momosecurity / aswan Goto Github PK

现在搭建了一套系统也运行起来了，请问外部数据如何使用aswa建立的规则？

对接业务数据的接口在哪

看了源码,之前的功能只能是在每次report上报的时候对redis的计数器加一，然后匹配次数。也就是不能加一些具体的数值,比如说我想统计一个玩家对游戏在某个时间段内的充值金额,目前就无法满足.

文档不全，启动之后连后台入口都不知道在哪儿

rt

Hi Aswan团队

感谢你们的开源，不知可否提供Aswan的官方docker镜像，对于想体验的人而言可以省去很多麻烦。

从参数中获取需要修改的策略组的下标（strategy_index）为0的情况下触发assert断言，导致修改阈值会失败。

影响范围：
规则配置 - 详情 - 编辑阈值
影响规则内第一条阈值型策略的阈值修改

report.py里面验证请求的body是否和设置的数据源一致

Sources类中有：
def check_all(self, name, data):
sources = self.get_source_or_raise(name)
return all([source.check_all(data) for source in sources])

该方法验证不通过

def load_sources(self):
    name_sources_map = defaultdict(set)
    RawSource.load_raw_source()
    raw_name_source_map_lst = []
    try:
        for source_cls in _used_source_cls_set:
            raw_name_source_map_lst.append(source_cls.load())
    except redis.RedisError:
        return
    else:
        for raw_name_sources_map in raw_name_source_map_lst:
            for name, sources in raw_name_sources_map.items():
                name_sources_map[name] |= sources
        self.name_sources_map = name_sources_map

这里load_raw_source了redis中定义的数据源，但是没有放到name_sources_map中

比如对于恶意访问用户，如何能及时的将这批ip或者设备号加入到黑名单中，以便防住攻击呢？目前好像是手动添加黑名单记录？

url(r'^$', RedirectView.as_view(url=reverse_lazy("strategy:strategy_list"), permanent=True), name="strategy_index"),
报错：
Reverse for 'strategy_list' not found. 'strategy_list' is not a valid view function or pattern name
这段代码是想重定向到menu_strategy/list吧？
原本是想写成
url(r'^$', RedirectView.as_view(url=reverse_lazy("strategy:menu_strategy_list"), permanent=True), name="strategy_index"),
这样吗？

启动成功后，本地可以127.0.0.1:8000访问系统，
但远程服务器上安装后 按照 http://serverIp:8000/方式无法访问（防火墙已开放8000端口），
对start.sh中 #使用uwsgi启动后台 中127.0.0.1:8000改为0.0.0.0:8000 也不行

我在做互金信贷业务和支付业务的风控系统，希望能够一起沟通交流下

我个人WX：

系统能够处理多大单日请求量

mysql数据库有密码 我改了config下的devlop.py,product.py,test.py的mysql密码但还是报错
django.db.utils.OperationalError: (1045, "Access denied for user 'root'@'localhost' (using password: YES)")

Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/gevent/pywsgi.py", line 976, in handle_one_response
self.run_application()
File "/usr/local/lib/python3.7/site-packages/gevent/pywsgi.py", line 924, in run_application
self.process_result()
File "/usr/local/lib/python3.7/site-packages/gevent/pywsgi.py", line 910, in process_result
self.write(data)
File "/usr/local/lib/python3.7/site-packages/gevent/pywsgi.py", line 757, in write
self._write_with_headers(data)
File "/usr/local/lib/python3.7/site-packages/gevent/pywsgi.py", line 778, in _write_with_headers
self._write(data)
File "/usr/local/lib/python3.7/site-packages/gevent/pywsgi.py", line 742, in _write
self._sendall(data)
File "/usr/local/lib/python3.7/site-packages/gevent/pywsgi.py", line 704, in _sendall
self.socket.sendall(data)
File "/usr/local/lib/python3.7/site-packages/gevent/_socket3.py", line 457, in sendall
data_memory = _get_memory(data)
File "/usr/local/lib/python3.7/site-packages/gevent/_socket3.py", line 45, in _get_memory
mv = memoryview(data)
TypeError: memoryview: a bytes-like object is required, not 'str'
2019-07-12T11:16:49Z {'REMOTE_ADDR': '127.0.0.1', 'REMOTE_PORT': '50456', 'HTTP_HOST': 'localhost:8088', (hidden keys: 24)} failed with TypeError

请问，这是因为python3的还不能完全支持吗？

输出错误：

杀过占用端口的进程了

任然运行不了

(1050, "Table 'log_manage_hitlogmodel' already exists")，想知道mysql持久化存储的日志逻辑

数据上报，数据存储在redis的 sorted set 存储说明 可否说一下

你好，使用Docker-compose启动系统之后，默认的登录用户名密码是什么，帮助文档中没有找到

报错 日志

Hi Guys,

have started translation here of your project, now I need some help

https://github.com/MyTokenWallet/aswan

thx for support!

I anyone is here to work with me on ...

🤪

如题

报#，需要怎么解决

curl 127.0.0.1:50000/report/ -X POST -d '{"source": "test", "user_id": "10000", "ip": "127.0.0.1", "uid": "abcabc112333222"}' -H "Content-Type:application/json"
{"ec": 100, "error": "invalid source"}
什么原因啊

This is a useful projects. After I go through the code , got a question :
Why using two databases? What's the purpose ?
We can store all of them in one database: more simple & user friendly

curl 127.0.0.1:50000/query/ -X POST -d '{"rule_id": "2", "user_id": "10086", "ip": "127.0.0.1"}' -H "Content-Type:application/json"

{"result": {"control": "deny", "weight": 101}, "ec": 0}%

为啥不同的存储，会有不同的接口调用呢？？？

讲道理来说，不应该底层都封装好, 对用户来说，都是调用同一个接口么？？

按照文档写的运行后，访问页面失败(localhost:8000)

[root@jamie aswan]# bash start.sh
[root@jamie aswan]# nohup: appending output to ‘nohup.out’
nohup: appending output to ‘nohup.out’
nohup: appending output to ‘nohup.out’
[root@jamie aswan]# netstat -anp | grep 8000
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 3084/python

在模板：aswan/www/templates/pagination.html里只能获取到
{% render_table table "table.html" %}之后的table的值

其余值获取不到 分页显示有问题

Traceback (most recent call last):
  File "/Users/islishude/Library/Python/3.7/lib/python/site-packages/django/core/handlers/exception.py", line 41, in inner
    response = get_response(request)
  File "/Users/islishude/Library/Python/3.7/lib/python/site-packages/django/core/handlers/base.py", line 244, in _legacy_get_response
    response = middleware_method(request)
  File "/Users/islishude/project/aswan/www/permissions/middleware.py", line 45, in process_request
    if not cls.has_perm(user.email, path):
  File "/Users/islishude/project/aswan/www/permissions/middleware.py", line 51, in has_perm
    return CACHE_HAS_PERMS[(pk, path)]
  File "/Users/islishude/project/aswan/www/core/lru.py", line 39, in withlock
    return func(self, *args, **kwargs)
  File "/Users/islishude/project/aswan/www/core/lru.py", line 172, in __getitem__
    self.cleanup()
  File "/Users/islishude/project/aswan/www/core/lru.py", line 39, in withlock
    return func(self, *args, **kwargs)
  File "/Users/islishude/project/aswan/www/core/lru.py", line 189, in cleanup
    for k in self.__expire_times:
RuntimeError: OrderedDict mutated during iteration

I will make a PR to fix it.

测试

docker映像出来的端口能换一个吗？本地也安装有mysql等，会导致冲突

django版本升级2.2或者3.5+
名单管理下所有页面都会报错cannot set options after executing query
降到1.11.27才正常

Python 2 end of life is in less than 200 days...

flake8 testing of https://github.com/momosecurity/aswan on Python 3.7.1

$ flake8 . --count --select=E9,F63,F72,F82 --show-source --statistics

./www/rule/views.py:219:26: F821 undefined name 'unicode'
                'error': unicode(e),
                         ^
./www/rule/templatetags/reverse_tags.py:28:35: F821 undefined name 'basestring'
        if not isinstance(object, basestring):
                                  ^
./www/rule/templatetags/reverse_tags.py:37:26: F821 undefined name 'basestring'
    if isinstance(value, basestring):
                         ^
./www/rule/templatetags/reverse_tags.py:78:13: F821 undefined name 'unicode'
    value = unicode(value)
            ^
./www/core/utils.py:11:17: F821 undefined name 'unicode'
        (k, map(unicode, v))
                ^
./www/core/columns.py:14:30: F821 undefined name 'basestring'
        if isinstance(value, basestring) and len(value) > self.truncate_limit:
                             ^
./www/settings/settings.py:138:50: E999 SyntaxError: invalid syntax
    exec 'from local_settings.{risk_env} import *'.format(risk_env=risk_env)
                                                 ^
./www/strategy/largest_period.py:75:35: E999 SyntaxError: invalid syntax
    print get_source_largest_period()
                                  ^
./www/strategy/forms.py:224:33: F821 undefined name 'reduce'
                strategy_time = reduce(lambda x, y: x * y, args)
                                ^
./www/strategy/templatetags/reverse_tags.py:29:35: F821 undefined name 'basestring'
        if not isinstance(object, basestring):
                                  ^
./www/strategy/templatetags/reverse_tags.py:38:26: F821 undefined name 'basestring'
    if isinstance(value, basestring):
                         ^
./www/strategy/templatetags/reverse_tags.py:79:13: F821 undefined name 'unicode'
    value = unicode(value)
            ^
./risk_models/source.py:160:66: F821 undefined name 'basestring'
        return 'user_id' in data and isinstance(data['user_id'], basestring)
                                                                 ^
./builtin_funcs/sample.py:8:44: F821 undefined name 'basestring'
                               ('user_id', basestring),
                                           ^
./builtin_funcs/sample.py:29:44: F821 undefined name 'basestring'
                               ('user_id', basestring),
                                           ^
./config/base.py:36:42: E999 SyntaxError: invalid syntax
    exec 'from config.{risk_env} import *'.format(risk_env=risk_env)
                                         ^
3     E999 SyntaxError: invalid syntax
13    F821 undefined name 'basestring'
16

E901,E999,F821,F822,F823 are the "showstopper" flake8 issues that can halt the runtime with a SyntaxError, NameError, etc. These 5 are different from most other flake8 issues which are merely "style violations" -- useful for readability but they do not effect runtime safety.

• F821: undefined name name
• F822: undefined name name in __all__
• F823: local variable name referenced before assignment
• E901: SyntaxError or IndentationError
• E999: SyntaxError -- failed to compile a file into an Abstract Syntax Tree

在不需要上报user_id字段情况下触发并命中策略后，持久化进程将会异常终止，后续拦截日志无法显示，查看nohup.out报错如下：
... File "/xxx/xxx/aswan/www/log_manage/management/commands/persistence_hit_log.py", line 33, in parse_msg d['user_id'] = req_body['user_id'] KeyError: 'user_id'

命中的策略规则：时段频控型策略
策略详情：相同ip，在最近30s内，限10次(xxx数据源)
查询的数据：{'rule_id': 2, 'ip': ip}

/xxx/xxx/aswan/www/log_manage/management/commands/persistence_hit_log.py 33行修改为d['user_id'] = req_body.get('user_id', '')得到解决。

请问首次命中规则之后，再次请求query接口。接口还是返回被风控，这种怎么处理?