made ip analysis and ip rep info fetch a scheduled task

2026-01-10 14:53:31 +01:00
parent 4f42b946f3 5a57c0774f
commit 77196952d1
22 changed files with 1833 additions and 288 deletions
--- a/src/models.py
+++ b/src/models.py
@@ -150,4 +150,59 @@ class IpStats(Base):


    def __repr__(self) -> str:
-        return f"<IpStats(ip='{self.ip}', total_requests={self.total_requests})>"
+        return f"<IpStats(ip='{self.ip}', total_requests={self.total_requests})>"
+
+
+class CategoryHistory(Base):
+    """
+    Records category changes for IP addresses over time.
+
+    Tracks when an IP's category changes, storing both the previous
+    and new category along with timestamp for timeline visualization.
+    """
+    __tablename__ = 'category_history'
+
+    id: Mapped[int] = mapped_column(Integer, primary_key=True, autoincrement=True)
+    ip: Mapped[str] = mapped_column(String(MAX_IP_LENGTH), nullable=False, index=True)
+    old_category: Mapped[Optional[str]] = mapped_column(String(50), nullable=True)
+    new_category: Mapped[str] = mapped_column(String(50), nullable=False)
+    timestamp: Mapped[datetime] = mapped_column(DateTime, nullable=False, default=datetime.utcnow, index=True)
+
+    # Composite index for efficient IP-based timeline queries
+    __table_args__ = (
+        Index('ix_category_history_ip_timestamp', 'ip', 'timestamp'),
+    )
+
+    def __repr__(self) -> str:
+        return f"<CategoryHistory(ip='{self.ip}', {self.old_category} -> {self.new_category})>"
+
+
+# class IpLog(Base):
+#     """
+#     Records all IPs that have accessed the honeypot, along with aggregated stats and inferred user category.
+#     """
+#     __tablename__ = 'ip_logs'
+
+#     id: Mapped[int] = mapped_column(Integer, primary_key=True, autoincrement=True)
+#     ip: Mapped[str] = mapped_column(String(MAX_IP_LENGTH), nullable=False, index=True)
+#     stats: Mapped[List[str]] = mapped_column(String(MAX_PATH_LENGTH))
+#     category: Mapped[str] = mapped_column(String(15))
+#     manual_category: Mapped[bool] = mapped_column(Boolean, default=False)
+#     last_analysis: Mapped[datetime] = mapped_column(DateTime, index=True),
+
+#     # Relationship to attack detections
+#     access_logs: Mapped[List["AccessLog"]] = relationship(
+#         "AccessLog",
+#         back_populates="ip",
+#         cascade="all, delete-orphan"
+#     )
+
+#     # Indexes for common queries
+#     __table_args__ = (
+#         Index('ix_access_logs_ip_timestamp', 'ip', 'timestamp'),
+#         Index('ix_access_logs_is_suspicious', 'is_suspicious'),
+#         Index('ix_access_logs_is_honeypot_trigger', 'is_honeypot_trigger'),
+#     )
+
+#     def __repr__(self) -> str:
+#         return f"<AccessLog(id={self.id}, ip='{self.ip}', path='{self.path[:50]}')>"