hand made traefik/ddos stats #70

New issue

Open

opened 2025-05-29 20:12:49 +00:00 by earl-warren · 0 comments

earl-warren commented 2025-05-29 20:12:49 +00:00

Copy link

traefik

logs

while : ; do echo "collecting traefik-$(date +%F)*" ; kubectl logs --tail=1 -f --all-pods -n kube-system deployment/traefik < /dev/null >> /srv/traefik/traefik-$(date +%F:%T).log ; zstd --rm traefik-*.log ; sleep 60 ; done

stats

$ bash stats.sh 2025-05-03 'traefik-2025-05*' forgejo-code
|             date/UTC | accepted |  blocked |    total |  blocked% |
|---|---|---|---|---|
|         03/May/2025: |    16981 |     1304 |    18285 |        7% |
|      03/May/2025:00: |     5840 |      434 |     6274 |        6% |
|      03/May/2025:01: |     5599 |      418 |     6017 |        6% |
|      03/May/2025:02: |     4728 |      322 |     5050 |        6% |
|      03/May/2025:03: |     1913 |       67 |     1980 |        3% |
|      03/May/2025:04: |     1574 |       50 |     1624 |        3% |
|      03/May/2025:05: |      810 |       22 |      832 |        2% |

ddos random data

logs

while : ; do echo collecting $(date +%F:%T) ; kubectl --tail=1 -f --all-pods -n forgejo-code logs  deployment/randomfile < /dev/null >> /srv/traefik/$(date +%F:%T)-ddos.log ; sleep 60 ; done

stats

rsync --inplace --progress -z debian@hetzner06.forgejo.org:/srv/traefik/*ddos.log /tmp/ddos/ && grep -v '38;5;6mnginx' /tmp/ddos/*.log | cut -f2- -d' ' > /tmp/logs && goaccess /tmp/logs

Anubis challenges

zstdcat traefik-2025-05-0[45]* | grep forgejo-code | grep -v RunnerService | grep -v 'GET /v2/'  | sed -n -e 's|.*HTTP/..." \([0-9][0-9]*\) .*|\1|p' | sort | uniq -c

code.forgejo.org logs

rsync --inplace --progress -vaz debian@hetzner06.forgejo.org:/precious/k8s/forgejo-code/log/ /tmp/log/ && ( zcat /tmp/log/access.log*.gz ; cat /tmp/log/access.log ) | grep -v RunnerService | grep -v '/v2' > /tmp/access.log && goaccess /tmp/access.log

## traefik ### logs ```sh while : ; do echo "collecting traefik-$(date +%F)*" ; kubectl logs --tail=1 -f --all-pods -n kube-system deployment/traefik < /dev/null >> /srv/traefik/traefik-$(date +%F:%T).log ; zstd --rm traefik-*.log ; sleep 60 ; done ``` ### stats ```sh $ bash stats.sh 2025-05-03 'traefik-2025-05*' forgejo-code | date/UTC | accepted | blocked | total | blocked% | |---|---|---|---|---| | 03/May/2025: | 16981 | 1304 | 18285 | 7% | | 03/May/2025:00: | 5840 | 434 | 6274 | 6% | | 03/May/2025:01: | 5599 | 418 | 6017 | 6% | | 03/May/2025:02: | 4728 | 322 | 5050 | 6% | | 03/May/2025:03: | 1913 | 67 | 1980 | 3% | | 03/May/2025:04: | 1574 | 50 | 1624 | 3% | | 03/May/2025:05: | 810 | 22 | 832 | 2% | ``` ## ddos random data ### logs ```sh while : ; do echo collecting $(date +%F:%T) ; kubectl --tail=1 -f --all-pods -n forgejo-code logs deployment/randomfile < /dev/null >> /srv/traefik/$(date +%F:%T)-ddos.log ; sleep 60 ; done ``` ## stats ```sh rsync --inplace --progress -z debian@hetzner06.forgejo.org:/srv/traefik/*ddos.log /tmp/ddos/ && grep -v '38;5;6mnginx' /tmp/ddos/*.log | cut -f2- -d' ' > /tmp/logs && goaccess /tmp/logs ``` ## Anubis challenges ```sh zstdcat traefik-2025-05-0[45]* | grep forgejo-code | grep -v RunnerService | grep -v 'GET /v2/' | sed -n -e 's|.*HTTP/..." \([0-9][0-9]*\) .*|\1|p' | sort | uniq -c ``` ## code.forgejo.org logs ``` rsync --inplace --progress -vaz debian@hetzner06.forgejo.org:/precious/k8s/forgejo-code/log/ /tmp/log/ && ( zcat /tmp/log/access.log*.gz ; cat /tmp/log/access.log ) | grep -v RunnerService | grep -v '/v2' > /tmp/access.log && goaccess /tmp/access.log ```

stats.txt

12 KiB

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

renovate/helm-3.x

renovate/kube-prometheus-11.x

renovate/ghcr.io-traefik-traefik-3.x

renovate/k3s-1.32.x

renovate/forgejo-next-v7-forgejo-7.x

renovate/forgejo-next-v12-forgejo-12.x

renovate/forgejo-next-v11-forgejo-12.x

renovate/forgejo-next-v10-forgejo-12.x

renovate/forgejo-code-forgejo-12.x

renovate/forgejo-code-invisible-forgejo-12.x

No results found.

Labels

Clear labels   

bug

Something is not working

  

cleanup

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

forgefriends

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/sync.yml

  

help wanted

Need some help

  

invalid

Something is wrong

  

label workflow

a workflow is associated with this issue and will trigger when labels are updated

  

need more info

  

question

More information is needed

  

refactor

No functional change, reorganization

  

static-site

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/sync.yml

  

sync

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/build.yml

  

wontfix

This won't be fixed

No labels

bug

cleanup

duplicate

enhancement

forgefriends

help wanted

invalid

label workflow

need more info

question

refactor

static-site

sync

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: infrastructure/k8s-cluster#70

No description provided.