コード例 #1
0
ファイル: gateway.py プロジェクト: eburoks/tunfish-system
        def openInterface(data):
            # POSTFIX = "gw"
            POSTFIX = ""
            print(f"data: {data}")

            # TODO: create wg keys
            # TODO: replace subprocess !!!
            # import subprocess

            # subprocess.call(f"wg genkey | tee privatekey+{data['device_id']} | wg pubkey > publickey+{data['device_id']}", shell=True)
            # with open(f"privatekey+{data['device_id']}", 'r') as f:
            #     priv = f.read()
            #     print(f"PRIV: {priv}")
            #     f.close()
            # with open(f"publickey+{data['device_id']}", 'r') as f:
            #     pub = f.read()
            #     print(f"PUB: {pub}")
            #     f.close()
            # subprocess.call(f"rm privatekey+{data['device_id']} && rm publickey+{data['device_id']}", shell=True)

            import pysodium
            from base64 import b64encode
            keys = pysodium.crypto_box_keypair()
            priv = b64encode(keys[1])
            pub = b64encode(keys[0])

            # TODO: open interface
            router = Router()
            router.device_id = data['device_id'] + POSTFIX
            print(f"{data}")

            router.dev.link('add',
                            ifname=data['device_id'] + POSTFIX,
                            kind='wireguard')
            idx = router.dev.link_lookup(ifname=data['device_id'] + POSTFIX)[0]
            print(f"IDX: {idx}")
            # router.dev.addr('add', index=idx, address='192.168.42.50', mask=24)
            router.dev.addr('add',
                            index=idx,
                            local='192.168.42.50',
                            mask=32,
                            address='192.168.100.10')
            print(f"setup config")
            cfg = {
                "interface":
                data['device_id'] + POSTFIX,
                "listen_port":
                42001,
                "private_key":
                priv,
                "peers": [{
                    "public_key": data["wgpubkey"],
                    "allowed_ips": ["0.0.0.0/0"]
                }]
            }

            router.wg.set_device(ifname=data['device_id'] + POSTFIX,
                                 config=cfg)

            print(f"clientpubkey: {len(data['wgpubkey'])}")
            print(f"clientpubkey: {data['wgpubkey']}")

            router.dev.link('set', index=idx, state='up')

            # iptables for wg-interface
            chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), "FORWARD")
            rule = iptc.Rule()
            rule.out_interface = "tf_gateone"
            target = iptc.Target(rule, "ACCEPT")
            rule.target = target
            chain.insert_rule(rule)

            chain = iptc.Chain(iptc.Table(iptc.Table.NAT), "POSTROUTING")
            rule = iptc.Rule()
            rule.out_interface = "eth0"
            target = iptc.Target(rule, "MASQUERADE")
            rule.target = target
            chain.insert_rule(rule)

            return pub
コード例 #2
0
 def test_create_chain(self):
     chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), "iptc_test_chain")
     iptc.Table(iptc.Table.FILTER).create_chain(chain)
     self.failUnless(iptc.Table(iptc.Table.FILTER).is_chain(chain))
     iptc.Table(iptc.Table.FILTER).delete_chain(chain)
     self.failIf(iptc.Table(iptc.Table.FILTER).is_chain(chain))
コード例 #3
0
ファイル: iptable.py プロジェクト: hao707822882/Bichon
import iptc
import json
table = iptc.Table(iptc.Table.FILTER)
print str(table)
data = iptc.Chain(table, "INPUT")

print data
コード例 #4
0
ファイル: iptables.py プロジェクト: vasanth3045/paasta
def delete_chain(chain_name):
    log.debug(f'deleting chain: {chain_name}')
    chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), chain_name)
    chain.flush()
    chain.delete()
コード例 #5
0
#!usr/bin/python

import time, sys
import iptc

table = iptc.Table(iptc.Table.FILTER)
chain = iptc.Chain(table, "INPUT")

try:
    table.autocommit = False
    for rule in chain.rules:
       (packets, bytes) = rule.get_counters()
       if int(packets) == 0:
          chain.delete_rule(rule)
    chain.zero_counters()
    table.commit()
    table.close()
except iptc.ip4tc.IPTCError: 
   print "Oops!" 
   
コード例 #6
0
ファイル: iptables.py プロジェクト: AMAH911/Daemons
def add_ip_to_iptable_outbound(ip, interface, add_drop="ADD"):
    log.info("creating chain in add to outbound")
    chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), "OUTPUT")
    rule_result = rule_logic(interface, ip, add_drop)
    chain.insert_rule(rule_result)
    log.info("done creating chain")
コード例 #7
0
ファイル: server.py プロジェクト: studior5/mailcow-dockerized
def ban(address):
    global lock
    refreshF2boptions()
    BAN_TIME = int(f2boptions['ban_time'])
    MAX_ATTEMPTS = int(f2boptions['max_attempts'])
    RETRY_WINDOW = int(f2boptions['retry_window'])
    NETBAN_IPV4 = '/' + str(f2boptions['netban_ipv4'])
    NETBAN_IPV6 = '/' + str(f2boptions['netban_ipv6'])

    ip = ipaddress.ip_address(address)
    if type(ip) is ipaddress.IPv6Address and ip.ipv4_mapped:
        ip = ip.ipv4_mapped
        address = str(ip)
    if ip.is_private or ip.is_loopback:
        return

    self_network = ipaddress.ip_network(address)

    with lock:
        temp_whitelist = set(WHITELIST)

    if temp_whitelist:
        for wl_key in temp_whitelist:
            wl_net = ipaddress.ip_network(wl_key, False)
            if wl_net.overlaps(self_network):
                logInfo('Address %s is whitelisted by rule %s' %
                        (self_network, wl_net))
                return

    net = ipaddress.ip_network(
        (address +
         (NETBAN_IPV4 if type(ip) is ipaddress.IPv4Address else NETBAN_IPV6)),
        strict=False)
    net = str(net)

    if not net in bans or time.time(
    ) - bans[net]['last_attempt'] > RETRY_WINDOW:
        bans[net] = {'attempts': 0}
        active_window = RETRY_WINDOW
    else:
        active_window = time.time() - bans[net]['last_attempt']

    bans[net]['attempts'] += 1
    bans[net]['last_attempt'] = time.time()

    active_window = time.time() - bans[net]['last_attempt']

    if bans[net]['attempts'] >= MAX_ATTEMPTS:
        cur_time = int(round(time.time()))
        logCrit('Banning %s for %d minutes' % (net, BAN_TIME / 60))
        if type(ip) is ipaddress.IPv4Address:
            with lock:
                chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), 'MAILCOW')
                rule = iptc.Rule()
                rule.src = net
                target = iptc.Target(rule, "REJECT")
                rule.target = target
                if rule not in chain.rules:
                    chain.insert_rule(rule)
        else:
            with lock:
                chain = iptc.Chain(iptc.Table6(iptc.Table6.FILTER), 'MAILCOW')
                rule = iptc.Rule6()
                rule.src = net
                target = iptc.Target(rule, "REJECT")
                rule.target = target
                if rule not in chain.rules:
                    chain.insert_rule(rule)
        r.hset('F2B_ACTIVE_BANS', '%s' % net, cur_time + BAN_TIME)
    else:
        logWarn('%d more attempts in the next %d seconds until %s is banned' %
                (MAX_ATTEMPTS - bans[net]['attempts'], RETRY_WINDOW, net))
コード例 #8
0
ファイル: tcpstat.py プロジェクト: zhezhe168/tcpstat
def update_db(group_list):

    check_migration_lock()

    table = iptc.Table(iptc.Table.FILTER)
    client = pymongo.MongoClient('mongodb://localhost:27017/')
    db = client['tcpstat']
    collection = db['accounting']
    today_str = str(datetime.date.today())

    logging.info("Connect to db")

    if not collection.find_one({"Name": group["Name"], "Time": today_str}):
        migrate_db(group_list)

    check_migration_lock()

    chain = iptc.Chain(table, 'ACCT')
    for group in group_list:
        for rule in chain.rules:
            for match in rule.matches:
                if not match.sport:
                    port_number = str(match.dport)
                    rule_type = "RX"
                else:
                    port_number = str(match.sport)
                    rule_type = "TX"
                entry = collection.find_one({
                    "Name": group["Name"],
                    "Time": today_str
                })
                if port_number in entry.keys():
                    # Counters in bytes
                    if rule_type == "TX":
                        # Fetch entries in db
                        entry = collection.find_one({
                            "Name": group["Name"],
                            "Time": today_str
                        })
                        TX = rule.get_counters()[1] + entry[port_number]["TX"]
                        RX = entry[port_number]["RX"]
                        logging.debug("This record is TX " + str(TX) +
                                      " for " + port_number)
                        # Modify data in db
                        collection.update(
                            {
                                "Name": group["Name"],
                                "Time": today_str
                            }, {
                                "$set": {
                                    port_number: {
                                        "TX": int(TX),
                                        "RX": int(RX)
                                    }
                                }
                            })
                    else:
                        entry = collection.find_one({
                            "Name": group["Name"],
                            "Time": today_str
                        })
                        # Fetch entries in db
                        RX = rule.get_counters()[1] + entry[port_number]["RX"]
                        TX = entry[port_number]["TX"]
                        logging.debug("This record is RX " + str(RX) +
                                      " for " + port_number)
                        collection.update(
                            {
                                "Name": group["Name"],
                                "Time": today_str
                            }, {
                                "$set": {
                                    port_number: {
                                        "TX": int(TX),
                                        "RX": int(RX)
                                    }
                                }
                            })

    chain.zero_counters()
コード例 #9
0
ファイル: firewall_manager.py プロジェクト: junquera/c-lock
    def add_rule(self, rule):

        table = iptc.Table(iptc.Table.FILTER)

        chain = iptc.Chain(table, "c-lock")
        chain.insert_rule(rule)
コード例 #10
0
ファイル: firewall.py プロジェクト: maked0n/ASU-PCTF
def flush():
    chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), "INPUT")
    chain.flush()
コード例 #11
0
ファイル: iptfw.py プロジェクト: tomh4x/cfddns
                next
            elif ch.rules[x].matches[i].comment == cm:
                return (ch.rules[x], x)
            else:
                next
    return (None, -1)


if __name__ == '__main__':

    try:
        iptc.easy.add_chain('filter', 'CFDDNS_RULES')
    except:
        pass

    cfddns_chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), "CFDDNS_RULES")

    # "f**k me gently with a chainsaw"
    config = loadConf(sys.argv[1])
    for k in config.keys():
        for proto in config[k].keys():
            for i in range(0, len(config[k][proto])):

                searchcomment = '{}_{}_{}'.format(k, proto,
                                                  config[k][proto][i])
                searchrule, ruleidx = getRuleByComment(cfddns_chain,
                                                       searchcomment)

                if not searchrule:
                    #rule doesn't exist so make it
                    newrule = mkCFDDNSRule(k, proto, config[k][proto][i])
コード例 #12
0
ファイル: server.py プロジェクト: waffel/mailcow-dockerized
def initChain():
    # Is called before threads start, no locking
    print "Initializing mailcow netfilter chain"
    # IPv4
    if not iptc.Chain(iptc.Table(iptc.Table.FILTER), "MAILCOW") in iptc.Table(
            iptc.Table.FILTER).chains:
        iptc.Table(iptc.Table.FILTER).create_chain("MAILCOW")
    for c in ['FORWARD', 'INPUT']:
        chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), c)
        rule = iptc.Rule()
        rule.src = '0.0.0.0/0'
        rule.dst = '0.0.0.0/0'
        target = iptc.Target(rule, "MAILCOW")
        rule.target = target
        if rule not in chain.rules:
            chain.insert_rule(rule)
    # IPv6
    if not iptc.Chain(iptc.Table6(iptc.Table6.FILTER),
                      "MAILCOW") in iptc.Table6(iptc.Table6.FILTER).chains:
        iptc.Table6(iptc.Table6.FILTER).create_chain("MAILCOW")
    for c in ['FORWARD', 'INPUT']:
        chain = iptc.Chain(iptc.Table6(iptc.Table6.FILTER), c)
        rule = iptc.Rule6()
        rule.src = '::/0'
        rule.dst = '::/0'
        target = iptc.Target(rule, "MAILCOW")
        rule.target = target
        if rule not in chain.rules:
            chain.insert_rule(rule)
    # Apply blacklist
    BLACKLIST = r.hgetall('F2B_BLACKLIST')
    if BLACKLIST:
        for bl_key in BLACKLIST:
            if type(ipaddress.ip_network(
                    bl_key.decode('ascii'),
                    strict=False)) is ipaddress.IPv4Network:
                chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), 'MAILCOW')
                rule = iptc.Rule()
                rule.src = bl_key
                target = iptc.Target(rule, "REJECT")
                rule.target = target
                if rule not in chain.rules:
                    log['time'] = int(round(time.time()))
                    log['priority'] = 'crit'
                    log['message'] = 'Blacklisting host/network %s' % bl_key
                    r.lpush('NETFILTER_LOG', json.dumps(log,
                                                        ensure_ascii=False))
                    print log['message']
                    chain.insert_rule(rule)
                    r.hset('F2B_PERM_BANS', '%s' % bl_key,
                           int(round(time.time())))
            else:
                chain = iptc.Chain(iptc.Table6(iptc.Table6.FILTER), 'MAILCOW')
                rule = iptc.Rule6()
                rule.src = bl_key
                target = iptc.Target(rule, "REJECT")
                rule.target = target
                if rule not in chain.rules:
                    log['time'] = int(round(time.time()))
                    log['priority'] = 'crit'
                    log['message'] = 'Blacklisting host/network %s' % bl_key
                    r.lpush('NETFILTER_LOG', json.dumps(log,
                                                        ensure_ascii=False))
                    print log['message']
                    chain.insert_rule(rule)
                    r.hset('F2B_PERM_BANS', '%s' % bl_key,
                           int(round(time.time())))
コード例 #13
0
ファイル: server.py プロジェクト: waffel/mailcow-dockerized
def ban(address):
    global lock
    refreshF2boptions()
    BAN_TIME = int(f2boptions['ban_time'])
    MAX_ATTEMPTS = int(f2boptions['max_attempts'])
    RETRY_WINDOW = int(f2boptions['retry_window'])
    NETBAN_IPV4 = '/' + str(f2boptions['netban_ipv4'])
    NETBAN_IPV6 = '/' + str(f2boptions['netban_ipv6'])
    WHITELIST = r.hgetall('F2B_WHITELIST')

    ip = ipaddress.ip_address(address.decode('ascii'))
    if type(ip) is ipaddress.IPv6Address and ip.ipv4_mapped:
        ip = ip.ipv4_mapped
        address = str(ip)
    if ip.is_private or ip.is_loopback:
        return

    self_network = ipaddress.ip_network(address.decode('ascii'))
    if WHITELIST:
        for wl_key in WHITELIST:
            wl_net = ipaddress.ip_network(wl_key.decode('ascii'), False)
            if wl_net.overlaps(self_network):
                log['time'] = int(round(time.time()))
                log['priority'] = 'info'
                log['message'] = 'Address %s is whitelisted by rule %s' % (
                    self_network, wl_net)
                r.lpush('NETFILTER_LOG', json.dumps(log, ensure_ascii=False))
                print 'Address %s is whitelisted by rule %s' % (self_network,
                                                                wl_net)
                return

    net = ipaddress.ip_network(
        (address +
         (NETBAN_IPV4 if type(ip) is ipaddress.IPv4Address else NETBAN_IPV6)
         ).decode('ascii'),
        strict=False)
    net = str(net)

    if not net in bans or time.time(
    ) - bans[net]['last_attempt'] > RETRY_WINDOW:
        bans[net] = {'attempts': 0}
        active_window = RETRY_WINDOW
    else:
        active_window = time.time() - bans[net]['last_attempt']

    bans[net]['attempts'] += 1
    bans[net]['last_attempt'] = time.time()

    active_window = time.time() - bans[net]['last_attempt']

    if bans[net]['attempts'] >= MAX_ATTEMPTS:
        log['time'] = int(round(time.time()))
        log['priority'] = 'crit'
        log['message'] = 'Banning %s' % net
        r.lpush('NETFILTER_LOG', json.dumps(log, ensure_ascii=False))
        print 'Banning %s for %d minutes' % (net, BAN_TIME / 60)
        if type(ip) is ipaddress.IPv4Address:
            with lock:
                chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), 'MAILCOW')
                rule = iptc.Rule()
                rule.src = net
                target = iptc.Target(rule, "REJECT")
                rule.target = target
                if rule not in chain.rules:
                    chain.insert_rule(rule)
        else:
            with lock:
                chain = iptc.Chain(iptc.Table6(iptc.Table6.FILTER), 'MAILCOW')
                rule = iptc.Rule6()
                rule.src = net
                target = iptc.Target(rule, "REJECT")
                rule.target = target
                if rule not in chain.rules:
                    chain.insert_rule(rule)
        r.hset('F2B_ACTIVE_BANS', '%s' % net, log['time'] + BAN_TIME)
    else:
        log['time'] = int(round(time.time()))
        log['priority'] = 'warn'
        log['message'] = '%d more attempts in the next %d seconds until %s is banned' % (
            MAX_ATTEMPTS - bans[net]['attempts'], RETRY_WINDOW, net)
        r.lpush('NETFILTER_LOG', json.dumps(log, ensure_ascii=False))
        print '%d more attempts in the next %d seconds until %s is banned' % (
            MAX_ATTEMPTS - bans[net]['attempts'], RETRY_WINDOW, net)
コード例 #14
0
ファイル: settings.py プロジェクト: spiv0t/Responder
	def populate(self, options):

		if options.Interface is None and utils.IsOsX() is False:
			print utils.color("Error: -I <if> mandatory option is missing", 1)
			sys.exit(-1)

		# Config parsing
		config = ConfigParser.ConfigParser()
		config.read(os.path.join(self.ResponderPATH, 'Responder.conf'))

		# Servers
		self.HTTP_On_Off     = self.toBool(config.get('Responder Core', 'HTTP'))
		self.SSL_On_Off      = self.toBool(config.get('Responder Core', 'HTTPS'))
		self.SMB_On_Off      = self.toBool(config.get('Responder Core', 'SMB'))
		self.SQL_On_Off      = self.toBool(config.get('Responder Core', 'SQL'))
		self.FTP_On_Off      = self.toBool(config.get('Responder Core', 'FTP'))
		self.POP_On_Off      = self.toBool(config.get('Responder Core', 'POP'))
		self.IMAP_On_Off     = self.toBool(config.get('Responder Core', 'IMAP'))
		self.SMTP_On_Off     = self.toBool(config.get('Responder Core', 'SMTP'))
		self.LDAP_On_Off     = self.toBool(config.get('Responder Core', 'LDAP'))
		self.DNS_On_Off      = self.toBool(config.get('Responder Core', 'DNS'))
		self.Krb_On_Off      = self.toBool(config.get('Responder Core', 'Kerberos'))

		# Db File
		self.DatabaseFile    = os.path.join(self.ResponderPATH, config.get('Responder Core', 'Database'))

		# Log Files
		self.LogDir = os.path.join(self.ResponderPATH, 'logs')

		if not os.path.exists(self.LogDir):
			os.mkdir(self.LogDir)

		self.SessionLogFile      = os.path.join(self.LogDir, config.get('Responder Core', 'SessionLog'))
		self.PoisonersLogFile    = os.path.join(self.LogDir, config.get('Responder Core', 'PoisonersLog'))
		self.AnalyzeLogFile      = os.path.join(self.LogDir, config.get('Responder Core', 'AnalyzeLog'))

		self.FTPLog          = os.path.join(self.LogDir, 'FTP-Clear-Text-Password-%s.txt')
		self.IMAPLog         = os.path.join(self.LogDir, 'IMAP-Clear-Text-Password-%s.txt')
		self.POP3Log         = os.path.join(self.LogDir, 'POP3-Clear-Text-Password-%s.txt')
		self.HTTPBasicLog    = os.path.join(self.LogDir, 'HTTP-Clear-Text-Password-%s.txt')
		self.LDAPClearLog    = os.path.join(self.LogDir, 'LDAP-Clear-Text-Password-%s.txt')
		self.SMBClearLog     = os.path.join(self.LogDir, 'SMB-Clear-Text-Password-%s.txt')
		self.SMTPClearLog    = os.path.join(self.LogDir, 'SMTP-Clear-Text-Password-%s.txt')
		self.MSSQLClearLog   = os.path.join(self.LogDir, 'MSSQL-Clear-Text-Password-%s.txt')

		self.LDAPNTLMv1Log   = os.path.join(self.LogDir, 'LDAP-NTLMv1-Client-%s.txt')
		self.HTTPNTLMv1Log   = os.path.join(self.LogDir, 'HTTP-NTLMv1-Client-%s.txt')
		self.HTTPNTLMv2Log   = os.path.join(self.LogDir, 'HTTP-NTLMv2-Client-%s.txt')
		self.KerberosLog     = os.path.join(self.LogDir, 'MSKerberos-Client-%s.txt')
		self.MSSQLNTLMv1Log  = os.path.join(self.LogDir, 'MSSQL-NTLMv1-Client-%s.txt')
		self.MSSQLNTLMv2Log  = os.path.join(self.LogDir, 'MSSQL-NTLMv2-Client-%s.txt')
		self.SMBNTLMv1Log    = os.path.join(self.LogDir, 'SMB-NTLMv1-Client-%s.txt')
		self.SMBNTLMv2Log    = os.path.join(self.LogDir, 'SMB-NTLMv2-Client-%s.txt')
		self.SMBNTLMSSPv1Log = os.path.join(self.LogDir, 'SMB-NTLMSSPv1-Client-%s.txt')
		self.SMBNTLMSSPv2Log = os.path.join(self.LogDir, 'SMB-NTLMSSPv2-Client-%s.txt')

		# HTTP Options
		self.Serve_Exe	      = self.toBool(config.get('HTTP Server', 'Serve-Exe'))
		self.Serve_Always     = self.toBool(config.get('HTTP Server', 'Serve-Always'))
		self.Serve_Html       = self.toBool(config.get('HTTP Server', 'Serve-Html'))
		self.Html_Filename    = config.get('HTTP Server', 'HtmlFilename')
		self.Exe_Filename     = config.get('HTTP Server', 'ExeFilename')
		self.Exe_DlName       = config.get('HTTP Server', 'ExeDownloadName')
		self.WPAD_Script      = config.get('HTTP Server', 'WPADScript')
		self.HtmlToInject     = config.get('HTTP Server', 'HtmlToInject')

		# Throttle Options
		self.ThrottleAuditor = {}
		self.ThrottleThreshold = config.get('Throttle', 'Threshold')
		self.ThrottleTimeThreshold = float(config.get('Throttle', 'TimeBan'))
		self.ThrottleVerbose = self.toBool(config.get('Throttle', 'Verbose'))
		self.ThrottleIPTables = iptc.Chain(iptc.Table(iptc.Table.FILTER), "INPUT")
		self.ThrottleLock = threading.Lock()
		self.ThrottleAuditTimeFrame = float(config.get('Throttle', 'AuditTimeFrame'))

		# MAC Filtering
		self.ArpTable = {}
		self.VendorTable = {}
		self.ArtTableFilteringVerbose = self.toBool(config.get('MACFiltering', 'Verbose'))
		self.ArpTableRefreshRate = config.get('MACFiltering', 'RefreshRate')
		self.DontRespondToVendor = filter(None, [x.lower().strip() for x in config.get('MACFiltering', 'DontRespondTo').strip().split(',')])


		if not os.path.exists(self.Html_Filename):
			print utils.color("/!\ Warning: %s: file not found" % self.Html_Filename, 3, 1)

		if not os.path.exists(self.Exe_Filename):
			print utils.color("/!\ Warning: %s: file not found" % self.Exe_Filename, 3, 1)

		# SSL Options
		self.SSLKey  = config.get('HTTPS Server', 'SSLKey')
		self.SSLCert = config.get('HTTPS Server', 'SSLCert')

		# Respond to hosts
		self.RespondTo         = filter(None, [x.upper().strip() for x in config.get('Responder Core', 'RespondTo').strip().split(',')])
		self.RespondToName     = filter(None, [x.upper().strip() for x in config.get('Responder Core', 'RespondToName').strip().split(',')])
		self.DontRespondTo     = filter(None, [x.upper().strip() for x in config.get('Responder Core', 'DontRespondTo').strip().split(',')])
		self.DontRespondToName = filter(None, [x.upper().strip() for x in config.get('Responder Core', 'DontRespondToName').strip().split(',')])

		# Auto Ignore List
		self.AutoIgnore                 = self.toBool(config.get('Responder Core', 'AutoIgnoreAfterSuccess'))
		self.CaptureMultipleCredentials = self.toBool(config.get('Responder Core', 'CaptureMultipleCredentials'))
		self.AutoIgnoreList             = []

		# CLI options
		self.LM_On_Off       = options.LM_On_Off
		self.WPAD_On_Off     = options.WPAD_On_Off
		self.Wredirect       = options.Wredirect
		self.NBTNSDomain     = options.NBTNSDomain
		self.Basic           = options.Basic
		self.Finger_On_Off   = options.Finger
		self.Interface       = options.Interface
		self.OURIP           = options.OURIP
		self.Force_WPAD_Auth = options.Force_WPAD_Auth
		self.Upstream_Proxy  = options.Upstream_Proxy
		self.AnalyzeMode     = options.Analyze
		self.Verbose         = options.Verbose
		self.CommandLine     = str(sys.argv)

		if self.HtmlToInject is None:
			self.HtmlToInject = ''

		self.Bind_To = utils.FindLocalIP(self.Interface, self.OURIP)

		self.IP_aton         = socket.inet_aton(self.Bind_To)
		self.Os_version      = sys.platform

		# Set up Challenge
		self.NumChal = config.get('Responder Core', 'Challenge')

		if len(self.NumChal) is not 16:
			print utils.color("[!] The challenge must be exactly 16 chars long.\nExample: 1122334455667788", 1)
			sys.exit(-1)

		self.Challenge = ""
		for i in range(0, len(self.NumChal),2):
			self.Challenge += self.NumChal[i:i+2].decode("hex")

		# Set up logging
		logging.basicConfig(filename=self.SessionLogFile, level=logging.INFO, format='%(asctime)s - %(message)s', datefmt='%m/%d/%Y %I:%M:%S %p')
		logging.warning('Responder Started: %s' % self.CommandLine)
		logging.warning('Responder Config: %s' % str(self))

		Formatter = logging.Formatter('%(asctime)s - %(message)s')
		PLog_Handler = logging.FileHandler(self.PoisonersLogFile, 'w')
		ALog_Handler = logging.FileHandler(self.AnalyzeLogFile, 'a')
		PLog_Handler.setLevel(logging.INFO)
		ALog_Handler.setLevel(logging.INFO)
		PLog_Handler.setFormatter(Formatter)
		ALog_Handler.setFormatter(Formatter)

		self.PoisonersLogger = logging.getLogger('Poisoners Log')
		self.PoisonersLogger.addHandler(PLog_Handler)

		self.AnalyzeLogger = logging.getLogger('Analyze Log')
		self.AnalyzeLogger.addHandler(ALog_Handler)
コード例 #15
0
ファイル: utils.py プロジェクト: amy-yu/RAAD
def iptquery():
    table = iptc.Table(iptc.Table.FILTER)
    chain = iptc.Chain(table, "INPUT")
    for rule in chain.rules:
        if rule.src:
            print(rule.src)
コード例 #16
0
ファイル: firewall_manager.py プロジェクト: junquera/c-lock
    def delete_rule(self, rule):
        table = iptc.Table(iptc.Table.FILTER)

        chain = iptc.Chain(table, "c-lock")
        chain.delete_rule(rule)
コード例 #17
0
ファイル: iptables.py プロジェクト: AMAH911/Daemons
def add_ip_to_iptables_inbound(ip, interface, add_drop="ADD"):
    log.info("creating chain in adding to inbound")
    chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), "INPUT")
    rule_result = rule_logic(interface, ip, add_drop)
    chain.insert_rule(rule_result)
    log.info("Chain created")
コード例 #18
0
        if dst in vm_ports:
            vm_ports[dst].append(rule['tcp']['dport'])
        else:
            vm_ports[dst] = []
            vm_ports[dst].append(rule['tcp']['dport'])

    for rule in prerouting:
        src = rule['target']['DNAT']['to-destination']
        dport = rule['tcp']['dport']

        # mapping the vm_port_opened with router_port_opened
        mapping_ports[src] = dport

    if (args.ip in vm_ports) and (args.vmport in vm_ports[args.ip]):
        dst = args.ip + ':' + args.vmport
        prerouting_chain = iptc.Chain(iptc.Table(iptc.Table.NAT),
                                      "custom-PREROUTING")
        old_rule = iptc.Rule()
        old_rule.protocol = "tcp"
        match = iptc.Match(old_rule, "tcp")
        match.dport = mapping_ports[dst]
        target = old_rule.create_target("DNAT")
        target.to_destination = dst
        old_rule.add_match(match)
        old_rule.target = target
        prerouting_chain.delete_rule(old_rule)

        postrouting_chain = iptc.Chain(iptc.Table(iptc.Table.NAT),
                                       "custom-POSTROUTING")
        new_rule = iptc.Rule()
        new_rule.protocol = "tcp"
        new_rule.dst = args.ip
コード例 #19
0
ファイル: iptables.py プロジェクト: AMAH911/Daemons
def delete_ip_from_iptables_outbound(ip, interface, add_drop="DROP"):
    log.info("Creating chain in delete from outbound")
    chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), "OUTPUT")
    rule_result = rule_logic(interface, ip, add_drop)
    chain.insert_rule(rule_result)
    log.info("Chain created")
コード例 #20
0
ファイル: container.py プロジェクト: zhangaigh/rce
    def __init__(self, reactor, masterIP, masterPort, masterPasswd,
                 infraPasswd, bridgeIF, intIP, bridgeIP, envPort, rosproxyPort,
                 rootfsDir, confDir, dataDir, pkgDir, ubuntuRel, rosRel, data):
        """ Initialize the Container Client.

            @param reactor:         Reference to the twisted reactor.
            @type  reactor:         twisted::reactor

            @param masterIP:        IP address of the Master process.
            @type  masterIP:        str

            @param masterPort:      Port of the Master process used for internal
                                    communications.
            @type  masterPort:      int

            @param masterPasswd:    SHA 256 Digested Master Password.
            @type  masterPasswd:    str

            @param infraPasswd:     SHA 256 Digested Infra Password.
            @type  infraPasswd:     str

            @param bridgeIF:        Network interface used for the container
                                    communication.
            @type  bridgeIF:        str

            @param intIP:           IP address of the network interface used for
                                    the internal communication.
            @type  intIP:           str

            @param bridgeIP:        IP address of the network interface used for
                                    the container communication.
            @type  bridgeIP:        str

            @param envPort:         Port where the environment process running
                                    inside the container is listening for
                                    connections to other endpoints. (Used for
                                    port forwarding.)
            @type  envPort:         int

            @param rosproxyPort:    Port where the rosproxy process running
                                    inside the container is listening for
                                    connections to console clients. (Used for
                                    port forwarding.)
            @type  rosproxyPort:    int

            @param rootfsDir:       Filesystem path to the root directory of the
                                    container filesystem.
            @type  rootfsDir:       str

            @param confDir:         Filesystem path to the directory where
                                    container configuration files should be
                                    stored.
            @type  confDir:         str

            @param dataDir:         Filesystem path to the directory where
                                    temporary data of a container should be
                                    stored.
            @type  dataDir:         str

            @param pkgDir:          Filesystem paths to the package directories
                                    as a list of tuples where each tuple
                                    contains the path to the directory in the
                                    host machine and the path to the directory
                                    to which the host directory will be bound in
                                    the container filesystem (without the
                                    @param rootfsDir).
            @type  pkgDir:          [(str, str)]

            @param ubuntuRel:       Host filesystem Ubuntu release used in this
                                    machine.
            @type  ubuntuRel:       str

            @param rosRel:          Container filesytem ROS release in this
                                    deployment instance of the cloud engine
            @type  rosRel:          str

            @param data:            More data about the machine configuration.
            @type  data:            dict
        """
        self._reactor = reactor
        self._internalIP = intIP
        self._envPort = envPort
        self._rosproxyPort = rosproxyPort
        self._masterPort = masterPort

        if isLocalhost(masterIP):
            self._masterIP = bridgeIP
        else:
            self._masterIP = masterIP

        self._masterPasswd = masterPasswd
        self._infraPasswd = infraPasswd

        # Container directories
        self._rootfs = rootfsDir
        self._confDir = confDir
        self._dataDir = dataDir
        self._pkgDir = pkgDir

        # Release info
        self._ubuntuRel = ubuntuRel
        self._rosRel = rosRel

        for _, path in self._pkgDir:
            os.mkdir(os.path.join(self._rootfs, path))

        # Container info
        self._nrs = set(range(100, 200))
        self._containers = set()

        # Network configuration
        self._bridgeIF = bridgeIF
        self._bridgeIP = bridgeIP

        # Virtual network
        self._bridges = set()
        self._uid = {}

        # Physical parameters of machine
        # TODO: Is a human settings at this time,
        #       rce.util.sysinfo should fill this role soon
        self._size = data.get('size')
        self._cpu = data.get('cpu')
        self._memeory = data.get('memory')
        self._bandwidth = data.get('bandwidth')
        self._specialFeatures = data.get('special_features')

        # Common iptables references
        nat = iptc.Table(iptc.Table.NAT)
        self._prerouting = iptc.Chain(nat, 'PREROUTING')
        self._output = iptc.Chain(nat, 'OUTPUT')
コード例 #21
0
ファイル: iptables.py プロジェクト: vasanth3045/paasta
def insert_rule(chain_name, rule):
    log.debug(f'adding rule to {chain_name}: {rule}')
    chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), chain_name)
    chain.insert_rule(rule.to_iptc())
コード例 #22
0
ファイル: iptables.py プロジェクト: ameybarapatre/DMZ
def startClean():
    chainIn = iptc.Chain(iptc.Table(iptc.Table.FILTER), 'INPUT')
    chainIn.flush()
    chainOut = iptc.Chain(iptc.Table(iptc.Table.FILTER), 'OUTPUT')
    chainOut.flush()
コード例 #23
0
ファイル: FireTables.py プロジェクト: guil7yspark/Fire_Tables
def Remove_Rules(event):
    #Create a dictionary and retreive input from remove rule entry box
    rules_to_remove = {}
    index_of_rule = ""
    index_of_rule = remove_rule_entry_box.get()
    #print(index)
    # Create an index from input
    if "-" in index_of_rule:
        first_num = int(index_of_rule[0]) - 1
        second_num = int(index_of_rule[2:])
        index_range = str(first_num) + ":" + str(second_num)
        #print(index_range[0:3])
    else:
        first_num = (int(index_of_rule) -1)
        second_num = first_num + 1
    # Get values of specified rule(s)
    for key in table_of_rules[first_num:second_num]: 
        rules_to_remove = Save_Helpers.get_current_values(key)
        #print(rules_to_remove)
        
        chain = ''
        rule = ''
        match = ''
        target = '' 
        #print(the_rule)
        regex = '''^(25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)\.( 
            25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)\.( 
            25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)\.( 
            25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)$'''
        # Create rule(s) to be removed from rules_to_remove dictionary
        chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), (rules_to_remove['input_options']))
        rule = iptc.Rule()
        #rule.in_interface = "eth+"   
        # Retrieve IPs and error check entries
        if(re.search(regex, str(rules_to_remove['source_ip']))):
            rule.src = rules_to_remove['source_ip']
        #else:
            #print("FireTables: Rule Source IP set to anywhere")
        if(re.search(regex,str(rules_to_remove['destination_ip']))):    
            rule.dst = rules_to_remove['destination_ip']
        #else:
            #print("FireTables: Rule Destination IP set to anywhere")
        # Retrieve Accept or Drop options
        target = iptc.Target(rule, rules_to_remove['accept_or_drop_options'])    
        rule.target = target
        # Retrieve Protocol
        rule.protocol = rules_to_remove['protocol_options']   
        match = iptc.Match(rule, rules_to_remove['protocol_options'])
        # Retrieve Ports and error check entries
        if rules_to_remove['protocol_options'] != 'icmp':
            if rules_to_remove['source_port'] != "":
                if int(rules_to_remove['source_port']) in range(65535):
                    match.sport = rules_to_remove['source_port']
            #else:
                #print("FireTables: Rule Source Port set to anywhere")
    
            if rules_to_remove['destination_port'] != "":
                if int(rules_to_remove['destination_port']) in range(65535):
                    match.dport = rules_to_remove['destination_port']
            #else:
                #print("FireTables: Rule Destination Port set to anywhere")
        rule.add_match(match)
        # Delete rule(s) from iptables
        chain.delete_rule(rule)
    # Clear terminal
    os.system('clear')
    # Display iptables rules
    os.system('sudo iptables-legacy -L')
コード例 #24
0
ファイル: iptables.py プロジェクト: ameybarapatre/DMZ
def dropAllInbound():
    chain = iptc.Chain(iptc.Table(iptc.Table.FILTER), 'INPUT')
    rule = iptc.Rule()
    rule.target = iptc.Target(rule, 'DROP')
    chain.insert_rule(rule)
コード例 #25
0
import iptc

table = iptc.Table(iptc.Table.FILTER)
chain = iptc.Chain(table,'FORWARD')

#policy = iptc.Policy(iptc.Policy.ACCEPT)

rule = iptc.Rule()
#rule.in_interface = "wlo1"
rule.src="98.136.103.24/255.255.255.0"
rule.dst="98.136.103.24/255.255.255.0"
rule.protocol="tcp"
match=iptc.Match(rule,"state")
match.state="RELATED,ESTABLISHED"
rule.add_match(match)
rule.target=iptc.Target(rule,"DROP")
chain.insert_rule(rule)
table.commit()


#displays all the chains in that particular table
for  chain in table.chains:
    print(chain.name)
    for rule in chain.rules:
        print(rule.protocol,rule.src,rule.dst)
        for match in rule.matches:
            print(match.name)
        print(rule.target.name)
        #chain.delete_rule(rule)

コード例 #26
0
ファイル: myFirewall.py プロジェクト: syerbes/myFirewall
            delete_rule(rule_number, table, direction='input')
            delete_rule(rule_number, table, direction='output')
        #for chain in table.chains:
        #for rule in chain.rules:
        #    chain.delete_rule(rule)

    elif (value == '-all'):
        if ((len(sys.argv) != 3) and (sys.argv[index + 1] != 'ACCEPT')
                and (sys.argv[index + 1] != 'DROP')):
            sys.exit("The -all option lets the user to ACCEPT or DROP all packets, independently of ports,"+\
            " protocols or IPs. Please, specify a ACCEPT or DROP argument")
        else:
            single_options = True
            rule = iptc.Rule()
            rule.target = rule.create_target(sys.argv[index + 1])
            chain1 = iptc.Chain(iptc.Table(iptc.Table.FILTER), "INPUT")
            chain2 = iptc.Chain(iptc.Table(iptc.Table.FILTER), "OUTPUT")
            chain1.insert_rule(rule)
            chain2.insert_rule(rule)

    elif (value == '-rule'):
        single_options = True
        if (len(sys.argv)) != 3:
            if (len(sys.argv) == 2):
                print("The list of rules available is:\n")
                for i in predesigned_rules:
                    print(i)
            else:
                sys.exit(
                    "The option -r does not accept additional options. Please, type: -rule RULE"
                )
コード例 #27
0
    def setUp(self):
        self.chain = iptc.Chain(iptc.Table(iptc.Table.FILTER),
                                "iptc_test_chain")

        iptc.Table(iptc.Table.FILTER).create_chain(self.chain)
コード例 #28
0
def init_rule(protocol):
    rule = iptc.Rule()
    rule.out_interface = 'eth0'
    rule.protocol = protocol
    rule.target = iptc.Target(rule, 'auto_proxy')
    iptc.Chain(iptc.Table(iptc.Table.FILTER), 'OUTPUT').insert_rule(rule)
コード例 #29
0
def get_vnsf_forward_chain():
    table = iptc.Table(iptc.Table.FILTER)
    table.refresh()
    chain = iptc.Chain(table, "FORWARD")
    return chain
コード例 #30
0
def get_vnsf_forward_chain():
    table = iptc.Table(iptc.Table.FILTER)
    table.refresh()
    chain = iptc.Chain(table, settings.vnsf_forward_chain)
    return chain