https://github.com/toyama0919/fluent-plugin-dos_block_acl
https://github.com/toyama0919/fluent-plugin-dos_block_acl
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/toyama0919/fluent-plugin-dos_block_acl
- Owner: toyama0919
- Created: 2015-01-14T09:10:33.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2018-01-16T02:06:57.000Z (over 7 years ago)
- Last Synced: 2025-02-02T08:31:59.725Z (4 months ago)
- Language: Ruby
- Size: 9.77 KB
- Stars: 5
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# fluent-plugin-dos_block_acl
[](http://travis-ci.org/toyama0919/fluent-plugin-dos_block_acl)
[](https://badge.fury.io/rb/fluent-plugin-dos_block_acl)
access block by aws network acl.
aggregate unit is time_slice_format.
## Installation
```
fluent-gem install fluent-plugin-dos_block_acl
```
## Examples(more than 10000 access per hour)
```
type dos_block_acl
network_acl_id acl-xxxxxxx
ip_address_key ip_address
dos_threshold 10000
buffer_chunk_limit 256m
region ap-northeast-1
deny_rule_numbers_range 1..10
time_slice_format %Y%m%d_%H
buffer_path /tmp/dos_block_acl_hourly*.log
state_file /var/log/td-agent/buffer/dos_block_acl_state.log
```
## Examples(more than 100000 access per day)
```
type dos_block_acl
network_acl_id acl-xxxxxxx
ip_address_key ip_address
dos_threshold 10000
buffer_chunk_limit 256m
region ap-northeast-1
deny_rule_numbers_range 11..18
time_slice_format %Y%m%d
buffer_path /tmp/dos_block_acl_daily*.log
state_file /var/log/td-agent/buffer/dos_block_acl_state.log
```
## parameter
|param | default|exsample|
|--------|--------|--------|
|network_acl_id||acl-xxxxxx|
|dryrun| false|true|
|ip_address_key||ip_address|
|dos_threshold||1000|
|time_slice_format |%Y%m%d|%Y%m%d_%H|
|aws_key_id| nil||
|aws_sec_key| nil||
|region| nil|ap-northeast-1|
|white_list| '127.0.0.1'|127.0.0.1,192.168.0.1,192.168.0.2|
|deny_rule_numbers_range| '1..18'||
|state_file| nil|/var/log/td-agent/dos_block_acl_state.log|
## Notes
default network acl entry limit is 20.([see](http://docs.aws.amazon.com/ja_jp/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html))
## Contributing
1. Fork it
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Add some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create new [Pull Request](../../pull/new/master)
## Information
* [Homepage](https://github.com/toyama0919/fluent-plugin-dos_block_acl)
* [Issues](https://github.com/toyama0919/fluent-plugin-dos_block_acl/issues)
* [Documentation](http://rubydoc.info/gems/fluent-plugin-dos_block_acl/frames)
* [Email](mailto:[email protected])
## Copyright
Copyright (c) 2015 Hiroshi Toyama