0xb00b5/firegex-traffic-viewer
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Docker: single container compose

Browse Source
This commit is contained in:
DomySh
2022-06-12 20:02:05 +02:00
parent 088d1e406a
commit 67e5014d78
47 changed files with 32 additions and 292 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/.dockerignore
View File

@@ -1,6 +0,0 @@
Dockerfile
docker-compose.yml
**/*.pyc
**/__pycache__/
/.vscode/**

19
backend/Dockerfile
View File

@@ -1,19 +0,0 @@
FROM python:3-buster
RUN apt-get update && apt-get -y install supervisor build-essential libboost-dev nginx
RUN mkdir /execute
WORKDIR /execute
ADD ./requirements.txt /execute/requirements.txt
RUN pip install --no-cache-dir -r /execute/requirements.txt
COPY . /execute/
COPY ./config/nginx.conf /etc/nginx/nginx.conf
COPY ./config/supervisord.conf /etc/supervisor/supervisord.conf
RUN usermod -a -G root nobody
RUN chown -R nobody:root /execute && \
chmod -R 660 /execute && chmod -R u+X /execute
ENTRYPOINT ["/usr/bin/supervisord","-c","/etc/supervisor/supervisord.conf"]

188
backend/README.md
View File

@@ -1,188 +0,0 @@
# **WORK IN PROGRESS**
# Firegex-API Documentation
### This is a short description of the API
#
# Documentation
## Index
- [General stats](#get-apigeneral-stats)
- [List services](#get-apiservices)
- [Service info](#get-apiserviceserv)
- [Stop service](#get-apiserviceservstop)
- [Start service](#get-apiserviceservstart)
- [Delete service](#get-apiserviceservdelete)
- [Terminate service](#get-apiserviceservterminate)
- [Regenerate public port](#get-apiserviceservregen-port)
- [Service regexes](#get-apiserviceservregexes)
- [Regex info](#get-apiregexregexid)
- [Delete regex](#get-apiregexregexiddelete)
- [Add regex](#post-apiregexesadd)
- [Add service](#post-apiservicesadd)
#
#
## **GET** **```/api/general-stats```**
### Server response:
```json
{
"services": <total number of services>,
"closed": <total number of rejected packets>,
"regex": <total number of regexes>
}
```
#
## **GET** **```/api/services```**
### Server response:
```json
[
{
"id": <service_id>,
"status": <service status>,
"public_port": <public port>,
"internal_port": <internal port>,
"n_packets": <number of rejected packets>,
"n_regex": <number of regexes>
},
{
// Another service
}
]
```
#
## **GET** **```/api/service/<serv>```**
### Server response:
```json
{
"id": <service_id>,
"status": <service status>,
"public_port": <public port>,
"internal_port": <internal port>,
"n_packets": <number of rejected packets>,
"n_regex": <number of regexes>
}
```
#
## **GET** **```/api/service/<serv>/stop```**
### Server response:
```json
{
"status": "ok"
}
```
#
## **GET** **```/api/service/<serv>/start```**
### Server response:
```json
{
"status": "ok"
}
```
#
## **GET** **```/api/service/<serv>/delete```**
### Server response:
```json
{
"status": "ok"
}
```
#
## **GET** **```/api/service/<serv>/terminate```**
### Server response:
```json
{
"status": "ok"
}
```
#
## **GET** **```/api/service/<serv>/regen-port```**
### Server response:
```json
{
"status": "ok"
}
```
#
## **GET** **```/api/service/<serv>/regexes```**
### Server response:
```json
[
{
"id": <regex id>,
"service_id": <service_id>,
"regex": <base64 encoded regex>,
"is_blacklist": <true|false>,
"n_packets": <number of blocked packets>,
"mode": <"C"|"S"|"B"> // Client to server, server to client or both
},
{
// Another regex
}
]
```
#
## **GET** **```/api/regex/<regex_id>```**
### Server response:
```json
{
"id": <regex id>,
"service_id": <service_id>,
"regex": <base64 encoded regex>,
"is_blacklist": <true|false>,
"n_packets": <number of blocked packets>,
"mode" <"C"|"S"|"B"> // Client to server, server to client or both
}
```
#
## **GET** **```/api/regex/<regex_id>/delete```**
### Server response:
```json
{
"status": "ok"
}
```
#
## **POST** **```/api/regexes/add```**
### Client request:
```json
{
"service_id": <service_id>,
"regex": <base64 encoded regex>,
"is_blacklist": <true|false>,
"mode": <"C"|"S"|"B"> // Client to server, server to client or both
}
```
### Server response:
```json
{
"status": "ok"
}
```
#
## **POST** **```/api/services/add```**
### Client request:
```json
{
"name": <the id used to identify the service>,
"port": <the internal port>
}
```
### Server response:
```json
{
"status": "ok"
}
```

533
backend/app.py
View File

@@ -1,533 +0,0 @@
import sqlite3
from flask import Flask, jsonify, request
import random
class SQLite():
def __init__(self, db_name) -> None:
self.conn = None
self.cur = None
self.db_name = db_name
def connect(self) -> None:
try:
self.conn = sqlite3.connect(self.db_name + '.db', check_same_thread = False)
except:
with open(self.db_name + '.db', 'x') as f:
pass
self.conn = sqlite3.connect(self.db_name + '.db', check_same_thread = False)
self.cur = self.conn.cursor()
def disconnect(self) -> None:
self.conn.close()
def check_integrity(self, tables = {}) -> None:
for t in tables:
self.cur.execute('''
SELECT name FROM sqlite_master WHERE type='table' AND name=?;
''', (t,))
if len(self.cur.fetchall()) == 0:
self.cur.execute(f'CREATE TABLE main.{t}({"".join([(c + " " + tables[t][c] + ", ") for c in tables[t]])[:-2]});')
def query(self, query, values = ()):
self.cur.execute(query, values)import sqlite3
from flask import Flask, jsonify, request
import random
import string
import subprocess
class SQLite():
def __init__(self, db_name) -> None:
self.conn = None
self.cur = None
self.db_name = db_name
def connect(self) -> None:
try:
self.conn = sqlite3.connect(self.db_name + '.db', check_same_thread = False)
except:
with open(self.db_name + '.db', 'x') as f:
pass
self.conn = sqlite3.connect(self.db_name + '.db', check_same_thread = False)
self.cur = self.conn.cursor()
def disconnect(self) -> None:
self.conn.close()
def check_integrity(self, tables = {}) -> None:
for t in tables:
self.cur.execute('''
SELECT name FROM sqlite_master WHERE type='table' AND name='{}';
'''.format(t))
if len(self.cur.fetchall()) == 0:
self.cur.execute('''CREATE TABLE main.{}({});'''.format(t, ''.join([(c + ' ' + tables[t][c] + ', ') for c in tables[t]])[:-2]))
def query(self, query, values = ()):
self.cur.execute(query, values)
return self.cur.fetchall()
# DB init
db = SQLite('firegex')
db.connect()
app = Flask(__name__)
@app.route('/api/general-stats')
def get_general_stats():
n_services = db.query('''
SELECT COUNT (*) FROM services;
''')[0][0]
n_regexes = db.query('''
SELECT COUNT (*) FROM regexes;
''')[0][0]
n_packets = db.query('''
SELECT SUM(blocked_packets) FROM regexes;
''')[0][0]
res = {
'services': n_services,
'regexes': n_regexes,
'closed': n_packets if n_packets else 0
}
return res
@app.route('/api/services')
def get_services():
res = []
for i in db.query('SELECT * FROM services;'):
n_regex = db.query('SELECT COUNT (*) FROM regexes WHERE service_id = ?;', (i[1],))[0][0]
n_pacchetti = db.query('SELECT SUM(blocked_packets) FROM regexes WHERE service_id = ?;', (i[1],))[0][0]
res.append({
'id': i[1],
'status': i[0],
'public_port': i[3],
'internal_port': i[2],
'n_regex': n_regex,
'n_pacchetti': n_pacchetti if n_pacchetti else 0,
'name': i[4]
})
return jsonify(res)
@app.route('/api/service/<serv>')
def get_service(serv):
q = db.query('SELECT * FROM services WHERE service_id = ?;', (serv,))
res = {}
if len(q) != 0:
n_regex = db.query('SELECT COUNT (*) FROM regexes WHERE service_id = ?;', (serv,))[0][0]
n_pacchetti = db.query('SELECT SUM(blocked_packets) FROM regexes WHERE service_id = ?;', (serv,))[0][0]
print(q[0])
res = {
'id': q[0][1],
'status': q[0][0],
'public_port': q[0][3],
'internal_port': q[0][2],
'n_packets': n_pacchetti if n_pacchetti else 0,
'n_regex': n_regex,
'name': q[0][4]
}
return res
@app.route('/api/service/<serv>/stop')
def get_service_stop(serv):
db.query('''
UPDATE services SET status = 'stop' WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/start')
def get_service_start(serv):
db.query('''
UPDATE services SET status = 'active' WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/delete')
def get_service_delete(serv):
db.query('''
DELETE FROM services WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/terminate')
def get_service_termite(serv):
db.query('''
UPDATE services SET status = 'stop' WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/regen-port')
def get_regen_port(serv):
db.query('UPDATE services SET public_port = ? WHERE service_id = ?;', (random.randint(30000, 45000), serv))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/regexes')
def get_service_regexes(serv):
res = []
for i in db.query('SELECT * FROM regexes WHERE service_id = ?;', (serv,)):
res.append({
'id': i[5],
'service_id': i[2],
'regex': i[0],
'is_blacklist': i[3],
'mode': i[1]
})
return jsonify(res)
@app.route('/api/regex/<int:regex_id>')
def get_regex_id(regex_id):
q = db.query('SELECT * FROM regexes WHERE regex_id = ?;', (regex_id,))
res = {}
if len(q) != 0:
res = {
'id': regex_id,
'service_id': q[0][2],
'regex': q[0][0],
'is_blacklist': q[0][3],
'mode': q[0][1]
}
return res
@app.route('/api/regex/<int:regex_id>/delete')
def get_regex_delete(regex_id):
db.query('DELETE FROM regexes WHERE regex_id = ?;', (regex_id,))
res = {
'status': 'ok'
}
return res
@app.route('/api/regexes/add', methods = ['POST'])
def post_regexes_add():
req = request.get_json(force = True)
db.query('''
INSERT INTO regexes (regex_id, service_id, regex, is_blacklist, mode) VALUES (?, ?, ?, ?, ?);
''', (random.randint(1, 1 << 32), req['service_id'], req['regex'], req['is_blacklist'], req['mode']))
res = {
'status': 'ok'
}
return res
@app.route('/api/services/add', methods = ['POST'])
def post_services_add():
req = request.get_json(force = True)
serv_id = req['name'].strip().replace(" ","-")
serv_id = "".join([c for c in serv_id if c in (string.ascii_uppercase + string.ascii_lowercase + string.digits + "-")])
serv_id = serv_id.lower()
db.query('''
INSERT INTO services (name, service_id, internal_port, public_port, status) VALUES (?, ?, ?, ?, ?)
''', (req['name'], serv_id, req['port'], random.randint(30000, 45000), 'stop'))
res = {
'status': 'ok'
}
return res
if __name__ == '__main__':
db.check_integrity({
'regexes': {
'regex': 'TEXT NOT NULL',
'mode': 'CHAR(1)',
'service_id': 'TEXT NOT NULL',
'is_blacklist': 'CHAR(50) NOT NULL',
'blocked_packets': 'INTEGER DEFAULT 0',
'regex_id': 'INTEGER NOT NULL'
},
'services': {
'status': 'CHAR(50)',
'service_id': 'TEXT NOT NULL',
'internal_port': 'INT NOT NULL',
'public_port': 'INT NOT NULL',
'name': 'TEXT NOT NULL'
}
})
#uwsgi
subprocess.run(["uwsgi","--http","127.0.0.1:8080","--master","--module","app:app"])
return self.cur.fetchall()
db = SQLite('firegex')
db.connect()
app = Flask(__name__)
@app.route('/api/general-stats')
def get_general_stats():
n_services = db.query('''
SELECT COUNT (*) FROM services;
''')[0][0]
n_regexes = db.query('''
SELECT COUNT (*) FROM regexes;
''')[0][0]
n_packets = db.query('''
SELECT SUM(blocked_packets) FROM regexes;
''')[0][0]
res = {
'services': n_services,
'regexes': n_regexes,
'closed': n_packets if n_packets else 0
}
return res
@app.route('/api/services')
def get_services():
res = []
for i in db.query('SELECT * FROM services;'):
n_regex = db.query('SELECT COUNT (*) FROM regexes WHERE service_id = ?;', (i[1],))[0][0]
n_pacchetti = db.query('SELECT SUM(blocked_packets) FROM regexes WHERE service_id = ?;', (i[1],))[0][0]
res.append({
'id': i[1],
'status': i[0],
'public_port': i[3],
'internal_port': i[2],
'n_regex': n_regex,
'n_packets': n_pacchetti if n_pacchetti else 0,
})
return jsonify(res)
@app.route('/api/service/<serv>')
def get_service(serv):
q = db.query('SELECT * FROM services WHERE service_id = ?;', (serv,))
res = {}
if len(q) != 0:
n_regex = db.query('SELECT COUNT (*) FROM regexes WHERE service_id = ?;', (serv,))[0][0]
n_pacchetti = db.query('SELECT SUM(blocked_packets) FROM regexes WHERE service_id = ?;', (serv,))[0][0]
res = {
'id': q[0][1],
'status': q[0][0],
'public_port': q[0][3],
'internal_port': q[0][2],
'n_packets': n_pacchetti if n_pacchetti else 0,
'n_regex': n_regex
}
return res
@app.route('/api/service/<serv>/stop')
def get_service_stop(serv):
db.query('''
UPDATE services SET status = 'stop' WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/start')
def get_service_start(serv):
db.query('''
UPDATE services SET status = 'active' WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/delete')
def get_service_delete(serv):
db.query('''
DELETE FROM services WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/terminate')
def get_service_termite(serv):
db.query('''
UPDATE services SET status = 'stop' WHERE service_id = ?;
''', (serv,))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/regen-port')
def get_regen_port(serv):
db.query('UPDATE services SET public_port = ? WHERE service_id = ?;', (random.randint(30000, 45000), serv))
res = {
'status': 'ok'
}
return res
@app.route('/api/service/<serv>/regexes')
def get_service_regexes(serv):
res = []
for i in db.query('SELECT * FROM regexes WHERE service_id = ?;', (serv,)):
res.append({
'id': i[5],
'service_id': i[2],
'regex': i[0],
'is_blacklist': i[3],
'mode': i[1],
'n_packets': i[4]
})
return jsonify(res)
@app.route('/api/regex/<int:regex_id>')
def get_regex_id(regex_id):
q = db.query('SELECT * FROM regexes WHERE regex_id = ?;', (regex_id,))
res = {}
if len(q) != 0:
res = {
'id': regex_id,
'service_id': q[0][2],
'regex': q[0][0],
'is_blacklist': q[0][3],
'mode': q[0][1],
'n_packets': q[0][4]
}
return res
@app.route('/api/regex/<int:regex_id>/delete')
def get_regex_delete(regex_id):
db.query('DELETE FROM regexes WHERE regex_id = ?;', (regex_id,))
res = {
'status': 'ok'
}
return res
@app.route('/api/regexes/add', methods = ['POST'])
def post_regexes_add():
req = request.get_json(force = True)
db.query('''
INSERT INTO regexes (regex_id, service_id, regex, is_blacklist, mode) VALUES (?, ?, ?, ?, ?);
''', (random.randint(1, 1 << 32), req['service_id'], req['regex'], req['is_blacklist'], req['mode']))
res = {
'status': 'ok'
}
return res
@app.route('/api/services/add', methods = ['POST'])
def post_services_add():
req = request.get_json(force = True)
db.query('''
INSERT INTO services (service_id, internal_port, public_port, status) VALUES (?, ?, ?, ?)
''', (req['name'], req['port'], random.randint(30000, 45000), 'stop'))
res = {
'status': 'ok'
}
return res
if __name__ == "__main__":
import subprocess
# DB init
db.check_integrity({
'regexes': {
'regex': 'TEXT NOT NULL',
'mode': 'CHAR(1)',
'service_id': 'TEXT NOT NULL',
'is_blacklist': 'CHAR(50) NOT NULL',
'blocked_packets': 'INTEGER DEFAULT 0',
'regex_id': 'INTEGER NOT NULL'
},
'services': {
'status': 'CHAR(50)',
'service_id': 'TEXT NOT NULL',
'internal_port': 'INT NOT NULL',
'public_port': 'INT NOT NULL',
'name': 'TEXT NOT NULL'
}
})
#uwsgi
subprocess.run(["uwsgi","--http","127.0.0.1:8080","--master","--module","app:app"])

BIN
backend/c_back/proxy
View File

Binary file not shown.

379
backend/c_back/proxy.cpp
View File

@@ -1,379 +0,0 @@
#include <cstdlib>
#include <cstddef>
#include <iostream>
#include <string>
#include <boost/regex.hpp>
#include <boost/shared_ptr.hpp>
#include <boost/enable_shared_from_this.hpp>
#include <boost/bind.hpp>
#include <boost/asio.hpp>
#include <boost/thread/mutex.hpp>
#include <cctype> // is*
//#define DEBUG
using namespace std;
int to_int(int c) {
if (not isxdigit(c)) return -1; // error: non-hexadecimal digit found
if (isdigit(c)) return c - '0';
if (isupper(c)) c = tolower(c);
return c - 'a' + 10;
}
template<class InputIterator, class OutputIterator> int
unhexlify(InputIterator first, InputIterator last, OutputIterator ascii) {
while (first != last) {
int top = to_int(*first++);
int bot = to_int(*first++);
if (top == -1 or bot == -1)
return -1; // error
*ascii++ = (top << 4) + bot;
}
return 0;
}
vector<pair<string,boost::regex>> regex_s_c_w, regex_c_s_w, regex_s_c_b, regex_c_s_b;
bool filter_data(unsigned char* data, const size_t& bytes_transferred, vector<pair<string,boost::regex>> const &blacklist, vector<pair<string,boost::regex>> const &whitelist){
#ifdef DEBUG
cout << "---------------- Packet ----------------" << endl;
for(int i=0;i<bytes_transferred;i++){
cout << data[i];
}
cout << "\n" << "---------------- End Packet ----------------" << endl;
#endif
for (pair<string,boost::regex> ele:blacklist){
boost::cmatch what;
if (boost::regex_match(reinterpret_cast<const char*>(data),
reinterpret_cast<const char*>(data) + bytes_transferred, what, ele.second)){
cout << "BLOCKED " << ele.first << endl;
return false;
}
}
for (pair<string,boost::regex> ele:whitelist){
boost::cmatch what;
if (!boost::regex_match(reinterpret_cast<const char*>(data),
reinterpret_cast<const char*>(data) + bytes_transferred, what, ele.second)){
cout << "BLOCKED " << ele.first << endl;
return false;
}
}
#ifdef DEBUG
cout << "Packet Accepted!" << endl;
#endif
return true;
}
namespace tcp_proxy
{
namespace ip = boost::asio::ip;
class bridge : public boost::enable_shared_from_this<bridge>
{
public:
typedef ip::tcp::socket socket_type;
typedef boost::shared_ptr<bridge> ptr_type;
bridge(boost::asio::io_service& ios)
: downstream_socket_(ios),
upstream_socket_ (ios)
{}
socket_type& downstream_socket()
{
// Client socket
return downstream_socket_;
}
socket_type& upstream_socket()
{
// Remote server socket
return upstream_socket_;
}
void start(const std::string& upstream_host, unsigned short upstream_port)
{
// Attempt connection to remote server (upstream side)
upstream_socket_.async_connect(
ip::tcp::endpoint(
boost::asio::ip::address::from_string(upstream_host),
upstream_port),
boost::bind(&bridge::handle_upstream_connect,
shared_from_this(),
boost::asio::placeholders::error));
}
void handle_upstream_connect(const boost::system::error_code& error)
{
if (!error)
{
// Setup async read from remote server (upstream)
upstream_socket_.async_read_some(
boost::asio::buffer(upstream_data_,max_data_length),
boost::bind(&bridge::handle_upstream_read,
shared_from_this(),
boost::asio::placeholders::error,
boost::asio::placeholders::bytes_transferred));
// Setup async read from client (downstream)
downstream_socket_.async_read_some(
boost::asio::buffer(downstream_data_,max_data_length),
boost::bind(&bridge::handle_downstream_read,
shared_from_this(),
boost::asio::placeholders::error,
boost::asio::placeholders::bytes_transferred));
}
else
close();
}
private:
/*
Section A: Remote Server --> Proxy --> Client
Process data recieved from remote sever then send to client.
*/
// Read from remote server complete, now send data to client
void handle_upstream_read(const boost::system::error_code& error,
const size_t& bytes_transferred) // Da Server a Client
{
if (!error)
{
if (filter_data(upstream_data_, bytes_transferred, regex_s_c_b, regex_s_c_w)){
async_write(downstream_socket_,
boost::asio::buffer(upstream_data_,bytes_transferred),
boost::bind(&bridge::handle_downstream_write,
shared_from_this(),
boost::asio::placeholders::error));
}else{
close();
}
}
else
close();
}
// Write to client complete, Async read from remote server
void handle_downstream_write(const boost::system::error_code& error)
{
if (!error)
{
upstream_socket_.async_read_some(
boost::asio::buffer(upstream_data_,max_data_length),
boost::bind(&bridge::handle_upstream_read,
shared_from_this(),
boost::asio::placeholders::error,
boost::asio::placeholders::bytes_transferred));
}
else
close();
}
// *** End Of Section A ***
/*
Section B: Client --> Proxy --> Remove Server
Process data recieved from client then write to remove server.
*/
// Read from client complete, now send data to remote server
void handle_downstream_read(const boost::system::error_code& error,
const size_t& bytes_transferred) // Da Client a Server
{
if (!error)
{
if (filter_data(downstream_data_, bytes_transferred, regex_c_s_b, regex_c_s_w)){
async_write(upstream_socket_,
boost::asio::buffer(downstream_data_,bytes_transferred),
boost::bind(&bridge::handle_upstream_write,
shared_from_this(),
boost::asio::placeholders::error));
}else{
close();
}
}
else
close();
}
// Write to remote server complete, Async read from client
void handle_upstream_write(const boost::system::error_code& error)
{
if (!error)
{
downstream_socket_.async_read_some(
boost::asio::buffer(downstream_data_,max_data_length),
boost::bind(&bridge::handle_downstream_read,
shared_from_this(),
boost::asio::placeholders::error,
boost::asio::placeholders::bytes_transferred));
}
else
close();
}
// *** End Of Section B ***
void close()
{
boost::mutex::scoped_lock lock(mutex_);
if (downstream_socket_.is_open())
{
downstream_socket_.close();
}
if (upstream_socket_.is_open())
{
upstream_socket_.close();
}
}
socket_type downstream_socket_;
socket_type upstream_socket_;
enum { max_data_length = 8192 }; //8KB
unsigned char downstream_data_[max_data_length];
unsigned char upstream_data_ [max_data_length];
boost::mutex mutex_;
public:
class acceptor
{
public:
acceptor(boost::asio::io_service& io_service,
const std::string& local_host, unsigned short local_port,
const std::string& upstream_host, unsigned short upstream_port)
: io_service_(io_service),
localhost_address(boost::asio::ip::address_v4::from_string(local_host)),
acceptor_(io_service_,ip::tcp::endpoint(localhost_address,local_port)),
upstream_port_(upstream_port),
upstream_host_(upstream_host)
{}
bool accept_connections()
{
try
{
session_ = boost::shared_ptr<bridge>(new bridge(io_service_));
acceptor_.async_accept(session_->downstream_socket(),
boost::bind(&acceptor::handle_accept,
this,
boost::asio::placeholders::error));
}
catch(std::exception& e)
{
std::cerr << "acceptor exception: " << e.what() << std::endl;
return false;
}
return true;
}
private:
void handle_accept(const boost::system::error_code& error)
{
if (!error)
{
session_->start(upstream_host_,upstream_port_);
if (!accept_connections())
{
std::cerr << "Failure during call to accept." << std::endl;
}
}
else
{
std::cerr << "Error: " << error.message() << std::endl;
}
}
boost::asio::io_service& io_service_;
ip::address_v4 localhost_address;
ip::tcp::acceptor acceptor_;
ptr_type session_;
unsigned short upstream_port_;
std::string upstream_host_;
};
};
}
void push_regex(char* arg, vector<pair<string,boost::regex>> &v){
size_t expr_len = (strlen(arg)-1)/2;
char expr[expr_len];
unhexlify(arg+1, arg+strlen(arg)-1, expr);
boost::regex regex(reinterpret_cast<char*>(expr),
reinterpret_cast<char*>(expr) + expr_len);
v.push_back(make_pair(string(arg), regex));
}
int main(int argc, char* argv[])
{
if (argc < 5)
{
std::cerr << "usage: tcpproxy_server <local host ip> <local port> <forward host ip> <forward port> C..... S....." << std::endl;
return 1;
}
const unsigned short local_port = static_cast<unsigned short>(::atoi(argv[2]));
const unsigned short forward_port = static_cast<unsigned short>(::atoi(argv[4]));
const std::string local_host = argv[1];
const std::string forward_host = argv[3];
for (int i=5;i<argc;i++){
if (strlen(argv[i]) >= 1){
switch(argv[i][0]){
case 'C': { // Client to server Blacklist
push_regex(argv[i], regex_c_s_b);
break;
}
case 'c': { // Client to server Whitelist
push_regex(argv[i], regex_c_s_w);
break;
}
case 'S': { // Server to client Blacklist
push_regex(argv[i], regex_s_c_b);
break;
}
case 's': { // Server to client Whitelist
push_regex(argv[i], regex_s_c_w);
break;
}
}
}
}
boost::asio::io_service ios;
try
{
tcp_proxy::bridge::acceptor acceptor(ios,
local_host, local_port,
forward_host, forward_port);
acceptor.accept_connections();
ios.run();
}
catch(std::exception& e)
{
std::cerr << "Error: " << e.what() << std::endl;
return 1;
}
return 0;
}
/*
* [Note] On posix systems the tcp proxy server build command is as follows:
* c++ -pedantic -ansi -Wall -Werror -O3 -o tcpproxy_server tcpproxy_server.cpp -L/usr/lib -lstdc++ -lpthread -lboost_thread -lboost_system
*/

87
backend/c_back/proxy_wrap.py
View File

@@ -1,87 +0,0 @@
import subprocess, re
#c++ -o proxy proxy.cpp
class Filter:
def __init__(self, regex, is_blacklist=True, c_to_s=False, s_to_c=False ):
self.regex = regex
self.is_blacklist = is_blacklist
if c_to_s == s_to_c: c_to_s = s_to_c = True # (False, False) == (True, True)
self.c_to_s = c_to_s
self.s_to_c = s_to_c
self.blocked = 0
def compile(self):
if isinstance(self.regex, str): self.regex = self.regex.encode()
if not isinstance(self.regex, bytes): raise Exception("Invalid Regex Paramether")
re.compile(self.regex) # raise re.error if is invalid!
if self.c_to_s:
yield "C"+self.regex.hex() if self.is_blacklist else "c"+self.regex.hex()
if self.s_to_c:
yield "S"+self.regex.hex() if self.is_blacklist else "s"+self.regex.hex()
class Proxy:
def __init__(self, internal_port, public_port, filters=None, public_host="0.0.0.0", internal_host="127.0.0.1"):
self.public_host = public_host
self.public_port = public_port
self.internal_host = internal_host
self.internal_port = internal_port
self.filters = set(filters) if filters else set([])
self.process = None
def start(self, callback=None):
if self.process is None:
filter_map = self.compile_filters()
filters_codes = list(filter_map.keys())
self.process = subprocess.Popen(
["./proxy", str(self.public_host), str(self.public_port), str(self.internal_host), str(self.internal_port), *filters_codes],
stdout=subprocess.PIPE, universal_newlines=True
)
for stdout_line in iter(self.process.stdout.readline, ""):
if stdout_line.startswith("BLOCKED"):
regex_id = stdout_line.split()[1]
filter_map[regex_id].blocked+=1
if callback: callback(filter_map[regex_id])
self.process.stdout.close()
return self.process.wait()
def stop(self):
if self.process:
self.process.terminate()
try:
self.process.wait(timeout=3)
return True
except Exception:
self.process.kill()
return False
finally:
self.process = None
return True
def restart(self):
status = self.stop()
self.start()
return status
def reload(self):
if self.process: self.restart()
def compile_filters(self):
res = {}
for filter_obj in self.filters:
raw_filters = filter_obj.compile()
for filter in raw_filters:
res[filter] = filter_obj
return res
def add_filter(self, filter):
self.filters.add(filter)
self.reload()
def remove_filter(self, filter):
try:
del self.filters[self.filters.remove(filter)]
except ValueError: return
self.reload()

27
backend/config/nginx.conf
View File

@@ -1,27 +0,0 @@
worker_processes 5; ## Default: 1
pid /var/run/nginx.pid;
user nobody nogroup;
events {
worker_connections 1024;
}
http{
server {
listen 80;
server_name _;
location / {
include proxy_params;
proxy_pass http://frontend:3000/;
}
location /api/ {
include proxy_params;
proxy_pass http://127.0.0.1:8080;
}
}
}

31
backend/config/supervisord.conf
View File

@@ -1,31 +0,0 @@
[supervisord]
logfile = /dev/null
loglevel = info
user = root
pidfile = /var/run/supervisord.pid
nodaemon = true
[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
autostart=true
autorestart=true
user = root
startretries=5
numprocs=1
startsecs=0
process_name=%(program_name)s_%(process_num)02d
stderr_logfile=/var/log/supervisor/%(program_name)s_stderr.log
stderr_logfile_maxbytes=10MB
stdout_logfile=/var/log/supervisor/%(program_name)s_stdout.log
stdout_logfile_maxbytes=10MB
[program:backend]
directory=/execute
user = nobody
command=python3 app.py
stdout_logfile="syslog"
stderr_logfile="syslog"
startsecs=10
stopsignal=QUIT
stopasgroup=true
killasgroup=true

8
backend/requirements.txt
View File

@@ -1,8 +0,0 @@
click==8.1.3
colorama==0.4.4
Flask==2.1.2
itsdangerous==2.1.2
Jinja2==3.1.2
MarkupSafe==2.1.1
Werkzeug==2.1.2
uwsgi