Skip to content

Fukász Rómeó Ervin / cloud

Go to a project
Commit 10d51ec8 by Bach Dániel
Options

firewall: update Blacklist model

parent 9fd1d4fe
Showing with 73 additions and 30 deletions
circle/firewall/admin.py
......@@ -132,7 +132,8 @@ class RecordAdmin(admin.ModelAdmin):
class BlacklistItemAdmin(admin.ModelAdmin):
list_display = ('ipv4', 'type', 'reason', 'created_at', 'modified_at')
list_display = ('ipv4', 'whitelisted', 'reason', 'expires_at',
'created_at', 'modified_at')
class SwitchPortAdmin(admin.ModelAdmin):
......
circle/firewall/fw.py
......@@ -19,14 +19,12 @@ import re
import logging
from collections import OrderedDict
from netaddr import IPAddress, AddrFormatError
from datetime import timedelta
from itertools import product
from .models import (Host, Rule, Vlan, Domain, Record, BlacklistItem,
SwitchPort)
from .iptables import IptRule, IptChain
import django.conf
from django.db.models import Q
from django.template import loader, Context
from django.utils import timezone
......@@ -161,10 +159,9 @@ class BuildFirewall:
def ipset():
week = timezone.now() - timedelta(days=2)
filter_ban = (Q(type='tempban', modified_at__gte=week) |
Q(type='permban'))
return BlacklistItem.objects.filter(filter_ban).values('ipv4', 'reason')
now = timezone.now()
return BlacklistItem.objects.filter(whitelisted=False).exclude(
expires_at__lt=now).values('ipv4', 'reason')
def ipv6_to_octal(ipv6):
......
circle/firewall/migrations/0003_auto_20150226_1927.py 0 → 100644
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import models, migrations
class Migration(migrations.Migration):
dependencies = [
('firewall', '0002_auto_20150115_0021'),
]
operations = [
migrations.RemoveField(
model_name='blacklistitem',
name='type',
),
migrations.AddField(
model_name='blacklistitem',
name='expires_at',
field=models.DateTimeField(default=None, null=True, verbose_name='expires at', blank=True),
preserve_default=True,
),
migrations.AddField(
model_name='blacklistitem',
name='whitelisted',
field=models.BooleanField(default=False, verbose_name='whitelisted'),
preserve_default=True,
),
migrations.AlterField(
model_name='blacklistitem',
name='ipv4',
field=models.GenericIPAddressField(protocol=b'ipv4', unique=True, verbose_name=b'IPv4 address'),
preserve_default=True,
),
migrations.AlterField(
model_name='blacklistitem',
name='reason',
field=models.TextField(null=True, verbose_name='reason', blank=True),
preserve_default=True,
),
migrations.AlterField(
model_name='blacklistitem',
name='snort_message',
field=models.TextField(null=True, verbose_name='short message', blank=True),
preserve_default=True,
),
]
circle/firewall/models.py
......@@ -1109,24 +1109,23 @@ class EthernetDevice(models.Model):
class BlacklistItem(models.Model):
CHOICES_type = (('permban', 'permanent ban'), ('tempban', 'temporary ban'),
('whitelist', 'whitelist'), ('tempwhite', 'tempwhite'))
ipv4 = models.GenericIPAddressField(protocol='ipv4', unique=True)
host = models.ForeignKey('Host', blank=True, null=True,
verbose_name=_('host'))
reason = models.TextField(blank=True, verbose_name=_('reason'))
snort_message = models.TextField(blank=True,
verbose_name=_('short message'))
type = models.CharField(
max_length=10,
choices=CHOICES_type,
default='tempban',
verbose_name=_('type')
)
ipv4 = models.GenericIPAddressField(
protocol='ipv4', unique=True, verbose_name=("IPv4 address"))
host = models.ForeignKey(
'Host', blank=True, null=True, verbose_name=_('host'))
reason = models.TextField(
blank=True, null=True, verbose_name=_('reason'))
snort_message = models.TextField(
blank=True, null=True, verbose_name=_('short message'))
whitelisted = models.BooleanField(
default=False, verbose_name=_("whitelisted"))
created_at = models.DateTimeField(auto_now_add=True,
verbose_name=_('created_at'))
modified_at = models.DateTimeField(auto_now=True,
verbose_name=_('modified_at'))
expires_at = models.DateTimeField(blank=True, null=True, default=None,
verbose_name=_('expires at'))
def save(self, *args, **kwargs):
self.full_clean()
......
circle/network/forms.py
......@@ -54,8 +54,10 @@ class BlacklistItemForm(ModelForm):
'',
'ipv4',
'host',
'expires_at',
'whitelisted',
'reason',
'type',
'snort_message',
)
),
FormActions(
......
circle/network/tables.py
......@@ -45,7 +45,7 @@ class BlacklistItemTable(Table):
class Meta:
model = Domain
attrs = {'class': 'table table-striped table-condensed'}
fields = ('ipv4', 'host', 'reason', 'type')
fields = ('ipv4', 'host', 'expires_at', 'whitelisted', 'reason')
order_by = ('ipv4', )
......
circle/network/views.py
......@@ -137,8 +137,7 @@ class BlacklistDetail(LoginRequiredMixin, SuperuserRequiredMixin,
model = BlacklistItem
template_name = "network/blacklist-edit.html"
form_class = BlacklistItemForm
success_message = _(u'Successfully modified blacklist item '
'%(ipv4)s - %(type)s.')
success_message = _(u'Successfully modified blacklist item %(ipv4)s.')
def get_success_url(self):
if 'pk' in self.kwargs:
......@@ -155,8 +154,7 @@ class BlacklistCreate(LoginRequiredMixin, SuperuserRequiredMixin,
model = BlacklistItem
template_name = "network/blacklist-create.html"
form_class = BlacklistItemForm
success_message = _(u'Successfully created blacklist item '
'%(ipv4)s - %(type)s.')
success_message = _(u'Successfully created blacklist item %(ipv4)s')
class BlacklistDelete(LoginRequiredMixin, SuperuserRequiredMixin, DeleteView):
......@@ -168,9 +166,7 @@ class BlacklistDelete(LoginRequiredMixin, SuperuserRequiredMixin, DeleteView):
context = super(BlacklistDelete, self).get_context_data(**kwargs)
if 'pk' in self.kwargs:
to_delete = BlacklistItem.objects.get(pk=self.kwargs['pk'])
context['object'] = "%s - %s - %s" % (to_delete.ipv4,
to_delete.reason,
to_delete.type)
context['object'] = "%s - %s" % (to_delete.ipv4, to_delete.reason)
return context
def get_success_url(self):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment