chg: log when a url o domain is exempt from checks thanks to allowlis…

…t configuration
MISP · Jan 21, 2025 · bad80c6 · bad80c6
1 parent 554a478
commit bad80c6
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/src/mispguard.py b/src/mispguard.py
@@ -208,12 +208,14 @@ def response(self, flow: http.HTTPFlow) -> None:
 
     def url_is_allowed(self, flow: http.HTTPFlow) -> bool:
         if flow.request.url in self.config["allowlist"]["urls"]:
+            logger.info(f"url {flow.request.url} was allowed by the allowlist")
             return True
         else:
             return False
 
     def domain_is_allowed(self, flow: http.HTTPFlow) -> bool:
         if flow.request.host in self.config["allowlist"]["domains"]:
+            logger.info(f"domain {flow.request.host} was allowed by the allowlist")
             return True
         else:
             return False

diff --git a/src/test/test_misp_guard.py b/src/test/test_misp_guard.py
@@ -167,6 +167,7 @@ async def test_allowed_domain_from_known_src_is_allowed(self, caplog):
         assert "MispGuard initialized" in caplog.text
         assert "request from allowed url - skipping further processing" in caplog.text
         assert "response from allowed url - skipping further processing" in caplog.text
+        assert "domain snort-org-site.s3.amazonaws.com was allowed by the allowlist" in caplog.text
         assert flow.response.status_code == 200
 
     @pytest.mark.asyncio
@@ -221,6 +222,7 @@ async def test_allowed_url_from_known_src_is_allowed(self, caplog):
         assert "MispGuard initialized" in caplog.text
         assert "request from allowed url - skipping further processing" in caplog.text
         assert "response from allowed url - skipping further processing" in caplog.text
+        assert "url http://www.dan.me.uk:443/torlist/?exit was allowed by the allowlist" in caplog.text
         assert flow.response.status_code == 200
 
     @pytest.mark.asyncio