Skip to content

Commit 77e151a

Browse files
sabbansabban
authored
fix the cache management for live mode. (#104)
* fix(crowdsec): correct configuration key and cache key format Changed ~CAPTCHA_EXPIRATION~ to ~CACHE_EXPIRATION~ in ~csmod.allowIp~ function. Updated cache key format in ~live_query~ function to include "decision_cache" prefix. * fix(caching): correct cache key format in live_query function Ensure the cache key format includes the "decision_cache/" prefix to prevent key conflicts and improve cache management. * mark debug * fix the test as well
1 parent 862251c commit 77e151a

File tree

3 files changed

+11
-11
lines changed

3 files changed

+11
-11
lines changed

lib/crowdsec.lua

+4-2
Original file line numberDiff line numberDiff line change
@@ -355,6 +355,7 @@ function csmod.allowIp(ip)
355355
local key_type = key_parts[1]
356356
if key_type == "normal" then
357357
local decision_string, flag_id = runtime.cache:get("decision_cache/" .. key)
358+
ngx.log(ngx.DEBUG, "[CACHE] Looking for '" .. key .. "' in cache")
358359
local t = utils.split_on_delimiter(decision_string,"/")
359360
if t == nil then
360361
return true, nil, "Failed to split decision string"
@@ -382,9 +383,10 @@ function csmod.allowIp(ip)
382383
item = key_type.."_"..table.concat(netmask, ":").."_"..iputils.ipv6_band(ip_network_address, netmask)
383384
end
384385
local decision_string, flag_id = runtime.cache:get("decision_cache/" .. item)
386+
ngx.log(ngx.DEBUG, "[CACHE] Looking for '" .. key .. "' in cache")
385387
if decision_string ~= nil then -- we have it in cache
386388
if decision_string == "none" then
387-
ngx.log(ngx.DEBUG, "'" .. key .. "' is in cache with value'" .. decision_string .. "'")
389+
ngx.log(ngx.DEBUG, "[CACHE]'" .. key .. "' is in cache with value'" .. decision_string .. "'")
388390
return true, nil, nil
389391
end
390392
ngx.log(ngx.DEBUG, "'" .. key .. "' is in cache with value'" .. decision_string .. "'")
@@ -413,7 +415,7 @@ function csmod.allowIp(ip)
413415
ip,
414416
runtime.conf["API_URL"],
415417
runtime.conf["REQUEST_TIMEOUT"],
416-
runtime.conf["CAPTCHA_EXPIRATION"],
418+
runtime.conf["CACHE_EXPIRATION"],
417419
REMEDIATION_API_KEY_HEADER,
418420
runtime.conf['API_KEY'],
419421
runtime.userAgent,

lib/plugins/crowdsec/live.lua

+4-4
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,9 @@ function live:live_query(ip, api_url, timeout, cache_expiration, api_key_header,
4848
if body == "null" then -- no result from API, no decision for this IP
4949
-- set ip in cache and DON'T block it
5050
local key,_ = utils.item_to_string(ip, "ip")
51-
local succ, err, forcible = live.cache:set(key, "none", cache_expiration, 1)
51+
local succ, err, forcible = live.cache:set("decision_cache/" .. key, "none", cache_expiration, 1)
5252
--
53-
ngx.log(ngx.DEBUG, "Adding '" .. key .. "' in cache for '" .. cache_expiration .. "' seconds") --debug
53+
ngx.log(ngx.DEBUG, "[CACHE] Adding '" .. key .. "' in cache for '" .. cache_expiration .. "' seconds") --debug
5454
if not succ then
5555
ngx.log(ngx.ERR, "failed to add ip '" .. ip .. "' in cache: ".. err)
5656
end
@@ -66,8 +66,8 @@ function live:live_query(ip, api_url, timeout, cache_expiration, api_key_header,
6666
end
6767
local cache_value = decision.type .. "/" .. decision.origin
6868
local key,_ = utils.item_to_string(decision.value, decision.scope)
69-
local succ, err, forcible = live.cache:set(key, cache_value, cache_expiration, 0)
70-
ngx.log(ngx.DEBUG, "Adding '" .. key .. "' in cache for '" .. cache_expiration .. "' seconds with decision type'" .. decision.type .. "'with origin'" .. decision.origin ) --debug
69+
local succ, err, forcible = live.cache:set("decision_cache/" .. key, cache_value, cache_expiration, 0)
70+
ngx.log(ngx.DEBUG, "[CACHE] Adding '" .. key .. "' in cache for '" .. cache_expiration .. "' seconds with decision type'" .. decision.type .. "'with origin'" .. decision.origin ) --debug
7171
if not succ then
7272
ngx.log(ngx.ERR, "failed to add ".. decision.value .." : "..err)
7373
end

t/10_live_ban_and_cache.t

+3-5
Original file line numberDiff line numberDiff line change
@@ -135,19 +135,17 @@ qr/DEBUG CACHE:[^ ]*/
135135
DEBUG CACHE:metrics_first_run:false
136136
DEBUG CACHE:metrics_processed/ip_type=ipv4&:1
137137
DEBUG CACHE:metrics_all:processed/ip_type=ipv4&,
138-
DEBUG CACHE:ipv4_4294967295_16843010:none
138+
DEBUG CACHE:decision_cache/ipv4_4294967295_16843010:none
139139
DEBUG CACHE:captcha_ok:false
140-
DEBUG CACHE:ipv4_4294967295_16843010:none
141140
DEBUG CACHE:metrics_first_run:false
142141
DEBUG CACHE:metrics_processed/ip_type=ipv4&:2
143-
DEBUG CACHE:ipv4_4294967295_16843009:ban/CAPI
142+
DEBUG CACHE:decision_cache/ipv4_4294967295_16843009:ban/CAPI
144143
DEBUG CACHE:metrics_dropped/ip_type=ipv4&origin=CAPI&:1
145144
DEBUG CACHE:metrics_all:processed/ip_type=ipv4&,dropped/ip_type=ipv4&origin=CAPI&,
146145
DEBUG CACHE:captcha_ok:false
147-
DEBUG CACHE:ipv4_4294967295_16843010:none
148146
DEBUG CACHE:metrics_first_run:false
149147
DEBUG CACHE:metrics_processed/ip_type=ipv4&:3
150-
DEBUG CACHE:ipv4_4294967295_16843009:ban/CAPI
148+
DEBUG CACHE:decision_cache/ipv4_4294967295_16843009:ban/CAPI
151149
DEBUG CACHE:metrics_dropped/ip_type=ipv4&origin=CAPI&:2
152150
DEBUG CACHE:metrics_all:processed/ip_type=ipv4&,dropped/ip_type=ipv4&origin=CAPI&,
153151
DEBUG CACHE:captcha_ok:false

0 commit comments

Comments
 (0)