diff --git a/README.md b/README.md
index 94b4a073..4687f041 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,7 @@ Support the project
21. Alerting about HAProxy service state
22. Metrics incoming connections
23. Web acceleration settings
+24. Some functions WAF
diff --git a/app/add.py b/app/add.py
index 552e8072..6e09dccd 100644
--- a/app/add.py
+++ b/app/add.py
@@ -19,6 +19,7 @@ try:
user_id = cookie.get('uuid')
user = sql.get_user_name_by_uuid(user_id.value)
servers = sql.get_dick_permit()
+ user_group = sql.get_user_group_by_uuid(user_id.value)
token = sql.get_token(user_id.value)
except:
pass
@@ -29,6 +30,7 @@ output_from_parsed_template = template.render(title = "Add",
selects = servers,
add = form.getvalue('add'),
conf_add = form.getvalue('conf'),
+ group = user_group,
token = token)
print(output_from_parsed_template)
@@ -108,6 +110,9 @@ if form.getvalue('mode') is not None:
elif force_close == "3":
options_split += " option http-pretend-keepalive\n"
+ if form.getvalue('blacklist') is not None:
+ options_split += " tcp-request connection reject if { src -f /etc/haproxy/black/"+form.getvalue('blacklist')+" }\n"
+
if form.getvalue('cookie'):
cookie = " cookie "+form.getvalue('cookie_name')
if form.getvalue('cookie_domain'):
@@ -147,20 +152,21 @@ if form.getvalue('mode') is not None:
else:
servers_split = ""
- en_acceleration = form.getvalue("acceleration")
- acceleration = ""
- cache = ""
+ compression = form.getvalue("compression")
+ cache = form.getvalue("cache")
+ compression_s = ""
+ cache_s = ""
cache_set = ""
filter = ""
- if en_acceleration:
+ if compression == "1" or cache == "2":
filter = " filter compression\n"
- if en_acceleration == "1" or en_acceleration == "3":
- acceleration = " compression algo gzip\n compression type text/html text/plain text/css\n"
- if en_acceleration == "2" or en_acceleration == "3":
- cache = " http-request cache-use "+end_name+"\n http-response cache-store "+end_name+"\n"
+ if compression == "1":
+ compression_s = " compression algo gzip\n compression type text/html text/plain text/css\n"
+ if cache == "2":
+ cache_s = " http-request cache-use "+end_name+"\n http-response cache-store "+end_name+"\n"
cache_set = "cache "+end_name+"\n total-max-size 4\n max-age 240\n"
- config_add = name + "\n" + bind + mode + "\n" + balance + options_split + backend + filter + acceleration + cache + servers_split + "\n" + cache_set
+ config_add = name + "\n" + bind + mode + "\n" + balance + options_split + filter + compression_s + cache_s + backend + servers_split + "\n" + cache_set
cfg = hap_configs_dir + serv + "-" + funct.get_data('config') + ".cfg"
funct.get_config(serv, cfg)
diff --git a/app/blacklist.py b/app/blacklist.py
new file mode 100644
index 00000000..5e2543ab
--- /dev/null
+++ b/app/blacklist.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+import os
+import sql
+import http, cgi
+import funct
+import sql
+from jinja2 import Environment, FileSystemLoader
+env = Environment(loader=FileSystemLoader('templates/'))
+template = env.get_template('lists.html')
+
+print('Content-type: text/html\n')
+funct.check_login()
+form = cgi.FieldStorage()
+funct.page_for_admin(level = 2)
+
+try:
+ cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+ user_id = cookie.get('uuid')
+ user = sql.get_user_name_by_uuid(user_id.value)
+ user_group = sql.get_user_group_by_uuid(user_id.value)
+ servers = sql.get_dick_permit(virt=1)
+ token = sql.get_token(user_id.value)
+ servbackend = form.getvalue('servbackend')
+ serv = form.getvalue('serv')
+ if servbackend is None:
+ servbackend = ""
+except:
+ pass
+
+dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')
+white_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/white"
+black_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/black"
+if not os.path.exists(dir):
+ os.makedirs(dir)
+if not os.path.exists(dir+"/"+user_group):
+ os.makedirs(dir+"/"+user_group)
+if not os.path.exists(white_dir):
+ os.makedirs(white_dir)
+if not os.path.exists(black_dir):
+ os.makedirs(black_dir)
+
+white_lists = funct.get_files(dir=white_dir, format="lst")
+black_lists = funct.get_files(dir=black_dir, format="lst")
+
+template = template.render(h2 = 1,
+ title = "Lists",
+ role = sql.get_user_role_by_uuid(user_id.value),
+ user = user,
+ white_lists = white_lists,
+ black_lists = black_lists,
+ group = user_group,
+ token = token)
+print(template)
\ No newline at end of file
diff --git a/app/create_db.py b/app/create_db.py
index 993b1413..c81733e1 100644
--- a/app/create_db.py
+++ b/app/create_db.py
@@ -169,7 +169,7 @@ def update_db_v_2_0_1(**kwargs):
con.commit()
except sqltool.Error as e:
if kwargs.get('silent') != 1:
- if e.args[0] == 'duplicate column name: type_ip':
+ if e.args[0] == 'duplicate column name: type_ip' or e == " 1060 (42S21): Duplicate column name 'type_ip' ":
print('Updating... go to version 2.0.1.1
')
else:
print("An error occurred:", e)
@@ -413,13 +413,10 @@ def update_db_v_2_7(**kwargs):
def update_db_v_2_7_2(**kwargs):
con, cur = get_cur()
- sql = """ CREATE TABLE IF NOT EXISTS `telegram` (
- `id` integer primary key autoincrement,
- `token` VARCHAR ( 64 ),
- `chanel_name` INTEGER NOT NULL DEFAULT 1,
- `groups` INTEGER NOT NULL DEFAULT 1
- );
- """
+ if mysql_enable == '0':
+ sql = """ CREATE TABLE IF NOT EXISTS `telegram` (`id` integer primary key autoincrement, `token` VARCHAR ( 64 ), `chanel_name` INTEGER NOT NULL DEFAULT 1, `groups` INTEGER NOT NULL DEFAULT 1); """
+ else:
+ sql = """ CREATE TABLE IF NOT EXISTS `telegram` (`id` integer primary key auto_increment, `token` VARCHAR ( 64 ), `chanel_name` INTEGER NOT NULL DEFAULT 1, `groups` INTEGER NOT NULL DEFAULT 1); """
try:
cur.execute(sql)
con.commit()
@@ -462,7 +459,7 @@ def update_db_v_2_8_2(**kwargs):
except sqltool.Error as e:
if kwargs.get('silent') != 1:
if e.args[0] == 'duplicate column name: metrics' or e == "1060 (42S21): Duplicate column name 'metrics' ":
- print('DB was update to 2.8. It\' last version')
+ print('DB was update to 2.8')
else:
print("An error occurred:", e)
return False
@@ -471,6 +468,45 @@ def update_db_v_2_8_2(**kwargs):
return True
cur.close()
con.close()
+
+def update_db_v_2_9(**kwargs):
+ con, cur = get_cur()
+ sql = """CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64)); """
+ try:
+ cur.execute(sql)
+ con.commit()
+ except sqltool.Error as e:
+ if kwargs.get('silent') != 1:
+ if e.args[0] == 'duplicate column name: token' or e == "1060 (42S21): Duplicate column name 'token' ":
+ print('Updating... go to version 2.10')
+ else:
+ print("An error occurred:", e.args[0])
+ return False
+ else:
+ return True
+ cur.close()
+ con.close()
+
+def update_db_v_2_91(**kwargs):
+ con, cur = get_cur()
+ sql = """
+ insert into `settings` (param, value) values ('lists_path', 'lists');
+ """
+ try:
+ cur.execute(sql)
+ con.commit()
+ except sqltool.Error as e:
+ if kwargs.get('silent') != 1:
+ if e.args[0] == 'column param is not unique' or e == "1060 (42S21): Duplicate column name 'cred' ":
+ print('DB was update to 2.9 It\' last version')
+ else:
+ print("An error occurred:", e)
+ return False
+ else:
+ print("DB was update to 2.9 It\' last version
")
+ return True
+ cur.close()
+ con.close()
def update_all():
update_db_v_2_0_1()
@@ -486,6 +522,8 @@ def update_all():
update_db_v_2_7_2()
update_db_v_2_8()
update_db_v_2_8_2()
+ update_db_v_2_9()
+ update_db_v_2_91()
def update_all_silent():
update_db_v_2_0_1(silent=1)
@@ -501,4 +539,6 @@ def update_all_silent():
update_db_v_2_7_2(silent=1)
update_db_v_2_8(silent=1)
update_db_v_2_8_2(silent=1)
+ update_db_v_2_9(silent=1)
+ update_db_v_2_91(silent=1)
\ No newline at end of file
diff --git a/app/funct.py b/app/funct.py
index 46bc3c2a..fa3f419c 100644
--- a/app/funct.py
+++ b/app/funct.py
@@ -528,18 +528,32 @@ def show_backends(serv, **kwargs):
if kwargs.get('ret'):
return ret
-def get_files():
+def get_files(**kwargs):
import glob
file = set()
return_files = set()
- hap_configs_dir = get_config_var('configs', 'haproxy_save_configs_dir')
+ if kwargs.get('dir'):
+ dir = kwargs.get('dir')
+ else:
+ dir = get_config_var('configs', 'haproxy_save_configs_dir')
+
+ if kwargs.get('format'):
+ format = kwargs.get('format')
+ else:
+ format = 'cfg'
- for files in glob.glob(os.path.join(hap_configs_dir,'*.cfg')):
- file.add(files.split('/')[6])
+ for files in glob.glob(os.path.join(dir,'*.'+format)):
+ file.add(files.split('/')[-1])
files = sorted(file, reverse=True)
- for file in files:
- ip = file.split("-")
- if serv == ip[0]:
- return_files.add(file)
- return sorted(return_files, reverse=True)
+
+ if format == 'cfg':
+ for file in files:
+ ip = file.split("-")
+ if serv == ip[0]:
+ return_files.add(file)
+ return sorted(return_files, reverse=True)
+ else:
+ return files
+
+
\ No newline at end of file
diff --git a/app/lists.py b/app/lists.py
new file mode 100644
index 00000000..5e2543ab
--- /dev/null
+++ b/app/lists.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+import os
+import sql
+import http, cgi
+import funct
+import sql
+from jinja2 import Environment, FileSystemLoader
+env = Environment(loader=FileSystemLoader('templates/'))
+template = env.get_template('lists.html')
+
+print('Content-type: text/html\n')
+funct.check_login()
+form = cgi.FieldStorage()
+funct.page_for_admin(level = 2)
+
+try:
+ cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+ user_id = cookie.get('uuid')
+ user = sql.get_user_name_by_uuid(user_id.value)
+ user_group = sql.get_user_group_by_uuid(user_id.value)
+ servers = sql.get_dick_permit(virt=1)
+ token = sql.get_token(user_id.value)
+ servbackend = form.getvalue('servbackend')
+ serv = form.getvalue('serv')
+ if servbackend is None:
+ servbackend = ""
+except:
+ pass
+
+dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')
+white_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/white"
+black_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/black"
+if not os.path.exists(dir):
+ os.makedirs(dir)
+if not os.path.exists(dir+"/"+user_group):
+ os.makedirs(dir+"/"+user_group)
+if not os.path.exists(white_dir):
+ os.makedirs(white_dir)
+if not os.path.exists(black_dir):
+ os.makedirs(black_dir)
+
+white_lists = funct.get_files(dir=white_dir, format="lst")
+black_lists = funct.get_files(dir=black_dir, format="lst")
+
+template = template.render(h2 = 1,
+ title = "Lists",
+ role = sql.get_user_role_by_uuid(user_id.value),
+ user = user,
+ white_lists = white_lists,
+ black_lists = black_lists,
+ group = user_group,
+ token = token)
+print(template)
\ No newline at end of file
diff --git a/app/options.py b/app/options.py
index 23606219..d4531e04 100644
--- a/app/options.py
+++ b/app/options.py
@@ -455,4 +455,63 @@ if form.getvalue('metrics'):
if form.getvalue('get_hap_v'):
commands = [ "haproxy -v |grep ver|awk '{print $3}'" ]
output = funct.ssh_command(serv, commands)
- print(output)
\ No newline at end of file
+ print(output)
+
+if form.getvalue('bwlists'):
+ list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+form.getvalue('bwlists')
+ try:
+ file = open(list, "r")
+ file_read = file.read()
+ file.close
+ print(file_read)
+ except IOError:
+ print('Cat\'n read '+form.getvalue('color')+' list
')
+
+if form.getvalue('bwlists_create'):
+ list_name = form.getvalue('bwlists_create').split('.')[0]
+ list_name += '.lst'
+ list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+list_name
+ try:
+ open(list, 'a').close()
+ print(''+form.getvalue('color')+' list was created
')
+ except IOError as e:
+ print('Cat\'n create new '+form.getvalue('color')+' list. %s
' % e)
+
+if form.getvalue('bwlists_save'):
+ list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+form.getvalue('bwlists_save')
+ try:
+ with open(list, "w") as file:
+ file.write(form.getvalue('bwlists_content'))
+ except IOError as e:
+ print('Cat\'n save '+form.getvalue('color')+' list. %s
' % e)
+
+ servers = sql.get_dick_permit()
+ path = funct.get_config_var('haproxy', 'haproxy_dir')+"/"+form.getvalue('color')
+
+ for server in servers:
+ commands = [ "sudo mkdir "+path ]
+ funct.ssh_command(server[2], commands)
+
+ try:
+ ssh = funct.ssh_connect(server[2])
+ except Exception as e:
+ print('Connect fail: %s
' % e)
+
+ try:
+ sftp = ssh.open_sftp()
+ file = sftp.put(list, path+"/"+form.getvalue('bwlists_save'))
+ sftp.close()
+ ssh.close()
+ print('Edited '+form.getvalue('color')+' list was uploaded to '+server[1]+'
')
+ except Exception as e:
+ print('Upload fail: %s
' % e)
+
+ if form.getvalue('bwlists_restart') == 'restart':
+ commands = [ "sudo " + funct.get_config_var('haproxy', 'restart_command') ]
+ funct.ssh_command(server[2], commands)
+
+if form.getvalue('get_lists'):
+ list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')
+ lists = funct.get_files(dir=list, format="lst")
+ for list in lists:
+ print(list)
\ No newline at end of file
diff --git a/app/sql.py b/app/sql.py
index ec963a78..de65dc44 100644
--- a/app/sql.py
+++ b/app/sql.py
@@ -839,6 +839,18 @@ def select_table_metrics(uuid):
cur.close()
con.close()
+def get_setting(param):
+ con, cur = create_db.get_cur()
+ sql = """select value from `settings` where param='%s' """ % param
+ try:
+ cur.execute(sql)
+ except sqltool.Error as e:
+ print('An error occurred: ' + e + ' X')
+ else:
+ for value in cur.fetchone():
+ return value
+ cur.close()
+ con.close()
def show_update_telegram(token, page):
from jinja2 import Environment, FileSystemLoader
diff --git a/app/templates/add.html b/app/templates/add.html
index daeedfab..57706cb5 100644
--- a/app/templates/add.html
+++ b/app/templates/add.html
@@ -76,12 +76,8 @@
Web acceleration(?): |
-
+
+
|
@@ -92,7 +88,12 @@
+
+
+
Enter the name of the blacklist, or press down:
+
+
@@ -242,14 +243,10 @@
| Web acceleration(?): |
-
+
+
-
+
|
@@ -258,7 +255,12 @@
+
+
+
Enter the name of the blacklist, or press down:
+
+
@@ -363,24 +365,12 @@
| Web acceleration(?): |
-
+
+
|
-
- | WAF(?): |
-
-
-
-
- |
-
| Optinons: |
@@ -538,6 +528,7 @@
+
|