dynamic reloading of botnet blocklist added

vs-uulm · Jan 13, 2022 · 0e811df · 0e811df
1 parent e2ed0fa
commit 0e811df
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 5 deletions.
diff --git a/internal/app/blocklist/blocklist.go b/internal/app/blocklist/blocklist.go
@@ -18,6 +18,7 @@ func BlockRequest(req *http.Request) bool {
         return true
     }
 
+    config.Config.Blocklists.WaitBotnetList.Wait()
     _, ok := config.Config.Blocklists.BotnetList[host]
     if ok {
         return true

diff --git a/internal/app/config/config.go b/internal/app/config/config.go
@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"net/url"
 	"os"
+    "sync"
 
 	"gopkg.in/yaml.v3"
 )
@@ -27,6 +28,7 @@ type sysLoggerT struct {
 type BlocklistsT struct {
     PathToBotnetList string `yaml:"path_to_botnet_list"`
     BotnetList map[string]struct{}
+    WaitBotnetList  sync.WaitGroup
 }
 
 // The struct PepT is for parsing the section 'pep' of the config file.

diff --git a/internal/app/init/init_blocklist.go b/internal/app/init/init_blocklist.go
@@ -66,18 +66,24 @@ func reloadBotnetList(sysLogger *logger.Logger) bool {
         return false
     }
 
+    newBotnetList := make(map[string]struct{})
     arrOfBotnetIPs := strings.Split(string(botnetListData), "\n")
 
     for _, ip := range arrOfBotnetIPs {
         if net.ParseIP(ip) == nil {
             continue
         }
 
-        if _, exist := config.Config.Blocklists.BotnetList[ip]; exist {
+        if _, exist := newBotnetList[ip]; exist {
             continue
         } else {
-            config.Config.Blocklists.BotnetList[ip] = struct{}{}
+            newBotnetList[ip] = struct{}{}
         }
     }
+
+    config.Config.Blocklists.WaitBotnetList.Add(1)
+    config.Config.Blocklists.BotnetList = newBotnetList
+    config.Config.Blocklists.WaitBotnetList.Add(-1)
+
     return true
 }
diff --git a/internal/app/router/router.go b/internal/app/router/router.go
@@ -80,6 +80,9 @@ func addHSTSHeader(w http.ResponseWriter) {
 // help of the PEP, transformation from SFCs into SFPs with help of the SFP
 // Logic, and then forwards the package along the SFP.
 func (router *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+	// Log all http requests incl. TLS informaion in the case of a successful TLS handshake
+	router.sysLogger.LogHTTPRequest(req)
+
 	// Add HSTS Header
 	addHSTSHeader(w)
 
@@ -97,9 +100,6 @@ func (router *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	// RM FOR PRODUCTIVE
 	md := new(metadata.CpMetadata)
 
-	// Log all http requests incl. TLS informaion in the case of a successful TLS handshake
-	router.sysLogger.LogHTTPRequest(req)
-
 	// BASIC AUTHENTICATION
 	// Check if the user is authenticated; if not authenticate her; if that fails return an error
 	// TODO: return error to client?