Nexos/waf
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

config file white list ips

Browse Source
This commit is contained in:
root
2023-03-27 11:59:37 +02:00
parent 7de52b0ae1
commit d985dff839
1 changed files with 18 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
waf3.py
View File

@ -28,15 +28,9 @@ last_hour = now.shift(hours=-1).floor('hour')
last_thirty_min = now.shift(minutes=-30)
# last_period = last_thirty_min
last_period = last_hour
vroots = Path(conf['vroots'])
logs = vroots.glob('*/logs/*access*.log')
whitelist_ips = [
'127.0.0.1',
'5.9.113.251',
'90.175.189.153',
'78.47.46.238',
]
whitelist_ips = conf['whitelist_ips']
db = SqliteExtDatabase(db_path, pragmas={'journal_mode': 'wal'})
class Attack(peewee.Model):
@ -106,7 +100,7 @@ async def scan(log):
elif 'wp-admin' in url and status not in ['200','302','499']:
suspects.append(check(ip, host, date_position))
def is_suspicious_login(item):
return len(item[1]) > 2
return len(item[1]) > 18
filtered = dict(filter(is_suspicious_login, suspects_login.items()))
for ip,suspect in filtered.items():
suspects.append(check(ip, suspect[-1][1], suspect[-1][2]))
@ -130,16 +124,29 @@ async def block():
def report():
click.echo(
click.style(
"Hosting logs: {}".format(len(logs)),
f"Config file at: {conf_file}",
fg="cyan"
)
)
click.echo(
click.style(
"Attacks in database: {}".format( Attack.select().count() ),
f"Hosting logs: {len(logs)}",
fg="cyan"
)
)
click.echo(
click.style(
f"Attacks in database: {Attack.select().count()}",
fg="cyan"
)
)
for ip in whitelist_ips:
click.echo(
click.style(
f"Whitelisted: {ip}",
fg="green"
)
)
async def start():
report()
@ -166,7 +173,7 @@ def waf_scan():
# click.echo('Scan')
asyncio.run(start())
after = arrow.utcnow()
click.echo(click.style('Finished in {}'.format(after - before), fg="blue"))
click.echo(click.style(f'Finished in {after - before}', fg="blue"))
if __name__ == '__main__':
cli()