def on_click(self, widget): """ Event listener : launch when "Run Query" is clicked. Launch the query path search algorithm. """ protocol_op = [] ip_source_op = [] port_source_op = [] ip_dest_op = [] port_dest_op = [] if self.protocol_entry.get_text() != '': protocol_op = [ Operator.Operator( 'EQ', Protocol.Protocol(self.protocol_entry.get_text())) ] if self.ip_source_entry.get_text() != '': mask_src = self.mask_source_entry.get_text( ) if self.mask_source_entry.get_text() else '255.255.255.255' ip_source_op = [ Operator.Operator( 'EQ', Ip.Ip(self.ip_source_entry.get_text(), mask_src)) ] if self.port_source_entry.get_text() != '': port_source_op = [ Operator.Operator('EQ', Port.Port(self.port_source_entry.get_text())) ] if self.ip_dest_entry.get_text() != '': mask_dst = self.mask_dest_entry.get_text( ) if self.mask_dest_entry.get_text() else '255.255.255.255' ip_dest_op = [ Operator.Operator( 'EQ', Ip.Ip(self.ip_dest_entry.get_text(), mask_dst)) ] if self.port_dest_entry.get_text() != '': port_dest_op = [ Operator.Operator('EQ', Port.Port(self.port_dest_entry.get_text())) ] test_rule = Rule.Rule(0, 'query_path', protocol_op, ip_source_op, port_source_op, ip_dest_op, port_dest_op, Action.Action(True)) self.popup.destroy() res = [] #try: res, routedPaths = run_query(test_rule) if not res: Gtk_DialogBox("No path found !") # except: # message popup if no result g = NetworkGraph.NetworkGraph() # clear old path Gtk_Main.Gtk_Main().lateral_pane.path.clear() Gtk_Main.Gtk_Main().lateral_pane.path_route.clear() for edge in g.graph.edges(data=True): edge[2]['object'].clear_path() # construct and add path string """ for path_data in res: path = path_data[0] i = 0 while i < len(path) - 1: # mark path g.graph[path[i]][path[i + 1]]['object'].mark_path() i += 1 Gtk_Main.Gtk_Main().lateral_pane.path.add_row(path_to_string(path_data[0], '\n')) """ routedPaths = [] # add routed path result for path_data in routedPaths: path = path_data[0] i = 0 while i < len(path) - 1: # mark path g.graph[path[i]][path[i + 1]]['object'].mark_path() i += 1 Gtk_Main.Gtk_Main().lateral_pane.path_route.add_row( path_to_string(path_data[0], '\n')) # Gtk_Main.Gtk_Main().lateral_pane.path_data = res Gtk_Main.Gtk_Main().lateral_pane.focus_path() Gtk_Main.Gtk_Main().statusbar.change_message("Ready")
def on_open_project(self, widget): """Open project and load saved object""" Gtk_Main.Gtk_Main().statusbar.change_message("Open project ...") filename = self.open_filechooser("Open project") if not filename: return # clear # Gtk_Main.Gtk_Main().lateral_pane.firewalls.clear() Gtk_Main.Gtk_Main().lateral_pane.details.clear() Gtk_Main.Gtk_Main().lateral_pane.path.clear() while Gtk_Main.Gtk_Main().notebook.notebook.notebook.get_n_pages() > 0: Gtk_Main.Gtk_Main().notebook.notebook.notebook.remove_page(0) while Gtk_Main.Gtk_Main().notebook.notebook_split.notebook.get_n_pages( ) > 0: Gtk_Main.Gtk_Main().notebook.notebook_split.notebook.remove_page(0) Gtk_Main.Gtk_Main().notebook.notebook.add_tab( Gtk_Main.Gtk_Main().networkcanvas.vbox, "Topology") Gtk_Main.Gtk_Main().notebook.tab_dict.clear() for node in NetworkGraph.NetworkGraph().graph.node.items(): if isinstance(node[0], Firewall): NetworkGraph.NetworkGraph().remove_firewall(node[1]['object']) fh = open(filename, 'rb') p = pickle.Unpickler(fh) # get network graph singleton NetworkGraph.NetworkGraph._instance = p.load() # get saved query path [Gtk_Main.Gtk_Main().lateral_pane.path.add_row(m) for m in p.load()] Gtk_Main.Gtk_Main().lateral_pane.path_data = p.load() # get notebook list notebook_list = p.load() fh.close() # add firewall list [ Gtk_Main.Gtk_Main().lateral_pane.firewalls.add_row(fw.hostname) for fw in NetworkGraph.NetworkGraph().firewalls ] # redraw Gtk_Main.Gtk_Main().networkcanvas.draw() # add notebook page for i in notebook_list: if isinstance(i, ACL): Gtk_Main.Gtk_Main().notebook.add_interface_tab(i) elif isinstance(i, InternalDetection): Gtk_Main.Gtk_Main().notebook.add_internal_anomaly_tab(i) elif isinstance(i, DistributedDetection): Gtk_Main.Gtk_Main().notebook.add_distributed_anomaly_tab(i) Gtk_Main.Gtk_Main().notebook.notebook.notebook.set_page(0) Gtk_Main.Gtk_Main().statusbar.change_message("Construct ROBDD ...") firewall_list = NetworkGraph.NetworkGraph().firewalls for fw in firewall_list: t0 = time.time() fw.build_bdd() message = "ROBDD build bdd in %.3f seconds" % (time.time() - t0) if len(firewall_list) - firewall_list.index(fw) - 1 > 0: message += ", %d remaining ..." % (len(firewall_list) - firewall_list.index(fw) - 1) Gtk_Main.Gtk_Main().change_statusbar(message) Gtk_Main.Gtk_Main().statusbar.change_message("Ready")
def run_query(rule, ip_source=None, ip_dest=None): """Get all simple path, run query and return a formatted result list. Parameters ---------- rule : Rule. The rule to test ip_source : Ip (optional, default=None). If not None, specify the interface source ip_dest : Ip (optional, default=None). If not None, specifu the interface destination Return ------ Return a formatted list containing data about matching path """ res = [] g = NetworkGraph.NetworkGraph() # get all simple path start = time.time() simple_path = g.get_all_simple_path_new(rule, []) if len(simple_path): create_graph(simple_path) return (["success"], []) else: return ([], []) simple_path = g.get_all_simple_path(ip_source, ip_dest) end = time.time() print 'temps mis = ', str(end - start) print 'simple len', len(simple_path) for node in g.graph.nodes(data=True): if node[1]['object'].marker_type == 'from': ip_source = node[0] if node[1]['object'].marker_type == 'to': ip_dest = node[0] """ simple_path = [] [simple_path.append(i) for i in g.get_all_simple_path(ip_source, ip_dest)] # delete double simple_path.sort() simple_path = list(simple_path for simple_path, _ in itertools.groupby(simple_path)) """ ress = [] count = 0 length = len(simple_path) for i in range(len(simple_path)): pass # print simple_path[i] for path in simple_path: i = 0 trouve = False while i < len(path): if i < len(path) - 1: # if path[i] and path[i + 1] are ip, find the corresponding firewall to add in the path, so we can # mark the path passing through the firewall if not isinstance(path[i], Firewall.Firewall) and not isinstance( path[i + 1], Firewall.Firewall): # get the firewall trouve = True i += 1 if trouve == False: ress.append(path) simple_path = list(ress) # parse all path for path in simple_path: count += 1 Gtk_Main.Gtk_Main().statusbar.change_message( "QueryPath : test path %d of %d" % (count, length)) Gtk_Main.Gtk_Main().update_interface() # list of rule list rule_list = [[]] i = 0 while i < len(path) - 1: # list of acl between path[i] and path[i + 1] who match the query acl_list = [] for acl in g.get_acl_list(path[i], path[i + 1]): sub_rule = get_subset_rule(rule, acl.get_rules()) if sub_rule and sub_rule.action.chain: acl_list.append((acl, sub_rule)) # acl_list empty : this mean we don't find an accepting rule between path[i] and path[i + 1] # so we give up if not acl_list: break # duplicate rule_list depending on the number of acl found in acl_list # this mean that if we found to acl who match the query between path[i] and path[i + 1], # we duplicate the rule_list to have all acl and rules possible rule_list += [ list(l) for l in rule_list for _ in xrange(len(acl_list) - 1) ] [ rule_list[j].append(acl_list[j * len(acl_list) / len(rule_list)]) for j in xrange(len(rule_list)) ] i += 1 if i == len(path) - 1: # res += [(list(path), rule_list[0])] # res += [(list(path), [l for l in rule_list])] for l in rule_list: # add the path list for each list in rule_list res += [(list(path), l)] # format result # for path_data in res: path = path_data[0] i = 0 acl_index = 0 while i < len(path): if i < len(path) - 1: # if path[i] and path[i + 1] are ip, find the corresponding firewall to add in the path, so we can # mark the path passing through the firewall if not isinstance(path[i], Firewall.Firewall) and not isinstance( path[i + 1], Firewall.Firewall): # get the firewall fw = [ fw for fw in g.firewalls for acl in g.get_acl_list(firewall=fw) if acl == path_data[1][acl_index][0] ][0] path.insert(i + 1, fw) acl_index -= 1 i += 1 acl_index += 1 routed_paths = get_routed_paths(list(res), ip_dest) # print res[0][0] # delete double from res # remove_double(res) # remove_bad_path(res) # print 'res', res # delete bad results : path containing the same firewall twice or more return (res, routed_paths)
def popup(self, object, event, node): """Clear the popup menu and add child element depending if node is a firewall or a network. Parameters ---------- node : the clicked Node """ self.node = node self.object = object map(self.menu.remove, self.menu.get_children()) # Show conf # if isinstance(self.node.object, Firewall.Firewall): self.show_conf = gtk.MenuItem("Show configuration") self.menu.append(self.show_conf) self.show_conf.connect("activate", self.on_show_conf) # Add Note # if isinstance(self.node.object, Firewall.Firewall) or isinstance( self.node.object, Ip.Ip): self.add_note = gtk.MenuItem("Add note") self.menu.append(self.add_note) self.add_note.connect("activate", self.on_add_note) # Anomaly detection # if isinstance(self.node.object, Firewall.Firewall): self.anomaly_menu = gtk.MenuItem("Detect anomaly") self.menu.append(self.anomaly_menu) self.anomaly_menu.connect("activate", self.on_anomaly_menu) # Configuration error # if isinstance(self.node.object, Firewall.Firewall): self.config_error_menu = gtk.MenuItem("Configuration error") self.menu.append(self.config_error_menu) self.config_error_menu.connect("activate", self.on_config_error_menu) # Object list # if isinstance(self.node.object, Firewall.Firewall): self.object_menu = gtk.MenuItem("Object list") self.menu.append(self.object_menu) self.object_menu.connect("activate", self.on_object_menu) # Service list # if isinstance(self.node.object, Firewall.Firewall): self.service_menu = gtk.MenuItem("Service list") self.menu.append(self.service_menu) self.service_menu.connect("activate", self.on_service_menu) # Export Interfaces # if isinstance(self.node.object, Firewall.Firewall): self.export_itf_menu = gtk.MenuItem("Export interfaces list") self.menu.append(self.export_itf_menu) self.export_itf_menu.connect("activate", self.on_export_itf_list) # Error conf # if isinstance(self.node.object, Firewall.Firewall): self.error_conf_menu = gtk.MenuItem( "Generate anonymous configuration") self.menu.append(self.error_conf_menu) self.error_conf_menu.connect("activate", self.on_error_conf) # Remove # if isinstance(self.node.object, Firewall.Firewall): self.remove_menu = gtk.MenuItem("Remove") self.menu.append(self.remove_menu) self.remove_menu.connect("activate", self.on_remove_menu) # Show Nat rules # if isinstance(self.node.object, Firewall.Firewall): self.show_nat_rule = gtk.MenuItem("Show nat rules") self.menu.append(self.show_nat_rule) self.show_nat_rule.connect("activate", self.on_show_nat_rule) # Show IPSec Tunnels # if isinstance(self.node.object, Firewall.Firewall): self.show_ipsec_tunnels = gtk.MenuItem("Show IPSec tunnels") self.menu.append(self.show_ipsec_tunnels) self.show_ipsec_tunnels.connect("activate", self.on_show_ipsec_tunnels) # Add route config file # if isinstance(self.node.object, Firewall.Firewall): self.add_route_config = gtk.MenuItem("add route config") self.menu.append(self.add_route_config) self.add_route_config.connect("activate", self.on_add_route_config) # Add interface config file # if isinstance(self.node.object, Firewall.Firewall): self.add_interface_config = gtk.MenuItem("add interface config") self.menu.append(self.add_interface_config) self.add_interface_config.connect("activate", self.on_add_interface_config) # Itinerary # if isinstance(self.node.object, Ip.Ip): self.itinerary_menu = gtk.Menu() self.itinerary = gtk.MenuItem("Itinerary") self.itinerary.set_submenu(self.itinerary_menu) self.itinerary_from = gtk.MenuItem("Itinerary from this place") self.itinerary_to = gtk.MenuItem("Itinerary to this place") self.itinerary_menu.append(self.itinerary_from) self.itinerary_menu.append(self.itinerary_to) self.menu.append(self.itinerary) self.itinerary_from.connect("activate", self.on_itinerary, 'from') self.itinerary_to.connect("activate", self.on_itinerary, 'to') # Sensitivity # if isinstance(self.node.object, Ip.Ip): self.sensitivity_menu = gtk.Menu() self.sensitivity = gtk.MenuItem("Sensitivity") self.sensitivity.set_submenu(self.sensitivity_menu) self.sensitivity_vhigh = gtk.MenuItem("Very high") self.sensitivity_high = gtk.MenuItem("High") self.sensitivity_normal = gtk.MenuItem("Normal") self.sensitivity_low = gtk.MenuItem("Low") self.sensitivity_vlow = gtk.MenuItem("Very low") self.sensitivity_menu.append(self.sensitivity_vhigh) self.sensitivity_menu.append(self.sensitivity_high) self.sensitivity_menu.append(self.sensitivity_normal) self.sensitivity_menu.append(self.sensitivity_low) self.sensitivity_menu.append(self.sensitivity_vlow) self.menu.append(self.sensitivity) self.sensitivity_vhigh.connect("activate", self.on_sensitivity, 'vhigh') self.sensitivity_high.connect("activate", self.on_sensitivity, 'high') self.sensitivity_normal.connect("activate", self.on_sensitivity, 'normal') self.sensitivity_low.connect("activate", self.on_sensitivity, 'low') self.sensitivity_vlow.connect("activate", self.on_sensitivity, 'vlow') # Show rules # if isinstance(self.node.object, Interface.Interface): def get_firewall(x, y): if isinstance(x, Firewall.Firewall): return x elif isinstance(y, Firewall.Firewall): return y return None def get_ip(x, y): if isinstance(x, Ip.Ip): return x elif isinstance(y, Ip.Ip): return y return None self.acl_menu = gtk.Menu() self.acl = gtk.MenuItem("ACL") self.acl.set_submenu(self.acl_menu) firewall = get_firewall(self.object[0], self.object[1]) ip = get_ip(self.object[0], self.object[1]) acl_list = NetworkGraph.NetworkGraph().get_acl_list( ip, None, firewall) acl_list += NetworkGraph.NetworkGraph().get_acl_list( None, ip, firewall) for acl in set(acl_list): self.tmp_acl = gtk.MenuItem(acl.name) self.acl_menu.append(self.tmp_acl) self.tmp_acl.connect("activate", self.on_acl, acl) self.menu.append(self.acl) self.menu.popup(None, None, None, event.button, event.time) self.menu.show_all()