i ,dZddlmZmZddlZddlZddlmZmZddl m Z ddl m Z ddl m Z dd l mZmZej d Zd Z d Z d Z dZ dZ dZ dZ dZ dZ dZ deezdej6de j8dej:dzfdZy)a.. _botdetection.ip_limit: Method ``ip_limit`` ------------------- The ``ip_limit`` method counts request from an IP in *sliding windows*. If there are to many requests in a sliding window, the request is evaluated as a bot request. This method requires a valkey DB and needs a HTTP X-Forwarded-For_ header. To take privacy only the hash value of an IP is stored in the valkey DB and at least for a maximum of 10 minutes. The :py:obj:`.link_token` method can be used to investigate whether a request is *suspicious*. To activate the :py:obj:`.link_token` method in the :py:obj:`.ip_limit` method add the following configuration: .. code:: toml [botdetection.ip_limit] link_token = true If the :py:obj:`.link_token` method is activated and a request is *suspicious* the request rates are reduced: - :py:obj:`BURST_MAX` -> :py:obj:`BURST_MAX_SUSPICIOUS` - :py:obj:`LONG_MAX` -> :py:obj:`LONG_MAX_SUSPICIOUS` To intercept bots that get their IPs from a range of IPs, there is a :py:obj:`SUSPICIOUS_IP_WINDOW`. In this window the suspicious IPs are stored for a longer time. IPs stored in this sliding window have a maximum of :py:obj:`SUSPICIOUS_IP_MAX` accesses before they are blocked. As soon as the IP makes a request that is not suspicious, the sliding window for this IP is dropped. .. _X-Forwarded-For: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For ) IPv4Network IPv6NetworkN)incr_sliding_window drop_counter) link_token)config)valkeydb)too_many_requestsloggerip_limitiX ii'networkrequestcfgreturnc0tj}|jr&|ds!tjd|j y|j jdddk7r3t|d|j zt}|tkDr t|dS|drtj||d}|st|d |j zyt|d |j zt}|t kDrQtj"d |t%j&t%j(d d }d|j*d<|St|d|j zt,}|t.kDr t|dSt|d|j zt0}|t2kDr t|dSyt|d|j zt,}|t4kDr t|dSt|d|j zt0}|t6kDr t|dSy)Nz'botdetection.ip_limit.filter_link_localz not monitored by ip_limit methodformathtmlzip_limit.API_WINDOW:ztoo many request in API_WINDOWz botdetection.ip_limit.link_tokenTzip_limit.SUSPICIOUS_IP_WINDOWzGBLOCK: too many request from %s in SUSPICIOUS_IP_WINDOW (redirect to /)indexi.)codezno-store, max-age=0z Cache-Controlzip_limit.BURST_WINDOWz7too many request in BURST_WINDOW (BURST_MAX_SUSPICIOUS)zip_limit.LONG_WINDOWz5too many request in LONG_WINDOW (LONG_MAX_SUSPICIOUS)z,too many request in BURST_WINDOW (BURST_MAX)z*too many request in LONG_WINDOW (LONG_MAX))r get_valkey_client is_link_localr debug compressedargsgetr API_WINDOWAPI_MAXr r is_suspiciousrSUSPICIOUS_IP_WINDOWSUSPICIOUS_IP_MAXerrorflaskredirecturl_forheaders BURST_WINDOWBURST_MAX_SUSPICIOUS LONG_WINDOWLONG_MAX_SUSPICIOUS BURST_MAXLONG_MAX)rrr valkey_clientc suspiciousresponses ,/root/searxng/searx/botdetection/ip_limit.pyfilter_requestr9\s..0MS)R%S SU\UgUgh||&)V3  /EHZHZ/Z\f g w;$W.NO O -.--gwE  (G'J\J\(\ ] :W=O=OOQe   LLbdk l~~emmG&<3GH0EH  _ -O  /FI[I[/[]i j # #$W.gh h  /EHZHZ/Z\g h " "$W.ef f M+BWEWEW+WYefA9} *XYYM+AGDVDV+VXcdA8| *VWW )__doc__ ipaddressrrr*werkzeugsearx.valkeylibrrrr r _helpersr r getChildr.r2r/r0r3r1r$r%r'r(RequestConfigResponser9r:r8rFs$L  =  $ D  @N : ?J  Q >%ET8 ; &8 ]]8 8 8r: