Permalink
Browse files

Add minimalist web page to see the last firewall logs

  • Loading branch information...
root
root committed Jul 27, 2018
1 parent 744ea08 commit 0ed96c36872062164e3af24dd2d9998f14ce9904
@@ -84,6 +84,7 @@ exemptions:
- "*?.aryaka.com"
- "*?.baidu.com"
- "*?.bing.com"
- "*?.bit.do"
- "*?.bit.ly"
- "*?.bitly.com"
- "*?.bitbucket.com"
@@ -17,7 +17,7 @@ def __init__(self):
def parse(self, buffer):
for source, destination, port in re.findall(".* SRC=([0-9a-f:.]+) DST=([0-9a-f:.]+) .* DPT=([0-9]+) .*", buffer, re.IGNORECASE):
log.info(str("Blocking '{}' -> '{}:{}'").format(source, destination, port))
db.session_append(db.models.events(source=source, destination=destination, port=port))
db.session_append(db.models.events(source=source, destination=destination, port=port, creation=int(time.time())))
try:
db.session_commit()
except Exception as error:
@@ -103,9 +103,9 @@ def build(self):
def clean(self):
for element in conf.get("exemptions"):
if re.search("[.][a-z]+$", element):
db.session_append(db.models.exemptions(domain=element.lower()))
db.session_append(db.models.exemptions(domain=element.lower(), creation=int(time.time())))
else:
db.session_append(db.models.exemptions(ipaddr=element.lower()))
db.session_append(db.models.exemptions(ipaddr=element.lower(), creation=int(time.time())))
try:
db.models.exemptions().metadata.drop_all(db.engine)
db.models.exemptions().metadata.create_all(db.engine)
@@ -174,11 +174,11 @@ def merge(self):
for record in revlookup:
self.check_append(record, ipfw.ipbl, ipfw.dnbl)
self.check_append(element, ipfw.dnbl, ipfw.drop)
db.session_append(db.models.threats(domain=element, jsondata=json.dumps(revlookup)))
db.session_append(db.models.threats(domain=element, jsondata=json.dumps(revlookup), creation=int(time.time())))
self.threats.pop(element)
else:
self.check_append(element, ipfw.ipbl, ipfw.drop)
db.session_append(db.models.threats(ipaddr=element, jsondata=json.dumps(revlookup)))
db.session_append(db.models.threats(ipaddr=element, jsondata=json.dumps(revlookup), creation=int(time.time())))
self.threats.pop(element)
try:
self.check_commit()
@@ -11,10 +11,11 @@

class events(declarative_base()):
__tablename__ = "events"

id = Column(Integer, primary_key=True)
source = Column(String)
destination = Column(String)
port = Column(Integer)
creation = Column(Integer, default=int(time.time()))
modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
creation = Column(Integer, default=0)
modification = Column(Integer, default=0)
flag = Column(Integer, default=0)
@@ -11,9 +11,10 @@

class exemptions(declarative_base()):
__tablename__ = "exemptions"

id = Column(Integer, primary_key=True)
domain = Column(String, unique=True)
ipaddr = Column(String, unique=True)
creation = Column(Integer, default=int(time.time()))
modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
creation = Column(Integer, default=0)
modification = Column(Integer, default=0)
flag = Column(Integer, default=0)
@@ -11,10 +11,11 @@

class threats(declarative_base()):
__tablename__ = "threats"

id = Column(Integer, primary_key=True)
domain = Column(String, unique=True)
ipaddr = Column(String, unique=True)
jsondata = Column(String)
creation = Column(Integer, default=int(time.time()))
modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
creation = Column(Integer, default=0)
modification = Column(Integer, default=0)
flag = Column(Integer, default=0)
@@ -11,11 +11,12 @@

class users(declarative_base()):
__tablename__ = "users"

id = Column(Integer, primary_key=True)
hash = Column(String)
fullname = Column(String)
username = Column(String, unique=True)
password = Column(String)
creation = Column(Integer, default=int(time.time()))
modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
creation = Column(Integer, default=0)
modification = Column(Integer, default=0)
flag = Column(Integer, default=0)
@@ -25,6 +25,9 @@ def __init__(self, file, verbose=False):
self.session = self.session()
self.chunk = 100

def __del__(self):
self.session.close()

def session_append(self, row):
try:
self.session.add(row)
@@ -9,7 +9,7 @@
import flask, hashlib, os

conf = configuration()
db = database(conf.get("db"))
db = database
app = flask.Flask(__name__)
app.debug = conf.get("verbose")
app.session_cookie_name = "session"
@@ -6,3 +6,5 @@
# -*- coding: utf-8 -*-

from .default import *
from .api import *
from .app import *
@@ -0,0 +1,30 @@
#!/usr/bin/env python3
##
# Nicolas THIBAUT
# nicolas.thibaut@uppersafe.com
##
# -*- coding: utf-8 -*-

from .. import conf, db, app
from flask import g, session, request, abort, redirect, make_response, render_template
from datetime import datetime
import json

@app.route("/api", methods=["GET"])
def controller_api_root():
return make_response(json.dumps({"message": ""}))

@app.route("/api/auth", methods=["POST"])
def controller_api_auth():
return make_response(json.dumps({"message": "Not implemented yet"}))

@app.route("/api/events", methods=["GET"])
def controller_api_events():
data = []
for row in g.db.session.query(g.db.models.events).order_by(g.db.models.events.id.desc()).yield_per(g.db.chunk).limit(100):
data.append({
"source": row.source,
"destination": row.destination,
"port": row.port,
"datetime": datetime.utcfromtimestamp(row.creation).strftime("%Y-%m-%d %H:%M:%S")})
return make_response(json.dumps(data))
@@ -0,0 +1,23 @@
#!/usr/bin/env python3
##
# Nicolas THIBAUT
# nicolas.thibaut@uppersafe.com
##
# -*- coding: utf-8 -*-

from .. import conf, db, app
from flask import g, session, request, abort, redirect, make_response, render_template
from datetime import datetime
import json

@app.route("/app", methods=["GET"])
def controller_app_root():
return render_template("default.html")

@app.route("/app/auth", methods=["GET", "POST"])
def controller_app_auth():
return render_template("default.html")

@app.route("/app/dashboard", methods=["GET", "POST"])
def controller_app_dashboard():
return render_template("default.html")
@@ -7,7 +7,17 @@

from .. import conf, db, app
from flask import g, session, request, abort, redirect, make_response, render_template
from datetime import datetime
import json

@app.route("/", methods=["GET", "POST"])
@app.before_request
def handler_before_request():
g.db = db(conf.get("db"))

@app.teardown_request
def handler_teardown_request(e):
g.pop("db")

@app.route("/", methods=["GET"])
def controller_root():
return render_template("default.html")
return redirect("/app")
@@ -1,26 +1,72 @@
<!DOCTYPE html>
<html itemscope itemtype="http://schema.org/WebPage" lang="en-US">
<head>
<meta charset="UTF-8"/>
<meta name="viewport" content="initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0"/>
<meta name="description" content=""/>
<meta name="keywords" content=""/>
<meta name="author" content=""/>
<title>OSFW</title>
<link rel="canonical" href=""/>
<link rel="icon" href="/static/images/favicon.ico"/>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/css/bootstrap.min.css"/>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/js/bootstrap.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/vue"></script>
</head>
<body>
<todo-iteme>
<p>CHEERS</p>
</todo-iteme>
<script>
Vue.component("todo-item", {
});
</script>
</body>
<head>
<meta charset="UTF-8"/>
<meta name="viewport" content="initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0"/>
<meta name="description" content="UPPERSAFE Open Source Firewall"/>
<meta name="keywords" content=""/>
<meta name="author" content="Nicolas THIBAUT"/>
<title>OSFW</title>
<link rel="canonical" href=""/>
<link rel="icon" href="/static/images/favicon.ico"/>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/css/bootstrap.min.css"/>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"/>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/js/bootstrap.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.2/Chart.min.js"></script>
</head>
<body>
<nav class="navbar navbar-dark bg-dark">
<div class="container">
<a class="navbar-brand" href="#">OSFW</a>
<a class="btn btn-dark" href="#"><span class="fa fa-power-off"></span></a>
</div>
</nav>
<div class="main">
<div class="container">
<table class="table table-sm table-hover">
<thead>
<tr>
<th>Source</th>
<th>Destination</th>
<th>Port</th>
<th>Datetime UTC</th>
</tr>
</thead>
<tbody>
<tr class="item template">
<td class="data source"><code class="text-dark"></code></td>
<td class="data destination"><code class="text-dark"></code></td>
<td class="data port"><span class="badge badge-secondary"></span></td>
<td class="data datetime"><code class="text-dark"></code></td>
</tr>
</tbody>
</table>
</div>
</div>
<script>
$(function () {
$.ajax({
"method": "GET",
"url": "/api/events",
"success": function (data) {
var json = JSON.parse(data);
var template = $(".item.template");
template.hide();
json.forEach(function (element, index) {
var item = template.clone().attr("class", "item");
item.show();
item.find(".data.source").children().text(element.source);
item.find(".data.destination").children().text(element.destination);
item.find(".data.port").children().text(element.port);
item.find(".data.datetime").children().text(element.datetime);
template.parent().append(item);
});
}
});
});
</script>
</body>
</html>

0 comments on commit 0ed96c3

Please sign in to comment.