Ejemplo n.º 1
0
def dnx_blocked():
    License.timeout_status()

    # checking for domain sent by nginx that is being redirected to firewall. if domain doesnt exist (user navigated to
    # this page manually) then a not authorized page will be served. If the domain is not a valid domain (regex) the request
    # will be ridirected back to blocked page without a domain. NOTE: this is a crazy bit of code that should be tested much
    # more as it is possible to do a sql injection here if the validations below are bypassed.
    blocked_domain = request.args.get('dom', None)
    if (not blocked_domain):
        session.pop('username', None)

        return render_template('dnx_not_authorized.html', navi=True, login_btn=True, idle_timeout=False)

    try:
        validate.domain(blocked_domain)
    except ValidationError:
        session.pop('username', None)

        return render_template('dnx_not_authorized.html', navi=True, login_btn=True, idle_timeout=False)

    with DBConnector() as ProxyDB:
        domain_info = ProxyDB.query_blocked(domain=blocked_domain, src_ip=request.remote_addr)

    if (not domain_info):
        session.pop('username', None)

        return render_template('dnx_not_authorized.html', navi=True, login_btn=True, idle_timeout=False)

    page_settings = {
        'navi': True, 'login_btn': True, 'idle_timeout': False,
        'standard_error': False, 'src_ip': request.remote_addr, 'blocked': domain_info
    }

    return render_template('dnx_blocked.html', **page_settings)
Ejemplo n.º 2
0
def get_table_data(action, *, table, method, users=None):
    '''will query the database by using getattr(FirewallDB, f'query_{method}') on DB Connector context.
    this will return a max of 100 entries.'''
    with DBConnector() as FirewallDB:
        query_method = getattr(FirewallDB, f'query_{method}')
        table_data = query_method(100, table=table, action=action)

    return [format_row(row, users) for row in table_data]
Ejemplo n.º 3
0
def update_page(form):
    table_type = form.get('table', 'db_time')
    selected_num = {
        'db_time': '1', 'db_count': '2', 'dv_time': '3', 'dv_count': '4',
        'ad_time': '5', 'ad_count': '6', 'ip_hosts_time':'7' , 'ips_time':'8',
        'ic_all': '9'
    }

    # TODO: bring validation up to speed (ensure host is valid mac format). make database raise validation error if the when removing
    # a client that isnt present in the db. this means some tomfoolery happened and we should return
    # invalid form error.
    menu_option = selected_num.get(table_type, '1')
    if ('i_client_remove' in form):
        infected_client = form.get('infected_client', None)
        detected_host = form.get('detected_host', None)
        if (not infected_client or not detected_host):
            return None # NOTE: should this be an error?

        with DBConnector() as FirewallDB:
            FirewallDB.infected_remove(infected_client, detected_host, table='infectedclients')

            FirewallDB.commit_entries()

    if (table_type in ['db_time', 'db_count']):
        action = 'blocked'

    elif (table_type in ['dv_time', 'dv_count']):
        action = 'allowed'

    elif (table_type in ['ad_time', 'ad_count']):
        action = 'all'

    #domains blocked, viewed, or both
    if (table_type in ['db_time', 'dv_time', 'ad_time']):
        return get_table_data(action, table='dnsproxy', method='last'), menu_option, '1'

    #domains blocked, viewed, or both
    elif (table_type in ['db_count', 'dv_count', 'ad_count']):
        return get_table_data(action, table='dnsproxy', method='top'), menu_option, '1'

    elif (table_type in ['ip_hosts_time']):
        return get_table_data(action='all', table='ipproxy', method='last'), menu_option, '2'

    elif (table_type in ['ips_time']):
        return get_table_data(action='all', table='ips', method='last'), menu_option, '3'

    elif (table_type in ['ic_all'] or 'i_client_remove' in form):
        dhcp_server = load_configuration('dhcp_server')['dhcp_server']
        users = dhcp_server['reservations']

        return get_table_data(action='all', table='infectedclients', method='last', users=users), menu_option, '4'
Ejemplo n.º 4
0
def load_page():
    with DBConnector() as ProxyDB:
        domain_count = ProxyDB.unique_domain_count(table='dnsproxy',
                                                   action='blocked')
        top_domains = ProxyDB.dashboard_query_top(5,
                                                  table='dnsproxy',
                                                  action='blocked')
        request_count = ProxyDB.total_request_count(table='dnsproxy',
                                                    action='blocked')
        inf_hosts = ProxyDB.query_last(5,
                                       table='infectedclients',
                                       action='all')

    # TODO: see if this is a candidate for a class method
    Int = Interface()
    intstat = Int.bandwidth()

    uptime = System.uptime()
    cpu = System.cpu_usage()
    ram = System.ram_usage()
    dns_servers = System.dns_status()

    # TODO: make this iterable
    dns_proxy = Services.status('dnx-dns-proxy')
    ip_proxy = Services.status('dnx-ip-proxy')
    dhcp_server = Services.status('dnx-dhcp-server')
    dnx_ips = Services.status('dnx-ips')

    mod_status = {
        'dns_proxy': dns_proxy,
        'ip_proxy': ip_proxy,
        'dnx_ips': dnx_ips,
        'dhcp_server': dhcp_server
    }

    dashboard = {
        'domain_count': domain_count,
        'infected_hosts': inf_hosts,
        'top_domains': top_domains,
        'request_count': request_count,
        'interfaces': intstat,
        'uptime': uptime,
        'cpu': cpu,
        'ram': ram,
        'dns_servers': dns_servers,
        'module_status': mod_status
    }

    return dashboard
Ejemplo n.º 5
0
    def _service_loop(self):
        print('[+] Starting database log entry processing queue.')
        fail_count = 0
        while True:
            # NOTE: this is blocking inside dnx_queue loop decorator on _write_to_database function.
            with DBConnector() as database:
                self._write_to_database(
                    database)  # pylint: disable = no-value-for-parameter

            fail_count += 1
            if (not fail_count % 5):
                # TODO: log this as critical or something
                pass

            fast_sleep(ONE_SEC)
Ejemplo n.º 6
0
def update_page(form):
    table_type = form.get('table', 'db_time')
    selected_num = {
        'db_time': '1',
        'db_count': '2',
        'dv_time': '3',
        'dv_count': '4',
        'ad_time': '5',
        'ad_count': '6',
        'ip_hosts_time': '7',
        'ips_time': '8',
        'ic_all': '9'
    }

    menu_option = selected_num.get(table_type, '1')
    if ('i_client_remove' in form):
        infected_client = form.get('infected_client', None)
        detected_host = form.get('detected_host', None)
        if (not infected_client or not detected_host):
            return None  # NOTE: should this be an error?

        with DBConnector() as FirewallDB:
            FirewallDB.infected_remove(infected_client,
                                       detected_host,
                                       table='infectedclients')

            FirewallDB.commit_entries()

    if (table_type in ['db_time', 'db_count']):
        action = 'blocked'

    elif (table_type in ['dv_time', 'dv_count']):
        action = 'allowed'

    elif (table_type in ['ad_time', 'ad_count']):
        action = 'all'

    #domains blocked, viewed, or both
    if (table_type in ['db_time', 'dv_time', 'ad_time']):
        return get_table_data(action, table='dnsproxy',
                              method='last'), menu_option, '1'

    #domains blocked, viewed, or both
    elif (table_type in ['db_count', 'dv_count', 'ad_count']):
        return get_table_data(action, table='dnsproxy',
                              method='top'), menu_option, '1'

    elif (table_type in ['ip_hosts_time']):
        return get_table_data(action='all', table='ipproxy',
                              method='last'), menu_option, '2'

    elif (table_type in ['ips_time']):
        return get_table_data(action='all', table='ips',
                              method='last'), menu_option, '3'

    elif (table_type in ['ic_all'] or 'i_client_remove' in form):
        dhcp_server = load_configuration('dhcp_server')['dhcp_server']
        users = dhcp_server['reservations']

        return get_table_data(action='all',
                              table='infectedclients',
                              method='last',
                              users=users), menu_option, '4'
Ejemplo n.º 7
0
 def clean_blocked_table(self):
     # print('[+] Starting DB blocked table cleaner.')
     with DBConnector() as FirewallDB:
         FirewallDB.blocked_cleaner(table='blocked')
Ejemplo n.º 8
0
 def clean_db_tables(self):
     # print('[+] Starting general DB table cleaner.')
     with DBConnector() as FirewallDB:
         for table in ['dnsproxy', 'ipproxy', 'ips', 'infectedclients']:
             FirewallDB.table_cleaner(self.log_length, table=table)
Ejemplo n.º 9
0
    def create_database_tables(self):
        with DBConnector() as database:
            database.create_db_tables()

            database.commit_entries()
Ejemplo n.º 10
0
def load_page():
    with DBConnector() as ProxyDB:
        domain_count = ProxyDB.unique_domain_count(table='dnsproxy',
                                                   action='blocked')
        top_domains = ProxyDB.dashboard_query_top(5,
                                                  table='dnsproxy',
                                                  action='blocked')
        request_count = ProxyDB.total_request_count(table='dnsproxy',
                                                    action='blocked')
        inf_hosts = ProxyDB.query_last(5,
                                       table='infectedclients',
                                       action='all')

    Int = Interface()
    intstat = Int.bandwidth()

    uptime = System.uptime()
    cpu = System.cpu_usage()
    ram = System.ram_usage()
    dns_servers = System.dns_status()

    #----- Services Status ------#
    dns_proxy = Services.status('dnx-dns-proxy')
    ip_proxy = Services.status('dnx-ip-proxy')
    dhcp_server = Services.status('dnx-dhcp-server')
    dnx_ips = Services.status('dnx-ips')

    mod_status = {
        'dns_proxy': dns_proxy,
        'ip_proxy': ip_proxy,
        'dnx_ips': dnx_ips,
        'dhcp_server': dhcp_server
    }

    dnx_license = load_configuration('license')['license']
    updates = load_configuration('updates')['updates']

    notify = False
    if (dnx_license['validated']):
        system_uptodate = updates['system']['current']
        domains_uptodate = updates['signature']['domain']['current']
        ip_uptodate = updates['signature']['ip']['current']

        if not all([system_uptodate, domains_uptodate, ip_uptodate]):
            notify = 'DNX firewall has updates available. Check updates tab for more info.'

    # System/Service Restart pending check
    sys_restart = updates['system']['restart']
    domain_restart = updates['signature']['domain']['restart']
    ip_restart = updates['signature']['ip']['restart']

    if (domain_restart or ip_restart):
        notify = 'One or more DNX Services require a restart after signature updates. Please check the updates page for more information.'

    if (sys_restart):
        notify = 'DNX firewall is pending a system restart after updates.'

    dashboard = {
        'domain_count': domain_count,
        'infected_hosts': inf_hosts,
        'top_domains': top_domains,
        'request_count': request_count,
        'interfaces': intstat,
        'uptime': uptime,
        'cpu': cpu,
        'ram': ram,
        'dns_servers': dns_servers,
        'module_status': mod_status,
        'notify': notify
    }

    return dashboard