|
|
@ -138,6 +138,7 @@ def mainloop(pool):
|
|
|
|
#print(killme)
|
|
|
|
#print(killme)
|
|
|
|
if killme.value > 0:
|
|
|
|
if killme.value > 0:
|
|
|
|
#print("killing")
|
|
|
|
#print("killing")
|
|
|
|
|
|
|
|
util.clear_fwll() # clear the firewall rules before shutdown
|
|
|
|
killall()
|
|
|
|
killall()
|
|
|
|
#print(res.get(timeout=1))
|
|
|
|
#print(res.get(timeout=1))
|
|
|
|
if counter == 0: # runs every INTERVAL
|
|
|
|
if counter == 0: # runs every INTERVAL
|
|
|
@ -205,8 +206,12 @@ def mainloop(pool):
|
|
|
|
badip = line[4]
|
|
|
|
badip = line[4]
|
|
|
|
badport = line[5]
|
|
|
|
badport = line[5]
|
|
|
|
fprint("Firewalling " + badip + ":" + str(badport))
|
|
|
|
fprint("Firewalling " + badip + ":" + str(badport))
|
|
|
|
|
|
|
|
if win32:
|
|
|
|
cmd = 'New-NetFirewallRule -DisplayName "IPPigeon Security Rule ' + badip + ':' + str(badport) + '" -Group "IPPigeon" -Direction Outbound -LocalPort Any -Protocol ' + badproto + ' -Action Block -RemoteAddress ' + badip + ' -RemotePort ' + str(badport)
|
|
|
|
cmd = 'New-NetFirewallRule -DisplayName "IPPigeon Security Rule ' + badip + ':' + str(badport) + '" -Group "IPPigeon" -Direction Outbound -LocalPort Any -Protocol ' + badproto + ' -Action Block -RemoteAddress ' + badip + ' -RemotePort ' + str(badport)
|
|
|
|
run_cmd(cmd)
|
|
|
|
run_cmd(cmd)
|
|
|
|
|
|
|
|
if linux:
|
|
|
|
|
|
|
|
cmd = "nft add rule ip ippigeon output ip daddr " + badip + " " + badproto.lower() + " dport " + str(badport) + " drop"
|
|
|
|
|
|
|
|
run_cmd(cmd)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if settings["applyconfig"] == True:
|
|
|
|
if settings["applyconfig"] == True:
|
|
|
@ -284,6 +289,11 @@ if __name__ == '__main__':
|
|
|
|
|
|
|
|
|
|
|
|
# initial setup
|
|
|
|
# initial setup
|
|
|
|
#netdata_res = pool.apply_async(netstat, callback=netstat_done)
|
|
|
|
#netdata_res = pool.apply_async(netstat, callback=netstat_done)
|
|
|
|
|
|
|
|
if linux:
|
|
|
|
|
|
|
|
run_cmd("nft delete table ip ippigeon")
|
|
|
|
|
|
|
|
run_cmd("nft create table ip ippigeon")
|
|
|
|
|
|
|
|
run_cmd("nft add chain ip ippigeon output { type filter hook output priority 0 \; policy accept\; }")
|
|
|
|
|
|
|
|
#run_cmd("nft add chain ippigeon filter")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# launch loop - non-blocking!
|
|
|
|
# launch loop - non-blocking!
|
|
|
|