From 3fbe0a0dfaed2e0ce7acbe69ab2c605568420b70 Mon Sep 17 00:00:00 2001 From: usmannasir <01-134132-158@student.bahria.edu.pk> Date: Mon, 6 Aug 2018 02:01:09 +0500 Subject: [PATCH] CSF Installation --- firewall/static/firewall/firewall.js | 163 +++++++++++++++++++++- firewall/templates/firewall/csf.html | 200 +++++++++++++++++++++++++++ firewall/urls.py | 6 + firewall/views.py | 101 +++++++++++++- plogical/csf.py | 109 +++++++++++++++ static/firewall/firewall.js | 163 +++++++++++++++++++++- 6 files changed, 738 insertions(+), 4 deletions(-) create mode 100644 firewall/templates/firewall/csf.html create mode 100644 plogical/csf.py diff --git a/firewall/static/firewall/firewall.js b/firewall/static/firewall/firewall.js index c0a25cf7d..3ecf38322 100644 --- a/firewall/static/firewall/firewall.js +++ b/firewall/static/firewall/firewall.js @@ -1563,4 +1563,165 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) { }); -/* Java script code for ModSec */ \ No newline at end of file +/* Java script code for ModSec */ + + +/* Java script code for CSF */ + +app.controller('csf', function($scope, $http, $timeout, $window) { + + $scope.csfLoading = true; + $scope.modeSecInstallBox = true; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + + + $scope.installCSF = function(){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = true; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + url = "/firewall/installCSF"; + + var data = {}; + + var config = { + headers : { + 'X-CSRFToken': getCookie('csrftoken') + } + }; + + + + $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas); + + + function ListInitialDatas(response) { + + + if(response.data.installStatus === 1){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + getRequestStatus(); + + } + else{ + $scope.errorMessage = response.data.error_message; + + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = true; + $scope.modsecLoading = true; + $scope.failedToStartInallation = false; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + } + + } + function cantLoadInitialDatas(response) { + + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = false; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + } + + }; + + function getRequestStatus(){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + url = "/firewall/installStatusCSF"; + + var data = {}; + + var config = { + headers : { + 'X-CSRFToken': getCookie('csrftoken') + } + }; + + + + $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas); + + + function ListInitialDatas(response) { + + + if(response.data.abort === 0){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + $scope.requestData = response.data.requestStatus; + $timeout(getRequestStatus,1000); + } + else{ + // Notifications + $timeout.cancel(); + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + + $scope.requestData = response.data.requestStatus; + + if(response.data.installed === 0) { + $scope.installationFailed = false; + $scope.errorMessage = response.data.error_message; + }else{ + $scope.modSecSuccessfullyInstalled = false; + //$timeout(function() { $window.location.reload(); }, 3000); + } + + } + + } + function cantLoadInitialDatas(response) { + + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = false; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + + } + + } + +}); \ No newline at end of file diff --git a/firewall/templates/firewall/csf.html b/firewall/templates/firewall/csf.html new file mode 100644 index 000000000..f61849335 --- /dev/null +++ b/firewall/templates/firewall/csf.html @@ -0,0 +1,200 @@ +{% extends "baseTemplate/index.html" %} +{% load i18n %} +{% block title %}{% trans "CSF (ConfigServer Security and Firewall) - CyberPanel" %}{% endblock %} +{% block content %} + +{% load static %} +{% get_current_language as LANGUAGE_CODE %} + + + +
+
+

{% trans "CSF (ConfigServer Security and Firewall)!" %}

+

{% trans "On this page you can configure CSF (ConfigServer Security and Firewall) settings." %}

+
+ +
+
+

+ {% trans "CSF" %} +

+ +
+
+ + {% if csfInstalled == 0 %} + +
+

{% trans "CSF is not installed " %} +

+
+ + + +
+ +
+ +
+

{% trans "Failed to start installation, Error message: " %} {$ errorMessage $}

+
+ +
+

{% trans "Could not connect. Please refresh this page." %}

+
+ +
+

{% trans "Installation failed." %} {$ errorMessage $}

+
+ +
+

{% trans "CSF successfully installed, refreshing page in 3 seconds.." %}

+
+
+
+ + +
+ +
+
+
+

{% trans "In winter we must protect each other.." %}

+
+
+ +
+
+
+
+ + + + {% else %} + +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+
{$ SecDebugLogLevel $}
+
+
+ +
+ +
+
{$ SecAuditLogParts $}
+
+
+ + +
+ +
+ +
+
+ +
+ +
+ +
+
+ + + +
+ +
+ + +
+
+ + + +
+ +
+ +
+

{% trans "Failed to save ModSecurity configurations. Error message: " %} {$ errorMessage $}

+
+ +
+

{% trans "ModSecurity configurations successfully saved." %}

+
+ +
+

{% trans "Could not connect. Please refresh this page." %}

+
+ +
+
+ + +
+
+ + {% endif %} + + + +
+
+
+
+ + +
+ + +{% endblock %} \ No newline at end of file diff --git a/firewall/urls.py b/firewall/urls.py index d580b7632..1c7d387d3 100644 --- a/firewall/urls.py +++ b/firewall/urls.py @@ -39,6 +39,12 @@ urlpatterns = [ url(r'^getRulesFiles', views.getRulesFiles, name='getRulesFiles'), url(r'^enableDisableRuleFile', views.enableDisableRuleFile, name='enableDisableRuleFile'), + ## CSF + + url(r'^csf$', views.csf, name='csf'), + url(r'^installCSF$', views.installCSF, name='installModSec'), + url(r'^installStatusCSF$', views.installStatusCSF, name='installStatusCSF'), + ] \ No newline at end of file diff --git a/firewall/views.py b/firewall/views.py index 44e3f73b6..c36870c25 100644 --- a/firewall/views.py +++ b/firewall/views.py @@ -14,6 +14,7 @@ import thread from plogical.modSec import modSec from plogical.installUtilities import installUtilities from random import randint +from plogical.csf import CSF # Create your views here. @@ -803,7 +804,6 @@ def installStatusModSec(request): final_json = json.dumps(final_dic) return HttpResponse(final_json) - def fetchModSecSettings(request): try: val = request.session['userID'] @@ -1018,7 +1018,6 @@ def modSecRules(request): except KeyError: return redirect(loadLoginPage) - def fetchModSecRules(request): try: userID = request.session['userID'] @@ -1358,3 +1357,101 @@ def enableDisableRuleFile(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) +def csf(request): + try: + userID = request.session['userID'] + admin = Administrator.objects.get(pk=userID) + + if admin.type == 3: + return HttpResponse("You don't have enough priviliges to access this page.") + + csfInstalled = 1 + + try: + command = 'sudo csf -h' + res = subprocess.call(shlex.split(command)) + if res == 1: + csfInstalled = 0 + except subprocess.CalledProcessError: + csfInstalled = 0 + + return render(request,'firewall/csf.html', {'csfInstalled' : csfInstalled}) + except KeyError: + return redirect(loadLoginPage) + + +def installCSF(request): + try: + val = request.session['userID'] + admin = Administrator.objects.get(pk=val) + try: + + if admin.type != 1: + final_dic = {'installStatus': 0, 'error_message': 'Not enough privileges.'} + final_json = json.dumps(final_dic) + return HttpResponse(final_json) + + thread.start_new_thread(CSF.installCSF, ('Install','csf')) + final_json = json.dumps({'installStatus': 1, 'error_message': "None"}) + return HttpResponse(final_json) + + except BaseException,msg: + final_dic = {'installStatus': 0, 'error_message': str(msg)} + final_json = json.dumps(final_dic) + return HttpResponse(final_json) + except KeyError: + final_dic = {'installStatus': 0, 'error_message': "Not Logged In, please refresh the page or login again."} + final_json = json.dumps(final_dic) + return HttpResponse(final_json) + +def installStatusCSF(request): + try: + val = request.session['userID'] + admin = Administrator.objects.get(pk=val) + try: + if request.method == 'POST': + + if admin.type != 1: + final_dic = {'abort': 1, 'installed': 0, 'error_message': 'Not enough privileges.'} + final_json = json.dumps(final_dic) + return HttpResponse(final_json) + + installStatus = unicode(open(CSF.installLogPath, "r").read()) + + if installStatus.find("[200]")>-1: + + final_json = json.dumps({ + 'error_message': "None", + 'requestStatus': installStatus, + 'abort':1, + 'installed': 1, + }) + return HttpResponse(final_json) + elif installStatus.find("[404]") > -1: + + final_json = json.dumps({ + 'abort':1, + 'installed':0, + 'error_message': "None", + 'requestStatus': installStatus, + }) + return HttpResponse(final_json) + + else: + final_json = json.dumps({ + 'abort':0, + 'error_message': "None", + 'requestStatus': installStatus, + }) + return HttpResponse(final_json) + + + except BaseException,msg: + final_dic = {'abort':1,'installed':0, 'error_message': str(msg)} + final_json = json.dumps(final_dic) + return HttpResponse(final_json) + except KeyError: + final_dic = {'abort':1,'installed':0, 'error_message': "Not Logged In, please refresh the page or login again."} + final_json = json.dumps(final_dic) + return HttpResponse(final_json) + diff --git a/plogical/csf.py b/plogical/csf.py new file mode 100644 index 000000000..10e494b2c --- /dev/null +++ b/plogical/csf.py @@ -0,0 +1,109 @@ +import CyberCPLogFileWriter as logging +import subprocess +import shlex +import argparse +from virtualHostUtilities import virtualHostUtilities +import os +import tarfile +import shutil +from mailUtilities import mailUtilities + +class CSF: + installLogPath = "/home/cyberpanel/csfInstallLog" + csfURL = 'https://download.configserver.com/csf.tgz' + + @staticmethod + def installCSF(install, csfInstall): + try: + + mailUtilities.checkHome() + + ## + + command = 'sudo wget ' + CSF.csfURL + cmd = shlex.split(command) + + with open(CSF.installLogPath, 'w') as f: + res = subprocess.call(cmd, stdout=f) + + ## + + command = 'sudo tar -xzf csf.tgz' + cmd = shlex.split(command) + + with open(CSF.installLogPath, 'w') as f: + res = subprocess.call(cmd, stdout=f) + + ## + + os.chdir('csf') + + command = 'sudo ./install.sh' + cmd = shlex.split(command) + + with open(CSF.installLogPath, 'w') as f: + res = subprocess.call(cmd, stdout=f) + + os.chdir('/usr/local/CyberCP') + + writeToFile = open(CSF.installLogPath, 'a') + writeToFile.writelines("CSF successfully Installed.[200]\n") + writeToFile.close() + + command = 'sudo rm -rf csf' + cmd = shlex.split(command) + res = subprocess.call(cmd) + + command = 'sudo rm -f csf.tgz' + cmd = shlex.split(command) + res = subprocess.call(cmd) + + return 1 + except BaseException, msg: + command = 'sudo rm -rf csf' + cmd = shlex.split(command) + res = subprocess.call(cmd) + + command = 'sudo rm -f csf.tgz' + cmd = shlex.split(command) + res = subprocess.call(cmd) + logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[installModSec]") + + + +def main(): + + parser = argparse.ArgumentParser(description='CyberPanel Installer') + parser.add_argument('function', help='Specific a function to call!') + + parser.add_argument('--tempConfigPath', help='Temporary path to configurations data!') + parser.add_argument('--packName', help='ModSecurity supplier name!') + parser.add_argument('--fileName', help='Filename to enable or disable!') + + args = parser.parse_args() + + if args.function == "installModSecConfigs": + modSec.installModSecConfigs() + elif args.function == "saveModSecConfigs": + modSec.saveModSecConfigs(args.tempConfigPath) + elif args.function == "saveModSecRules": + modSec.saveModSecRules() + elif args.function == "setupOWASPRules": + modSec.setupOWASPRules() + elif args.function == "installOWASP": + modSec.installOWASP() + elif args.function == "disableOWASP": + modSec.disableOWASP() + elif args.function == "setupComodoRules": + modSec.setupComodoRules() + elif args.function == "installComodo": + modSec.installComodo() + elif args.function == "disableComodo": + modSec.disableComodo() + elif args.function == "disableRuleFile": + modSec.disableRuleFile(args.fileName, args.packName) + elif args.function == "enableRuleFile": + modSec.enableRuleFile(args.fileName, args.packName) + +if __name__ == "__main__": + main() \ No newline at end of file diff --git a/static/firewall/firewall.js b/static/firewall/firewall.js index c0a25cf7d..3ecf38322 100644 --- a/static/firewall/firewall.js +++ b/static/firewall/firewall.js @@ -1563,4 +1563,165 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) { }); -/* Java script code for ModSec */ \ No newline at end of file +/* Java script code for ModSec */ + + +/* Java script code for CSF */ + +app.controller('csf', function($scope, $http, $timeout, $window) { + + $scope.csfLoading = true; + $scope.modeSecInstallBox = true; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + + + $scope.installCSF = function(){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = true; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + url = "/firewall/installCSF"; + + var data = {}; + + var config = { + headers : { + 'X-CSRFToken': getCookie('csrftoken') + } + }; + + + + $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas); + + + function ListInitialDatas(response) { + + + if(response.data.installStatus === 1){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + getRequestStatus(); + + } + else{ + $scope.errorMessage = response.data.error_message; + + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = true; + $scope.modsecLoading = true; + $scope.failedToStartInallation = false; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + } + + } + function cantLoadInitialDatas(response) { + + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = false; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + } + + }; + + function getRequestStatus(){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + url = "/firewall/installStatusCSF"; + + var data = {}; + + var config = { + headers : { + 'X-CSRFToken': getCookie('csrftoken') + } + }; + + + + $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas); + + + function ListInitialDatas(response) { + + + if(response.data.abort === 0){ + + $scope.modSecNotifyBox = true; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = false; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + $scope.requestData = response.data.requestStatus; + $timeout(getRequestStatus,1000); + } + else{ + // Notifications + $timeout.cancel(); + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = true; + + $scope.requestData = response.data.requestStatus; + + if(response.data.installed === 0) { + $scope.installationFailed = false; + $scope.errorMessage = response.data.error_message; + }else{ + $scope.modSecSuccessfullyInstalled = false; + //$timeout(function() { $window.location.reload(); }, 3000); + } + + } + + } + function cantLoadInitialDatas(response) { + + $scope.modSecNotifyBox = false; + $scope.modeSecInstallBox = false; + $scope.modsecLoading = true; + $scope.failedToStartInallation = true; + $scope.couldNotConnect = false; + $scope.modSecSuccessfullyInstalled = true; + $scope.installationFailed = true; + + + } + + } + +}); \ No newline at end of file