|
|
|
from util import find_data_file
|
|
|
|
from util import setup_child
|
|
|
|
from util import fprint
|
|
|
|
from util import run_cmd
|
|
|
|
from util import win32
|
|
|
|
from util import linux
|
|
|
|
from util import kill
|
|
|
|
import util
|
|
|
|
import time
|
|
|
|
import csv
|
|
|
|
import ssh
|
|
|
|
|
|
|
|
def get_blocklist(config):
|
|
|
|
setup_child()
|
|
|
|
fprint("Downloading deny list from server")
|
|
|
|
data = ssh.check_for_file(config, "BadIPs.csv", "receive")
|
|
|
|
#fprint(data.stdout)
|
|
|
|
csvreader = csv.reader(data.stdout.split("\n"), delimiter=',', quotechar='|')
|
|
|
|
data2 = list()
|
|
|
|
for row in csvreader:
|
|
|
|
data2.append(row)
|
|
|
|
data2 = [i for i in data2 if i]
|
|
|
|
#fprint(data2)
|
|
|
|
data2.append(["N/A", "TCP", "N/A", "N/A", "20.112.52.29", "5000", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A"])
|
|
|
|
data2.append(["N/A", "TCP", "N/A", "N/A", "20.81.111.85", "80", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A"])
|
|
|
|
data2.append(["N/A", "TCP", "N/A", "N/A", "100.115.71.78", "5000", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A"])
|
|
|
|
data2.append(["N/A", "TCP", "N/A", "N/A", "100.115.71.78", "5000", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A"])
|
|
|
|
data2.append(["N/A", "TCP", "N/A", "N/A", "174.143.130.167", "443", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A"])
|
|
|
|
data2.append(["N/A", "TCP", "N/A", "N/A", "216.47.134.203", "443", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A"])
|
|
|
|
data2.append(["N/A", "TCP", "N/A", "N/A", "34.111.83.189", "443", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A", "N/A"])
|
|
|
|
|
|
|
|
|
|
|
|
fprint(data2)
|
|
|
|
with open(find_data_file("blocklist.csv"), "w", newline="") as f:
|
|
|
|
writer = csv.writer(f)
|
|
|
|
writer.writerows(data2)
|
|
|
|
fprint("done creating csv")
|
|
|
|
return data2
|
|
|
|
|
|
|
|
def block_conn(config, datafile, res):
|
|
|
|
setup_child()
|
|
|
|
fprint("Searching block data")
|
|
|
|
mydata = list()
|
|
|
|
badapps = list()
|
|
|
|
badips = list()
|
|
|
|
badlines = list()
|
|
|
|
with open(find_data_file(datafile), newline='') as csvfile:
|
|
|
|
csvreader = csv.reader(csvfile, delimiter=',', quotechar='|')
|
|
|
|
|
|
|
|
for row in csvreader:
|
|
|
|
mydata.append(row)
|
|
|
|
|
|
|
|
baddata = res
|
|
|
|
fprint("Local loaded successfully")
|
|
|
|
|
|
|
|
#fprint(mydata)
|
|
|
|
for line in mydata:
|
|
|
|
#fprint(line)
|
|
|
|
#fprint(line)
|
|
|
|
if line[0].find("0x") >= 0:
|
|
|
|
continue
|
|
|
|
|
|
|
|
srcip = line[2].split(":")[0]
|
|
|
|
destip = line[3].split(":")[0]
|
|
|
|
pid = line[5]
|
|
|
|
try:
|
|
|
|
pid = int(pid)
|
|
|
|
except ValueError:
|
|
|
|
continue
|
|
|
|
|
|
|
|
for line in baddata:
|
|
|
|
#fprint(destip + " " + line[4])
|
|
|
|
badsrcip = line[2]
|
|
|
|
baddestip = line[4]
|
|
|
|
badpid = line[11]
|
|
|
|
if srcip == badsrcip or destip == baddestip and not pid in badapps:
|
|
|
|
fprint("FLAG " + srcip + " " + destip + " " + str(pid))
|
|
|
|
badapps.append(pid)
|
|
|
|
badips.append(baddestip)
|
|
|
|
badlines.append(line)
|
|
|
|
#fprint(badapps)
|
|
|
|
#fprint("FLAG " + srcip + " " + destip + " " + str(pid))
|
|
|
|
#kill(pid)
|
|
|
|
return badapps, badips, badlines
|