Merge pull request #1403 from StevenHessing/lede-17.01-noddos

luci-app-noddos: backport from master
2017-10-21 09:14:24 +03:00 · 2017-10-21 09:14:24 +03:00 · 0ed8086900
commit 0ed8086900
parent 7fc88b4e6e d685c2392f
8 changed files with 493 additions and 0 deletions
--- a/applications/luci-app-noddos/Makefile
+++ b/applications/luci-app-noddos/Makefile
@ -0,0 +1,18 @@
+# Copyright (C) 2017 Steven Hessing (steven.hessing@gmail.com)
+# Based on initial implementation by Stan Grishin (stangri@melmac.net)
+# This is free software, licensed under the GNU General Public License v3.
+
+include $(TOPDIR)/rules.mk
+
+PKG_LICENSE:=GPLv3
+PKG_MAINTAINER:=Steven Hessing <steven.hessing@gmail.com>
+
+LUCI_TITLE:=Noddos Service Web UI
+LUCI_DESCRIPTION:=Provides Web UI for Noddos service.
+LUCI_DEPENDS:=+luci +noddos
+LUCI_PKGARCH:=all
+PKG_RELEASE:=1
+
+include ../../luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
--- a/applications/luci-app-noddos/htdocs/cgi-bin/clientdetails
+++ b/applications/luci-app-noddos/htdocs/cgi-bin/clientdetails
@ -0,0 +1,91 @@
+#!/usr/bin/lua
+
+-- clientdetails.lua : Provides details about client devices discovered by Noddos
+-- Copyright (C) 2017 Steven Hessing (steven.hessing@gmail.com)
+-- This is free software, licensed under the GNU General Public License v3.
+
+require "nixio.fs"
+
+print ("Content-type: Text/html\n")
+local info = os.getenv("QUERY_STRING")
+
+local params = {}
+local echo = {}
+
+function print_row(key)
+	print ("<tr><th>")
+	print (key)
+	print ("</th><td>")
+	print (device[key])
+	print ("</td></tr>")
+end
+
+for name, value in string.gmatch(info .. '&', '(.-)%=(.-)%&') do
+    value = string.gsub(value , '%+', ' ')
+    value = string.gsub(value , '%%(%x%x)', function(dpc)
+        return string.char(tonumber(dpc,16))
+		end )
+	params[name] = value
+
+    value = string.gsub(value, "%&", "&amp;")
+    value = string.gsub(value, "%<", "&lt;")
+    value = string.gsub(value, '%"', "&quot;")
+    echo[name] = value
+end
+
+device = {}
+profile = {}
+
+if nixio.fs.access("/var/lib/noddos/DeviceDump.json") then
+        io.input("/var/lib/noddos/DeviceDump.json")
+        local t = io.read("*all")
+	local json = require "luci.jsonc"
+        local devdump = json.parse(t)
+        for i, v in ipairs(devdump) do
+				if v.MacAddress == params["mac"] then
+                        device = v
+                end
+        end
+        io.input("/var/lib/noddos/DeviceProfiles.json")
+        t = io.read("*all")
+        local temp = json.parse(t)
+        for i, v in ipairs(temp) do
+                if device.DeviceProfileUuid == v.DeviceProfileUuid then
+                        profile = v
+                end
+        end
+end
+pagetop = [[
+<html>
+  <head>
+    <title>Client Details by Noddos</title>
+    <meta charset="utf-8">
+    <!--[if lt IE 9]><script src="/luci-static/bootstrap/html5.js?v=git-17.100.70571-29fabe2"></script><![endif]-->
+    <meta name="viewport" content="initial-scale=1.0">
+    <link rel="stylesheet" href="/luci-static/bootstrap/cascade.css?v=git-17.100.70571-29fabe2">
+    <link rel="stylesheet" media="only screen and (max-device-width: 854px)" href="/luci-static/bootstrap/mobile.css?v=git-17.100.70571-29fabe2" type="text/css" />
+    <link rel="shortcut icon" href="/luci-static/bootstrap/favicon.ico">
+    <script src="/luci-static/resources/xhr.js?v=git-17.100.70571-29fabe2"></script>
+  </head>
+  <body text=blue>
+    <h1>Client Details</h1>
+]]
+print (pagetop)
+
+if params["mac"] ~= nil then
+	print ("<table>")
+	for i, key in ipairs{"MacAddress", "Ipv4Address", "Ipv6Address", "DeviceProfileUuid", "DhcpHostname", "DhcpVendor", "SsdpFriendlyName", "SsdpLocation", "SsdpManufacturer", "SsdpModelName", "SsdpModelUrl", "SsdpSerialNumber", "SsdpServer","SsdpUserAgent", "MdnsDeviceUrl", "MdnsHw", "MdnsManufacturer", "MdnsModelName", "MdnsOs", "WsDiscoveryTypes", "WsDiscoveryXaddrs", "DnsQueries"} do
+		print_row(key)
+	end
+	print ("</table>")
+else 
+	print ("no mac address specified")
+end
+
+pagebase = [[<br><br>
+Client Details by
+<a href=http://www.noddos.io>Noddos</a>
+</body></html>
+]]
+
+print (pagebase)
--- a/applications/luci-app-noddos/luasrc/controller/noddos.lua
+++ b/applications/luci-app-noddos/luasrc/controller/noddos.lua
@ -0,0 +1,10 @@
+-- Copyright 2017 Steven Hessing (steven.hessing@gmail.com)
+-- This is free software, licensed under the GNU General Public License v3.
+-- /usr/lib/lua/luci/controller/noddos.lua
+
+module("luci.controller.noddos", package.seeall)
+function index()
+    entry({"admin", "status", "noddos"}, template("noddos/clients"), _("Noddos Clients"), 3)
+    entry({"admin", "network", "noddos"}, cbi("noddos"), _("Noddos Client Tracking"), 55)
+end
+
--- a/applications/luci-app-noddos/luasrc/model/cbi/noddos.lua
+++ b/applications/luci-app-noddos/luasrc/model/cbi/noddos.lua
@ -0,0 +1,46 @@
+-- Copyright 2017 Steven Hessing (steven.hessing@gmail.com)
+-- This is free software, licensed under the GNU General Public License v3.
+-- /usr/lib/lua/luci/model/cbi/noddos.lua
+
+m = Map("noddos", translate("Client Firewall"),
+    translate("Noddos controls traffic from the clients on your network to the Internet. " ..
+        "This helps protect your network, the bandwidth on your Internet connection and " ..
+        "the Internet"))
+
+s = m:section(TypedSection, "noddos", translate("Server Settings"))
+s.anonymous = true
+s.addremove = false
+
+s:option(Flag, "rfc1918",
+    translate("Private networks"),
+    translate("Report traffic to private networks (10/8, 172.16/12, 192.168/16, fd75:6b5d:352c:ed05::/64)")).default=false
+
+s:option(Flag, "upload",
+    translate("Upload anonimized traffic stats"),
+    translate("Uploading your statistics helps improving device recognition " ..
+        "and discovering hacked devices & botnets"))
+
+o = s:option(DynamicList, "whitelistipv4",
+    translate("Excluded IPv4 addresses"),
+    translate("Don't monitor these IPv4 addresses"))
+o.optional = true
+o.placeholder = "127.0.0.1 192.168.1.1"
+o.delimiter = " "
+o.datatype="list(ip4addr)"
+
+o = s:option(DynamicList, "whitelistipv6",
+    translate("Excluded IPv6 addresses"),
+    translate("Don't monitor these IPv6 addresses"))
+o.optional = true
+o.delimiter = " "
+o.datatype="list(ip6addr)"
+
+o = s:option(DynamicList, "whitelistmac",
+    translate("Excluded MAC addresses"),
+    translate("Don't monitor these MAC addresses"))
+o.optional = true
+o.delimiter = " "
+o.datatype="list(macaddr)"
+
+return m
+
--- a/applications/luci-app-noddos/luasrc/view/noddos/clients.htm
+++ b/applications/luci-app-noddos/luasrc/view/noddos/clients.htm
@ -0,0 +1,111 @@
+<%#
+ Copyright (C) 2017 Steven Hessing <steven.hessing@gmail.com>
+  This is free software, licensed under the GNU General Public License v3.
+ /usr/lib/lua/luci/view/clients.htm
+-%>
+
+<%-
+
+    require "nixio.fs"
+    require "os"
+
+    local last_modified = "<boottime>"
+    local style = true
+    local v
+    local devdump
+
+    if nixio.fs.access("/var/lib/noddos/DeviceDump.json") then
+        last_modified = os.date("%c", nixio.fs.stat("/var/lib/noddos/DeviceDump.json")['mtime'])
+        io.input("/var/lib/noddos/DeviceDump.json")
+        t = io.read("*all")
+        devdump = luci.jsonc.parse(t)
+        io.input("/var/lib/noddos/DeviceProfiles.json")
+        t = io.read("*all")
+        temp = luci.jsonc.parse(t)
+        devicevalues = {}
+        for i, v in ipairs(temp) do
+            devicevalues[v.DeviceProfileUuid] = v
+        end
+    end
+-%>
+
+<%+header%>
+
+<div class="cbi-map" id="cbi-network">
+    <h2 name="content"><%:Clients%></h2>
+    <div class="cbi-map-descr"><%:The following clients have been discovered on the network. The last discovery was completed at %><%=last_modified%></div>
+
+    <fieldset class="cbi-section">
+        <legend><%:Recognized Clients%></legend>
+        <div class="cbi-section-node">
+            <table class="cbi-section-table">
+                <tr class="cbi-section-table-titles">
+                    <th class="cbi-section-table-cell"><%:Hostname%></th>
+                    <th class="cbi-section-table-cell"><%:IPv4%></th>
+                    <th class="cbi-section-table-cell"><%:MAC%></th>
+                    <th class="cbi-section-table-cell"><%:Manufacturer%></th>
+                    <th class="cbi-section-table-cell"><%:Model%></th>
+                    <th class="cbi-section-table-cell"><%:Class%></th>
+                </tr>
+
+                <%
+                    for i,v in ipairs(devdump) do
+                        if v.DeviceProfileUuid ~= "" then
+                %>
+                <tr class="cbi-section-table-row cbi-rowstyle-<%=(style and 1 or 2)%>">
+                    <td class="cbi-value-field"><%=v.Hostname%></td>
+                    <td class="cbi-value-field"><%=v.Ipv4Address%></td>
+                    <td class="cbi-value-field"><a href="/cgi-bin/clientdetails?mac=<%=v.MacAddress%>"><%=v.MacAddress%></a></td>
+                    <td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].Manufacturer%></td>
+                    <td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].Model%></td>
+                    <td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].ThingClass%></td>
+                </tr>
+                <%
+                            style=false
+                        end
+                    end
+                %>
+            </table>
+        </div>
+    </fieldset>
+    <br />
+    <fieldset class="cbi-section">
+        <legend><%:Unrecognized Clients%></legend>
+        <div class="cbi-section-node">
+            <table class="cbi-section-table">
+                <tr class="cbi-section-table-titles">
+                    <th class="cbi-section-table-cell"><%:Hostname%></th>
+                    <th class="cbi-section-table-cell"><%:IPv4%></th>
+                    <th class="cbi-section-table-cell"><%:MAC%></th>
+                    <th class="cbi-section-table-cell"><%:Manufacturer%></th>
+                    <th class="cbi-section-table-cell"><%:Model%></th>
+                    <th class="cbi-section-table-cell"><%:DhcpVendor%></th>
+                    <th class="cbi-section-table-cell"><%:DhcpHostname%></th>
+                </tr>
+
+                <%
+                    for i,v in ipairs(devdump) do
+                        if v.DeviceProfileUuid == "" then
+                %>
+                <tr class="cbi-section-table-row cbi-rowstyle-<%=(style and 1 or 2)%>">
+                    <td class="cbi-value-field"><%=v.Hostname%></td>
+                    <td class="cbi-value-field"><%=v.Ipv4Address%></td>
+                    <td class="cbi-value-field"><a href="/cgi-bin/clientdetails?mac=<%=v.MacAddress%>"><%=v.MacAddress%></a></td>
+                    <td class="cbi-value-field"><%=v.SsdpManufacturer%></td>
+                    <td class="cbi-value-field"><%=v.SsdpModelName%></td>
+                    <td class="cbi-value-field"><%=v.DhcpVendor1%></td>
+                    <td class="cbi-value-field"><%=v.DhcpHostname%></td>
+                </tr>
+                <%
+                            style=false
+                        end
+                    end
+                %>
+            </table>
+        </div>
+    </fieldset>
+
+</div>
+
+<%+footer%>
+
--- a/applications/luci-app-noddos/po/ja/noddos.po
+++ b/applications/luci-app-noddos/po/ja/noddos.po
@ -0,0 +1,111 @@
+msgid ""
+msgstr ""
+"Content-Type: text/plain; charset=UTF-8\n"
+"Project-Id-Version: \n"
+"POT-Creation-Date: \n"
+"PO-Revision-Date: \n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Poedit 2.0.4\n"
+"Last-Translator: INAGAKI Hiroshi <musashino.open@gmail.com>\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"Language: ja\n"
+
+msgid "Class"
+msgstr "クラス"
+
+msgid "Client Firewall"
+msgstr "クライアント ファイアウォール"
+
+msgid "Clients"
+msgstr "クライアント"
+
+msgid "DhcpHostname"
+msgstr "DHCP ホスト名"
+
+msgid "DhcpVendor"
+msgstr "DHCP ベンダー"
+
+msgid "Don't monitor these IPv4 addresses"
+msgstr "これらの IPv4 アドレスを監視しません。"
+
+msgid "Don't monitor these IPv6 addresses"
+msgstr "これらの IPv6 アドレスを監視しません。"
+
+msgid "Don't monitor these MAC addresses"
+msgstr "これらの MAC アドレスを監視しません。"
+
+msgid "Excluded IPv4 addresses"
+msgstr "除外する IPv4 アドレス"
+
+msgid "Excluded IPv6 addresses"
+msgstr "除外する IPv6 アドレス"
+
+msgid "Excluded MAC addresses"
+msgstr "除外する MAC アドレス"
+
+msgid "Hostname"
+msgstr "ホスト名"
+
+msgid "IPv4"
+msgstr "IPv4"
+
+msgid "MAC"
+msgstr "MAC"
+
+msgid "Manufacturer"
+msgstr "製造元"
+
+msgid "Model"
+msgstr "モデル"
+
+msgid "Noddos Client Tracking"
+msgstr "Noddos クライアント トラッキング"
+
+msgid "Noddos Clients"
+msgstr "Noddos クライアント"
+
+msgid ""
+"Noddos controls traffic from the clients on your network to the Internet. "
+"This helps protect your network, the bandwidth on your Internet connection "
+"and the Internet"
+msgstr ""
+"Noddos は、ネットワーク内のクライアントからインターネットへのトラフィックを制"
+"御します。これは、ネットワークとインターネット接続の帯域幅、インターネットの"
+"保護に役立ちます。"
+
+msgid "Private networks"
+msgstr "プライベート ネットワーク"
+
+msgid "Recognized Clients"
+msgstr "識別済クライアント"
+
+msgid ""
+"Report traffic to private networks (10/8, 172.16/12, 192.168/16, "
+"fd75:6b5d:352c:ed05::/64)"
+msgstr ""
+"プライベート ネットワークへのトラフィックについてのレポート（10/8, "
+"172.16/12, 192.168/16, fd75:6b5d:352c:ed05::/64）"
+
+msgid "Server Settings"
+msgstr "サーバー設定"
+
+msgid ""
+"The following clients have been discovered on the network. The last "
+"discovery was completed at"
+msgstr ""
+"以下のクライアントがネットワーク内で見つかりました。探索の最終実行日時:"
+
+msgid "Unrecognized Clients"
+msgstr "未識別クライアント"
+
+msgid "Upload anonimized traffic stats"
+msgstr "匿名トラフィック状況のアップロード"
+
+msgid ""
+"Uploading your statistics helps improving device recognition and discovering "
+"hacked devices & botnets"
+msgstr ""
+"デバイスの識別や、ハックされたデバイスとボットネットの発見の改善に役立てるた"
+"め、統計をアップロードします。"
--- a/applications/luci-app-noddos/po/templates/noddos.pot
+++ b/applications/luci-app-noddos/po/templates/noddos.pot
@ -0,0 +1,92 @@
+msgid ""
+msgstr "Content-Type: text/plain; charset=UTF-8"
+
+msgid "Class"
+msgstr ""
+
+msgid "Client Firewall"
+msgstr ""
+
+msgid "Clients"
+msgstr ""
+
+msgid "DhcpHostname"
+msgstr ""
+
+msgid "DhcpVendor"
+msgstr ""
+
+msgid "Don't monitor these IPv4 addresses"
+msgstr ""
+
+msgid "Don't monitor these IPv6 addresses"
+msgstr ""
+
+msgid "Don't monitor these MAC addresses"
+msgstr ""
+
+msgid "Excluded IPv4 addresses"
+msgstr ""
+
+msgid "Excluded IPv6 addresses"
+msgstr ""
+
+msgid "Excluded MAC addresses"
+msgstr ""
+
+msgid "Hostname"
+msgstr ""
+
+msgid "IPv4"
+msgstr ""
+
+msgid "MAC"
+msgstr ""
+
+msgid "Manufacturer"
+msgstr ""
+
+msgid "Model"
+msgstr ""
+
+msgid "Noddos Client Tracking"
+msgstr ""
+
+msgid "Noddos Clients"
+msgstr ""
+
+msgid ""
+"Noddos controls traffic from the clients on your network to the Internet. "
+"This helps protect your network, the bandwidth on your Internet connection "
+"and the Internet"
+msgstr ""
+
+msgid "Private networks"
+msgstr ""
+
+msgid "Recognized Clients"
+msgstr ""
+
+msgid ""
+"Report traffic to private networks (10/8, 172.16/12, 192.168/16, "
+"fd75:6b5d:352c:ed05::/64)"
+msgstr ""
+
+msgid "Server Settings"
+msgstr ""
+
+msgid ""
+"The following clients have been discovered on the network. The last "
+"discovery was completed at"
+msgstr ""
+
+msgid "Unrecognized Clients"
+msgstr ""
+
+msgid "Upload anonimized traffic stats"
+msgstr ""
+
+msgid ""
+"Uploading your statistics helps improving device recognition and discovering "
+"hacked devices & botnets"
+msgstr ""
--- a/applications/luci-app-noddos/root/etc/uci-defaults/40_luci-noddos
+++ b/applications/luci-app-noddos/root/etc/uci-defaults/40_luci-noddos
@ -0,0 +1,14 @@
+#!/bin/sh
+
+# Copyright (C) 2017 Steven Hessing (steven.hessing@live.com)
+# This is free software, licensed under the GNU General Public License v3
+
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@noddos[-1]
+	add ucitrack noddos
+	set ucitrack.@noddos[-1].init=noddos
+	commit ucitrack
+EOF
+
+rm -f /tmp/luci-indexcache
+exit 0