From a44f272cb926d84319e6318b4e7a8bc2ddd5bce3 Mon Sep 17 00:00:00 2001 From: Pavel Loginov Date: Tue, 10 Sep 2019 08:44:02 +0300 Subject: [PATCH] v3.4.5 WAF and overview improved, bugs fixed --- app/options.py | 11 ++++++++- app/sql.py | 15 ++++++++++++ app/templates/ajax/overivewWaf.html | 36 +++++++++++++++++++++++++---- app/templates/ajax/overview.html | 6 ++++- app/templates/base.html | 2 +- inc/script.js | 20 ++++++++++++++++ install.sh | 4 +--- update.sh | 18 +++++---------- 8 files changed, 90 insertions(+), 22 deletions(-) diff --git a/app/options.py b/app/options.py index 87ca0e94..106b209b 100644 --- a/app/options.py +++ b/app/options.py @@ -646,4 +646,13 @@ if form.getvalue('get_ldap_email'): except: print('error: user not found') finally: - l.unbind() \ No newline at end of file + l.unbind() + + +if form.getvalue('change_waf_mode'): + waf_mode = form.getvalue('change_waf_mode') + server_hostname = form.getvalue('server_hostname') + haproxy_dir = sql.get_setting('haproxy_dir') + serv = sql.select_server_by_name(server_hostname) + commands = [ "sudo sed -i 's/^SecRuleEngine.*/SecRuleEngine %s/' %s/waf/modsecurity.conf " % (waf_mode, haproxy_dir) ] + funct.ssh_command(serv, commands) \ No newline at end of file diff --git a/app/sql.py b/app/sql.py index 3ca66e18..aaaa5304 100644 --- a/app/sql.py +++ b/app/sql.py @@ -235,6 +235,21 @@ def select_user_name_group(id): cur.close() con.close() + +def select_server_by_name(name): + con, cur = create_db.get_cur() + sql = """select ip from servers where hostname='%s' """ % name + try: + cur.execute(sql) + except sqltool.Error as e: + out_error(e) + else: + for name in cur.fetchone(): + return name + cur.close() + con.close() + + def select_servers(**kwargs): con, cur = create_db.get_cur() sql = """select * from servers where enable = '1' ORDER BY groups """ diff --git a/app/templates/ajax/overivewWaf.html b/app/templates/ajax/overivewWaf.html index 81744a1b..d00c25f2 100644 --- a/app/templates/ajax/overivewWaf.html +++ b/app/templates/ajax/overivewWaf.html @@ -2,7 +2,7 @@ {% for service in service_status %} {% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" or url == "waf.py" %} {% do waf_servers.append(1) %} - + {{ service.0 }} @@ -27,14 +27,30 @@ {% endif %} + {% if role <= 1 %} {% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" %} - {{ service.3 }} + {%else %} {% endif %} + {% else %} + {{ service.3 }} + {% endif %} {% if url == "waf.py" %} - + {% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" %} {% if service.4|int() == 1 %} @@ -54,4 +70,16 @@ You have not installed the WAF server yet -{% endif %} \ No newline at end of file +{% endif %} + + \ No newline at end of file diff --git a/app/templates/ajax/overview.html b/app/templates/ajax/overview.html index 521bf7e1..a70caf82 100644 --- a/app/templates/ajax/overview.html +++ b/app/templates/ajax/overview.html @@ -45,7 +45,11 @@ - {{ service.3 }} + {% if "ls: cannot access" in service.3 %} + Cannot find HAProxy config + {% else %} + {{ service.3 }} + {% endif %} diff --git a/app/templates/base.html b/app/templates/base.html index fb9ed0c4..2c374633 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -115,7 +115,7 @@
- HAproxy-WI v3.4.4.8 + HAproxy-WI v3.4.5
Patreon
diff --git a/inc/script.js b/inc/script.js index 10960e0d..24182a9e 100644 --- a/inc/script.js +++ b/inc/script.js @@ -1507,4 +1507,24 @@ function saveList(action, list, color) { $("#ajax").html(data); } } ); +} +function changeWafMode(id) { + var waf_mode = $('#'+id+' option:selected').val(); + var server_hostname = id.split('_')[0]; + $.ajax( { + url: "options.py", + data: { + change_waf_mode: waf_mode, + server_hostname: server_hostname, + token: $('#token').val() + }, + type: "GET", + success: function( data ) { + alert('Do not forget restart WAF server: '+server_hostname) + $( '#'+server_hostname+'-select-line' ).addClass( "update", 1000 ); + setTimeout(function() { + $( '#'+server_hostname+'-select-line' ).removeClass( "update" ); + }, 2500 ); + } + } ); } \ No newline at end of file diff --git a/install.sh b/install.sh index bca43ca0..9b59b6a6 100644 --- a/install.sh +++ b/install.sh @@ -299,7 +299,6 @@ sed -i 's/#$UDPServerRun 514/$UDPServerRun 514/g' /etc/rsyslog.conf sed -i 's/#$ModLoad imudp/$ModLoad imudp/g' /etc/rsyslog.conf systemctl daemon-reload -systemctl restart logrotate systemctl restart rsyslog systemctl restart metrics_haproxy.service systemctl restart checker_haproxy.service @@ -353,8 +352,7 @@ echo -e "Installing required Python Packages" echo "" echo "" echo "################################" -sudo -H pip3 install --upgrade pip -sudo pip3 install -r /var/www/$HOME_HAPROXY_WI/requirements.txt +sudo -H pip3.5 install --upgrade pip sudo pip3.5 install -r /var/www/$HOME_HAPROXY_WI/requirements.txt if [ $? -eq 1 ] diff --git a/update.sh b/update.sh index c2b4770f..69421017 100644 --- a/update.sh +++ b/update.sh @@ -1,27 +1,21 @@ #!/bin/bash -# set -x - cp app/haproxy-wi.cfg /tmp/ mv -f /tmp/haproxy-wi.cfg app/haproxy-wi.cfg -mkdir keys -mkdir app/certs - -if hash apt-get 2>/dev/null; then - apt-get install git net-tools lshw dos2unix apache2 gcc netcat mod_ssl python3-pip gcc-c++ openldap-devel libpq-dev python-dev libxml2-dev libxslt1-dev libldap2-dev libsasl2-dev libffi-dev python3-dev -y -else - yum -y install https://centos7.iuscommunity.org/ius-release.rpm - yum -y install git nmap-ncat net-tools python35u dos2unix python35u-pip mod_ssl httpd python35u-devel gcc-c++ openldap-devel -fi - git reset --hard git pull https://github.com/Aidaho12/haproxy-wi.git chmod +x app/*py chmod +x app/tools/*py +if hash apt-get 2>/dev/null; then + sudo chown -R www-data:www-data app/ +else + sudo chown -R apache:apache app/ +fi + cd app/ ./create_db.py