First, you'll need to install all the required libraries in order to make this API work.
pip install -r requirements.txtTo launch this API, use uvicorn:
uvicorn main:app --reloadYou need to setup these environment variables to make this API work:
SFLOW_RT_IP: IP for sFlow-RT hostRYU_IP: IP for Ryu hostCONTROLLER: IP for OpenFlow Controller (might be the same as Ryu)TARGETED_SWITCH: Targeted switch dpid (integer conversion of MAC address)TARGETED_SWITCH_IP: IP for OpenVSwitch host You can set them up in a.envfile or through environment variables in case you're running this app in a Docker container.
You can also get this API through its Docker image using this command:
docker pull lilierd/ddos-killer-apidocker run lilierd/ddos-killer-api -p 8000:8000When running your container, you must set all the environment variables described above using the -e option.
This API exposes lots of routes:
/blacklist(GET): returns the list of the current active rules (each rule lasts 60 seconds)./config(GET, POST):GET: returns all the parameters of the engine configuration.POST: set an attribute for the engine configuration.
/events(GET): returns all the previous events triggered by sFlow-RT./engine/start(POST): starts the ddos killer engine./engine/stop(POST): stops the ddos killer engine./engine/status(GET): returns the current status of the ddos killer engine./engine/threshold(POST): sets the threshold for a specific type of attack through query parameters attack_type (string) and threshold (integer).
curl -X POST "http://localhost:8000/engine/threshold?attack_type=sip_flood&threshold=25000"You can also see all these routes in the swagger documentation http://localhost:8000/docs.