App::Waf - A sample Web Application Firewall, analysis the web logs for illegal attempt in real time。 summary the source IP and other tpyes infomations ,using this infomations for ban whith iptables.

通过解析web访问日志，实时统计非法访问，结合防火期等进行主动式防御。

VERSION

Version 0.08

SYNOPSIS =head2 实例

  use App::Waf;
  my $filename = "example.acess";#日志文件
  my $numlines  = 50000; #要处理的行数,从后读。
  my $line=tail($filename,$$numlines);
   ($log,$zcount,$zip,$zrequrl,$zstatus,$siteurl)=initCount($line);
  print "==============Attack Summary ==================\n";
  print "\nThe total attack count: $zcount \n";
  print "\nThe count from source IP:  \n\n";
  print "$_\=> $zip->{$_} \n" for(sort  keys %{$zip});
  print "The count From request Url:  \n\n";
  print "$_\=> $zrequrl->{$_} \n" for(sort keys %{$zrequrl});
  print "\n\nThe count From Http Status:  \n\n";
  print "$_\=> $zstatus->{$_} \n" for(sort keys %{$zstatus});
  print "\n\nThe count From Site Url:  \n\n";
  print "$_\=> $siteurl->{$_} \n" for(sort keys %{$siteurl});

结合nginx 和 iptables 进行实时banip的实例（example/banip.pl）

加入crontab 每5分钟执行一次。

   echo "*/5 * * * * perl $dir/banip.pl >> bianip.logs 2>&1 " >> /var/spool/cron/root

SUBROUTINES/METHODS

tail()

IN: $logfile,$count;

OUT: return the the latest $count lines of the $logfile.

initCount()

IN: the content of need to cheack and count.

OUT: all types count result.

AUTHOR

ORANGE, <bollwarm at ijz.me>

BUGS

Please report any bugs or feature requests to bug-app-waf at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=App-Waf. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.

    perldoc App::Waf

You can also look for information at:

RT: CPAN's request tracker (report bugs here)

http://rt.cpan.org/NoAuth/Bugs.html?Dist=App-Waf
AnnoCPAN: Annotated CPAN documentation

http://annocpan.org/dist/App-Waf
CPAN Ratings

http://cpanratings.perl.org/d/App-Waf
Search CPAN

http://search.cpan.org/dist/App-Waf/

ACKNOWLEDGEMENTS

LICENSE AND COPYRIGHT

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install App::Waf, copy and paste the appropriate command in to your terminal.

cpanm

cpanm App::Waf

CPAN shell

perl -MCPAN -e shell
install App::Waf

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)