0xb00b5/firegex-traffic-viewer
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new start.py + set password in start.py

Browse Source
This commit is contained in:
DomySh
2022-08-09 10:28:30 +00:00
parent ef695690b3
commit d7eb8efa81
3 changed files with 50 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -52,6 +52,5 @@ Initiially the project was based only on regex filters, and also now the main fu
- Create hijacking port to proxy - Create hijacking port to proxy
- Explanation about tools in the dedicated pages making them more user-friendly - Explanation about tools in the dedicated pages making them more user-friendly
- Give the permission to set a startup password in start.py protecting firegex also at the first run
- buffering the TCP and(/or) the UDP stream to avoid to bypass the proxy dividing the information in more packets - buffering the TCP and(/or) the UDP stream to avoid to bypass the proxy dividing the information in more packets
- Adding new section with "general firewall rules" to manage "simple" TCP traffic rules graphically and through nftables - Adding new section with "general firewall rules" to manage "simple" TCP traffic rules graphically and through nftables

12
backend/app.py
View File

@@ -23,6 +23,10 @@ utils.socketio = SocketManager(app, "/sock", socketio_path="")
def APP_STATUS(): return "init" if db.get("password") is None else "run" def APP_STATUS(): return "init" if db.get("password") is None else "run"
def JWT_SECRET(): return db.get("secret") def JWT_SECRET(): return db.get("secret")
def set_psw(psw: str):
hash_psw = crypto.hash(psw)
db.put("password",hash_psw)
@utils.socketio.on("update") @utils.socketio.on("update")
async def updater(): pass async def updater(): pass
@@ -78,8 +82,7 @@ async def set_password(form: PasswordForm):
if APP_STATUS() != "init": raise HTTPException(status_code=400) if APP_STATUS() != "init": raise HTTPException(status_code=400)
if form.password == "": if form.password == "":
return {"status":"Cannot insert an empty password!"} return {"status":"Cannot insert an empty password!"}
hash_psw = crypto.hash(form.password) set_psw(form.password)
db.put("password",hash_psw)
await refresh_frontend() await refresh_frontend()
return {"status":"ok", "access_token": create_access_token({"logged_in": True})} return {"status":"ok", "access_token": create_access_token({"logged_in": True})}
@@ -93,8 +96,7 @@ async def change_password(form: PasswordChangeForm):
if form.expire: if form.expire:
db.put("secret", secrets.token_hex(32)) db.put("secret", secrets.token_hex(32))
hash_psw = crypto.hash(form.password) set_psw(form.password)
db.put("password",hash_psw)
await refresh_frontend() await refresh_frontend()
return {"status":"ok", "access_token": create_access_token({"logged_in": True})} return {"status":"ok", "access_token": create_access_token({"logged_in": True})}
@@ -110,6 +112,8 @@ reset, startup, shutdown = load_routers(api)
@app.on_event("startup") @app.on_event("startup")
async def startup_event(): async def startup_event():
db.init() db.init()
if os.getenv("HEX_SET_PSW"):
set_psw(bytes.fromhex(os.getenv("HEX_SET_PSW")).decode())
await startup() await startup()
if not JWT_SECRET(): db.put("secret", secrets.token_hex(32)) if not JWT_SECRET(): db.put("secret", secrets.token_hex(32))
await refresh_frontend() await refresh_frontend()

53
start.py
View File

@@ -1,6 +1,6 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import argparse, sys, platform, os import argparse, sys, platform, os, multiprocessing
pref = "\033[" pref = "\033["
reset = f"{pref}0m" reset = f"{pref}0m"
@@ -19,23 +19,40 @@ def puts(text, *args, color=colors.white, is_bold=False, **kwargs):
print(f'{pref}{1 if is_bold else 0};{color}' + text + reset, *args, **kwargs) print(f'{pref}{1 if is_bold else 0};{color}' + text + reset, *args, **kwargs)
def sep(): puts("-----------------------------------", is_bold=True) def sep(): puts("-----------------------------------", is_bold=True)
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument('--port', "-p", type=int, required=False, help='Port where open the web service of the firewall', default=4444) parser.add_argument('--port', "-p", type=int, required=False, help='Port where open the web service of the firewall', default=4444)
parser.add_argument('--threads', "-t", type=int, required=False, help='Number of threads started for each service/utility', default=1) parser.add_argument('--threads', "-t", type=int, required=False, help='Number of threads started for each service/utility', default=-1)
parser.add_argument('--no-autostart', "-n", required=False, action="store_true", help='Auto-execute "docker-compose up -d --build"', default=False) parser.add_argument('--no-autostart', "-n", required=False, action="store_true", help='Save docker-compose file and not start the container', default=False)
parser.add_argument('--keep','-k', required=False, action="store_true", help='Keep the docker-compose file generated', default=False)
parser.add_argument('--build', "-b", required=False, action="store_true", help='Build the container locally', default=False) parser.add_argument('--build', "-b", required=False, action="store_true", help='Build the container locally', default=False)
parser.add_argument('--stop', '-s', required=False, action="store_true", help='Stop firegex execution', default=False)
parser.add_argument('--psw-no-interactive',type=str, required=False, help='Password for no-interactive mode', default=None)
parser.add_argument('--startup-psw', required=False, action="store_true", help='Insert password in the startup screen of firegex', default=False)
args = parser.parse_args() args = parser.parse_args()
sep() os.chdir(os.path.dirname(os.path.realpath(__file__)))
puts(f"Firegex", color=colors.yellow, end="")
puts(" will start on port ", end="")
puts(f"{args.port}", color=colors.cyan)
if args.threads < 1: if args.build and not os.path.isfile("./Dockerfile"):
puts("Insert a valid number of threads", color=colors.red) puts("This is not a clone of firegex, to build firegex the clone of the repository is needed!", color=colors.red)
exit() exit()
os.chdir(os.path.dirname(os.path.realpath(__file__))) if args.threads < 1:
args.threads = multiprocessing.cpu_count()
if not args.stop:
sep()
puts(f"Firegex", color=colors.yellow, end="")
puts(" will start on port ", end="")
puts(f"{args.port}", color=colors.cyan)
psw_set = None
if not args.stop:
if args.psw_no_interactive:
psw_set = args.psw_no_interactive
elif not args.startup_psw:
puts("Insert the password for firegex: ", end="" , color=colors.yellow, is_bold=True)
psw_set = input()
with open("docker-compose.yml","wt") as compose: with open("docker-compose.yml","wt") as compose:
@@ -51,6 +68,7 @@ services:
environment: environment:
- PORT={args.port} - PORT={args.port}
- NTHREADS={args.threads} - NTHREADS={args.threads}
{"- HEX_SET_PSW="+psw_set.encode().hex() if psw_set else ""}
volumes: volumes:
- /execute/db - /execute/db
cap_add: cap_add:
@@ -73,17 +91,24 @@ services:
environment: environment:
- PORT={args.port} - PORT={args.port}
- NTHREADS={args.threads} - NTHREADS={args.threads}
{"- HEX_SET_PSW="+psw_set.encode().hex() if psw_set else ""}
volumes: volumes:
- /execute/db - /execute/db
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
""") """)
sep() sep()
if not args.no_autostart: if not args.no_autostart:
try:
if args.stop:
puts("Running 'docker-compose down'\n", color=colors.green)
os.system("docker-compose -p firegex down")
else:
puts("Running 'docker-compose up -d --build'\n", color=colors.green) puts("Running 'docker-compose up -d --build'\n", color=colors.green)
os.system("docker-compose up -d --build") os.system("docker-compose -p firegex up -d --build")
finally:
if not args.keep:
os.remove("docker-compose.yml")
else: else:
puts("Done! You can start firegex with docker-compose up -d --build", color=colors.yellow) puts("Done! You can start/stop firegex with docker-compose up -d --build", color=colors.yellow)
sep() sep()