improves on the nfregex binary x5

2025-02-04 22:51:30 +01:00
parent bf8f197601
commit 676a2289da
5 changed files with 17 additions and 15 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -25,7 +25,7 @@ docker-compose.yml
 firegex-compose.yml
 firegex-compose-tmp-file.yml
 firegex.py
-
+/tests/benchmark.csv
 # misc
 **/.DS_Store
 **/.env.local
--- a/backend/binsrc/classes/netfilter.cpp
+++ b/backend/binsrc/classes/netfilter.cpp
@@ -438,7 +438,6 @@ class NetfilterQueue {
 			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Packet received" << endl;
 			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Packet ID: " << ntohl(ph->packet_id) << endl;
 			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Payload size: " << plen << endl;
-			cerr << "[DEBUG] [NetfilterQueue.queue_cb] Payload: " << string(payload, payload+plen) << endl;
 		#endif

 		// Check IP protocol version
--- a/backend/binsrc/nfqueue.cpp
+++ b/backend/binsrc/nfqueue.cpp
@@ -75,7 +75,9 @@ bool filter_callback(packet_info& info){
 	
 	#ifdef DEBUG
 	cerr << "[DEBUG] [filter_callback] Matching packet with " << (info.is_input ? "input" : "output") << " ruleset" << endl;
-	cerr << "[DEBUG] [filter_callback] Packet: " << info.payload << endl;
+	if (info.payload.size() <= 30){
+		cerr << "[DEBUG] [filter_callback] Packet: " << info.payload << endl;
+	}
 	#endif
 	
 	matched_data match_res;
@@ -153,14 +155,14 @@ int main(int argc, char *argv[]){
 	if (matchmode != nullptr && strcmp(matchmode, "block") == 0){
 		stream_mode = false;
 	}
-	cerr << "[info] [main] Using " << n_of_threads << " threads, stream mode: " << stream_mode << endl;
+
 	regex_config.reset(new RegexRules(stream_mode));
 	
 	NFQueueSequence<filter_callback> queues(n_of_threads);
 	queues.start();

 	cout << "QUEUES " << queues.init() << " " << queues.end() << endl;
-	cerr << "[info] [main] Queues: " << queues.init() << ":" << queues.end() << " threads assigned: " << n_of_threads << endl;
+	cerr << "[info] [main] Queues: " << queues.init() << ":" << queues.end() << " threads assigned: " << n_of_threads << " stream mode: " << stream_mode << endl;

 	config_updater();
 }
--- a/frontend/src/components/AddNewRegex.tsx
+++ b/frontend/src/components/AddNewRegex.tsx
@@ -1,4 +1,4 @@
-import { Button, Group, Space, TextInput, Notification, Switch, NativeSelect, Modal } from '@mantine/core';
+import { Button, Group, Space, TextInput, Notification, Switch, Modal, Select } from '@mantine/core';
 import { useForm } from '@mantine/form';
 import { useState } from 'react';
 import { RegexAddForm } from '../js/models';
@@ -17,13 +17,13 @@ function AddNewRegex({ opened, onClose, service }:{ opened:boolean, onClose:()=>
    const form = useForm({
        initialValues: {
            regex:"",
-            mode:"C -> S",
+            mode:"C",
            is_case_insensitive:false,
            deactive:false
        },
        validate:{
            regex: (value) => value !== "" ? null : "Regex is required",
-            mode: (value) => ['C -> S', 'S -> C', 'C <-> S'].includes(value) ? null : "Invalid mode",
+            mode: (value) => ['C', 'S', 'B'].includes(value) ? null : "Invalid mode",
        }
    })

@@ -38,12 +38,11 @@ function AddNewRegex({ opened, onClose, service }:{ opened:boolean, onClose:()=>

    const submitRequest = (values:RegexAddInfo) => {
        setSubmitLoading(true)
-        const filter_mode = ({'C -> S':'C', 'S -> C':'S', 'C <-> S':'B'}[values.mode])

        const request:RegexAddForm = {
            is_case_sensitive: !values.is_case_insensitive,
            service_id: service,
-            mode: filter_mode?filter_mode:"B",
+            mode: values.mode?values.mode:"B",
            regex: b64encode(values.regex),
            active: !values.deactive
        }
@@ -86,8 +85,12 @@ function AddNewRegex({ opened, onClose, service }:{ opened:boolean, onClose:()=>
                {...form.getInputProps('deactive', { type: 'checkbox' })}
            />
            <Space h="md" />
-            <NativeSelect
-                data={['C -> S', 'S -> C', 'C <-> S']}
+            <Select
+                data={[
+                    { value: 'C', label: 'Client -> Server' },
+                    { value: 'S', label: 'Server -> Client' },
+                    { value: 'B', label: 'Both (Client <-> Server)' },
+                ]}
                label="Choose the source of the packets to filter"
                variant="filled"
                {...form.getInputProps('mode')}
--- a/tests/benchmark.py
+++ b/tests/benchmark.py
@@ -9,8 +9,6 @@ import argparse
 import base64
 import secrets

-
-#TODO: make it work with Proxy and not only netfilter
 parser = argparse.ArgumentParser()
 parser.add_argument("--address", "-a", type=str , required=False, help='Address of firegex backend', default="http://127.0.0.1:4444/")
 parser.add_argument("--port", "-P", type=int , required=False, help='Port of the Benchmark service', default=1337)