROR Cloudflare API: ${JSON.stringify(err.response.data, null, 2)}` : `Unknown error with Cloudflare API: ${err.message}`);
|
|
return null;
|
|
}
|
|
};
|
|
|
|
const isIPReportedRecently = (rayId, ip, reportedIPs) => {
|
|
const lastReport = reportedIPs.find(entry =>
|
|
(entry.rayId === rayId || entry.ip === ip) &&
|
|
(entry.status === 'TOO_MANY_REQUESTS' || entry.status === 'REPORTED')
|
|
);
|
|
|
|
if (lastReport && (Date.now() - lastReport.timestamp) < REPORTED_IP_COOLDOWN_MS) {
|
|
return { recentlyReported: true, timeDifference: Date.now() - lastReport.timestamp, reason: lastReport.status === 'TOO_MANY_REQUESTS' ? 'RATE-LIMITED' : 'REPORTED' };
|
|
}
|
|
|
|
return { recentlyReported: false };
|
|
};
|
|
|
|
const reportIP = async (event, uri, country, hostname, endpoint, cycleErrorCounts) => {
|
|
if (!uri) {
|
|
logToCSV(event.rayName, event.clientIP, country, hostname, endpoint, event.userAgent, event.action, 'MISSING_URI');
|
|
log('warn', `Missing URL ${event.clientIP}; URI: ${uri}`);
|
|
return false;
|
|
}
|
|
|
|
if (event.clientIP === clientIp.address) {
|
|
logToCSV(event.rayName, event.clientIP, country, hostname, endpoint, event.userAgent, event.action, 'YOUR_IP_ADDRESS');
|
|
log('log', `Your IP address (${event.clientIP}) was unexpectedly received from Cloudflare. URI: ${uri}`);
|
|
return false;
|
|
}
|
|
|
|
if (uri.length > MAX_URL_LENGTH) {
|
|
logToCSV(event.rayName, event.clientIP, country, hostname, endpoint, event.userAgent, event.action, 'URI_TOO_LONG');
|
|
// log('log', `URI too long ${event.clientIP}; Received: ${uri}`);
|
|
return false;
|
|
}
|
|
|
|
try {
|
|
await axios.post('https://api.abuseipdb.com/api/v2/report', {
|
|
ip: event.clientIP,
|
|
categories: '19',
|
|
comment: generateComment(event),
|
|
}, { headers: headers.ABUSEIPDB });
|
|
|
|
logToCSV(event.rayName, event.clientIP, country, hostname, endpoint, event.userAgent, event.action, 'REPORTED');
|
|
log('log', `Reported ${event.clientIP}; URI: ${uri}`);
|
|
|
|
return true;
|
|
} catch (err) {
|
|
if (err.response?.status === 429) {
|
|
logToCSV(event.rayName, event.clientIP, country, hostname, endpoint, event.userAgent, event.action, 'TOO_MANY_REQUESTS');
|
|
log('log', `429 for ${event.clientIP} (${event.rayName}); Endpoint: ${endpoint}`);
|
|
cycleErrorCounts.blocked++;
|
|
} else {
|
|
log('error', `Error ${err.response?.status} while reporting ${event.clientIP}; URI: ${uri}; (${err.response?.data})`);
|
|
cycleErrorCounts.otherErrors++;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
};
|
|
|
|
(async () => {
|
|
log('log', 'Loading data, please wait...');
|
|
await clientIp.fetchIPAddress();
|
|
|
|
// Sefinek API
|
|
if (REPORT_TO_SEFINEK_API && SEFINEK_API_INTERVAL && process.env.SEFINEK_API_SECRET) {
|
|
setInterval(SefinekAPI, SEFINEK_API_INTERVAL);
|
|
}
|
|
|
|
// Ready
|
|
if (process.env.NODE_ENV === 'production') {
|
|
try {
|
|
process.send('ready');
|
|
} catch (err) {
|
|
log('log', `Failed to send ready signal to parent process. ${err.message}`);
|
|
}
|
|
}
|
|
|
|
// AbuseIPDB
|
|
let cycleId = 1;
|
|
while (true) {
|
|
log('log', `================ New Reporting Cycle v${moduleVersion}; ID: ${cycleId} ================`);
|
|
|
|
const blockedIPEvents = await fetchBlockedIPs();
|
|
if (!blockedIPEvents) {
|
|
log('warn', 'No events fetched, skipping cycle...');
|
|
continue;
|
|
}
|
|
|
|
const userIp = clientIp.getAddress();
|
|
if (!userIp) log('warn', `Your IP address is missing! Received: ${userIp}`);
|
|
|
|
let cycleImageSkippedCount = 0, cycleProcessedCount = 0, cycleReportedCount = 0, cycleSkippedCount = 0;
|
|
const cycleErrorCounts = { blocked: 0, otherErrors: 0 };
|
|
let imageRequestLogged = false;
|
|
|
|
for (const event of blockedIPEvents) {
|
|
cycleProcessedCount++;
|
|
const ip = event.clientIP;
|
|
if (ip === userIp) {
|
|
log('log', `The IP address ${ip} belongs to this machine. Ignoring...`);
|
|
cycleSkippedCount++;
|
|
continue;
|
|
}
|
|
|
|
if (whitelist.includes(event.clientRequestPath)) return log('log', `Skipping ${event.clientRequestPath}...`);
|
|
|
|
const reportedIPs = readReportedIPs();
|
|
const { recentlyReported, timeDifference, reason } = isIPReportedRecently(event.rayName, ip, reportedIPs);
|
|
if (recentlyReported) {
|
|
const hoursAgo = Math.floor(timeDifference / (1000 * 60 * 60));
|
|
const minutesAgo = Math.floor((timeDifference % (1000 * 60 * 60)) / (1000 * 60));
|
|
const secondsAgo = Math.floor((timeDifference % (1000 * 60)) / 1000);
|
|
|
|
if (process.env.NODE_ENV === 'development') log('log', `${ip} was ${reason} ${hoursAgo}h ${minutesAgo}m ${secondsAgo}s ago. Skipping...`);
|
|
cycleSkippedCount++;
|
|
continue;
|
|
}
|
|
|
|
if (isImageRequest(event.clientRequestPath)) {
|
|
cycleImageSkippedCount++;
|
|
if (!wasImageRequestLogged(ip, reportedIPs)) {
|
|
if (imageRequestLogged) continue;
|
|
log('log', 'Skipping image requests in this cycle...');
|
|
imageRequestLogged = true;
|
|
}
|
|
|
|
continue;
|
|
}
|
|
|
|
const wasReported = await reportIP(event, `${event.clientRequestHTTPHost}${event.clientRequestPath}`, event.clientCountryName, event.clientRequestHTTPHost, event.clientRequestPath, cycleErrorCounts);
|
|
if (wasReported) {
|
|
cycleReportedCount++;
|
|
await new Promise(resolve => setTimeout(resolve, SUCCESS_COOLDOWN));
|
|
}
|
|
}
|
|
|
|
log('log', `- Reported IPs: ${cycleReportedCount}`);
|
|
log('log', `- Total IPs processed: ${cycleProcessedCount}`);
|
|
log('log', `- Skipped IPs: ${cycleSkippedCount}`);
|
|
log('log', `- Skipped due to Image Requests: ${cycleImageSkippedCount}`);
|
|
log('log', `- 429 Too Many Requests: ${cycleErrorCounts.blocked}`);
|
|
log('log', `- Other errors: ${cycleErrorCounts.otherErrors}`);
|
|
log('log', '===================== End of Reporting Cycle =====================');
|
|
|
|
log('log', `Waiting ${formatDelay(CYCLE_INTERVAL)}...`);
|
|
cycleId++;
|
|
await new Promise(resolve => setTimeout(resolve, CYCLE_INTERVAL));
|
|
}
|
|
})(); |