DECNET

anti/DECNET

Fork 0

Commit Graph

Author	SHA1	Message	Date
anti	e1eda1e754	feat(profiler): wire enrich_rpki into _build_record Import enrich_rpki from decnet.rpki and call it inline after the ASN lookup. bgp_prefix, rpki_status, rpki_source added to the record dict that feeds the Attacker upsert. enrich_rpki short-circuits to (None, None) when asn is None, so private / unannounced IPs never hit RIPE STAT.	2026-05-21 16:14:51 -04:00
anti	b799ade816	feat(rpki): ripestat validator + sqlite cache RipeStatValidator makes two RIPE STAT calls per uncached IP: network-info -> announced prefix, rpki-validation -> ROA state. 2-second timeout; any network failure returns status='unknown'. SQLite cache keyed by IP, 12-hour TTL, pruned on validator init. Cache avoids per-event HTTP for the high-churn attacker pool — steady-state cost approaches zero for repeat offenders.	2026-05-21 16:13:01 -04:00
anti	1a11287f76	feat(rpki): provider scaffold — base, factory, paths, ripestat skeleton New decnet/rpki/ module mirrors decnet/asn/ shape. Validator ABC, lazy singleton factory (DECNET_RPKI_PROVIDER=ripestat default), paths.py with DECNET_RPKI_ROOT override. RipeStatValidator stub returns 'unknown' unconditionally — HTTP wired in next commit. enrich_rpki(ip, asn) -> (status, source) \| (None, None); short-circuits on DECNET_RPKI_ENABLED=false or asn=None.	2026-05-21 16:10:01 -04:00

Author

SHA1

Message

Date

anti

e1eda1e754

feat(profiler): wire enrich_rpki into _build_record

Import enrich_rpki from decnet.rpki and call it inline after the
ASN lookup. bgp_prefix, rpki_status, rpki_source added to the
record dict that feeds the Attacker upsert. enrich_rpki short-circuits
to (None, None) when asn is None, so private / unannounced IPs
never hit RIPE STAT.

2026-05-21 16:14:51 -04:00

anti

b799ade816

feat(rpki): ripestat validator + sqlite cache

RipeStatValidator makes two RIPE STAT calls per uncached IP:
network-info -> announced prefix, rpki-validation -> ROA state.
2-second timeout; any network failure returns status='unknown'.

SQLite cache keyed by IP, 12-hour TTL, pruned on validator init.
Cache avoids per-event HTTP for the high-churn attacker pool —
steady-state cost approaches zero for repeat offenders.

2026-05-21 16:13:01 -04:00

anti

1a11287f76

feat(rpki): provider scaffold — base, factory, paths, ripestat skeleton

New decnet/rpki/ module mirrors decnet/asn/ shape. Validator ABC,
lazy singleton factory (DECNET_RPKI_PROVIDER=ripestat default),
paths.py with DECNET_RPKI_ROOT override. RipeStatValidator stub
returns 'unknown' unconditionally — HTTP wired in next commit.

enrich_rpki(ip, asn) -> (status, source) | (None, None); short-circuits
on DECNET_RPKI_ENABLED=false or asn=None.

2026-05-21 16:10:01 -04:00

3 Commits