block heavy users without user agent

diff --git a/utils/cron_banip.py b/utils/cron_banip.py
index ad32b852f5159fdca5f3f4b7620434abadd5d01b..36d0be4ebc07130066a831e5d9b9bfec331c97b2 100755 (executable)
--- a/utils/cron_banip.py
+++ b/utils/cron_banip.py
@@ -114,14 +114,14 @@ if len(prevbulks) > MAX_BULK_IPS:
 
 # get the new block candidates
 cur.execute("""
-  SELECT ipaddress, max(count) FROM
+  SELECT ipaddress, max(count), max(ua) FROM
    ((SELECT * FROM
-     (SELECT ipaddress, sum(case when endtime is null then 1 else 1+1.5*date_part('epoch',endtime-starttime) end) as count FROM new_query_log
+     (SELECT ipaddress, sum(case when endtime is null then 1 else 1+1.5*date_part('epoch',endtime-starttime) end) as count, substring(max(useragent) from 1 for 30) as ua FROM new_query_log
       WHERE starttime > now() - interval '1 hour' GROUP BY ipaddress) as i
    WHERE count > %s)
    UNION
-   (SELECT ipaddress, count * 3 FROM
-     (SELECT ipaddress, sum(case when endtime is null then 1 else 1+1.5*date_part('epoch',endtime-starttime) end) as count FROM new_query_log 
+   (SELECT ipaddress, count * 3, ua FROM
+     (SELECT ipaddress, sum(case when endtime is null then 1 else 1+1.5*date_part('epoch',endtime-starttime) end) as count, substring(max(useragent) from 1 for 30) as ua FROM new_query_log 
       WHERE starttime > now() - interval '10 min' GROUP BY ipaddress) as i
    WHERE count > %s)) as o
   GROUP BY ipaddress
@@ -132,9 +132,10 @@ emergencyblocks = []
 
 for c in cur:
     if c[0] not in WHITELIST and c[0] not in BLACKLIST:
-        if c[1] > BLOCK_UPPER and c[0] not in prevbulks:
+        missing_agent = not c[2] or c[2].startswith('Java/1.')
+        if (missing_agent or c[1] > BLOCK_UPPER) and c[0] not in prevblocks:
             newblocks.add(c[0])
-            if c[0] not in prevblocks:
+            if c[0] not in prevbulks:
                 emergencyblocks.append(c[0])
         else:
             bulkips[c[0]] = c[1]