def on_error_conf(self, item):
"""Launch parser and generate an anonymous configuration file with parsed token"""
filename = None
dialog = gtk.FileChooserDialog('Save anonymous configuration file',
None, gtk.FILE_CHOOSER_ACTION_SAVE,
(gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL,
gtk.STOCK_SAVE, gtk.RESPONSE_OK))
dialog.set_default_response(gtk.RESPONSE_OK)
response = dialog.run()
if response == gtk.RESPONSE_OK:
filename = dialog.get_filename()
dialog.destroy()
if not filename:
return
try:
Parser.generate_debug_conf(filename, self.node.object.name,
self.node.object.type)
except Exception as e:
Gtk_DialogBox(e.message)
except:
Gtk_DialogBox("An error occurred.")
def on_config_error_menu(self, item):
"""Show configuration error (unused object and unbinded rules) in new pages"""
if not self.node.object.unused_objects and not self.node.object.unbounded_rules:
Gtk_DialogBox("No error found !")
return
treeview = Gtk_TreeView("Configuration error (%s)" %
self.node.object.hostname)
if self.node.object.unused_objects:
p_iter1 = treeview.add_row(None, "Unused objects", 'black',
'#B9B9B9')
count = 0
for i in self.node.object.unused_objects:
treeview.add_row(p_iter1, "Unused object: " + i, 'black',
'#FFFFFF' if count % 2 else '#DCDCDC')
count += 1
if self.node.object.unbounded_rules:
p_iter1 = treeview.add_row(None, "Unbounded rules", 'black',
'#B9B9B9')
count = 0
for i in self.node.object.unbounded_rules:
treeview.add_row(p_iter1, "Unbounded rule: " + i, 'black',
'#FFFFFF' if count % 2 else '#DCDCDC')
count += 1
Gtk_Main.Gtk_Main().notebook.add_tab(
treeview.scrolled_window,
"Configuration error (%s)" % self.node.object.hostname,
can_close=True,
ref=self.node.object,
export=Gtk_Export.export_error_configuration)
Gtk_Main.Gtk_Main().lateral_pane.help_message.change_message(
Gtk_Message.ON_ERROR_CONFIG)
def on_click(self, widget):
"""Event listener : launch when "Run Query" is clicked.
Launch the query path search algorithm.
"""
protocol_op = []
ip_source_op = []
port_source_op = []
ip_dest_op = []
port_dest_op = []
if self.protocol_entry.get_text() != '':
protocol_op = [Operator.Operator('EQ', Protocol.Protocol(self.protocol_entry.get_text()))]
if self.ip_source_entry.get_text() != '':
mask_src = self.mask_source_entry.get_text() if self.mask_source_entry.get_text() else '255.255.255.255'
ip_source_op = [Operator.Operator('EQ', Ip.Ip(self.ip_source_entry.get_text(), mask_src))]
if self.port_source_entry.get_text() != '':
port_source_op = [Operator.Operator('EQ', Port.Port(self.port_source_entry.get_text()))]
if self.ip_dest_entry.get_text() != '':
mask_dst = self.mask_dest_entry.get_text() if self.mask_dest_entry.get_text() else '255.255.255.255'
ip_dest_op = [Operator.Operator('EQ', Ip.Ip(self.ip_dest_entry.get_text(), mask_dst))]
if self.port_dest_entry.get_text() != '':
port_dest_op = [Operator.Operator('EQ', Port.Port(self.port_dest_entry.get_text()))]
test_rule = Rule.Rule(0, 'query_path', protocol_op, ip_source_op, port_source_op, ip_dest_op, port_dest_op,
Action.Action(True))
self.popup.destroy()
res = []
try:
res = run_query(test_rule)
if not res:
raise
except:
# message popup if no result
Gtk_DialogBox("No path found !")
g = NetworkGraph.NetworkGraph()
# clear old path
Gtk_Main.Gtk_Main().lateral_pane.path.clear()
for edge in g.graph.edges(data=True):
edge[2]['object'].clear_path()
# construct and add path string
for path_data in res:
path = path_data[0]
i = 0
while i < len(path) - 1:
# mark path
g.graph[path[i]][path[i + 1]]['object'].mark_path()
i += 1
Gtk_Main.Gtk_Main().lateral_pane.path.add_row(path_to_string(path_data[0], '\n'))
Gtk_Main.Gtk_Main().lateral_pane.path_data = res
Gtk_Main.Gtk_Main().lateral_pane.focus_path()
Gtk_Main.Gtk_Main().statusbar.change_message("Ready")
def save(self):
"""Try to open the file and launch saving callback function"""
try:
fd = open(self.filename, 'w')
except:
Gtk_DialogBox('Error while opening the export file', gtk.MESSAGE_ERROR)
return
self.callback(fd, self.ref)
fd.close()
def start_detection(popup, deep_search):
popup.destroy()
distributed_detection = DistributedDetection(deep_search)
result = distributed_detection.distributed_detection()
if not reduce(lambda x, y: x | y, [len(v) > 0
for _, v in result], False):
Gtk_DialogBox("No error found !")
return
Gtk_Main.Gtk_Main().notebook.add_distributed_anomaly_tab(
distributed_detection)
def on_export_itf_list(self, item):
"""Launch parser and generate an anonymous configuration file with parsed token"""
filename = None
dialog = gtk.FileChooserDialog('Save interfaces list', None,
gtk.FILE_CHOOSER_ACTION_SAVE,
(gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL,
gtk.STOCK_SAVE, gtk.RESPONSE_OK))
dialog.set_default_response(gtk.RESPONSE_OK)
response = dialog.run()
if response == gtk.RESPONSE_OK:
filename = dialog.get_filename()
dialog.destroy()
if not filename:
return
try:
with open(filename, 'wb') as csvfile:
spamwriter = csv.writer(csvfile)
g = NetworkGraph.NetworkGraph()
tmp_intf = [
e[2]['object'].object
for e in g.graph.edges(self.node.object, data=True)
]
for e in sorted(tmp_intf,
key=lambda tmp_intf: tmp_intf.nameif):
message = [e.nameif, e.name, e.network.to_string()]
for key, value in e.attributes.items():
message.append("%s : %s" % (key, value))
spamwriter.writerow(message)
except Exception as e:
Gtk_DialogBox(e.message)
except:
Gtk_DialogBox("An error occurred.")
def start_detection(popup, deep_search):
popup.destroy()
internal_detection = InternalDetection(self.node, deep_search)
error_list = internal_detection.detect_anomaly()
if not reduce(lambda x, y: x | y,
[len(x) > 0 for error in error_list
for x in error], False):
Gtk_DialogBox("No error found !")
return
Gtk_Main.Gtk_Main().notebook.add_internal_anomaly_tab(
internal_detection)
Gtk_Main.Gtk_Main().lateral_pane.help_message.change_message(
Gtk_Message.ON_INTERNAL_ANOMALY)
def on_query_file_import(self, widget):
"""Import query file and launch all parsed queries"""
Gtk_Main.Gtk_Main().statusbar.change_message(
"Import query path file ...")
filename = self.open_filechooser("Import query path file")
if not filename:
Gtk_Main.Gtk_Main().statusbar.change_message("Ready")
return
query_path = QueryPathParser(filename)
result = query_path.parse()
if result:
Gtk_DialogBox(result, gtk.MESSAGE_ERROR)
else:
query_path.run()
Gtk_QueryPath.treeview_output(query_path)
Gtk_Main.Gtk_Main().lateral_pane.help_message.change_message(
Gtk_Message.ON_IMPORT_QUERY_FILE)
def on_object_menu(self, item):
"""Show all element in dictionary in a new tab"""
od = collections.OrderedDict(
sorted(self.node.object.get_objects().items()))
if not od:
Gtk_DialogBox("No object found !")
return
object_dictionary = Gtk_TreeView("Object list")
for k, v in od.items():
p_iter = object_dictionary.add_row(None, k, 'black', '#969696')
for k1, v1 in self.node.object.resolve(k).items():
p_iter2 = object_dictionary.add_row(p_iter, k1, 'black',
'#B9B9B9')
count = 0
for e in v1:
object_dictionary.add_row(
p_iter2, e, 'black',
'#FFFFFF' if count % 2 else '#DCDCDC')
count += 1
rule_list = list(set([i for i in v if isinstance(i, Rule.Rule)]))
if rule_list:
p_iter2 = object_dictionary.add_row(p_iter, 'Rule', 'black',
'#B9B9B9')
count = 0
for e in rule_list:
object_dictionary.add_row(
p_iter2, e.to_string(' '), 'black',
'#FFFFFF' if count % 2 else '#DCDCDC')
count += 1
Gtk_Main.Gtk_Main().notebook.add_tab(object_dictionary.scrolled_window,
"Object list (%s)" %
self.node.object.hostname,
can_close=True)
Gtk_Main.Gtk_Main().lateral_pane.help_message.change_message(
Gtk_Message.ON_SHOW_OBJECT)
def on_dblclick_edge(self):
"""Show interface rules"""
def get_firewall(x, y):
if isinstance(x, Firewall):
return x
elif isinstance(y, Firewall):
return y
return None
def get_ip(x, y):
if isinstance(x, Ip):
return x
elif isinstance(y, Ip):
return y
return None
g = NetworkGraph.NetworkGraph()
for elem in g.graph.edges(data=True):
edge = elem[2]['object']
if edge.gtk_press:
fw = get_firewall(elem[0], elem[1])
ip = get_ip(elem[0], elem[1])
result = []
[
result.append(acl)
for acl in g.get_acl_list(src=ip, dst=None, firewall=fw)
]
[
result.append(acl)
for acl in g.get_acl_list(src=None, dst=ip, firewall=fw)
]
if not result:
Gtk_DialogBox("No rules found for this interface !")
[
Gtk_Main.Gtk_Main().notebook.add_interface_tab(acl)
for acl in result
]
return True
return False