Add minimalist web page to see the last firewall logs

config.default.yml

@@ -84,6 +84,7 @@ exemptions:
   - "*?.aryaka.com"
   - "*?.baidu.com"
   - "*?.bing.com"
+  - "*?.bit.do"
   - "*?.bit.ly"
   - "*?.bitly.com"
   - "*?.bitbucket.com"

daemon/sensor.py

@@ -17,7 +17,7 @@ def __init__(self):
     def parse(self, buffer):
         for source, destination, port in re.findall(".* SRC=([0-9a-f:.]+) DST=([0-9a-f:.]+) .* DPT=([0-9]+) .*", buffer, re.IGNORECASE):
             log.info(str("Blocking '{}' -> '{}:{}'").format(source, destination, port))
-            db.session_append(db.models.events(source=source, destination=destination, port=port))
+            db.session_append(db.models.events(source=source, destination=destination, port=port, creation=int(time.time())))
         try:
             db.session_commit()
         except Exception as error:

daemon/syncfw.py

@@ -103,9 +103,9 @@ def build(self):
     def clean(self):
         for element in conf.get("exemptions"):
             if re.search("[.][a-z]+$", element):
-                db.session_append(db.models.exemptions(domain=element.lower()))
+                db.session_append(db.models.exemptions(domain=element.lower(), creation=int(time.time())))
             else:
-                db.session_append(db.models.exemptions(ipaddr=element.lower()))
+                db.session_append(db.models.exemptions(ipaddr=element.lower(), creation=int(time.time())))
         try:
             db.models.exemptions().metadata.drop_all(db.engine)
             db.models.exemptions().metadata.create_all(db.engine)
@@ -174,11 +174,11 @@ def merge(self):
                 for record in revlookup:
                     self.check_append(record, ipfw.ipbl, ipfw.dnbl)
                 self.check_append(element, ipfw.dnbl, ipfw.drop)
-                db.session_append(db.models.threats(domain=element, jsondata=json.dumps(revlookup)))
+                db.session_append(db.models.threats(domain=element, jsondata=json.dumps(revlookup), creation=int(time.time())))
                 self.threats.pop(element)
             else:
                 self.check_append(element, ipfw.ipbl, ipfw.drop)
-                db.session_append(db.models.threats(ipaddr=element, jsondata=json.dumps(revlookup)))
+                db.session_append(db.models.threats(ipaddr=element, jsondata=json.dumps(revlookup), creation=int(time.time())))
                 self.threats.pop(element)
         try:
             self.check_commit()

models/events.py

@@ -11,10 +11,11 @@
 
 class events(declarative_base()):
     __tablename__ = "events"
+
     id = Column(Integer, primary_key=True)
     source = Column(String)
     destination = Column(String)
     port = Column(Integer)
-    creation = Column(Integer, default=int(time.time()))
-    modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
+    creation = Column(Integer, default=0)
+    modification = Column(Integer, default=0)
     flag = Column(Integer, default=0)

models/exemptions.py

@@ -11,9 +11,10 @@
 
 class exemptions(declarative_base()):
     __tablename__ = "exemptions"
+
     id = Column(Integer, primary_key=True)
     domain = Column(String, unique=True)
     ipaddr = Column(String, unique=True)
-    creation = Column(Integer, default=int(time.time()))
-    modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
+    creation = Column(Integer, default=0)
+    modification = Column(Integer, default=0)
     flag = Column(Integer, default=0)

models/threats.py

@@ -11,10 +11,11 @@
 
 class threats(declarative_base()):
     __tablename__ = "threats"
+
     id = Column(Integer, primary_key=True)
     domain = Column(String, unique=True)
     ipaddr = Column(String, unique=True)
     jsondata = Column(String)
-    creation = Column(Integer, default=int(time.time()))
-    modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
+    creation = Column(Integer, default=0)
+    modification = Column(Integer, default=0)
     flag = Column(Integer, default=0)

models/users.py

@@ -11,11 +11,12 @@
 
 class users(declarative_base()):
     __tablename__ = "users"
+
     id = Column(Integer, primary_key=True)
     hash = Column(String)
     fullname = Column(String)
     username = Column(String, unique=True)
     password = Column(String)
-    creation = Column(Integer, default=int(time.time()))
-    modification = Column(Integer, onupdate=int(time.time()), default=int(time.time()))
+    creation = Column(Integer, default=0)
+    modification = Column(Integer, default=0)
     flag = Column(Integer, default=0)

utils/database.py

@@ -25,6 +25,9 @@ def __init__(self, file, verbose=False):
         self.session = self.session()
         self.chunk = 100
 
+    def __del__(self):
+        self.session.close()
+
     def session_append(self, row):
         try:
             self.session.add(row)

webapp/__init__.py

@@ -9,7 +9,7 @@
 import flask, hashlib, os
 
 conf = configuration()
-db = database(conf.get("db"))
+db = database
 app = flask.Flask(__name__)
 app.debug = conf.get("verbose")
 app.session_cookie_name = "session"

webapp/routes/__init__.py

@@ -6,3 +6,5 @@
 # -*- coding: utf-8 -*-
 
 from .default import *
+from .api import *
+from .app import *

webapp/routes/api.py

@@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+##
+# Nicolas THIBAUT
+# nicolas.thibaut@uppersafe.com
+##
+# -*- coding: utf-8 -*-
+
+from .. import conf, db, app
+from flask import g, session, request, abort, redirect, make_response, render_template
+from datetime import datetime
+import json
+
+@app.route("/api", methods=["GET"])
+def controller_api_root():
+    return make_response(json.dumps({"message": ""}))
+
+@app.route("/api/auth", methods=["POST"])
+def controller_api_auth():
+    return make_response(json.dumps({"message": "Not implemented yet"}))
+
+@app.route("/api/events", methods=["GET"])
+def controller_api_events():
+    data = []
+    for row in g.db.session.query(g.db.models.events).order_by(g.db.models.events.id.desc()).yield_per(g.db.chunk).limit(100):
+        data.append({
+            "source": row.source,
+            "destination": row.destination,
+            "port": row.port,
+            "datetime": datetime.utcfromtimestamp(row.creation).strftime("%Y-%m-%d %H:%M:%S")})
+    return make_response(json.dumps(data))

webapp/routes/app.py

@@ -0,0 +1,23 @@
+#!/usr/bin/env python3
+##
+# Nicolas THIBAUT
+# nicolas.thibaut@uppersafe.com
+##
+# -*- coding: utf-8 -*-
+
+from .. import conf, db, app
+from flask import g, session, request, abort, redirect, make_response, render_template
+from datetime import datetime
+import json
+
+@app.route("/app", methods=["GET"])
+def controller_app_root():
+    return render_template("default.html")
+
+@app.route("/app/auth", methods=["GET", "POST"])
+def controller_app_auth():
+    return render_template("default.html")
+
+@app.route("/app/dashboard", methods=["GET", "POST"])
+def controller_app_dashboard():
+    return render_template("default.html")

webapp/routes/default.py

@@ -7,7 +7,17 @@
 
 from .. import conf, db, app
 from flask import g, session, request, abort, redirect, make_response, render_template
+from datetime import datetime
+import json
 
-@app.route("/", methods=["GET", "POST"])
+@app.before_request
+def handler_before_request():
+    g.db = db(conf.get("db"))
+
+@app.teardown_request
+def handler_teardown_request(e):
+    g.pop("db")
+
+@app.route("/", methods=["GET"])
 def controller_root():
-    return render_template("default.html")
+    return redirect("/app")

webapp/templates/default.html

@@ -1,26 +1,72 @@
 <!DOCTYPE html>
 <html itemscope itemtype="http://schema.org/WebPage" lang="en-US">
-  <head>
-    <meta charset="UTF-8"/>
-    <meta name="viewport" content="initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0"/>
-    <meta name="description" content=""/>
-    <meta name="keywords" content=""/>
-    <meta name="author" content=""/>
-    <title>OSFW</title>
-    <link rel="canonical" href=""/>
-    <link rel="icon" href="/static/images/favicon.ico"/>
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/css/bootstrap.min.css"/>
-    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/js/bootstrap.min.js"></script>
-    <script src="https://cdn.jsdelivr.net/npm/vue"></script>
-  </head>
-  <body>
-    <todo-iteme>
-      <p>CHEERS</p>
-    </todo-iteme>
-    <script>
-      Vue.component("todo-item", {
-      });
-    </script>
-  </body>
+	<head>
+		<meta charset="UTF-8"/>
+		<meta name="viewport" content="initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0"/>
+		<meta name="description" content="UPPERSAFE Open Source Firewall"/>
+		<meta name="keywords" content=""/>
+		<meta name="author" content="Nicolas THIBAUT"/>
+		<title>OSFW</title>
+		<link rel="canonical" href=""/>
+		<link rel="icon" href="/static/images/favicon.ico"/>
+		<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/css/bootstrap.min.css"/>
+		<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"/>
+		<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
+		<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/js/bootstrap.min.js"></script>
+		<script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.2/Chart.min.js"></script>
+	</head>
+	<body>
+		<nav class="navbar navbar-dark bg-dark">
+			<div class="container">
+				<a class="navbar-brand" href="#">OSFW</a>
+				<a class="btn btn-dark" href="#"><span class="fa fa-power-off"></span></a>
+			</div>
+		</nav>
+		<div class="main">
+			<div class="container">
+				<table class="table table-sm table-hover">
+					<thead>
+						<tr>
+							<th>Source</th>
+							<th>Destination</th>
+							<th>Port</th>
+							<th>Datetime UTC</th>
+						</tr>
+					</thead>
+					<tbody>
+						<tr class="item template">
+							<td class="data source"><code class="text-dark"></code></td>
+							<td class="data destination"><code class="text-dark"></code></td>
+							<td class="data port"><span class="badge badge-secondary"></span></td>
+							<td class="data datetime"><code class="text-dark"></code></td>
+						</tr>
+					</tbody>
+				</table>
+			</div>
+		</div>
+		<script>
+			$(function () {
+				$.ajax({
+					"method": "GET",
+					"url": "/api/events",
+					"success": function (data) {
+						var json = JSON.parse(data);
+						var template = $(".item.template");
+
+						template.hide();
+						json.forEach(function (element, index) {
+							var item = template.clone().attr("class", "item");
+
+							item.show();
+							item.find(".data.source").children().text(element.source);
+							item.find(".data.destination").children().text(element.destination);
+							item.find(".data.port").children().text(element.port);
+							item.find(".data.datetime").children().text(element.datetime);
+							template.parent().append(item);
+						});
+					}
+				});
+			});
+		</script>
+	</body>
 </html>