https://docs.mitigator.ru/v26.04/en/tags/api/ Recent content in Api on BIFIT Mitigator Hugo -- gohugo.io en https://docs.mitigator.ru/v26.04/en/maintenance/compat/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/maintenance/compat/ Update Path A successful upgrade to the next major versions is only guaranteed from the latest minor version of the currently installed major version. Minor versions within a major version may be skipped during an upgrade. Example. Given available versions: v12.34.0, v12.34.1, v12.34.2, v12.35.0, v12.35.1. Guaranteed: v12.34.2 → v12.35.0 (minor version .2 is the latest of v12.34) v12.34.2 → v12.35.1 (see above, v12.35.0 can be skipped) v12.34.0 → v12.34.2 (v12.34.1 can be skipped) Not guaranteed: https://docs.mitigator.ru/v26.04/en/kb/bpf/tutorial/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/kb/bpf/tutorial/ This is a step‑by‑step example of how to write an MCR countermeasure with UDP authentication (protocol description) to get hands‑on experience with BPF countermeasure programming. The final program will be under 100 lines of code. You will need: MITIGATOR v20.06 or higher. Ability to run commands from the terminal. Basic knowledge of the C language (explanations will be provided as we go). Understanding that packets have protocols, headers, and payloads. Environment Setup Any operating system will work, but Linux is recommended. https://docs.mitigator.ru/v26.04/en/integrate/fail2ban/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/fail2ban/ The following web server security configuration is described: Nginx module ngx_http_limit_req detects the excess of the request limit; fail2ban analyzes error.log, which Nginx uses to report on the excesses; IP is added to the list of blocked by MITIGATOR API. MITIGATOR API client There is a script mitigator.py (download) to manage MITIGATOR, in particular to temporarily block an IP address via the MITIGATOR API. If necessary, the script can be modified to perform any other actions on MITIGATOR. https://docs.mitigator.ru/v26.04/en/kb/bpf/api/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/kb/bpf/api/ API Documentation Overview Programs are loaded into MITIGATOR as ELF object files. They can use the API functions from mitigator_bpf.h (download). The compatibility policy applies to BPF. A minimal program must place metadata and code into the correct sections of the object file using macros: #include "mitigator_bpf.h" ENTRYPOINT enum Result program(Context ctx) { return RESULT_PASS; } PROGRAM_DISPLAY_ID("Example v0.1") Typically, programs are written in C and compiled with clang (EBPF support added in GCC 10). https://docs.mitigator.ru/v26.04/en/integrate/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/ MITIGATOR has a REST API that allows you to perform any actions in the system. API documentation is included in MITIGATOR “Help” section. API compatibility in versions follows the policy. API Usage Examples: fail2ban integration; FastNetMon integration; black and white lists export from external systems; integration with the hosting control panel; own dashboards. MITIGATOR writes metrics in Graphite. Game launchers can be authorized on the MITIGATOR using MITIGATOR Challenge Response (MCR) protocol. https://docs.mitigator.ru/v26.04/en/integrate/mcr/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/mcr/ Tip This describes the MITIGATOR Challenge Response (MCR) protocol for developers of external systems. The MCR countermeasure is described in the built-in help. MITIGATOR Challenge Response (MCR) is a protocol for IP authentication on MITIGATOR. The protocol can be implemented both by a protected application and separately, for example, when a game launcher is being checked, and game traffic is passed. The program that implements the protocol and passes the test is called the client (in the example above, the client is the launcher). https://docs.mitigator.ru/v26.04/en/kb/bpf/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/kb/bpf/ “Programmable filter” (BPF) may be used to create custom countermeasures if the existing ones are not sufficient. Writing programs requires basic programming skills, but allows to solve complex tasks quickly: Protection for applications and protocols that are not supported yet. There’s no need to contact developers and wait for the next release if one understand how an application works and how to protect its traffic. More complex filters than the ACL and REX countermeasures allow. https://docs.mitigator.ru/v26.04/en/integrate/log-analyzer/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/log-analyzer/ Info The log analysis functionality is additionally licensed. Logan is a MITIGATOR functionality for analyzing logs of a protected Web server (HTTP, HTTPS), detecting anomalies and attacking addresses. Protected servers send their logs to the Logan using syslog RFC 3164 (UDP, TCP). Logan can be located on the same server as the rest of the MITIGATOR, or separately. Logan on MITIGATOR Instance The following steps assume that an instance of MITIGATOR has already been installed.