Icycoide/searxng
1
0
Fork 1
mirror of https://github.com/searxng/searxng.git synced 2025-08-03 10:32:21 +02:00
Code Issues Projects Releases Packages Wiki Activity

utils/filtron.sh: various fix from first installation test (WIP)

Browse source 
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
Markus Heiser 2020-01-09 16:25:05 +01:00
parent f20193155a
commit 4990b07b4b
4 changed files with 206 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

142
utils/templates/etc/filtron/rules.json
View file

@ -1,56 +1,98 @@
[
[{
"name":"search request",
"filters":[
"Param:q",
"Path=^(/|/search)$"
],
"interval":60,
"limit":15,
"subrules":[
{
"name": "api limit",
"interval": 60,
"limit": 1000,
"filters": ["Path=^/api"],
"aggregations": ["Path"],
"actions": [
{"name": "block"}
],
"subrules": [
{
"name": "drop put",
"interval": 60,
"limit": 100,
"filters": ["Method=PUT"],
"aggregations": ["Header:X-Forwarded-For"],
"actions": [
{"name": "shell",
"params": {"cmd": "iptables -A INPUT -s %v -j DROP", "args": ["Header:X-Forwarded-For"]}}
]
}
]
"name":"roboagent limit",
"interval":60,
"limit":15,
"filters":[
"Header:User-Agent=(curl|cURL|Wget|python-requests|Scrapy|FeedFetcher|Go-http-client)"
],
"actions":[
{"name": "log"},
{
"name":"block",
"params":{
"message":"Rate limit exceeded"
}
}
]
},
{
"name": "log'n'block rss",
"interval": 300,
"limit": 2500,
"filters": ["Path=^/$", "GET:format=rss"],
"actions": [
{"name": "log"},
{"name": "block"}
]
"name":"botlimit",
"limit":0,
"stop":true,
"filters":[
"Header:User-Agent=(Googlebot|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT)"
],
"actions":[
{"name": "log"},
{
"name":"block",
"params":{
"message":"Rate limit exceeded"
}
}
]
},
{
"name": "log rule",
"filters": ["Path=/"],
"actions": [ {"name": "log"} ],
"subrules": [
{
"name": "block missing accept-language",
"filters": ["!Header:Accept-Language"],
"actions": [
{"name": "block"}
]
},
{
"name": "block curl",
"filters": ["Header:User-Agent=[Cc]url"],
"actions": [
{"name": "block"}
]
}
]
"name":"IP limit",
"interval":60,
"limit":15,
"stop":true,
"aggregations":[
"Header:X-Forwarded-For"
],
"actions":[
{"name": "log"},
{
"name":"block",
"params":{
"message":"Rate limit exceeded"
}
}
]
},
{
"name":"rss/json limit",
"interval":60,
"limit":15,
"stop":true,
"filters":[
"Param:format=(csv|json|rss)"
],
"actions":[
{"name": "log"},
{
"name":"block",
"params":{
"message":"Rate limit exceeded"
}
}
]
},
{
"name":"useragent limit",
"interval":60,
"limit":15,
"aggregations":[
"Header:User-Agent"
],
"actions":[
{"name": "log"},
{
"name":"block",
"params":{
"message":"Rate limit exceeded"
}
}
]
}
]
]
}]

2
utils/templates/lib/systemd/system/filtron.service
View file

@ -10,7 +10,7 @@ Type=simple
User=${SERVICE_USER}
Group=${SERVICE_GROUP}
WorkingDirectory=${SERVICE_HOME}
ExecStart=${SERVICE_HOME}/go-apps/bin/filtron -rules ${FILTRON_RULES}
ExecStart=${SERVICE_HOME}/go-apps/bin/filtron -api '${FILTRON_API}' -listen '${FILTRON_LISTEN}' -rules '${FILTRON_RULES}' -target '${FILTRON_TARGET}'
Restart=always
Environment=USER=${SERVICE_USER} HOME=${SERVICE_HOME}