https://github.com/koala-labs/koala-shield
CLI tool to help investigate IP address/ASNs and manage block lists in AWS WAF Classic.
https://github.com/koala-labs/koala-shield
aws golang
Last synced: 6 months ago
JSON representation
CLI tool to help investigate IP address/ASNs and manage block lists in AWS WAF Classic.
- Host: GitHub
- URL: https://github.com/koala-labs/koala-shield
- Owner: koala-labs
- License: apache-2.0
- Created: 2021-02-04T15:17:18.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2021-11-05T19:56:16.000Z (over 4 years ago)
- Last Synced: 2024-06-19T23:14:47.990Z (about 2 years ago)
- Topics: aws, golang
- Language: Go
- Homepage:
- Size: 79.1 KB
- Stars: 4
- Watchers: 9
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Koala Shield 🐨 🛡
[](https://codecov.io/gh/koala-labs/koala-shield)
Table of Contents
## About The Project
Koala Shield is a small package and CLI tool written in Go to help investigate IP address/ASNs and manage block lists in AWS WAF Classic.
Koala Shield makes it easy to track any IP address to their ASN owner and, if the ASN owner appears malicious, quickly create a AWS WAF Classic block rule to guard against widespread malicious behavior.
If a malicious actor is using a less-than scrupulous cloud provider to DDoS your application Koala Shield can be used to temporarily block the cloud provider and give you time to find a more permanent solution.
**Be careful when blocking an entire ASN!** An ASN can encompass a wide range of services and networks so be sure to triple confirm before enabling the block. Koala Shield makes it easy to rollback a block if needed.
## Getting Started
### Prerequisites
Koala Shield requires Go 1.15 or higher. As a prerequisite please [download and install Go](https://golang.org/doc/install) and make sure Go compiled binaries are included in your `$PATH` (e.g. `export PATH=$GOPATH/bin:$PATH`)
### Installation
1. Install the binary
```sh
go get github.com/koala-labs/koala-shield
```
2. Set your [AWS credentials](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html#cli-configure-quickstart-config) and make sure to export your desired AWS region in the AWS config file.
## Usage
Koala Shield has 4 core commands: `lookup`, `block`, `un-block`, and `ipsets`:
### `lookup`
Lookup information about IP addresses and/or ASN numbers (powered by [BPGView](https://bgpview.io/))
Example:
```sh
koala-shield lookup 20473
koala-shield lookup 8.6.8.0
```
### `block`
Block all the prefixes owned by the specified ASN using an AWS WAF Classic IP list.
Example:
```sh
koala-shield block 20473
```
### `un-block`
Un-block an ASN by removing their IP Set from the AWS WAF Classic IP Rules.
Example:
```sh
koala-shield un-block 20473
```
### `ipsets`
List all IP sets registered in AWS WAF Classic.
Example:
```sh
koala-shield ipsets
```
## Tests
Koala Shield has a full unit-test suite.
Use the following command to run the tests and output function-level code coverage
```sh
go test ./... -coverprofile coverage.txt && go tool cover -func coverage.txt
```
## Contributing
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are **greatly appreciated**.
1. Fork the Project
2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`)
3. Run the test suite (`go test ./...`)
4. Commit your Changes (`git commit -m 'Add some AmazingFeature'`)
5. Push to the Branch (`git push origin feature/AmazingFeature`)
6. Open a Pull Request
## License
Distributed under the Apache License, Version 2.0. See `LICENSE` for more information.
## Contact
Koala Labs - [@koala_labs](https://twitter.com/koala_labs) - engineering@koala.io