Zardoz is a small WFA which tries to learn from the server and client the rules of what to block.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

80 lines
1.5 KiB

package main
import (
"fmt"
"log"
"math"
"net/http"
"net/http/httputil"
)
func handler(p *httputil.ReverseProxy) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
//put the request inside our structure
ProxyFlow.request = r
log.Println("Received HTTP Request")
probs := ZClassifier.Posterior(SourceIP(r))
log.Printf("Posterior Probabilities: %+v\n", probs)
action := quadrant(probs)
ControPlane.StatsTokens <- action
switch action {
case "BLOCK", "BLOCKLEARN":
p.ModifyResponse = blockAndlearn
w.Header().Set("Probabilities", fmt.Sprintf("%v ", probs))
log.Println("Request Blocked")
p.ServeHTTP(w, r)
case "PASS", "PASSLEARN":
p.ModifyResponse = passAndLearn
w.Header().Set("Probabilities", fmt.Sprintf("%v ", probs))
p.ServeHTTP(w, r)
log.Println("Passing Request")
default:
log.Println("No Decision: PASS and LEARN")
p.ModifyResponse = passAndLearn
w.Header().Set("Probabilities", fmt.Sprintf("%v ", probs))
p.ServeHTTP(w, r)
}
}
}
func quadrant(p map[string]float64) string {
sure := math.Abs(p["BAD"]-p["GOOD"]) >= ProxyFlow.sensitivity
badish := p["BAD"] > p["GOOD"]
goodish := p["GOOD"] > p["BAD"]
if ProxyFlow.seniority < Maturity {
log.Println("Seniority too low. Waiting.")
return "PASSLEARN"
}
if sure {
if goodish {
return "PASS"
}
if badish {
return "BLOCK"
}
} else {
if goodish {
return "PASSLEARN"
}
if badish {
return "BLOCKLEARN"
}
}
return "PASSLEARN"
}