Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix deprecated dynamic import
  • Loading branch information
Nicolas THIBAUT committed Jul 3, 2018
1 parent 8e8c44e commit c8f9d53
Show file tree
Hide file tree
Showing 14 changed files with 19,242 additions and 79 deletions.
2 changes: 1 addition & 1 deletion .travis.yml
Expand Up @@ -7,4 +7,4 @@ python:
install:
- pip install -r requirements.txt
script:
- test.py
- bash run.sh assert
5 changes: 5 additions & 0 deletions assets/logs.txt
@@ -0,0 +1,5 @@
* Serving Flask app "webapp" (lazy loading)
* Environment: production
WARNING: Do not use the development server in a production environment.
Use a production WSGI server instead.
* Debug mode: on
Binary file modified assets/sqlite.db
Binary file not shown.
19,177 changes: 19,177 additions & 0 deletions assets/unbound.conf

Large diffs are not rendered by default.

8 changes: 8 additions & 0 deletions daemon/__init__.py
Expand Up @@ -5,5 +5,13 @@
##
# -*- coding: utf-8 -*-

from utils import configuration, database, logger, iptables, unbound

conf = configuration()
db = database(conf.get("db"))
log = logger(__name__, conf.get("verbose"))
ipfw = iptables(conf.get("network"), conf.get("filterMode"))
dnfw = unbound(conf.get("unbound"))

from .sensor import sensor
from .syncfw import syncfw
8 changes: 2 additions & 6 deletions daemon/sensor.py
Expand Up @@ -5,12 +5,8 @@
##
# -*- coding: utf-8 -*-

from utils import configuration, database, logger
import sys, re, time, os

conf = configuration()
db = database(conf.get("db"))
log = logger(__name__, conf.get("verbose"))
from daemon import conf, log, db
import time, os, re

class sensor:
def __init__(self):
Expand Down
36 changes: 18 additions & 18 deletions daemon/syncfw.py
Expand Up @@ -5,14 +5,8 @@
##
# -*- coding: utf-8 -*-

from utils import configuration, database, logger, iptables, unbound
import sys, re, time, imp, json, socket, pebble

conf = configuration()
db = database(conf.get("db"))
log = logger(__name__, conf.get("verbose"))
ipfw = iptables(conf.get("network"), conf.get("filterMode"))
dnfw = unbound(conf.get("unbound"))
from daemon import conf, log, db, ipfw, dnfw
import time, importlib, re, json, socket, pebble

def ipbydn(data):
result = set()
Expand Down Expand Up @@ -64,8 +58,7 @@ def check_delete(self, content, chain, label):
def fetch(self):
for element in conf.get("feeds"):
if element not in self.feeds.keys():
file = str("feeds/{}.py").format(element)
module = getattr(imp.load_source(element, file), element)
module = getattr(importlib.import_module(str("feeds.{}").format(element)), element)
self.feeds.update({element: module(log, conf.get("groupRange"), conf.get("queryUserAgent"), conf.get("queryTimeout"))})
for element in sorted(self.feeds.keys()):
if element not in conf.get("feeds"):
Expand All @@ -92,6 +85,19 @@ def fetch(self):
return 0

def clean(self):
for element in conf.get("exemptions"):
if re.search("[.][a-z]+$", element):
db.session.add(db.models.exemptions(domain=element.lower()))
else:
db.session.add(db.models.exemptions(ipaddr=element.lower()))
try:
db.models.exemptions().metadata.drop_all(db.engine)
db.models.exemptions().metadata.create_all(db.engine)
db.session.commit()
except Exception as error:
db.session.rollback()
log.error(error)
log.info(str("[!] CLEAN part 1/2 done ({} threats)").format(len(self.threats)))
for row in db.session.query(db.models.exemptions).order_by(db.models.exemptions.id).all():
regex = []
if row.domain:
Expand All @@ -116,7 +122,7 @@ def clean(self):
if re.search(str("^{}$").format(str().join(reversed(regex))), element):
log.warning(str("Ignoring '{}' -> '{}'").format(element, str().join(reversed(regex))))
self.threats.pop(element)
log.info(str("[!] CLEAN part 1/1 done ({} threats)").format(len(self.threats)))
log.info(str("[!] CLEAN part 2/2 done ({} threats)").format(len(self.threats)))
return 0

def build(self):
Expand Down Expand Up @@ -182,20 +188,14 @@ def reset(self):
if row.ipaddr:
if row.ipaddr not in self.threats:
self.check_append(row.ipaddr, ipfw.ipbl, ipfw.drop)
log.info(str("[!] RESET part 1/2 done ({} threats)").format(len(self.threats)))
for element in conf.get("exemptions"):
if re.search("[.][a-z]+$", element):
db.session.add(db.models.exemptions(domain=element.lower()))
else:
db.session.add(db.models.exemptions(ipaddr=element.lower()))
try:
ipfw.commit()
dnfw.commit()
db.session.commit()
except Exception as error:
db.session.rollback()
log.error(error)
log.info(str("[!] RESET part 2/2 done ({} threats)").format(len(self.threats)))
log.info(str("[!] RESET part 1/1 done ({} threats)").format(len(self.threats)))
return 0

def refresh(self, timestamp):
Expand Down
16 changes: 8 additions & 8 deletions feeds/__init__.py
Expand Up @@ -5,11 +5,11 @@
##
# -*- coding: utf-8 -*-

from alienvault import .alienvault
from blocklist import .blocklist
from ciarmy import .ciarmy
from greensnow import .greensnow
from openphish import .openphish
from phishtank import .phishtank
from ransomware import .ransomware
from spamhaus import .spamhaus
from .alienvault import alienvault
from .blocklist import blocklist
from .ciarmy import ciarmy
from .greensnow import greensnow
from .openphish import openphish
from .phishtank import phishtank
from .ransomware import ransomware
from .spamhaus import spamhaus
11 changes: 7 additions & 4 deletions main.py
Expand Up @@ -5,18 +5,21 @@
##
# -*- coding: utf-8 -*-

import sys, imp, hashlib, os
import sys, unittest, importlib
from tests import *

def main():
if len(sys.argv) == 2 and "daemon/sensor" in sys.argv:
daemon = imp.load_source("daemon", "daemon/sensor.py")
daemon = importlib.import_module("daemon.sensor")
daemon.sensor()
if len(sys.argv) == 2 and "daemon/syncfw" in sys.argv:
daemon = imp.load_source("daemon", "daemon/syncfw.py")
daemon = importlib.import_module("daemon.syncfw")
daemon.syncfw()
if len(sys.argv) == 2 and "webapp" in sys.argv:
webapp = imp.load_source("webapp", "webapp/__init__.py")
webapp = importlib.import_module("webapp")
webapp.app.run(webapp.conf.get("host"), webapp.conf.get("port"))
if len(sys.argv) == 2 and "assert" in sys.argv:
unittest.main(argv=sys.argv[0:1])
return 0

if __name__ == "__main__":
Expand Down
4 changes: 4 additions & 0 deletions run.sh
Expand Up @@ -32,4 +32,8 @@ if [ "$1" == "webapp" ]; then
python main.py webapp | tee assets/logs.txt
fi

if [ "$1" == "assert" ]; then
python main.py assert
fi

popd > /dev/null 2>&1
8 changes: 8 additions & 0 deletions tests/__init__.py
@@ -0,0 +1,8 @@
#!/usr/bin/env python3
##
# Nicolas THIBAUT
# nicolas.thibaut@uppersafe.com
##
# -*- coding: utf-8 -*-

from .default import default
7 changes: 2 additions & 5 deletions test.py → tests/default.py
Expand Up @@ -7,9 +7,6 @@

import unittest

class test(unittest.TestCase):
def test_default(self):
class default(unittest.TestCase):
def test_example(self):
self.assertEqual("TEST", "TEST")

if __name__ == "__main__":
unittest.main()
4 changes: 2 additions & 2 deletions utils/database.py
Expand Up @@ -5,14 +5,14 @@
##
# -*- coding: utf-8 -*-

import imp
import importlib
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker

class database:
def __init__(self, file, verbose=False):
self.engine = create_engine(str("sqlite:///{}").format(file), echo=verbose)
self.models = imp.load_source("models", "models/__init__.py")
self.models = importlib.import_module("models")
self.models.exemptions().metadata.create_all(self.engine)
self.models.threats().metadata.create_all(self.engine)
self.models.events().metadata.create_all(self.engine)
Expand Down
35 changes: 0 additions & 35 deletions webapp/routes/default.py
Expand Up @@ -11,38 +11,3 @@
@app.route("/", methods=["GET", "POST"])
def controller_root():
return render_template("default.html")

'''
@app.route("/auth", methods=["GET", "POST"])

@app.route("/dashboard/stats", methods=["GET", "POST"])
|-> Graph
|-> Number of threats
|-> Number of attacks

@app.route("/dashboard/firewall", methods=["GET", "POST"])
|-> network
|-> monitor
|-> filterMode

@app.route("/dashboard/firewall/threats", methods=["GET", "POST"])
|-> groupRange
|-> refreshDelay
|-> queryTimeout
|-> queryUserAgent
|-> feeds
|-> exemptions

@app.route("/dashboard/firewall/rules", methods=["GET", "POST"])
|-> INPUT
|-> OUTPUT
|-> FORWARD
|-> IPBL
|-> DNBL
|-> LOGDROP

@app.route("/dashboard/dns", methods=["GET", "POST"])
|-> verbosity
|-> hide-version
|-> interface
|-> access-control

0 comments on commit c8f9d53

Please sign in to comment.