def set_wan_interface(settings=None):
## Opening Config JASON file and updating WAN Interface information to be
## viewed by the front end
with ConfigurationManager('config') as dnx:
interface_settings = dnx.load_configuration()
interface = interface_settings['settings']['interface']
wan_config = interface['wan']
#Checking configured DNS Servers
dns_server_settings = load_configuration('dns_server')
resolvers = dns_server_settings['dns_server']['resolvers']
dns1 = resolvers['server1']['ip_address']
dns2 = resolvers['server2']['ip_address']
#Settings DHCP to false in json file for use by front end
wan_config['dhcp'] = False if settings else True
## setting local copy of wan interface configuration to user defined options
## then moving the file to the systemd/network folder and finally restarting
## networkd service for changes to take affect
with open(f'{HOME_DIR}/dnx_system/interface/wan_template',
'r') as wan_template_file:
wan_template = wan_template_file.readlines()
dns_counter = 1
with open(f'{HOME_DIR}/dnx_system/interface/wan.network',
'w') as wan_settings:
for line in wan_template:
if ('Address' in line and settings):
wan_ip = settings['ip_address']
wan_cidr = settings['cidr']
wan_address = f'{wan_ip}/{wan_cidr}'
line = line.replace('NULL', wan_address)
elif ('Gateway' in line and settings):
line = line.replace('NULL', settings['default_gateway'])
elif ('DNS' in line):
#NOTE: i dont care
line = line.replace('NULL', eval(f'dns{dns_counter}'))
dns_counter += 1
wan_settings.write(line)
# NOTE: python should be able to do this safer, also make the front end notify user of error and log!!!
try:
int_change = run(
f'sudo mv {HOME_DIR}/dnx_system/interface/wan.network /etc/systemd/network/wan.network',
shell=True)
int_change.check_returncode()
except CalledProcessError as cpe:
return cpe
else:
Services.restart('systemd-networkd')
dnx.write_configuration(interface_settings)
def load_page():
with DBConnector() as ProxyDB:
domain_count = ProxyDB.unique_domain_count(table='dnsproxy',
action='blocked')
top_domains = ProxyDB.dashboard_query_top(5,
table='dnsproxy',
action='blocked')
request_count = ProxyDB.total_request_count(table='dnsproxy',
action='blocked')
inf_hosts = ProxyDB.query_last(5,
table='infectedclients',
action='all')
# TODO: see if this is a candidate for a class method
Int = Interface()
intstat = Int.bandwidth()
uptime = System.uptime()
cpu = System.cpu_usage()
ram = System.ram_usage()
dns_servers = System.dns_status()
# TODO: make this iterable
dns_proxy = Services.status('dnx-dns-proxy')
ip_proxy = Services.status('dnx-ip-proxy')
dhcp_server = Services.status('dnx-dhcp-server')
dnx_ips = Services.status('dnx-ips')
mod_status = {
'dns_proxy': dns_proxy,
'ip_proxy': ip_proxy,
'dnx_ips': dnx_ips,
'dhcp_server': dhcp_server
}
dashboard = {
'domain_count': domain_count,
'infected_hosts': inf_hosts,
'top_domains': top_domains,
'request_count': request_count,
'interfaces': intstat,
'uptime': uptime,
'cpu': cpu,
'ram': ram,
'dns_servers': dns_servers,
'module_status': mod_status
}
return dashboard
def load_page():
system_services = load_configuration('config')['services']
all_services = []
for service, desc in system_services.items():
status = True if Services.status(service) else False
service = ' '.join((service.split('-')[1:]))
all_services.append((service, desc, status))
return all_services
def update_page(form):
valid_services = load_configuration('config')['services']
sec_flags = {'dnx-ip-proxy': 'ip', 'dnx-dns-proxy': 'domain'}
if ('restart_svc' in form):
service = form.get('restart_svc')
service = 'dnx-' + service.replace(' ', '-')
if (service not in valid_services):
return INVALID_FORM
Services.restart(service)
if (service in sec_flags):
ruleset = sec_flags[service]
configure.reset_module_flags(system=False,
signatures=True,
ruleset=ruleset)
elif ('start_svc' in form):
service = form.get('start_svc')
service = 'dnx-' + service.replace(' ', '-')
if (service not in valid_services):
return INVALID_FORM
Services.start(service)
elif ('stop_svc' in form):
service = form.get('stop_svc')
service = 'dnx-' + service.replace(' ', '-')
if (service not in valid_services):
return INVALID_FORM
Services.stop(service)
if (service in sec_flags):
ruleset = sec_flags[service]
configure.reset_module_flags(system=False,
signatures=True,
ruleset=ruleset)
else:
return INVALID_FORM
def load_page():
with DBConnector() as ProxyDB:
domain_count = ProxyDB.unique_domain_count(table='dnsproxy',
action='blocked')
top_domains = ProxyDB.dashboard_query_top(5,
table='dnsproxy',
action='blocked')
request_count = ProxyDB.total_request_count(table='dnsproxy',
action='blocked')
inf_hosts = ProxyDB.query_last(5,
table='infectedclients',
action='all')
Int = Interface()
intstat = Int.bandwidth()
uptime = System.uptime()
cpu = System.cpu_usage()
ram = System.ram_usage()
dns_servers = System.dns_status()
#----- Services Status ------#
dns_proxy = Services.status('dnx-dns-proxy')
ip_proxy = Services.status('dnx-ip-proxy')
dhcp_server = Services.status('dnx-dhcp-server')
dnx_ips = Services.status('dnx-ips')
mod_status = {
'dns_proxy': dns_proxy,
'ip_proxy': ip_proxy,
'dnx_ips': dnx_ips,
'dhcp_server': dhcp_server
}
dnx_license = load_configuration('license')['license']
updates = load_configuration('updates')['updates']
notify = False
if (dnx_license['validated']):
system_uptodate = updates['system']['current']
domains_uptodate = updates['signature']['domain']['current']
ip_uptodate = updates['signature']['ip']['current']
if not all([system_uptodate, domains_uptodate, ip_uptodate]):
notify = 'DNX firewall has updates available. Check updates tab for more info.'
# System/Service Restart pending check
sys_restart = updates['system']['restart']
domain_restart = updates['signature']['domain']['restart']
ip_restart = updates['signature']['ip']['restart']
if (domain_restart or ip_restart):
notify = 'One or more DNX Services require a restart after signature updates. Please check the updates page for more information.'
if (sys_restart):
notify = 'DNX firewall is pending a system restart after updates.'
dashboard = {
'domain_count': domain_count,
'infected_hosts': inf_hosts,
'top_domains': top_domains,
'request_count': request_count,
'interfaces': intstat,
'uptime': uptime,
'cpu': cpu,
'ram': ram,
'dns_servers': dns_servers,
'module_status': mod_status,
'notify': notify
}
return dashboard