App::Waf - A sample Web Application Firewall, analysis the web logs for illegal attempt in real time。 summary the source IP and other tpyes infomations ,using this infomations for ban whith iptables.
通过解析web访问日志,实时统计非法访问,结合防火期等进行 主动式防御。
Version 0.08
use App::Waf; my $filename = "example.acess";#日志文件 my $numlines = 50000; #要处理的行数,从后读。 my $line=tail($filename,$$numlines); ($log,$zcount,$zip,$zrequrl,$zstatus,$siteurl)=initCount($line); print "==============Attack Summary ==================\n"; print "\nThe total attack count: $zcount \n"; print "\nThe count from source IP: \n\n"; print "$_\=> $zip->{$_} \n" for(sort keys %{$zip}); print "The count From request Url: \n\n"; print "$_\=> $zrequrl->{$_} \n" for(sort keys %{$zrequrl}); print "\n\nThe count From Http Status: \n\n"; print "$_\=> $zstatus->{$_} \n" for(sort keys %{$zstatus}); print "\n\nThe count From Site Url: \n\n"; print "$_\=> $siteurl->{$_} \n" for(sort keys %{$siteurl});
加入crontab 每5分钟执行一次。
echo "*/5 * * * * perl $dir/banip.pl >> bianip.logs 2>&1 " >> /var/spool/cron/root
IN: $logfile,$count;
OUT: return the the latest $count lines of the $logfile.
IN: the content of need to cheack and count.
OUT: all types count result.
ORANGE, <bollwarm at ijz.me>
<bollwarm at ijz.me>
Please report any bugs or feature requests to bug-app-waf at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=App-Waf. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
bug-app-waf at rt.cpan.org
You can find documentation for this module with the perldoc command.
perldoc App::Waf
You can also look for information at:
RT: CPAN's request tracker (report bugs here)
http://rt.cpan.org/NoAuth/Bugs.html?Dist=App-Waf
AnnoCPAN: Annotated CPAN documentation
http://annocpan.org/dist/App-Waf
CPAN Ratings
http://cpanratings.perl.org/d/App-Waf
Search CPAN
http://search.cpan.org/dist/App-Waf/
Copyright 2016 ORANGE.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
To install App::Waf, copy and paste the appropriate command in to your terminal.
cpanm
cpanm App::Waf
CPAN shell
perl -MCPAN -e shell install App::Waf
For more information on module installation, please visit the detailed CPAN module installation guide.