From 86f68abd0d39da2f4659f405ef32dc80549b8569 Mon Sep 17 00:00:00 2001
From: Aidaho12 <buffoon2001@mail.ru>
Date: Thu, 9 Aug 2018 18:11:10 +0600
Subject: [PATCH] v2.9

some functions WAF, bugs
---
 README.md                |   1 +
 app/add.py               |  24 ++--
 app/blacklist.py         |  53 +++++++++
 app/create_db.py         |  58 ++++++++--
 app/funct.py             |  32 ++++--
 app/lists.py             |  53 +++++++++
 app/options.py           |  61 ++++++++++-
 app/sql.py               |  12 ++
 app/templates/add.html   |  45 +++-----
 app/templates/base.html  |   3 +-
 app/templates/lists.html |  37 +++++++
 inc/awesome.css          |   5 +
 inc/script.js            | 231 ++++++++++++++++++++++++++++++---------
 inc/users.js             |   5 +-
 install.sh               |   3 +-
 15 files changed, 515 insertions(+), 108 deletions(-)
 create mode 100644 app/blacklist.py
 create mode 100644 app/lists.py
 create mode 100644 app/templates/lists.html

diff --git a/README.md b/README.md
index 94b4a073..4687f041 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,7 @@ Support the project
 21. Alerting about HAProxy service state
 22. Metrics incoming connections
 23. Web acceleration settings
+24. Some functions WAF
 
 ![alt text](image/haproxy-wi-metrics.jpeg "Merics")
 
diff --git a/app/add.py b/app/add.py
index 552e8072..6e09dccd 100644
--- a/app/add.py
+++ b/app/add.py
@@ -19,6 +19,7 @@ try:
 	user_id = cookie.get('uuid')
 	user = sql.get_user_name_by_uuid(user_id.value)
 	servers = sql.get_dick_permit()
+	user_group = sql.get_user_group_by_uuid(user_id.value)
 	token = sql.get_token(user_id.value)
 except:
 	pass
@@ -29,6 +30,7 @@ output_from_parsed_template = template.render(title = "Add",
 												selects = servers,
 												add = form.getvalue('add'),
 												conf_add = form.getvalue('conf'),
+												group = user_group,
 												token = token)										
 print(output_from_parsed_template)
 
@@ -108,6 +110,9 @@ if form.getvalue('mode') is not None:
 	elif force_close == "3":
 		options_split += "    option http-pretend-keepalive\n"
 		
+	if form.getvalue('blacklist') is not None:
+		options_split += "    tcp-request connection reject if { src -f /etc/haproxy/black/"+form.getvalue('blacklist')+" }\n"
+		
 	if form.getvalue('cookie'):
 		cookie = "    cookie "+form.getvalue('cookie_name')
 		if form.getvalue('cookie_domain'):
@@ -147,20 +152,21 @@ if form.getvalue('mode') is not None:
 	else:
 		servers_split = ""
 		
-	en_acceleration = form.getvalue("acceleration")
-	acceleration = ""
-	cache = ""
+	compression = form.getvalue("compression")
+	cache = form.getvalue("cache")
+	compression_s = ""
+	cache_s = ""
 	cache_set = ""
 	filter = ""
-	if en_acceleration:
+	if compression == "1" or cache == "2":
 		filter = "    filter compression\n"
-		if en_acceleration == "1" or en_acceleration == "3":
-			acceleration = "    compression algo gzip\n    compression type text/html text/plain text/css\n"
-		if en_acceleration == "2" or en_acceleration == "3":
-			cache = "    http-request cache-use "+end_name+"\n    http-response cache-store "+end_name+"\n"
+		if compression == "1":
+			compression_s = "    compression algo gzip\n    compression type text/html text/plain text/css\n"
+		if cache == "2":
+			cache_s = "    http-request cache-use "+end_name+"\n    http-response cache-store "+end_name+"\n"
 			cache_set = "cache "+end_name+"\n    total-max-size 4\n    max-age 240\n"
 	
-	config_add = name + "\n" + bind +  mode  + "\n" + balance + options_split + backend + filter + acceleration + cache + servers_split + "\n" + cache_set
+	config_add = name + "\n" + bind +  mode  + "\n" + balance + options_split + filter + compression_s + cache_s + backend + servers_split + "\n" + cache_set
 	cfg = hap_configs_dir + serv + "-" + funct.get_data('config') + ".cfg"
 	
 	funct.get_config(serv, cfg)
diff --git a/app/blacklist.py b/app/blacklist.py
new file mode 100644
index 00000000..5e2543ab
--- /dev/null
+++ b/app/blacklist.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+import os
+import sql
+import http, cgi
+import funct
+import sql
+from jinja2 import Environment, FileSystemLoader
+env = Environment(loader=FileSystemLoader('templates/'))
+template = env.get_template('lists.html')
+
+print('Content-type: text/html\n')
+funct.check_login()
+form = cgi.FieldStorage()
+funct.page_for_admin(level = 2)
+
+try:
+	cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+	user_id = cookie.get('uuid')
+	user = sql.get_user_name_by_uuid(user_id.value)
+	user_group = sql.get_user_group_by_uuid(user_id.value)
+	servers = sql.get_dick_permit(virt=1)
+	token = sql.get_token(user_id.value)
+	servbackend = form.getvalue('servbackend')
+	serv = form.getvalue('serv')
+	if servbackend is None:
+		servbackend = ""
+except:
+	pass
+	
+dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')
+white_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/white"
+black_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/black"
+if not os.path.exists(dir):
+    os.makedirs(dir)
+if not os.path.exists(dir+"/"+user_group):
+    os.makedirs(dir+"/"+user_group)
+if not os.path.exists(white_dir):
+    os.makedirs(white_dir)
+if not os.path.exists(black_dir):
+    os.makedirs(black_dir)
+	
+white_lists = funct.get_files(dir=white_dir, format="lst")
+black_lists = funct.get_files(dir=black_dir, format="lst")
+
+template = template.render(h2 = 1,
+							title = "Lists",
+							role = sql.get_user_role_by_uuid(user_id.value),
+							user = user,
+							white_lists = white_lists,
+							black_lists = black_lists,
+							group = user_group,
+							token = token)											
+print(template)
\ No newline at end of file
diff --git a/app/create_db.py b/app/create_db.py
index 993b1413..c81733e1 100644
--- a/app/create_db.py
+++ b/app/create_db.py
@@ -169,7 +169,7 @@ def update_db_v_2_0_1(**kwargs):
 		con.commit()
 	except sqltool.Error as e:
 		if kwargs.get('silent') != 1:
-			if e.args[0] == 'duplicate column name: type_ip':
+			if e.args[0] == 'duplicate column name: type_ip' or e == " 1060 (42S21): Duplicate column name 'type_ip' ":
 				print('Updating... go to version 2.0.1.1<br />')
 			else:
 				print("An error occurred:", e)
@@ -413,13 +413,10 @@ def update_db_v_2_7(**kwargs):
 
 def update_db_v_2_7_2(**kwargs):
 	con, cur = get_cur()
-	sql = """ CREATE TABLE IF NOT EXISTS `telegram` (	
-				`id` integer primary key autoincrement,	
-				`token`	VARCHAR ( 64 ), 
-				`chanel_name` INTEGER NOT NULL DEFAULT 1, 
-				`groups` INTEGER NOT NULL DEFAULT 1
-				); 
-	"""
+	if mysql_enable == '0':
+		sql = """ CREATE TABLE IF NOT EXISTS `telegram` (`id` integer primary key autoincrement, `token` VARCHAR ( 64 ), `chanel_name` INTEGER NOT NULL DEFAULT 1, `groups` INTEGER NOT NULL DEFAULT 1); """
+	else:
+		sql = """ CREATE TABLE IF NOT EXISTS `telegram` (`id` integer primary key auto_increment, `token` VARCHAR ( 64 ), `chanel_name` INTEGER NOT NULL DEFAULT 1, `groups` INTEGER NOT NULL DEFAULT 1); """
 	try:    
 		cur.execute(sql)
 		con.commit()
@@ -462,7 +459,7 @@ def update_db_v_2_8_2(**kwargs):
 	except sqltool.Error as e:
 		if kwargs.get('silent') != 1:
 			if e.args[0] == 'duplicate column name: metrics' or e == "1060 (42S21): Duplicate column name 'metrics' ":
-				print('DB was update to 2.8. It\' last version')
+				print('DB was update to 2.8')
 			else:
 				print("An error occurred:", e)
 			return False
@@ -471,6 +468,45 @@ def update_db_v_2_8_2(**kwargs):
 			return True
 	cur.close() 
 	con.close()	
+		
+def update_db_v_2_9(**kwargs):
+	con, cur = get_cur()
+	sql = """CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64)); """
+	try:    
+		cur.execute(sql)
+		con.commit()
+	except sqltool.Error as e:
+		if kwargs.get('silent') != 1:
+			if e.args[0] == 'duplicate column name: token' or e == "1060 (42S21): Duplicate column name 'token' ":
+				print('Updating... go to version 2.10')
+			else:
+				print("An error occurred:", e.args[0])
+				return False
+		else:
+			return True
+	cur.close() 
+	con.close()	
+	
+def update_db_v_2_91(**kwargs):
+	con, cur = get_cur()
+	sql = """
+	insert into `settings` (param, value) values ('lists_path', 'lists');
+	"""
+	try:    
+		cur.execute(sql)
+		con.commit()
+	except sqltool.Error as e:
+		if kwargs.get('silent') != 1:
+			if e.args[0] == 'column param is not unique' or e == "1060 (42S21): Duplicate column name 'cred' ":
+				print('DB was update to 2.9  It\' last version')
+			else:
+				print("An error occurred:", e)
+		return False
+	else:
+		print("DB was update to 2.9  It\' last version<br />")
+		return True
+	cur.close() 
+	con.close()
 	
 def update_all():	
 	update_db_v_2_0_1()
@@ -486,6 +522,8 @@ def update_all():
 	update_db_v_2_7_2()
 	update_db_v_2_8()
 	update_db_v_2_8_2()
+	update_db_v_2_9()
+	update_db_v_2_91()
 	
 def update_all_silent():
 	update_db_v_2_0_1(silent=1)
@@ -501,4 +539,6 @@ def update_all_silent():
 	update_db_v_2_7_2(silent=1)
 	update_db_v_2_8(silent=1)
 	update_db_v_2_8_2(silent=1)
+	update_db_v_2_9(silent=1)
+	update_db_v_2_91(silent=1)
 		
\ No newline at end of file
diff --git a/app/funct.py b/app/funct.py
index 46bc3c2a..fa3f419c 100644
--- a/app/funct.py
+++ b/app/funct.py
@@ -528,18 +528,32 @@ def show_backends(serv, **kwargs):
 	if kwargs.get('ret'):
 		return ret
 		
-def get_files():
+def get_files(**kwargs):
 	import glob
 	file = set()
 	return_files = set()
-	hap_configs_dir = get_config_var('configs', 'haproxy_save_configs_dir')
+	if kwargs.get('dir'):
+		dir =  kwargs.get('dir')
+	else:
+		dir = get_config_var('configs', 'haproxy_save_configs_dir')
+		
+	if kwargs.get('format'):
+		format = kwargs.get('format')
+	else:
+		format = 'cfg'
 	
-	for files in glob.glob(os.path.join(hap_configs_dir,'*.cfg')):		
-		file.add(files.split('/')[6])
+	for files in glob.glob(os.path.join(dir,'*.'+format)):				
+		file.add(files.split('/')[-1])
 	files = sorted(file, reverse=True)
-	for file in files:
-		ip = file.split("-")
-		if serv == ip[0]:
-			return_files.add(file)
-	return sorted(return_files, reverse=True)
+
+	if format == 'cfg':
+		for file in files:
+			ip = file.split("-")
+			if serv == ip[0]:
+				return_files.add(file)
+		return sorted(return_files, reverse=True)
+	else: 
+		return files
+	
+	
 	
\ No newline at end of file
diff --git a/app/lists.py b/app/lists.py
new file mode 100644
index 00000000..5e2543ab
--- /dev/null
+++ b/app/lists.py
@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+import os
+import sql
+import http, cgi
+import funct
+import sql
+from jinja2 import Environment, FileSystemLoader
+env = Environment(loader=FileSystemLoader('templates/'))
+template = env.get_template('lists.html')
+
+print('Content-type: text/html\n')
+funct.check_login()
+form = cgi.FieldStorage()
+funct.page_for_admin(level = 2)
+
+try:
+	cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+	user_id = cookie.get('uuid')
+	user = sql.get_user_name_by_uuid(user_id.value)
+	user_group = sql.get_user_group_by_uuid(user_id.value)
+	servers = sql.get_dick_permit(virt=1)
+	token = sql.get_token(user_id.value)
+	servbackend = form.getvalue('servbackend')
+	serv = form.getvalue('serv')
+	if servbackend is None:
+		servbackend = ""
+except:
+	pass
+	
+dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')
+white_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/white"
+black_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/black"
+if not os.path.exists(dir):
+    os.makedirs(dir)
+if not os.path.exists(dir+"/"+user_group):
+    os.makedirs(dir+"/"+user_group)
+if not os.path.exists(white_dir):
+    os.makedirs(white_dir)
+if not os.path.exists(black_dir):
+    os.makedirs(black_dir)
+	
+white_lists = funct.get_files(dir=white_dir, format="lst")
+black_lists = funct.get_files(dir=black_dir, format="lst")
+
+template = template.render(h2 = 1,
+							title = "Lists",
+							role = sql.get_user_role_by_uuid(user_id.value),
+							user = user,
+							white_lists = white_lists,
+							black_lists = black_lists,
+							group = user_group,
+							token = token)											
+print(template)
\ No newline at end of file
diff --git a/app/options.py b/app/options.py
index 23606219..d4531e04 100644
--- a/app/options.py
+++ b/app/options.py
@@ -455,4 +455,63 @@ if form.getvalue('metrics'):
 if form.getvalue('get_hap_v'):
 	commands = [ "haproxy -v |grep ver|awk '{print $3}'" ]
 	output = funct.ssh_command(serv, commands)
-	print(output)
\ No newline at end of file
+	print(output)
+	
+if form.getvalue('bwlists'):
+	list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+form.getvalue('bwlists')
+	try:
+		file = open(list, "r")
+		file_read = file.read()
+		file.close
+		print(file_read)
+	except IOError:
+		print('<div class="alert alert-danger" style="margin:0">Cat\'n read '+form.getvalue('color')+' list</div>')
+		
+if form.getvalue('bwlists_create'):
+	list_name = form.getvalue('bwlists_create').split('.')[0]
+	list_name += '.lst'
+	list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+list_name
+	try:
+		open(list, 'a').close()
+		print('<div class="alert alert-success" style="margin:0">'+form.getvalue('color')+' list was created</div>')
+	except IOError as e:
+		print('<div class="alert alert-danger" style="margin:0">Cat\'n create new '+form.getvalue('color')+' list. %s </div>' % e)
+		
+if form.getvalue('bwlists_save'):
+	list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+form.getvalue('bwlists_save')
+	try:
+		with open(list, "w") as file:
+			file.write(form.getvalue('bwlists_content'))
+	except IOError as e:
+		print('<div class="alert alert-danger" style="margin:0">Cat\'n save '+form.getvalue('color')+' list. %s </div>' % e)
+	
+	servers = sql.get_dick_permit()
+	path = funct.get_config_var('haproxy', 'haproxy_dir')+"/"+form.getvalue('color')
+	
+	for server in servers:
+		commands = [ "sudo mkdir "+path ]
+		funct.ssh_command(server[2], commands)
+		
+		try:
+			ssh = funct.ssh_connect(server[2])
+		except Exception as e:
+			print('<div class="alert alert-danger">Connect fail: %s</div>' % e)
+			
+		try:
+			sftp = ssh.open_sftp()
+			file = sftp.put(list, path+"/"+form.getvalue('bwlists_save'))
+			sftp.close()
+			ssh.close()
+			print('<div class="alert alert-success" style="margin:10px">Edited '+form.getvalue('color')+' list was uploaded to '+server[1]+'</div>')
+		except Exception as e:
+			print('<div class="alert alert-danger">Upload fail: %s</div>' % e)
+			
+		if form.getvalue('bwlists_restart') == 'restart':
+			commands = [ "sudo " + funct.get_config_var('haproxy', 'restart_command') ]
+			funct.ssh_command(server[2], commands)
+			
+if form.getvalue('get_lists'):
+	list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')
+	lists = funct.get_files(dir=list, format="lst")
+	for list in lists:
+		print(list)
\ No newline at end of file
diff --git a/app/sql.py b/app/sql.py
index ec963a78..de65dc44 100644
--- a/app/sql.py
+++ b/app/sql.py
@@ -839,6 +839,18 @@ def select_table_metrics(uuid):
 	cur.close()    
 	con.close()
 	
+def get_setting(param):
+	con, cur = create_db.get_cur()
+	sql = """select value from `settings` where param='%s' """ % param
+	try:    
+		cur.execute(sql)
+	except sqltool.Error as e:
+		print('<span class="alert alert-danger" id="error">An error occurred: ' + e + ' <a title="Close" id="errorMess"><b>X</b></a></span>')
+	else:
+		for value in cur.fetchone():
+			return value
+	cur.close()    
+	con.close()  
 	
 def show_update_telegram(token, page):
 	from jinja2 import Environment, FileSystemLoader
diff --git a/app/templates/add.html b/app/templates/add.html
index daeedfab..57706cb5 100644
--- a/app/templates/add.html
+++ b/app/templates/add.html
@@ -76,12 +76,8 @@
 			<td class="addName"><span title="Cache support start 1.8 and latter">Web acceleration(?):</span></td>
 			<td class="addOption">
 				<span class="controlgroup">	
-					<select name="acceleration" id="acceleration">
-						<option value="0" selected>Off</option>
-						<option value="1">Compression</option>
-						<option value="2">Cache</option>
-						<option value="3">Compression + Cache</option>
-					</select>
+					<label for="compression" title="Enable Compression">Compression</label><input type="checkbox" id="compression" name="compression" value="1">
+					<label for="cache" title="Enable Compression">Cache</label><input type="checkbox" id="cache" name="cache" value="2">
 					<label for="ssl_offloading" title="Enable SSL Offloading">SSL Offloading</label><input type="checkbox" id="ssl_offloading">
 				</span>
 			</td>
@@ -92,7 +88,12 @@
 				<span class="controlgroup">
 					<label for="slow_atack" title="Slow atack protect">Slow atack</label><input type="checkbox" id="slow_atack">
 					<label for="ddos" title="DDOS atack protect">DDOS</label><input type="checkbox" id="ddos">
+					<label for="blacklist_checkbox" title="Enable SSL Offloading">Blacklist</label><input type="checkbox" id="blacklist_checkbox">
 				</span>
+				<div id="blacklist-hide" style="display: none;">
+					<br /><span class="tooltip tooltipTop">Enter the name of the blacklist, or press down:</span><br />
+					<input type="text" name="blacklist" placeholder="blacklist.lst" class="form-control" size="39" id="blacklist-hide-input"><br />
+				</div>
 			</td>
 		</tr>
 		<tr>
@@ -242,14 +243,10 @@
 			<td class="addName"><span title="Cache support start 1.8 and latter">Web acceleration(?):</span></td>
 			<td class="addOption">
 				<span class="controlgroup">	
-					<select name="acceleration" id="acceleration2">
-						<option value="0" selected>Off</option>
-						<option value="1">Compression</option>
-						<option value="2">Cache</option>
-						<option value="3">Compression + Cache</option>
-					</select>
+					<label for="compression2" title="Enable Compression">Compression</label><input type="checkbox" id="compression2" name="compression" value="1">
+					<label for="cache2" title="Enable Compression">Cache</label><input type="checkbox" id="cache2" name="cache" value="2">
 					<label for="ssl_offloading1" title="Enable SSL Offloading">SSL Offloading</label><input type="checkbox" id="ssl_offloading1">
-				</span>
+				</span>	
 			</td>
 		</tr>
 		<tr>
@@ -258,7 +255,12 @@
 				<span class="controlgroup">
 					<label for="slow_atack1" title="Slow atack protect">Slow atack</label><input type="checkbox" id="slow_atack1">
 					<label for="ddos1" title="DDOS atack protect">DDOS</label><input type="checkbox" id="ddos1">
+					<label for="blacklist_checkbox1" title="Enable SSL Offloading">Blacklist</label><input type="checkbox" id="blacklist_checkbox1">
 				</span>
+				<div id="blacklist-hide1" style="display: none;">
+					<br /><span class="tooltip tooltipTop">Enter the name of the blacklist, or press down:</span><br />
+					<input type="text" name="blacklist" placeholder="blacklist.lst" class="form-control" size="39" id="blacklist-hide-input1"><br />
+				</div>
 			</td>
 		</tr>
 		<tr>
@@ -363,24 +365,12 @@
 			<td class="addName"><span title="Cache support start 1.8 and latter">Web acceleration(?):</span></td>
 			<td class="addOption">
 				<span class="controlgroup">
-					<select name="acceleration" id="acceleration3">
-						<option value="0" selected>Off</option>
-						<option value="1">Compression</option>
-						<option value="2">Cache</option>
-						<option value="3">Compression + Cache</option>
-					</select>
+					<label for="compression3" title="Enable Compression">Compression</label><input type="checkbox" id="compression3" name="compression" value="1">
+					<label for="cache3" title="Enable Compression">Cache</label><input type="checkbox" id="cache3" name="cache" value="2">
 					<label for="ssl_offloading2" title="Enable SSL Offloading">SSL Offloading</label><input type="checkbox" id="ssl_offloading2">
 				</span>
 			</td>
 		</tr>
-		<tr>
-			<td class="addName"><span title="Web application firewall">WAF(?):</span></td>
-			<td class="addOption">
-				<span class="controlgroup">
-					<label for="ddos2" title="DDOS atack protect">DDOS</label><input type="checkbox" id="ddos2">
-				</span>
-			</td>
-		</tr>
 		<tr>
 			<td class="addName">Optinons:</td>
 			<td class="addOption">
@@ -538,6 +528,7 @@
 	<div id="dialog-confirm" title="View certificate " style="display: none;">
 		<center><pre id="dialog-confirm-body"></pre></center>
 	</div>
+	<input type="hidden" id="group" value="{{ group }}">
 <script>
 $( ".force_close" ).selectmenu({
   width: 180
diff --git a/app/templates/base.html b/app/templates/base.html
index 7431a3e0..6e758b33 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -61,6 +61,7 @@
 								<li><a href=/app/add.py#backend title="Add single backend" class="add head-submenu">Add backend</a></li>
 								<li><a href=/app/add.py#ssl title="Upload SSL cert" class="cert head-submenu">SSL</a></li>
 								<li><a href=/app/config.py title="Edit Haproxy Config" class="edit head-submenu">Edit config</a> </li>	
+								<li><a href=/app/lists.py title="Manage black and white lists" class="lists head-submenu">Lists</a> </li>	
 								<li><a href=/app/ihap.py title="Installation HAProxy" class="hap head-submenu">Installation</a> </li>
 							{% endif %}
 						</li>
@@ -97,7 +98,7 @@
 					</ul>
 				</nav>
 				<div class="copyright-menu">
-					HAproxy-WI v2.8.1
+					HAproxy-WI v2.9
 					<br>
 					<a href="https://www.patreon.com/haproxy_wi" title="Donate" target="_blank" style="color: #fff; margin-left: 30px; color: red;" class="patreon">  Patreon</a>
 				</div>
diff --git a/app/templates/lists.html b/app/templates/lists.html
new file mode 100644
index 00000000..23362bd9
--- /dev/null
+++ b/app/templates/lists.html
@@ -0,0 +1,37 @@
+{% extends "base.html" %}
+{% block content %}
+	<table class="overview">
+		<tr class="overviewHead">
+			<td class="padding10 first-collumn">New black list</th>
+			<td>Exists black lists</th>
+			<td class="padding10 first-collumn">New white list</th>
+			<td>Exists white lists</th>
+		</tr>
+		<tr>
+			<td class="padding10 first-collumn" style="width: 25%;">
+				Name: <input type="text" id="new_blacklist_name" class="form-control">
+				<button onclick="createList('black')">Create</button>
+			</td>
+			<td style="width: 30%;">
+				{% for list in black_lists %}
+					<a onclick="editList('{{ list }}', 'black')" style="cursor: pointer;" title="Edit list {{ list }}">{{ list }}</a>
+				{% endfor %}
+			</td>
+			<td class="padding10 first-collumn" style="width: 25%;">
+				Name: <input type="text" id="new_whitelist_name" class="form-control">
+				<button onclick="createList( 'white')">Create</button>
+			</td>
+			<td style="width: 30%;">
+				{% for list in white_lists %}
+					<a onclick="editList('{{ list }}', 'white')" style="cursor: pointer;" title="Edit list {{ list }}">{{ list }}</a>
+				{% endfor %}
+			</td>
+		</tr>
+		<input type="hidden" id="group" value="{{group}}">
+	</table>
+	<div id="ajax"></div>
+	<div id="dialog-confirm" title="View certificate " style="display: none;">
+		<span><b>Note:</b>Each new address should be specified from a new line</span>
+		<textarea id="edit_lists" cols=95 rows=20></textarea>
+	</div>	
+{% endblock %}
\ No newline at end of file
diff --git a/inc/awesome.css b/inc/awesome.css
index 84f5cc23..4f5d8d55 100644
--- a/inc/awesome.css
+++ b/inc/awesome.css
@@ -71,6 +71,11 @@
 	font-family: "Font Awesome 5 Solid";
 	content: "\f044";
 }
+.lists::before {
+	display: none;
+	font-family: "Font Awesome 5 Solid";
+	content: "\f0cb";
+}
 .hap::before {
 	display: none;
 	font-family: "Font Awesome 5 Solid";
diff --git a/inc/script.js b/inc/script.js
index 2f52cc04..1865641b 100644
--- a/inc/script.js
+++ b/inc/script.js
@@ -458,25 +458,55 @@ $( function() {
 		if ($( "#listen-mode-select option:selected" ).val() == "tcp") {
 			$( "#https-listen-span" ).hide("fast");
 			$( "#https-hide-listen" ).hide("fast");
+			$("#compression").checkboxradio( "disable" );
+			$("#cache").checkboxradio( "disable" );
+			$("#ssl_offloading").checkboxradio( "disable" );
+			$("#cookie").checkboxradio( "disable" );
+			$("#slow_atack").checkboxradio( "disable" );
 			$( "#https-listen" ).prop("checked", false);
 		} else {
 			$( "#https-listen-span" ).show("fast");
+			$("#compression").checkboxradio( "enable" );
+			$("#cache").checkboxradio( "enable" );
+			$("#ssl_offloading").checkboxradio( "enable" );
+			$("#cookie").checkboxradio( "enable" );
+			$("#slow_atack").checkboxradio( "enable" );
 		}
 	});
 	$( "#frontend-mode-select" ).on('selectmenuchange',function()  {
 		if ($( "#frontend-mode-select option:selected" ).val() == "tcp") {
 			$( "#https-frontend-span" ).hide("fast");
 			$( "#https-hide-frontend" ).hide("fast");
+			$("#compression2").checkboxradio( "disable" );
+			$("#cache2").checkboxradio( "disable" );
+			$("#ssl_offloading2").checkboxradio( "disable" );
+			$("#cookie2").checkboxradio( "disable" );
+			$("#slow_atack1").checkboxradio( "disable" );
 		} else {
 			$( "#https-frontend-span" ).show("fast");
+			$("#compression2").checkboxradio( "enable" );
+			$("#cache2").checkboxradio( "enable" );
+			$("#ssl_offloading2").checkboxradio( "enable" );
+			$("#cookie2").checkboxradio( "enable" );
+			$("#slow_atack1").checkboxradio( "enable" );
 		}
 	});
 	$( "#backend-mode-select" ).on('selectmenuchange',function()  {
 		if ($( "#backend-mode-select option:selected" ).val() == "tcp") {
 			$( "#https-backend-span" ).hide("fast");
 			$( "#https-hide-backend" ).hide("fast");
+			$("#compression3").checkboxradio( "disable" );
+			$("#cache3").checkboxradio( "disable" );
+			$("#ssl_offloading3").checkboxradio( "disable" );
+			$("#cookie3").checkboxradio( "disable" );
+			$("#slow_atack2").checkboxradio( "disable" );
 		} else {
 			$( "#https-backend-span" ).show("fast");
+			$("#compression3").checkboxradio( "enable" );
+			$("#cache3").checkboxradio( "enable" );
+			$("#ssl_offloading3").checkboxradio( "enable" );
+			$("#cookie3").checkboxradio( "enable" );
+			$("#slow_atack2").checkboxradio( "enable" );
 		}
 	});
 	$( "#https-listen" ).click( function(){
@@ -736,6 +766,50 @@ $( function() {
 		autoFocus: true,
 		minLength: -1
 	});
+	$( "#blacklist-hide-input" ).autocomplete({
+		source: function( request, response ) {
+			if ( request.term == "" ) {
+				request.term = 1
+			}
+			$.ajax( {
+				url: "options.py",
+				data: {
+					get_lists: request.term,
+					color: "black",
+					group: $("#group").val(),
+					token: $('#token').val()
+				},
+				success: function( data ) {
+					data = data.replace(/\s+/g,' ');
+					response(data.split(" "));
+				}						
+			} );
+		},
+		autoFocus: true,
+		minLength: -1
+	});
+	$( "#blacklist-hide-input1" ).autocomplete({
+		source: function( request, response ) {
+			if ( request.term == "" ) {
+				request.term = 1
+			}
+			$.ajax( {
+				url: "options.py",
+				data: {
+					get_lists: request.term,
+					color: "black",
+					group: $("#group").val(),
+					token: $('#token').val()
+				},
+				success: function( data ) {
+					data = data.replace(/\s+/g,' ');
+					response(data.split(" "));
+				}						
+			} );
+		},
+		autoFocus: true,
+		minLength: -1
+	});
 	$( "#options" ).autocomplete({
 		source: availableTags,
 		autoFocus: true,
@@ -860,15 +934,6 @@ $( function() {
 			$("#ddos1").checkboxradio( "disable" );
 		}
 	});
-	$( "#new_backend" ).change(function() {
-		table_name = $('#new_backend').val();
-		table_name = $.trim(table_name)
-		if($('#new_backend').val() != "") {
-			$("#ddos2").checkboxradio( "enable" );
-		} else {
-			$("#ddos2").checkboxradio( "disable" );
-		}
-	});
 	
 	$('#ddos').click(function() {
 		if($('#name').val() == "") {
@@ -882,7 +947,7 @@ $( function() {
 								  "acl abuse sc1_http_req_rate("+table_name+") ge 100\n"+
 								  "acl flag_abuser sc1_inc_gpc0("+table_name+")\n"+
 								  "tcp-request content reject if abuse flag_abuser\n"+
-								  "End config for DDOS\n";
+								  "#End config for DDOS\n";
 		if($('#optionsInput').val().indexOf(ddos_var) == '-1') {			
 			if($('#name').val() == "") {
 				alert("First set Listen name")
@@ -905,7 +970,7 @@ $( function() {
 								  "acl abuse sc1_http_req_rate("+table_name+") ge 100\n"+
 								  "acl flag_abuser sc1_inc_gpc0("+table_name+")\n"+
 								  "tcp-request content reject if abuse flag_abuser\n"+
-								  "End config for DDOS\n";
+								  "#End config for DDOS\n";
 		if($('#optionsInput1').val().indexOf(ddos_var) == '-1') {
 			if($('#new_frontend').val() == "") {
 				alert("First set Frontend name")
@@ -916,47 +981,40 @@ $( function() {
 			replace_text("#optionsInput1", ddos_var);
 		}	
 	});
-	$('#ddos2').click(function() {
-		if($('#new_backend').val() == "") {
-			table_name = $('#new_backend').val();
-		}
-		var ddos_var = "#Start config for DDOS atack protecte\n"+
-								  "stick-table type ip size 1m expire 1m store gpc0,http_req_rate(10s),http_err_rate(10s)\n"+
-								  "tcp-request connection track-sc1 src\n"+
-								  "tcp-request connection reject if { sc1_get_gpc0 gt 0 }\n"+
-								  "# Abuser means more than 100reqs/10s\n"+
-								  "acl abuse sc1_http_req_rate("+table_name+") ge 100\n"+
-								  "acl flag_abuser sc1_inc_gpc0("+table_name+")\n"+
-								  "tcp-request content reject if abuse flag_abuser\n"+
-								  "End config for DDOS\n";
-		if($('#optionsInput2').val().indexOf(ddos_var) == '-1') {
-			if($('#new_backend').val() == "") {
-				alert("First set Backend name")
-			} else {
-				$("#optionsInput2").append(ddos_var)
-			}
+
+	$( "#blacklist_checkbox" ).click( function(){
+		if ($('#blacklist_checkbox').is(':checked')) {
+			$( "#blacklist-hide" ).show( "fast" );
+			$( "#blacklist-hide-input" ).attr('required',true);
 		} else {
-			replace_text("#optionsInput2", ddos_var);
-		}	
+			$( "#blacklist-hide" ).hide( "fast" );
+			$( "#blacklist-hide-input" ).prop('required',false);
+		}
 	});
+	$( "#blacklist_checkbox1" ).click( function(){
+		if ($('#blacklist_checkbox1').is(':checked')) {
+			$( "#blacklist-hide1" ).show( "fast" );
+			$( "#blacklist-hide-input1" ).attr('required',true);
+		} else {
+			$( "#blacklist-hide1" ).hide( "fast" );
+			$( "#blacklist-hide-input1" ).prop('required',false);
+		}
+	});
+
 	cur_url = cur_url[0].split('#');
-	console.log(cur_url[0])
 	if (cur_url[0] == "/app/add.py") {
-		$("#acceleration").selectmenu( "disable" );
+		$("#cache").checkboxradio( "disable" );
 		$( "#serv" ).on('selectmenuchange',function() {
-			$("#acceleration").selectmenu( "enable" );
 			change_select_acceleration("");
 		});
 		
-		$("#acceleration2").selectmenu( "disable" );
+		$("#cache2").checkboxradio( "disable" );
 		$( "#serv2" ).on('selectmenuchange',function() {
-			$("#acceleration2").selectmenu( "enable" );
 			change_select_acceleration(2);
 		});
 			
-		$("#acceleration3").selectmenu( "disable" );
+		$("#cache3").checkboxradio( "disable" );
 		$( "#serv3" ).on('selectmenuchange',function() {
-			$("#acceleration3").selectmenu( "enable" );
 			change_select_acceleration("3");
 		});
 	}
@@ -1142,16 +1200,11 @@ function change_select_acceleration(id) {
 		},
 		type: "GET",
 		success: function( data ) {		
-			if(parseFloat(data) < parseFloat('1.8')) {
-				console.log(false)
-				$('#acceleration'+id+' option[value=2]').attr('disabled','disabled');
-				$('#acceleration'+id+' option[value=3]').attr('disabled','disabled');		
+			if(parseFloat(data) < parseFloat('1.8')) {	
+				$("#cache"+id).checkboxradio( "disable" );
 			} else {
-				console.log('true')
-				$('#acceleration'+id+' option[value=2]').removeAttr('disabled','disabled');
-				$('#acceleration'+id+' option[value=3]').removeAttr('disabled','disabled');
+				$("#cache"+id).checkboxradio( "enable" );
 			}
-			$("#acceleration"+id).selectmenu( "refresh" );
 		}
 	} );
 }
@@ -1184,7 +1237,7 @@ function view_ssl(id) {
 				$( "#dialog-confirm" ).dialog({
 					resizable: false,
 					height: "auto",
-					width: 800,
+					width: 650,
 					modal: true,
 					title: "Certificate from "+$('#serv5').val()+", name: "+id,
 					buttons: {
@@ -1196,5 +1249,85 @@ function view_ssl(id) {
 			} 
 		}
 	} );
-
 }
+
+function createList(color) {
+	if(color == 'white') {
+		list = $('#new_whitelist_name').val() 
+	} else {
+		list = $('#new_blacklist_name').val()
+	}
+	$.ajax( {
+		url: "options.py",
+		data: {
+			bwlists_create: list,
+			color: color,
+			group: $('#group').val(),
+			token: $('#token').val()
+		},
+		type: "GET",
+		success: function( data ) {
+			$("#ajax").html(data); 
+			setTimeout(function() {
+						location.reload();
+					}, 2500 );			 
+		}
+	} );	
+}
+function editList(list, color) {
+	$.ajax( {
+		url: "options.py",
+		data: {
+			bwlists: list,
+			color: color,
+			group: $('#group').val(),
+			token: $('#token').val()
+		},
+		type: "GET",
+		success: function( data ) {
+			if (data.indexOf('danger') != '-1') {
+				$("#ajax").html(data);
+			} else {
+				$('.alert-danger').remove();
+				$('#edit_lists').text(data);
+				$( "#dialog-confirm" ).dialog({
+					resizable: false,
+					height: "auto",
+					width: 650,
+					modal: true,
+					title: "Edit "+color+" list "+list,
+					buttons: {
+						"Just save": function() {
+							$( this ).dialog( "close" );	
+							saveList('save', list, color);
+						},
+						"Save and restart": function() {
+							$( this ).dialog( "close" );	
+							saveList('restart', list, color);
+						},
+						Cancel: function() {
+							$( this ).dialog( "close" );
+						}
+					  }
+				});					
+			} 
+		}
+	} );	
+}
+function saveList(action, list, color) {
+	$.ajax( {
+		url: "options.py",
+		data: {
+			bwlists_save: list,
+			bwlists_content: $('#edit_lists').val(),
+			color: color,
+			group: $('#group').val(),
+			bwlists_restart: action,
+			token: $('#token').val()
+		},
+		type: "GET",
+		success: function( data ) {
+			$("#ajax").html(data); 
+		}
+	} );	
+}
\ No newline at end of file
diff --git a/inc/users.js b/inc/users.js
index 2483eca9..8c0f411a 100644
--- a/inc/users.js
+++ b/inc/users.js
@@ -251,8 +251,9 @@ $( function() {
 					$("#ajax-ssh").append(data);
 					$.getScript(users);
 				} else {
-					var getId = new RegExp('[0-9]+');
-					var id = data.match(getId);
+					var getId = new RegExp('ssh-table-[0-9]+');
+					var id = data.match(getId) + '';
+					id = id.split('-').pop();;
 					$("#ssh_enable_table").append(data);
 					$( ".newgroup" ).addClass( "update", 1000, callbackGroup );
 					$('select:regex(id, credentials)').append('<option value='+id+'>'+$('#new-ssh-add').val()+'</option>').selectmenu("refresh");
diff --git a/install.sh b/install.sh
index f5af21fd..8a21dbae 100644
--- a/install.sh
+++ b/install.sh
@@ -285,7 +285,8 @@ echo -e "Installing required Python Packages"
 echo ""
 echo ""
 echo "################################"
-/usr/bin/pip3 install -r /var/www/$HOME_HAPROXY_WI/requirements.txt
+sudo -H pip3 install --upgrade pip
+sudo pip3 install -r /var/www/$HOME_HAPROXY_WI/requirements.txt
 
 if [ $? -eq 1 ]
 then