From 430c18f7ecb801e44d0c6a0ccfdbeafa13831e68 Mon Sep 17 00:00:00 2001 From: Domingo Dirutigliano Date: Mon, 4 Aug 2025 13:23:10 +0200 Subject: [PATCH] fixes on start.py, more clear README about standalone running, removing sha from artefacts --- .github/workflows/docker-image.yml | 9 --------- README.md | 21 +++++++++++++-------- start.py | 21 ++++++++++++++++----- 3 files changed, 29 insertions(+), 22 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 36ceb0d..c393765 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -198,21 +198,12 @@ jobs: gzip firegex-rootfs-arm64.tar ls -lh firegex-rootfs-arm64.tar.gz - - name: Calculate checksums - run: | - echo "Calculating checksums..." - sha256sum firegex-rootfs-amd64.tar.gz > firegex-rootfs-amd64.tar.gz.sha256 - sha256sum firegex-rootfs-arm64.tar.gz > firegex-rootfs-arm64.tar.gz.sha256 - cat *.sha256 - - name: Upload rootfs assets to release run: | echo "Uploading assets to release ${{ steps.get_tag.outputs.tag }}..." gh release upload ${{ steps.get_tag.outputs.tag }} \ firegex-rootfs-amd64.tar.gz \ - firegex-rootfs-amd64.tar.gz.sha256 \ firegex-rootfs-arm64.tar.gz \ - firegex-rootfs-arm64.tar.gz.sha256 \ --clobber echo "Assets uploaded successfully!" env: diff --git a/README.md b/README.md index f9d70a6..d45e439 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ Firegex is a firewall that includes different functionalities, created for CTF A ### Docker Mode (Recommended) What you need is a linux machine and docker ( + docker-compose ) ```bash +# One-command installer (works for both Docker and standalone modes) sh <(curl -sLf https://pwnzer0tt1.it/firegex.sh) ``` With this command you will download firegex.py, and run it, it will require you the password to use for firegex and start it with docker-compose @@ -22,20 +23,24 @@ Or, you can start in a similar way firegex, cloning this repository and executin python3 start.py start --prebuilt ``` -### Standalone Mode -If Docker is not available or you're running in a rootless environment, Firegex can run in standalone mode: -```bash -# Automatic detection (fallback to standalone if Docker unavailable) -python3 start.py start +Without the `--prebuilt` flag, it will build the docker image from source, which may take longer. -# Force standalone mode +### Standalone Mode +If Docker is not available or you're running in a rootless environment, Firegex can run in standalone mode. The one-command installer above also works for standalone mode and will automatically detect and use standalone mode when Docker is unavailable. + +```bash +sh <(curl -sLf https://pwnzer0tt1.it/firegex.sh) + +# Or manually force standalone mode: python3 start.py start --standalone +# Or directly using the one-command installer: +sh <(curl -sLf https://pwnzer0tt1.it/firegex.sh) --standalone # Check status -python3 start.py status +python3 start.py status [--standalone] # Stop standalone mode -python3 start.py stop +python3 start.py stop [--standalone] ``` Standalone mode automatically: diff --git a/start.py b/start.py index 61cc4d1..30b2179 100755 --- a/start.py +++ b/start.py @@ -534,14 +534,26 @@ def get_architecture(): return None def download_file(url, filename): - """Download a file using urllib""" + """Download a file using urllib with progress bar""" import urllib.request + import sys + + def progress_hook(block_num, block_size, total_size): + if total_size > 0: + percent = min(100, (block_num * block_size * 100) // total_size) + sys.stdout.write(f"\rDownloading... {percent}%") + sys.stdout.flush() + else: + sys.stdout.write(f"\rDownloading... {block_num * block_size} bytes") + sys.stdout.flush() try: puts(f"Downloading {filename}...", color=colors.green) - urllib.request.urlretrieve(url, filename) + urllib.request.urlretrieve(url, filename, reporthook=progress_hook) + print() # New line after progress return True except Exception as e: + print() # New line after progress puts(f"Failed to download {filename}: {e}", color=colors.red) return False @@ -590,7 +602,8 @@ def setup_standalone_rootfs(): # Extract tar.gz file puts("Extracting rootfs...", color=colors.green) with tarfile.open(tar_path, 'r:gz') as tar: - tar.extractall(path=g.rootfs_path, filter=lambda _: False) + # Extract all files with tar filter (allows safe symbolic links) + tar.extractall(path=g.rootfs_path, filter='tar') # Remove tar.gz file os.remove(tar_path) @@ -694,10 +707,8 @@ def run_standalone(): # Write PID to file if write_pid_file(process.pid): puts(f"Firegex started successfully (PID: {process.pid})", color=colors.green) - puts(f"PID saved to: {g.pid_file}", color=colors.cyan) if is_process_running(process.pid): - puts("Firegex is running in background", color=colors.green) puts(f"Web interface should be available at: http://localhost:{args.port}", color=colors.cyan) else: puts("Firegex process failed to start", color=colors.red)