def update_page(form): if (_BACKUP_DISABLED): return 'configuration backups are currently disabled.' elif ('cfg_backup_create' in form): backup_type = form.get('cfg_backup_create') name = form.get('backup_name', None) action = CFG.ADD elif ('cfg_backup_remove' in form): backup_type = form.get('cfg_backup_remove') name = form.get('backup_name', None) action = CFG.DEL elif ('cfg_backup_restore' in form): backup_type = form.get('cfg_backup_restore') name = form.get('backup_name', None) action = 'RESTORE' if (not backup_type or not name): return INVALID_FORM try: validate.standard(name) except ValidationError as ae: error = ae else: # TODO: fix this up one day | backups BackupService().backup(backup_type, action, name)
def update_page(form): if ('bl_add' in form): blacklist_settings = { 'domain': form.get('domain', DATA.INVALID), 'timer': validate.get_convert_int(form, 'rule_length') } if (DATA.INVALID in blacklist_settings.values()): return INVALID_FORM try: validate.domain(blacklist_settings['domain']) validate.timer(blacklist_settings['timer']) except ValidationError as ve: return ve else: configure.add_proxy_domain(blacklist_settings, ruleset='blacklist') elif ('bl_remove' in form): domain = form.get('bl_remove', DATA.INVALID) if (domain is DATA.INVALID): return INVALID_FORM configure.del_proxy_domain(domain, ruleset='blacklist') elif ('exc_add' in form): exception_settings = { 'domain': form.get('domain', DATA.INVALID), 'reason': form.get('reason', DATA.INVALID), 'action': CFG.ADD } if (DATA.INVALID in exception_settings.values()): return INVALID_FORM try: validate.domain(exception_settings['domain']) validate.standard(exception_settings['reason']) except ValidationError as ve: return ve else: configure.set_proxy_exception(exception_settings, ruleset='blacklist') elif ('exc_remove' in form): exception_settings = { 'domain': form.get('exc_remove', DATA.INVALID), 'reason': None, 'action': CFG.DEL } if (DATA.INVALID in exception_settings.values()): return INVALID_FORM configure.set_proxy_exception(exception_settings, ruleset='blacklist') else: return INVALID_FORM
def update_page(form): if ('bl_add' in form): domain = form.get('domain', None) timer = form.get('rule_length', None) if (not domain or not timer): return INVALID_FORM try: validate.domain(domain) validate.timer(timer) except ValidationError as ve: return ve else: configure.add_proxy_domain(domain, timer, ruleset='blacklist') elif ('bl_remove' in form): domain = form.get('bl_remove', None) if (not domain): return INVALID_FORM configure.del_proxy_domain(domain, ruleset='blacklist') elif ('exc_add' in form): domain = form.get('domain', None) reason = form.get('reason', None) if (not domain or not reason): return INVALID_FORM try: validate.domain(domain) validate.standard(reason) except ValidationError as ve: return ve else: configure.set_proxy_exception(domain, CFG.ADD, reason, ruleset='blacklist') elif ('exc_remove' in form): domain = form.get('exc_remove', None) if (not domain): return INVALID_FORM configure.set_proxy_exception(domain, CFG.DEL, ruleset='blacklist') else: return INVALID_FORM
def update_page(form): menu_option = form.get('menu', '1') print(form) if ('ud_cat_add' in form): category = form.get('ud_category', None) if (not category): return INVALID_FORM, 1 # NOTE: get correct value for menu option print(f'validating the shit {category}') try: validate.standard(category) # validation errors can be raised here so keeping within try block configure.update_custom_category(category, action=CFG.ADD) except ValidationError as ve: return ve, 1 # NOTE: get correct value for menu option elif ('ud_cat_remove' in form): category = form.get('ud_cat_remove') if (not category): return INVALID_FORM, 1 # NOTE: get correct value for menu option configure.update_custom_category(category, action=CFG.DEL) elif ('cat_add_domain' in form): category = get_ud_category(menu_option) domain = form.get('ud_domain_name', None) reason = form.get('ud_domain_reason', None) if (not category): return 'a custom category must be created before adding domain rules.', 1 # NOTE: get correct value for menu option elif (not domain or not reason): return INVALID_FORM, 1 # NOTE: get correct value for menu option try: validate.standard(category) validate.domain(domain) validate.standard(reason) # validation errors can be raised here so keeping within try block configure.update_custom_category_domain(category, domain, reason, action=CFG.ADD) except ValidationError as ve: return ve, 1 # NOTE: get correct value for menu option else: return f'added {domain} to {category}.', menu_option elif ('cat_del_domain' in form): category = get_ud_category(menu_option) domain = form.get('cat_del_domain', None) if (not domain or not category): return INVALID_FORM, 1 # NOTE: get correct value for menu option try: configure.update_custom_category_domain(category, domain, action=CFG.DEL) except ValidationError as ve: return ve, 1 # NOTE: get correct value for menu option # else: # return INVALID_FORM, 1 # NOTE: get correct value for menu option return None, menu_option
def update_page(form): # Matching logging update form and sending to configuration method. if ('dnx_ddos_update' in form): action = CFG.ADD if 'ddos' in form else CFG.DEL ddos_limits = {} for protocol in ['tcp', 'udp', 'icmp']: form_limit = form.get(f'{protocol}_limit', None) if (form_limit is None): return INVALID_FORM if (form_limit == ''): continue limit = validate.convert_int(form_limit) if (not limit): return f'{protocol} limit must be an integer or left empty.' if (not 10 <= limit <= 200): return f'{protocol} limit must be in range 20-200.' ddos_limits[protocol] = form_limit configure.set_ips_ddos(action) if (ddos_limits): configure.set_ips_ddos_limits(ddos_limits) elif ('dnx_portscan_update' in form): enabled_settings = form.getlist('ps_settings', None) try: validate.portscan_settings(enabled_settings) except ValidationError as ve: return ve else: configure.set_ips_portscan(enabled_settings) elif ('general_settings' in form): ids_mode = True if 'ids_mode' in form else False passive_block_length = form.get('passive_block_length', None) if (not passive_block_length): return INVALID_FORM try: pb_length = validate.ips_passive_block_length(passive_block_length) except ValidationError as ve: return ve else: configure.set_ips_general_settings(pb_length, ids_mode) elif ('ips_wl_add' in form): whitelist_ip = form.get('ips_wl_ip', None) whitelist_name = form.get('ips_wl_name', None) if (not whitelist_ip or not whitelist_name): return INVALID_FORM try: validate.ip_address(whitelist_ip) validate.standard(whitelist_name) except ValidationError as ve: return ve else: configure.update_ips_ip_whitelist(whitelist_ip, whitelist_name, CFG.ADD) elif ('ips_wl_remove' in form): whitelist_ip = form.get('ips_wl_ip', None) if (not whitelist_ip): return INVALID_FORM try: validate.ip_address(whitelist_ip) except ValidationError as ve: return ve else: configure.update_ips_ip_whitelist(whitelist_ip, None, CFG.DEL) elif ('ips_wl_dns' in form): action = CFG.ADD if 'dns_enabled' in form else CFG.DEL configure.update_ips_dns_whitelist(action) else: return INVALID_FORM
def update_page(form): # Matching DNS Update form and sending to configuration method. if ('dns_update' in form): dnsname1 = form.get('dnsname1', None) dnsname2 = form.get('dnsname2', None) dnsserver1 = form.get('dnsserver1', None) dnsserver2 = form.get('dnsserver2', None) dns_servers = {dnsname1: dnsserver1, dnsname2: dnsserver2} # explicit identity check on None to prevent from matching empty fields vs missing for keys. if any(x is None for x in [dnsname1, dnsname2, dnsserver1, dnsserver2]): return INVALID_FORM try: dns_server_info = {} for i, (server_name, server_ip) in enumerate(dns_servers.items(), 1): if (server_ip != ''): validate.standard(server_name) validate.ip_address(server_ip) dns_server_info[form.get(f'dnsname{i}')] = form.get(f'dnsserver{i}') except ValidationError as ve: return ve else: configure.set_dns_servers(dns_server_info) elif ('dns_record_update' in form): dns_record_name = form.get('dns_record_name', None) dns_record_ip = form.get('dns_record_ip', None) if (not dns_record_name or not dns_record_ip): return INVALID_FORM try: validate.dns_record_add(dns_record_name) validate.ip_address(dns_record_ip) except ValidationError as ve: return ve else: configure.update_dns_record(dns_record_name, CFG.ADD, dns_record_ip) elif ('dns_record_remove' in form): dns_record_name = form.get('dns_record_remove', None) if (not dns_record_name): return INVALID_FORM try: validate.dns_record_remove(dns_record_name) except ValidationError as ve: return ve else: configure.update_dns_record(dns_record_name, CFG.DEL) elif ('dns_protocol_update' in form): dns_tls_settings = { 'enabled': form.getlist('dns-protocol-settings') } try: validate.dns_over_tls(dns_tls_settings) except ValidationError as ve: return ve else: configure.set_dns_over_tls(dns_tls_settings) elif ('dns_cache_clear' in form): top_domains = form.get('clear_top_domains', None) dns_cache = form.get('clear_dns_cache', None) if (not top_domains and not dns_cache): return INVALID_FORM clear_dns_cache = {'top_domains': top_domains, 'standard': dns_cache} configure.set_dns_cache_clear_flag(clear_dns_cache) else: return INVALID_FORM
def update_page(form): if ('wl_add' in form): domain = form.get('domain', None) timer = form.get('rule_length', None) if (not domain or not timer): return INVALID_FORM try: validate.domain(domain) validate.timer(timer) except ValidationError as ve: return ve else: configure.add_proxy_domain(domain, timer, ruleset='whitelist') elif ('wl_remove' in form): domain = form.get('wl_remove', None) if (not domain): return INVALID_FORM configure.del_proxy_domain(domain, ruleset='whitelist') elif ('exc_add' in form): domain = form.get('domain', None) reason = form.get('reason', None) if (not domain or not reason): return INVALID_FORM try: validate.domain(domain) validate.standard(reason) except ValidationError as ve: return ve else: configure.set_proxy_exception(domain, CFG.ADD, reason, ruleset='whitelist') elif ('exc_remove' in form): domain = form.get('exc_remove', None) if (not domain): return INVALID_FORM configure.set_proxy_exception(domain, CFG.DEL, ruleset='whitelist') elif ('ip_wl_add' in form): whitelist_ip = form.get('ip_wl_ip', None) whitelist_user = form.get('ip_wl_user', None) whitelist_type = form.get('ip_wl_type', None) whitelist_settings = {'user': whitelist_user, 'type': whitelist_type} if not all([whitelist_ip, whitelist_type, whitelist_user]): return INVALID_FORM try: validate.ip_address(whitelist_ip) validate.add_ip_whitelist(whitelist_ip, whitelist_settings) except ValidationError as ve: return ve else: configure.add_proxy_ip_whitelist(whitelist_ip, whitelist_settings) elif ('ip_wl_remove' in form): whitelist_ip = form.get('ip_wl_ip', None) whitelist_type = form.get('ip_wl_type', None) if (not whitelist_ip or not whitelist_type): return INVALID_FORM try: validate.ip_address(whitelist_ip) validate.del_ip_whitelist(whitelist_type) except ValidationError as ve: return ve else: configure.del_proxy_ip_whitelist(whitelist_ip, whitelist_type) else: return INVALID_FORM
def update_page(form): if ('wl_add' in form): whitelist_settings = { 'domain': form.get('domain', DATA.INVALID), 'timer': validate.get_convert_int(form, 'rule_length') } if (DATA.INVALID in whitelist_settings.values()): return INVALID_FORM try: validate.domain(whitelist_settings['domain']) validate.timer(whitelist_settings['timer']) except ValidationError as ve: return ve else: configure.add_proxy_domain(whitelist_settings, ruleset='whitelist') elif ('wl_remove' in form): domain = form.get('wl_remove', DATA.INVALID) if (domain is DATA.INVALID): return INVALID_FORM configure.del_proxy_domain(domain, ruleset='whitelist') elif ('exc_add' in form): exception_settings = { 'domain': form.get('domain', DATA.INVALID), 'reason': form.get('reason', DATA.INVALID), 'action': CFG.ADD } if (DATA.INVALID in exception_settings.values()): return INVALID_FORM try: validate.domain(exception_settings['domain']) validate.standard(exception_settings['reason']) except ValidationError as ve: return ve else: configure.set_proxy_exception(exception_settings, ruleset='whitelist') elif ('exc_remove' in form): exception_settings = { 'domain': form.get('exc_remove', DATA.INVALID), 'reason': None, 'action': CFG.DEL } if (exception_settings['domain'] is DATA.INVALID): return INVALID_FORM configure.set_proxy_exception(exception_settings, ruleset='whitelist') # TODO: this should not restrict ips to only "local_net" now that we have multiple interfaces. # we should have the user select which interface it will be active on so we can properly validate the # ip address falls within that subnet. elif ('ip_wl_add' in form): whitelist_settings = { 'ip': form.get('ip_wl_ip', DATA.INVALID), 'user': form.get('ip_wl_user', DATA.INVALID), 'type': form.get('ip_wl_type', DATA.INVALID) } if (DATA.INVALID in whitelist_settings.values()): return INVALID_FORM try: validate.add_ip_whitelist(whitelist_settings) except ValidationError as ve: return ve else: configure.add_proxy_ip_whitelist(whitelist_settings) elif ('ip_wl_remove' in form): whitelist_ip = form.get('ip_wl_ip', DATA.INVALID) if (whitelist_ip is DATA.INVALID): return INVALID_FORM try: validate.ip_address(whitelist_ip) except ValidationError as ve: return ve else: configure.del_proxy_ip_whitelist(whitelist_ip) else: return INVALID_FORM