Skip to content

2665-Update blocklist system #919

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

2665-Update blocklist system #919

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 27 additions & 9 deletions backend/src/xfd_django/xfd_api/tasks/update_blocklist.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
"""Update the blocklist with the latest data from blocklist.de."""
# Standard Python Libraries
from datetime import timedelta
import ipaddress
import logging

Expand Down Expand Up @@ -44,7 +45,7 @@ def query_blocklist_api(ip_str):
return malicious, attacks, reports


def create_new_blocklist_records(blocklist):
def create_new_blocklist_records(blocklist, created_count):
"""Create new blocklist records in the database for each IP address."""
for ip_str in blocklist:
try:
Expand All @@ -57,6 +58,7 @@ def create_new_blocklist_records(blocklist):
attacks=attacks,
reports=reports,
)
created_count += 1
except Exception as e:
LOGGER.warning("Failed to create blocklist record for IP %s: %s", ip_str, e)
continue
Expand All @@ -71,25 +73,41 @@ def main():
LOGGER.info("Blocklist downloaded successfully with %d entries.", len(blocklist))
blocklist_records = Blocklist.objects.all()
# Prune blocklist records that are not in the downloaded blocklist data
updated_count = 0
for ip_record in blocklist_records:
ip_str = str(ipaddress.ip_interface(ip_record.ip).ip)
if ip_str in blocklist:
LOGGER.info("Updating blocklist record for IP: %s", ip_str)
# If the IP is in the blocklist, update the record
malicious, attacks, reports = query_blocklist_api(ip_str)
if attacks > 0:
updated = False
if attacks != ip_record.attacks:
# Update the attacks count
ip_record.attacks = attacks
if reports > 0:
updated = True
if reports != ip_record.reports:
# Update the reports count
ip_record.reports = reports
ip_record.malicious = malicious
ip_record.updated_at = timezone.now()
updated = True
if malicious != ip_record.malicious:
ip_record.malicious = malicious
updated = True
if updated:
ip_record.updated_at = timezone.now()

ip_record.save()
updated_count += 1
# Remove the IP from blocklist to improve performance
del blocklist[ip_str]
else:
ip_record.delete()
LOGGER.info("Blocklist record deleted for IP: %s", ip_str)
# Add new blocklist records based on the downloaded data
create_new_blocklist_records(blocklist)
LOGGER.info("Updated %d blocklist records.", updated_count)
created_count = 0
create_new_blocklist_records(blocklist, created_count)
LOGGER.info("Created %d new blocklist records.", created_count)
# Delete all records that have not been updated in the last 30 days
threshold_date = timezone.now() - timedelta(days=30)
deleted_count, _ = Blocklist.objects.filter(updated_at__lt=threshold_date).delete()
LOGGER.info("Deleted %d old blocklist records.", deleted_count)


def handler(_):
Expand Down
Loading