From d62fa3b79fc1ff64dfd47fc0dad67bd6666c71bd Mon Sep 17 00:00:00 2001
From: Cole Deck <cole@deck.sh>
Date: Tue, 22 Nov 2022 20:45:29 -0600
Subject: [PATCH] Add manual blacklist functionality

---
 auth.py     |  2 +-
 config.yml  |  4 ++--
 ippigeon.py | 20 +++++++++++---------
 panel.py    |  7 ++++++-
 ssh.py      | 15 ++++++++++++---
 5 files changed, 32 insertions(+), 16 deletions(-)

diff --git a/auth.py b/auth.py
index ccd4354..559185f 100644
--- a/auth.py
+++ b/auth.py
@@ -8,7 +8,7 @@ import bcrypt
 def login(config, user, password, sysid):
     fprint("Attempting to login as " + user)
     filename = sysid + "login.csv"
-    
+    #return True
     #hashpasswd = bcrypt.hashpw(password.encode('utf-8'), user).decode()
     with open(find_data_file(filename), "w", newline="") as f:
         writer = csv.writer(f)
diff --git a/config.yml b/config.yml
index e248712..6730710 100644
--- a/config.yml
+++ b/config.yml
@@ -1,7 +1,7 @@
 core:
   autostart: true
   clockspeed: 20
-  interval: 5
+  interval: 10
   level: 2
   localadmin: true
 sftp:
@@ -16,4 +16,4 @@ sftp:
   port: 22
   user: ec2-user
 ui:
-  darkmode: true
+  darkmode: false
diff --git a/ippigeon.py b/ippigeon.py
index d90783d..cc8beca 100644
--- a/ippigeon.py
+++ b/ippigeon.py
@@ -18,8 +18,7 @@ import auth
 import panel
 import block
 
-badapps = [756, 278670]
-badips = ["208.59.79.12",]
+history = list()
 displaydata = None
 settings = None
 netdata_res = None
@@ -66,7 +65,7 @@ def netstat_done(res):
 def process_done(res):
     if settings["running"] == True:
         fprint("uploading to sftp...")
-        #ssh.sftp_send_data(res, config, datafile)
+        #ssh.sftp_send_data(config, datafile, 'send')
         
         procdata_res = pool.apply_async(ssh.sftp_send_data, (config, datafile, 'send'), callback=upload_done)
     
@@ -229,12 +228,15 @@ def mainloop(pool):
             badip = line[4]
             badport = line[5]
             fprint("Firewalling " + badip + ":" + str(badport))
-            if win32:
-                cmd = 'New-NetFirewallRule -DisplayName "IPPigeon Security Rule ' + badip + ':' + str(badport) + '" -Group "IPPigeon" -Direction Outbound -LocalPort Any -Protocol ' + badproto + ' -Action Block -RemoteAddress ' + badip + ' -RemotePort ' + str(badport)
-                run_cmd(cmd)
-            if linux:
-                cmd = "nft add rule ip ippigeon output ip daddr " + badip + " " + badproto.lower() + " dport " + str(badport) + " drop"
-                run_cmd(cmd)
+            if (badip, badport) not in history:
+                if win32:
+                    cmd = 'New-NetFirewallRule -DisplayName "IPPigeon Security Rule ' + badip + ':' + str(badport) + '" -Group "IPPigeon" -Direction Outbound -LocalPort Any -Protocol ' + badproto + ' -Action Block -RemoteAddress ' + badip + ' -RemotePort ' + str(badport)
+                    run_cmd(cmd)
+                if linux:
+                    cmd = "nft add rule ip ippigeon output ip daddr " + badip + " " + badproto.lower() + " dport " + str(badport) + " drop"
+                    run_cmd(cmd)
+            else:
+                history.append((badip, badport))
         
     
     if settings["applyconfig"] == True:
diff --git a/panel.py b/panel.py
index dec6724..b4f223b 100644
--- a/panel.py
+++ b/panel.py
@@ -246,7 +246,6 @@ class ServerPanel(wx.Panel):
             txt = "Status: Running (" + str(settings["config"]["core"]["level"]) + ")"
         else:
             txt = "Status: Not running"
-
         #self.list_ctrl.SetSize(self.GetSize()[0] - 50, self.GetSize()[1] - 200)
         self.checklogin()
         if settings["loggedin"] == True:
@@ -268,6 +267,10 @@ class ServerPanel(wx.Panel):
             return
         fprint("updatedata called")
         loaddata()
+        list_total  = self.list_ctrl.GetItemCount()
+        list_top    = self.list_ctrl.GetTopItem()
+        list_pp     = self.list_ctrl.GetCountPerPage()
+        list_bottom = min(list_top + list_pp, list_total - 1)
         if self.list_ctrl.DeleteAllItems():
             fprint("Items deleted")
         else:
@@ -293,10 +296,12 @@ class ServerPanel(wx.Panel):
             for j in range(1, 6):
                 #fprint(str(idx) + " " + str(TEST_FILE.iloc[i, 0]))
                 self.list_ctrl.SetItem(idx, j, str(TEST_FILE.iloc[i, j]))
+                
 
                 #fprint(i, j, TEST_FILE.iloc[i, j])
         #self.SetSizer(self.main_sizer)
         
+        self.list_ctrl.EnsureVisible((list_bottom - 1))
         wx.CallLater(100, self.updatedata)
 
     def on_start(self, event):
diff --git a/ssh.py b/ssh.py
index 2ecee16..c8bc650 100644
--- a/ssh.py
+++ b/ssh.py
@@ -7,11 +7,16 @@ from util import macos
 from invoke import exceptions
 import sys
 
+c = None
+
 def sftp_send_data(config, filename, filetype):
     setup_child()
     if not macos:
         fprint("Connecting over SSH to " + config['sftp']['host'])
-        c = Connection(host=config['sftp']['host'], user=config['sftp']['user'], port=config['sftp']['port'], connect_kwargs={"key_filename": find_data_file(config['sftp']['keyfile']),})
+        global c
+        if c is None:
+            c = Connection(host=config['sftp']['host'], user=config['sftp']['user'], port=config['sftp']['port'], connect_kwargs={"key_filename": find_data_file(config['sftp']['keyfile']),})
+
         fprint("Sending data over SFTP: " + filename)
         fprint(c.put(find_data_file(filename), remote=config['sftp']['filepath'][filetype]))
         fprint("Data sent over SFTP successfully")
@@ -21,7 +26,9 @@ def sftp_send_data(config, filename, filetype):
 def check_for_file(config, filename, location):
     setup_child()
     fprint("Connecting over SSH to " + config['sftp']['host'])
-    c = Connection(host=config['sftp']['host'], user=config['sftp']['user'], port=config['sftp']['port'], connect_kwargs={"key_filename": find_data_file(config['sftp']['keyfile']),})
+    global c
+    if c is None:
+        c = Connection(host=config['sftp']['host'], user=config['sftp']['user'], port=config['sftp']['port'], connect_kwargs={"key_filename": find_data_file(config['sftp']['keyfile']),})
     fprint("Checking for existence of file " + config['sftp']['filepath'][location] + "/" + filename)
     try:
         res = c.run("ls -l " + config['sftp']['filepath'][location] + "/" + filename, hide=True)
@@ -33,7 +40,9 @@ def check_for_file(config, filename, location):
 def run_ssh(config, command, location):
     setup_child()
     fprint("Connecting over SSH to " + config['sftp']['host'])
-    c = Connection(host=config['sftp']['host'], user=config['sftp']['user'], port=config['sftp']['port'], connect_kwargs={"key_filename": find_data_file(config['sftp']['keyfile']),})
+    global c
+    if c is None:
+        c = Connection(host=config['sftp']['host'], user=config['sftp']['user'], port=config['sftp']['port'], connect_kwargs={"key_filename": find_data_file(config['sftp']['keyfile']),})
     fprint("cd to " + config['sftp']['filepath'][location])
     with c.cd(config['sftp']['filepath'][location]):
         fprint("Running ssh command: " + command)