Store (origin, neighbor) combinations of hijack BGP updates in redis (C…

…loses #119) (#120) * store (origin, neighbor) combinations of hijack BGP updates in redis * fixing minor codefactor issues
FORTH-ICS-INSPIRE · Mar 4, 2019 · a907316 · a907316
1 parent e8af587
commit a907316
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,7 @@
 ## [UNRELEASED] (NAME) - YYYY-MM-DD
 ### Added
 - Support for dormant flags in hijacks
+- Storing hijack update (origin, neighbor) combinations in redis
 
 ### Changed
 - TBD (Changed existing functionality)

diff --git a/backend/core/database.py b/backend/core/database.py
@@ -786,6 +786,36 @@ def bootstrap_redis(self):
                     expire = int(time.time() - entry[1].timestamp())
                     redis_pipeline.set(entry[0], "1", ex=expire)
                 redis_pipeline.execute()
+
+                query = (
+                    "SELECT bgp_updates.as_path, hijacks.prefix, hijacks.hijack_as, hijacks.type FROM "
+                    "hijacks LEFT JOIN bgp_updates ON (hijacks.key = ANY(bgp_updates.hijack_key)) "
+                    "WHERE bgp_updates.type = 'A' "
+                    "AND hijacks.active = true "
+                    "AND bgp_updates.handled = true"
+                )
+
+                with get_ro_cursor(self.ro_conn) as db_cur:
+                    db_cur.execute(query)
+                    entries = db_cur.fetchall()
+
+                redis_pipeline = self.redis.pipeline()
+                for entry in entries:
+                    # store the origin, neighbor combination for this hijack BGP update
+                    origin = None
+                    neighbor = None
+                    as_path = entry[0]
+                    if as_path:
+                        origin = as_path[-1]
+                    if len(as_path) > 1:
+                        neighbor = as_path[-2]
+                    redis_hijack_key = redis_key(entry[1], entry[2], entry[3])
+                    redis_pipeline.sadd(
+                        "hij_orig_neighb_{}".format(redis_hijack_key),
+                        "{}_{}".format(origin, neighbor),
+                    )
+                redis_pipeline.execute()
+
             except Exception:
                 log.exception("exception")
 

diff --git a/backend/core/detection.py b/backend/core/detection.py
@@ -769,6 +769,18 @@ def commit_hijack(
                     result = hijack_value
                     mail_log.info("{}".format(result))
                 redis_pipeline.set(redis_hijack_key, pickle.dumps(result))
+
+                # store the origin, neighbor combination for this hijack BGP update
+                origin = None
+                neighbor = None
+                if monitor_event["path"]:
+                    origin = monitor_event["path"][-1]
+                if len(monitor_event["path"]) > 1:
+                    neighbor = monitor_event["path"][-2]
+                redis_pipeline.sadd(
+                    "hij_orig_neighb_{}".format(redis_hijack_key),
+                    "{}_{}".format(origin, neighbor),
+                )
             except Exception:
                 log.exception("exception")
             finally:

diff --git a/backend/core/utils/__init__.py b/backend/core/utils/__init__.py
@@ -143,6 +143,7 @@ def purge_redis_eph_pers_keys(redis_instance, ephemeral_key, persistent_key):
     redis_pipeline.delete("{}token".format(ephemeral_key))
     redis_pipeline.delete(ephemeral_key)
     redis_pipeline.srem("persistent-keys", persistent_key)
+    redis_pipeline.delete("hij_orig_neighb_{}".format(ephemeral_key))
     redis_pipeline.execute()