Code refactoring + port-hijacking backend (need port-hijacking backend testing)+

2022-08-11 15:38:17 +00:00
parent e6b4ddd4a0
commit 4076400ec4
4 changed files with 7 additions and 7 deletions
--- a/backend/modules/porthijack/firewall.py
+++ b/backend/modules/porthijack/firewall.py
@@ -1,7 +1,6 @@
-from ast import Delete
 import asyncio
 from typing import Dict
-from modules.porthijack.nftables import FiregexTables, FiregexFilter
+from modules.porthijack.nftables import FiregexTables
 from modules.porthijack.models import Service
 from utils.sqlite import SQLite

--- a/backend/modules/porthijack/nftables.py
+++ b/backend/modules/porthijack/nftables.py
@@ -91,8 +91,8 @@ class FiregexTables(NFTableManager):
                target=filter["chain"],
                id=int(filter["handle"]),
                proto=filter["expr"][1]["match"]["left"]["payload"]["protocol"],
-                public_port=filter["expr"][1]["match"]["right"] if filter["target"] == self.prerouting_porthijack else filter["expr"][2]["mangle"]["value"],
-                proxy_port=filter["expr"][1]["match"]["right"] if filter["target"] == self.postrouting_porthijack else filter["expr"][2]["mangle"]["value"], 
+                public_port=filter["expr"][1]["match"]["right"] if filter["chain"] == self.prerouting_porthijack else filter["expr"][2]["mangle"]["value"],
+                proxy_port=filter["expr"][1]["match"]["right"] if filter["chain"] == self.postrouting_porthijack else filter["expr"][2]["mangle"]["value"], 
                ip_int=ip_int
            ))
        return res
--- a/backend/routers/porthijack.py
+++ b/backend/routers/porthijack.py
@@ -41,8 +41,8 @@ db = SQLite('db/port-hijacking.db', {
    'services': {
        'service_id': 'VARCHAR(100) PRIMARY KEY',
        'active' : 'BOOLEAN NOT NULL CHECK (active IN (0, 1))',
-        'public_port': 'INT NOT NULL CHECK(port > 0 and port < 65536)',
-        'proxy_port': 'INT NOT NULL CHECK(port > 0 and port < 65536)',
+        'public_port': 'INT NOT NULL CHECK(public_port > 0 and public_port < 65536)',
+        'proxy_port': 'INT NOT NULL CHECK(proxy_port > 0 and proxy_port < 65536)',
        'name': 'VARCHAR(100) NOT NULL UNIQUE',
        'proto': 'VARCHAR(3) NOT NULL CHECK (proto IN ("tcp", "udp"))',
        'ip_int': 'VARCHAR(100) NOT NULL',
--- a/tests/px_test.py
+++ b/tests/px_test.py
@@ -82,6 +82,7 @@ def checkRegex(regex, should_work=True, upper=False):
                if not server.sendCheckData(secrets.token_bytes(200) + s +  secrets.token_bytes(200)):
                    puts(f"The malicious request was successfully blocked ✔", color=colors.green)
                    n_blocked += 1
+                    time.sleep(0.5)
                    if firegex.px_get_regex(r["id"])["n_packets"] == n_blocked:
                        puts(f"The packed was reported as blocked ✔", color=colors.green)
                    else:
@@ -245,4 +246,4 @@ new_internal_port = firegex.px_get_service(service_id)["internal_port"]
 if (internal_port != new_internal_port): puts(f"Sucessfully got regenerated port {new_internal_port} ✔", color=colors.green)
 else: puts(f"Test Failed: Coundn't get internal port, or it was the same as previous ✗", color=colors.red); exit_test(1)

-exit_test(0)
+exit_test(0)