v3.2

Bugs

app/scripts/install_haproxy.sh

@@ -24,14 +24,13 @@ if [[ $PROXY != "" ]]
 then
 	export http_proxy="$PROXY"
 	export https_proxy="$PROXY"
-	echo "Exporting proxy"
 fi
 
 if [ -f /etc/haproxy/haproxy.cfg ];then
 	echo -e 'error: Haproxy already installed. You can edit config<a href="/app/config.py" title="Edit HAProxy config">here</a> <br /><br />'
 	exit 1
 fi
-
+set +x
 if hash apt-get 2>/dev/null; then
 	sudo apt-get install haproxy socat -y
 else
@@ -54,8 +53,8 @@ then
 	fi
 fi
 
-sudo echo "" > /etc/haproxy/haproxy.cfg
+bash -c 'echo "" > /tmp/haproxy.cfg'
-sudo bash -c cat << EOF > /etc/haproxy/haproxy.cfg
+bash -c cat << EOF > /tmp/haproxy.cfg
 global
     log         127.0.0.1 local2
     chroot      /var/lib/haproxy
@@ -95,9 +94,10 @@ listen stats
     stats auth $STATS_USER:$STATS_PASS
     stats admin if TRUE 
 EOF
-sudo bash -c cat << EOF > /etc/rsyslog.d/haproxy.conf
+sudo cp /tmp/haproxy.cfg /etc/haproxy/haproxy.cfg
+sudo bash -c 'cat << EOF > /etc/rsyslog.d/haproxy.conf
 local2.*                       /var/log/haproxy.log
-EOF
+EOF'
 
 sudo sed -i 's/#$UDPServerRun 514/$UDPServerRun 514/g' /etc/rsyslog.conf
 sudo sed -i 's/#$ModLoad imudp/$ModLoad imudp/g' /etc/rsyslog.conf 

app/scripts/waf.sh

@@ -22,7 +22,6 @@ if [[ $PROXY != "" ]]
 then
 	export http_proxy="$PROXY"
 	export https_proxy="$PROXY"
-	echo "Exporting proxy"
 fi
 
 if [ -f $HAPROXY_PATH/waf/modsecurity.conf  ];then
@@ -32,11 +31,12 @@ fi
 if hash apt-get 2>/dev/null; then
 	sudo apt-get install yajl-dev libevent-dev httpd-dev libxml2-dev gcc curl-dev -y
 else
-	wget -O /tmp/yajl-devel-2.0.4-4.el7.x86_64.rpm http://rpmfind.net/linux/centos/7.5.1804/os/x86_64/Packages/yajl-devel-2.0.4-4.el7.x86_64.rpm
+	wget -O /tmp/yajl-devel-2.0.4-4.el7.x86_64.rpm http://rpmfind.net/linux/centos/7.5.1804/os/x86_64/Packages/yajl-devel-2.0.4-4.el7.x86_64.rpm >> /dev/null
-	wget -O /tmp/libevent-devel-2.0.21-4.el7.x86_64.rpm http://mirror.centos.org/centos/7/os/x86_64/Packages/libevent-devel-2.0.21-4.el7.x86_64.rpm
+	wget -O /tmp/libevent-devel-2.0.21-4.el7.x86_64.rpm http://mirror.centos.org/centos/7/os/x86_64/Packages/libevent-devel-2.0.21-4.el7.x86_64.rpm >> /dev/null
-	wget -O /tmp/modsecurity-2.9.2.tar.gz https://www.modsecurity.org/tarball/2.9.2/modsecurity-2.9.2.tar.gz
+	sudo yum install /tmp/libevent-devel-2.0.21-4.el7.x86_64.rpm /tmp/yajl-devel-2.0.4-4.el7.x86_64.rpm  httpd-devel libxml2-devel gcc curl-devel -y >> /dev/null
-	sudo yum install /tmp/libevent-devel-2.0.21-4.el7.x86_64.rpm /tmp/yajl-devel-2.0.4-4.el7.x86_64.rpm  httpd-devel libxml2-devel gcc curl-devel -y
+fi
-if
+
+wget -O /tmp/modsecurity-2.9.2.tar.gz https://www.modsecurity.org/tarball/2.9.2/modsecurity-2.9.2.tar.gz >> /dev/null
 
 if [ $? -eq 1 ]; then
 	echo -e "Can't download waf application. Check Internet connection"
@@ -44,18 +44,22 @@ if [ $? -eq 1 ]; then
 fi
 cd /tmp
 sudo tar xf modsecurity-2.9.2.tar.gz
-cd /tmp/modsecurity-2.9.2
+sudo bash -c 'cd /tmp/modsecurity-2.9.2 && \
-sudo ./configure --prefix=/tmp/modsecurity-2.9.2 --enable-standalone-module --disable-mlogc --enable-pcre-study --without-lua --enable-pcre-jit
+sudo ./configure --prefix=/tmp/modsecurity-2.9.2 --enable-standalone-module --disable-mlogc --enable-pcre-study --without-lua --enable-pcre-jit >> /dev/null && \
-sudo make
+sudo make >> /dev/null && \
-sudo make -C standalone install
+sudo make -C standalone install >> /dev/null'
 if [ $? -eq 1 ]; then
 	echo -e "Can't compile waf application"
 	exit 1
 fi
 sudo mkdir -p /tmp/modsecurity-2.9.2/INSTALL/include
-sudo cp standalone/.libs/* /tmp/modsecurity-2.9.2/INSTALL/include
+sudo cp -R /tmp/modsecurity-2.9.2/standalone/.libs/ /tmp/modsecurity-2.9.2/INSTALL/include
-sudo cp standalone/* /tmp/modsecurity-2.9.2/INSTALL/include
+sudo cp -R /tmp/modsecurity-2.9.2/standalone/ /tmp/modsecurity-2.9.2/INSTALL/include
-sudo cp apache2/*.h /tmp/modsecurity-2.9.2/INSTALL/include
+sudo cp -R /tmp/modsecurity-2.9.2/apache2/ /tmp/modsecurity-2.9.2/INSTALL/include
+sudo chown -R $(whoami):$(whoami) /tmp/modsecurity-2.9.2/
+mv /tmp/modsecurity-2.9.2/INSTALL/include/.libs/* /tmp/modsecurity-2.9.2/INSTALL/include
+mv /tmp/modsecurity-2.9.2/INSTALL/include/apache2/* /tmp/modsecurity-2.9.2/INSTALL/include
+mv /tmp/modsecurity-2.9.2/INSTALL/include/standalone/* /tmp/modsecurity-2.9.2/INSTALL/include
 
 wget -O /tmp/haproxy-$VERSION.tar.gz http://www.haproxy.org/download/$VERSION_MAJ/src/haproxy-$VERSION.tar.gz
 
@@ -70,18 +74,23 @@ sudo mkdir $HAPROXY_PATH/waf/bin
 sudo mkdir $HAPROXY_PATH/waf/rules
 cd /tmp/haproxy-$VERSION/contrib/modsecurity
 if hash apt-get 2>/dev/null; then
-	sudo make MODSEC_INC=/tmp/modsecurity-2.9.2/INSTALL/include MODSEC_LIB=/tmp/modsecurity-2.9.2/INSTALL/include APR_INC=/usr/include/apr-1
+	sudo make MODSEC_INC=/tmp/modsecurity-2.9.2/INSTALL/include MODSEC_LIB=/tmp/modsecurity-2.9.2/INSTALL/include APR_INC=/usr/include/apr-1 >> /dev/null
 else
-	sudo make MODSEC_INC=/tmp/modsecurity-2.9.2/INSTALL/include MODSEC_LIB=/tmp/modsecurity-2.9.2/INSTALL/include APACHE2_INC=/usr/include/httpd/ APR_INC=/usr/include/apr-1
+	sudo make MODSEC_INC=/tmp/modsecurity-2.9.2/INSTALL/include MODSEC_LIB=/tmp/modsecurity-2.9.2/INSTALL/include APACHE2_INC=/usr/include/httpd/ APR_INC=/usr/include/apr-1 >> /dev/null
 fi
 if [ $? -eq 1 ]; then
 	echo -e "Can't compile waf application"
 	exit 1
 fi
 sudo mv /tmp/haproxy-$VERSION/contrib/modsecurity/modsecurity $HAPROXY_PATH/waf/bin
-wget -O $HAPROXY_PATH/waf/modsecurity.conf https://github.com/SpiderLabs/ModSecurity/raw/v2/master/modsecurity.conf-recommended 
+if [ $? -eq 1 ]; then
+	echo -e "Can't compile waf application"
+	exit 1
+fi
+wget -O /tmp/modsecurity.conf https://github.com/SpiderLabs/ModSecurity/raw/v2/master/modsecurity.conf-recommended 
 
-sudo bash -c cat << EOF >> 	$HAPROXY_PATH/waf/modsecurity.conf
+
+sudo bash -c cat << EOF >> /tmp/modsecurity.conf
 Include $HAPROXY_PATH/waf/rules/modsecurity_crs_10_ignore_static.conf
 Include $HAPROXY_PATH/waf/rules/modsecurity_crs_10_setup.conf
 Include $HAPROXY_PATH/waf/rules/modsecurity_crs_11_avs_traffic.conf
@@ -120,7 +129,9 @@ Include $HAPROXY_PATH/waf/rules/modsecurity_crs_59_outbound_blocking.conf
 Include $HAPROXY_PATH/waf/rules/modsecurity_crs_60_correlation.conf
 EOF
 
-wget -O $HAPROXY_PATH/waf/unicode.mapping https://github.com/SpiderLabs/ModSecurity/raw/v2/master/unicode.mapping
+sudo mv /tmp/modsecurity.conf $HAPROXY_PATH/waf/modsecurity.conf 
+wget -O /tmp/unicode.mapping https://github.com/SpiderLabs/ModSecurity/raw/v2/master/unicode.mapping
+sudo mv /tmp/unicode.mapping $HAPROXY_PATH/waf/unicode.mapping
 wget -O /tmp/owasp.tar.gz https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/2.2.9.tar.gz
 cd /tmp/
 sudo tar xf /tmp/owasp.tar.gz
@@ -131,9 +142,9 @@ sudo sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' $HAPROXY_PATH/waf/
 sudo sed -i 's/SecAuditLogParts ABIJDEFHZ/SecAuditLogParts ABIJDEH/' $HAPROXY_PATH/waf/modsecurity.conf
 sudo rm -f /tmp/owasp.tar.gz
 
-sudo bash -c cat << EOF > /etc/systemd/system/multi-user.target.wants/waf.service 
+sudo bash -c cat << EOF > /tmp/waf.service 
 [Unit]
-Description=Defender WAF
+Description=Haproxy WAF
 After=syslog.target network.target
 
 [Service]
@@ -148,13 +159,13 @@ SyslogIdentifier=waf
 [Install]
 WantedBy=multi-user.target
 EOF
-
+sudo mv /tmp/waf.service  /etc/systemd/system/multi-user.target.wants/waf.service 
-sudo bash -c cat << EOF > /etc/rsyslog.d/waf.conf 
+sudo bash -c 'cat << EOF > /etc/rsyslog.d/waf.conf 
-if $programname startswith 'waf' then /var/log/waf.log
+if $programname startswith "waf" then /var/log/waf.log
 & stop
-EOF
+EOF'
 
-sudo bash -c cat << EOF > $HAPROXY_PATH/waf.conf
+sudo bash -c cat << EOF > /tmp/waf.conf
 [modsecurity]
 spoe-agent modsecurity-agent
    messages check-request
@@ -168,17 +179,19 @@ spoe-message check-request
    args unique-id method path query req.ver req.hdrs_bin req.body_size req.body
    event on-frontend-http-request
 EOF
+
+sudo mv /tmp/waf.conf $HAPROXY_PATH/waf.conf
 if sudo grep -q "backend waf" $HAPROXY_PATH/haproxy.cfg; then
 	echo -e "Backend for WAF exists"
 else
-	sudo bash -c cat << EOF >> $HAPROXY_PATH/haproxy.cfg
+	sudo bash -c 'cat << EOF >> /etc/haproxy/haproxy.cfg
 
 backend waf
     mode tcp
     timeout connect 5s
     timeout server  3m
     server waf 127.0.0.1:12345 check
-EOF
+EOF'
 fi
 	
 sudo systemctl daemon-reload
@@ -187,9 +200,9 @@ sudo systemctl restart waf
 sudo rm -f /tmp/libevent-devel-2.0.21-4.el7.x86_64.rpm
 sudo rm -f /tmp/modsecurity-2.9.2.tar.gz
 sudo rm -f /tmp/yajl-devel-2.0.4-4.el7.x86_64.rpm
-sudo rm -rf /tmp/haproxy-$VERSION
+#sudo rm -rf /tmp/haproxy-$VERSION
 sudo rm -rf /tmp/haproxy-$VERSION.tar.gz
-sudo rm -rf /tmp/modsecurity-2.9.2
+#sudo rm -rf /tmp/modsecurity-2.9.2
 
 if [ $? -eq 1 ]; then
 	echo "error: Can't start Haproxy WAF service <br /><br />"

app/sql.py

@@ -741,6 +741,18 @@ def insert_waf_metrics_enable(serv, enable):
 	cur.close()    
 	con.close()
 	
+def delete_waf_server(id):
+	con, cur = create_db.get_cur()
+	sql = """ delete from waf where server_id = '%s' """ % id
+	try:    
+		cur.execute(sql)
+		con.commit()
+	except sqltool.Error as e:
+		print('<span class="alert alert-danger" id="error">An error occurred: ' + e.args[0] + ' <a title="Close" id="errorMess"><b>X</b></a></span>')
+		con.rollback()
+	cur.close()    
+	con.close()
+	
 def insert_waf_mentrics(serv, conn):
 	con, cur = create_db.get_cur()
 	if mysql_enable == '1':
@@ -1147,6 +1159,7 @@ if form.getvalue('newserver') is not None:
 if form.getvalue('serverdel') is not None:
 	print('Content-type: text/html\n')
 	if delete_server(form.getvalue('serverdel')):
+		delete_waf_server(form.getvalue('serverdel'))
 		print("Ok")
 	
 if form.getvalue('newgroup') is not None:

inc/users.js

@@ -109,7 +109,6 @@ $( function() {
 			data: {
 				haproxyaddserv: $('#haproxyaddserv').val(),
 				syn_flood: syn_flood,
-				waf: waf,
 				token: $('#token').val()
 				},
 			type: "GET",

inc/waf.js

@@ -44,6 +44,7 @@ function installWaf(ip) {
 				$('.alert-danger').remove();
 				$('.alert-warning').remove();
 				$("#ajax").html('<div class="alert alert-success">'+data+'</data>');
+				showOverviewWaf()
 			}	
 		}
 	} );