class CleanerTask(Thread):
interval = 1
stop_flag = None
callback = None
def __init__(self, _interval, _callback):
Thread.__init__(self, name="cleaner_db_thread")
self.interval = _interval * 60
self.stop_flag = Event()
self.callback = _callback
self._cfg = Config.init()
# We need to instantiate a new QsqlDatabase object with a unique name,
# because it's not thread safe:
# "A connection can only be used from within the thread that created it."
# https://doc.qt.io/qt-5/threads-modules.html#threads-and-the-sql-module
# The filename and type is the same, the one chosen by the user.
self.db = Database("db-cleaner-connection")
self.db_status, db_error = self.db.initialize(
dbtype=self._cfg.getInt(self._cfg.DEFAULT_DB_TYPE_KEY),
dbfile=self._cfg.getSettings(self._cfg.DEFAULT_DB_FILE_KEY))
def run(self):
if self.db_status == False:
return
while not self.stop_flag.is_set():
self.stop_flag.wait(self.interval)
self.callback(self.db)
def stop(self):
self.stop_flag.set()
self.db.close()
def __init__(self, parent=None):
QtWidgets.QDialog.__init__(self, parent,
QtCore.Qt.WindowStaysOnTopHint)
self._cfg = Config.get()
self._nodes = Nodes.instance()
self._db = Database.instance()
self._notification_callback.connect(self._cb_notification_callback)
self._notifications_sent = {}
self.setupUi(self)
self.dbFileButton.setVisible(False)
self.dbLabel.setVisible(False)
self.acceptButton.clicked.connect(self._cb_accept_button_clicked)
self.applyButton.clicked.connect(self._cb_apply_button_clicked)
self.cancelButton.clicked.connect(self._cb_cancel_button_clicked)
self.popupsCheck.clicked.connect(self._cb_popups_check_toggled)
self.dbFileButton.clicked.connect(self._cb_file_db_clicked)
if QtGui.QIcon.hasThemeIcon("emblem-default") == False:
self.applyButton.setIcon(self.style().standardIcon(
getattr(QtWidgets.QStyle, "SP_DialogApplyButton")))
self.cancelButton.setIcon(self.style().standardIcon(
getattr(QtWidgets.QStyle, "SP_DialogCloseButton")))
self.acceptButton.setIcon(self.style().standardIcon(
getattr(QtWidgets.QStyle, "SP_DialogSaveButton")))
self.dbFileButton.setIcon(self.style().standardIcon(
getattr(QtWidgets.QStyle, "SP_DirOpenIcon")))
def __init__(self, parent=None, _rule=None, appicon=None):
super(RulesEditorDialog, self).__init__(parent)
QtWidgets.QDialog.__init__(self, parent,
QtCore.Qt.WindowStaysOnTopHint)
self._notifications_sent = {}
self._nodes = Nodes.instance()
self._db = Database.instance()
self._notification_callback.connect(self._cb_notification_callback)
self._old_rule_name = None
self.setupUi(self)
self.setWindowIcon(appicon)
self.buttonBox.button(
QtWidgets.QDialogButtonBox.Reset).clicked.connect(
self._cb_reset_clicked)
self.buttonBox.button(
QtWidgets.QDialogButtonBox.Close).clicked.connect(
self._cb_close_clicked)
self.buttonBox.button(
QtWidgets.QDialogButtonBox.Apply).clicked.connect(
self._cb_apply_clicked)
self.buttonBox.button(QtWidgets.QDialogButtonBox.Help).clicked.connect(
self._cb_help_clicked)
self.selectListButton.clicked.connect(
self._cb_select_list_button_clicked)
self.selectListRegexpButton.clicked.connect(
self._cb_select_regexp_list_button_clicked)
self.selectIPsListButton.clicked.connect(
self._cb_select_ips_list_button_clicked)
self.selectNetsListButton.clicked.connect(
self._cb_select_nets_list_button_clicked)
self.protoCheck.toggled.connect(self._cb_proto_check_toggled)
self.procCheck.toggled.connect(self._cb_proc_check_toggled)
self.cmdlineCheck.toggled.connect(self._cb_cmdline_check_toggled)
self.dstPortCheck.toggled.connect(self._cb_dstport_check_toggled)
self.uidCheck.toggled.connect(self._cb_uid_check_toggled)
self.pidCheck.toggled.connect(self._cb_pid_check_toggled)
self.dstIPCheck.toggled.connect(self._cb_dstip_check_toggled)
self.dstHostCheck.toggled.connect(self._cb_dsthost_check_toggled)
self.dstListsCheck.toggled.connect(self._cb_dstlists_check_toggled)
self.dstListRegexpCheck.toggled.connect(
self._cb_dstregexplists_check_toggled)
self.dstListIPsCheck.toggled.connect(self._cb_dstiplists_check_toggled)
self.dstListNetsCheck.toggled.connect(
self._cb_dstnetlists_check_toggled)
if QtGui.QIcon.hasThemeIcon("emblem-default"):
return
applyIcon = Icons.new("emblem-default")
denyIcon = Icons.new("emblem-important")
rejectIcon = Icons.new("window-close")
self.actionAllowRadio.setIcon(applyIcon)
self.actionDenyRadio.setIcon(denyIcon)
self.actionRejectRadio.setIcon(rejectIcon)
if _rule != None:
self._load_rule(rule=_rule)
def __init__(self, parent=None, _rule=None):
super(RulesEditorDialog, self).__init__(parent)
QtWidgets.QDialog.__init__(self, parent, QtCore.Qt.WindowStaysOnTopHint)
self._notifications_sent = {}
self._nodes = Nodes.instance()
self._db = Database.instance()
self._notification_callback.connect(self._cb_notification_callback)
self._old_rule_name = None
self.setupUi(self)
self.buttonBox.button(QtWidgets.QDialogButtonBox.Reset).clicked.connect(self._cb_reset_clicked)
self.buttonBox.button(QtWidgets.QDialogButtonBox.Close).clicked.connect(self._cb_close_clicked)
self.buttonBox.button(QtWidgets.QDialogButtonBox.Apply).clicked.connect(self._cb_apply_clicked)
self.buttonBox.button(QtWidgets.QDialogButtonBox.Help).clicked.connect(self._cb_help_clicked)
self.selectListButton.clicked.connect(self._cb_select_list_button_clicked)
self.protoCheck.toggled.connect(self._cb_proto_check_toggled)
self.procCheck.toggled.connect(self._cb_proc_check_toggled)
self.cmdlineCheck.toggled.connect(self._cb_cmdline_check_toggled)
self.dstPortCheck.toggled.connect(self._cb_dstport_check_toggled)
self.uidCheck.toggled.connect(self._cb_uid_check_toggled)
self.dstIPCheck.toggled.connect(self._cb_dstip_check_toggled)
self.dstHostCheck.toggled.connect(self._cb_dsthost_check_toggled)
self.dstListsCheck.toggled.connect(self._cb_dstlists_check_toggled)
if QtGui.QIcon.hasThemeIcon("emblem-default") == False:
self.actionAllowRadio.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_DialogApplyButton")))
self.actionDenyRadio.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_DialogCancelButton")))
if _rule != None:
self._load_rule(rule=_rule)
def __init__(self, app, on_exit):
super(UIService, self).__init__()
self.MENU_ENTRY_STATS = QtCore.QCoreApplication.translate("contextual_menu", "Statistics")
self.MENU_ENTRY_FW_ENABLE = QtCore.QCoreApplication.translate("contextual_menu", "Enable")
self.MENU_ENTRY_FW_DISABLE = QtCore.QCoreApplication.translate("contextual_menu", "Disable")
self.MENU_ENTRY_HELP = QtCore.QCoreApplication.translate("contextual_menu", "Help")
self.MENU_ENTRY_CLOSE = QtCore.QCoreApplication.translate("contextual_menu", "Close")
self._cfg = Config.init()
self._db = Database.instance()
db_file=self._cfg.getSettings(self._cfg.DEFAULT_DB_FILE_KEY)
db_status, db_error = self._db.initialize(
dbtype=self._cfg.getInt(self._cfg.DEFAULT_DB_TYPE_KEY),
dbfile=db_file
)
if db_status is False:
Message.ok(
QtCore.QCoreApplication.translate("preferences", "Warning"),
QtCore.QCoreApplication.translate("preferences",
"The DB is corrupted and it's not safe to continue.<br>\
Remove, backup or recover the file before continuing.<br><br>\
Corrupted database file: {0}".format(db_file)),
QtWidgets.QMessageBox.Warning)
sys.exit(-1)
self._db_sqlite = self._db.get_db()
self._last_ping = None
self._version_warning_shown = False
self._asking = False
self._connected = False
self._fw_enabled = False
self._path = os.path.abspath(os.path.dirname(__file__))
self._app = app
self._on_exit = on_exit
self._exit = False
self._msg = QtWidgets.QMessageBox()
self._prompt_dialog = PromptDialog()
self._remote_lock = Lock()
self._remote_stats = {}
self._setup_interfaces()
self._setup_icons()
self._stats_dialog = StatsDialog(dbname="general", db=self._db)
self._setup_tray()
self._setup_slots()
self._nodes = Nodes.instance()
self._last_stats = {}
self._last_items = {
'hosts':{},
'procs':{},
'addrs':{},
'ports':{},
'users':{}
}
def __init__(self, parent=None, appicon=None):
QtWidgets.QDialog.__init__(self, parent, QtCore.Qt.WindowStaysOnTopHint)
self._themes = Themes.instance()
self._saved_theme = ""
self._cfg = Config.get()
self._nodes = Nodes.instance()
self._db = Database.instance()
self._notification_callback.connect(self._cb_notification_callback)
self._notifications_sent = {}
self._desktop_notifications = DesktopNotifications()
self.setupUi(self)
self.setWindowIcon(appicon)
self.dbFileButton.setVisible(False)
self.dbLabel.setVisible(False)
self.dbType = None
self.acceptButton.clicked.connect(self._cb_accept_button_clicked)
self.applyButton.clicked.connect(self._cb_apply_button_clicked)
self.cancelButton.clicked.connect(self._cb_cancel_button_clicked)
self.helpButton.clicked.connect(self._cb_help_button_clicked)
self.popupsCheck.clicked.connect(self._cb_popups_check_toggled)
self.dbFileButton.clicked.connect(self._cb_file_db_clicked)
self.checkUIRules.toggled.connect(self._cb_check_ui_rules_toggled)
self.cmdTimeoutUp.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinUITimeout, self.SUM))
self.cmdTimeoutDown.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinUITimeout, self.REST))
self.cmdDBMaxDaysUp.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBMaxDays, self.SUM))
self.cmdDBMaxDaysDown.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBMaxDays, self.REST))
self.cmdDBPurgesUp.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBPurgeInterval, self.SUM))
self.cmdDBPurgesDown.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBPurgeInterval, self.REST))
self.cmdTestNotifs.clicked.connect(self._cb_test_notifs_clicked)
self.radioSysNotifs.clicked.connect(self._cb_radio_system_notifications)
self.helpButton.setToolTipDuration(30 * 1000)
if QtGui.QIcon.hasThemeIcon("emblem-default") == False:
self.applyButton.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_DialogApplyButton")))
self.cancelButton.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_DialogCloseButton")))
self.acceptButton.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_DialogSaveButton")))
self.dbFileButton.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_DirOpenIcon")))
if QtGui.QIcon.hasThemeIcon("list-add") == False:
self.cmdTimeoutUp.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_ArrowUp")))
self.cmdTimeoutDown.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_ArrowDown")))
self.cmdDBMaxDaysUp.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_ArrowUp")))
self.cmdDBMaxDaysDown.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_ArrowDown")))
self.cmdDBPurgesUp.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_ArrowUp")))
self.cmdDBPurgesDown.setIcon(self.style().standardIcon(getattr(QtWidgets.QStyle, "SP_ArrowDown")))
def __init__(self, app, on_exit):
super(UIService, self).__init__()
self.MENU_ENTRY_STATS = QtCore.QCoreApplication.translate(
"contextual_menu", "Statistics")
self.MENU_ENTRY_FW_ENABLE = QtCore.QCoreApplication.translate(
"contextual_menu", "Enable")
self.MENU_ENTRY_FW_DISABLE = QtCore.QCoreApplication.translate(
"contextual_menu", "Disable")
self.MENU_ENTRY_HELP = QtCore.QCoreApplication.translate(
"contextual_menu", "Help")
self.MENU_ENTRY_CLOSE = QtCore.QCoreApplication.translate(
"contextual_menu", "Close")
self._cfg = Config.init()
self._db = Database.instance()
self._db.initialize(
dbtype=self._cfg.getInt(self._cfg.DEFAULT_DB_TYPE_KEY),
dbfile=self._cfg.getSettings(self._cfg.DEFAULT_DB_FILE_KEY))
self._db_sqlite = self._db.get_db()
self._last_ping = None
self._version_warning_shown = False
self._asking = False
self._connected = False
self._fw_enabled = False
self._path = os.path.abspath(os.path.dirname(__file__))
self._app = app
self._on_exit = on_exit
self._exit = False
self._msg = QtWidgets.QMessageBox()
self._prompt_dialog = PromptDialog()
self._remote_lock = Lock()
self._remote_stats = {}
self._setup_interfaces()
self._setup_icons()
self._stats_dialog = StatsDialog(dbname="general", db=self._db)
self._setup_tray()
self._setup_slots()
self._nodes = Nodes.instance()
self._last_stats = {}
self._last_items = {
'hosts': {},
'procs': {},
'addrs': {},
'ports': {},
'users': {}
}
def __init__(self, parent=None, appicon=None):
QtWidgets.QDialog.__init__(self, parent, QtCore.Qt.WindowStaysOnTopHint)
self._themes = Themes.instance()
self._saved_theme = ""
self._cfg = Config.get()
self._nodes = Nodes.instance()
self._db = Database.instance()
self._notification_callback.connect(self._cb_notification_callback)
self._notifications_sent = {}
self._desktop_notifications = DesktopNotifications()
self.setupUi(self)
self.setWindowIcon(appicon)
self.dbFileButton.setVisible(False)
self.dbLabel.setVisible(False)
self.dbType = None
self.acceptButton.clicked.connect(self._cb_accept_button_clicked)
self.applyButton.clicked.connect(self._cb_apply_button_clicked)
self.cancelButton.clicked.connect(self._cb_cancel_button_clicked)
self.helpButton.clicked.connect(self._cb_help_button_clicked)
self.popupsCheck.clicked.connect(self._cb_popups_check_toggled)
self.dbFileButton.clicked.connect(self._cb_file_db_clicked)
self.checkUIRules.toggled.connect(self._cb_check_ui_rules_toggled)
self.cmdTimeoutUp.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinUITimeout, self.SUM))
self.cmdTimeoutDown.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinUITimeout, self.REST))
self.cmdDBMaxDaysUp.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBMaxDays, self.SUM))
self.cmdDBMaxDaysDown.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBMaxDays, self.REST))
self.cmdDBPurgesUp.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBPurgeInterval, self.SUM))
self.cmdDBPurgesDown.clicked.connect(lambda: self._cb_cmd_spin_clicked(self.spinDBPurgeInterval, self.REST))
self.cmdTestNotifs.clicked.connect(self._cb_test_notifs_clicked)
self.radioSysNotifs.clicked.connect(self._cb_radio_system_notifications)
self.helpButton.setToolTipDuration(30 * 1000)
if QtGui.QIcon.hasThemeIcon("emblem-default"):
return
saveIcon = Icons.new("document-save")
applyIcon = Icons.new("emblem-default")
delIcon = Icons.new("edit-delete")
closeIcon = Icons.new("window-close")
openIcon = Icons.new("document-open")
helpIcon = Icons.new("help-browser")
addIcon = Icons.new("list-add")
delIcon = Icons.new("list-remove")
self.applyButton.setIcon(applyIcon)
self.cancelButton.setIcon(closeIcon)
self.acceptButton.setIcon(saveIcon)
self.helpButton.setIcon(helpIcon)
self.dbFileButton.setIcon(openIcon)
self.cmdTimeoutUp.setIcon(addIcon)
self.cmdTimeoutDown.setIcon(delIcon)
self.cmdDBMaxDaysUp.setIcon(addIcon)
self.cmdDBMaxDaysDown.setIcon(delIcon)
self.cmdDBPurgesUp.setIcon(addIcon)
self.cmdDBPurgesDown.setIcon(delIcon)
def __init__(self):
QObject.__init__(self)
self._db = Database.instance()
self._nodes = {}
self._notifications_sent = {}
"Firewall": "iptables",
"Stats": {
"MaxEvents": 150,
"MaxStats": 50
}
}
'''
class Connection:
protocol = "tcp"
src_ip = "127.0.0.1"
src_port = "12345"
dst_ip = "127.0.0.1"
dst_host = "localhost"
dst_port = "54321"
user_id = 1000
process_id = 9876
process_path = "/bin/cmd"
process_cwd = "/tmp"
process_args = "/bin/cmd --parm1 test"
process_env = []
db = Database.instance()
db.initialize()
Config.init()
nodes = Nodes.instance()
nodes._nodes["unix:/tmp/osui.sock"] = {'data': ClientConfig}
