Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #1375 from StevenHessing/luci-app-noddos

Browse source 
luci-app-noddos: Noddos, device-aware cloud-powered firewall (new pac…
This commit is contained in:
Hannu Nyman 2017-10-11 16:35:56 +03:00 committed by GitHub
commit 130785be91
6 changed files with 290 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
applications/luci-app-noddos/Makefile Normal file
View file

@ -0,0 +1,18 @@
# Copyright (C) 2017 Steven Hessing (steven.hessing@gmail.com)
# Based on initial implementation by Stan Grishin (stangri@melmac.net)
# This is free software, licensed under the GNU General Public License v3.
include $(TOPDIR)/rules.mk
PKG_LICENSE:=GPLv3
PKG_MAINTAINER:=Steven Hessing <steven.hessing@gmail.com>
LUCI_TITLE:=Noddos Service Web UI
LUCI_DESCRIPTION:=Provides Web UI for Noddos service.
LUCI_DEPENDS:=+luci +noddos
LUCI_PKGARCH:=all
PKG_RELEASE:=1
include ../../luci.mk
# call BuildPackage - OpenWrt buildroot signature

91
applications/luci-app-noddos/htdocs/cgi-bin/clientdetails Executable file
View file

@ -0,0 +1,91 @@
#!/usr/bin/lua
-- clientdetails.lua : Provides details about client devices discovered by Noddos
-- Copyright (C) 2017 Steven Hessing (steven.hessing@gmail.com)
-- This is free software, licensed under the GNU General Public License v3.
require "nixio.fs"
print ("Content-type: Text/html\n")
local info = os.getenv("QUERY_STRING")
local params = {}
local echo = {}
function print_row(key)
print ("<tr><th>")
print (key)
print ("</th><td>")
print (device[key])
print ("</td></tr>")
end
for name, value in string.gmatch(info .. '&', '(.-)%=(.-)%&') do
value = string.gsub(value , '%+', ' ')
value = string.gsub(value , '%%(%x%x)', function(dpc)
return string.char(tonumber(dpc,16))
end )
params[name] = value
value = string.gsub(value, "%&", "&amp;")
value = string.gsub(value, "%<", "&lt;")
value = string.gsub(value, '%"', "&quot;")
echo[name] = value
end
device = {}
profile = {}
if nixio.fs.access("/var/lib/noddos/DeviceDump.json") then
io.input("/var/lib/noddos/DeviceDump.json")
local t = io.read("*all")
local json = require "luci.jsonc"
local devdump = json.parse(t)
for i, v in ipairs(devdump) do
if v.MacAddress == params["mac"] then
device = v
end
end
io.input("/var/lib/noddos/DeviceProfiles.json")
t = io.read("*all")
local temp = json.parse(t)
for i, v in ipairs(temp) do
if device.DeviceProfileUuid == v.DeviceProfileUuid then
profile = v
end
end
end
pagetop = [[
<html>
<head>
<title>Client Details by Noddos</title>
<meta charset="utf-8">
<!--[if lt IE 9]><script src="/luci-static/bootstrap/html5.js?v=git-17.100.70571-29fabe2"></script><![endif]-->
<meta name="viewport" content="initial-scale=1.0">
<link rel="stylesheet" href="/luci-static/bootstrap/cascade.css?v=git-17.100.70571-29fabe2">
<link rel="stylesheet" media="only screen and (max-device-width: 854px)" href="/luci-static/bootstrap/mobile.css?v=git-17.100.70571-29fabe2" type="text/css" />
<link rel="shortcut icon" href="/luci-static/bootstrap/favicon.ico">
<script src="/luci-static/resources/xhr.js?v=git-17.100.70571-29fabe2"></script>
</head>
<body text=blue>
<h1>Client Details</h1>
]]
print (pagetop)
if params["mac"] ~= nil then
print ("<table>")
for i, key in ipairs{"MacAddress", "Ipv4Address", "Ipv6Address", "DeviceProfileUuid", "DhcpHostname", "DhcpVendor", "SsdpFriendlyName", "SsdpLocation", "SsdpManufacturer", "SsdpModelName", "SsdpModelUrl", "SsdpSerialNumber", "SsdpServer","SsdpUserAgent", "MdnsDeviceUrl", "MdnsHw", "MdnsManufacturer", "MdnsModelName", "MdnsOs", "WsDiscoveryTypes", "WsDiscoveryXaddrs", "DnsQueries"} do
print_row(key)
end
print ("</table>")
else
print ("no mac address specified")
end
pagebase = [[<br><br>
Client Details by
<a href=http://www.noddos.io>Noddos</a>
</body></html>
]]
print (pagebase)

10
applications/luci-app-noddos/luasrc/controller/noddos.lua Normal file
View file

@ -0,0 +1,10 @@
-- Copyright 2017 Steven Hessing (steven.hessing@gmail.com)
-- This is free software, licensed under the GNU General Public License v3.
-- /usr/lib/lua/luci/controller/noddos.lua
module("luci.controller.noddos", package.seeall)
function index()
entry({"admin", "status", "noddos"}, template("noddos/clients"), _("Noddos Clients"), 3)
entry({"admin", "network", "noddos"}, cbi("noddos"), _("Noddos Client Tracking"), 55)
end

46
applications/luci-app-noddos/luasrc/model/cbi/noddos.lua Normal file
View file

@ -0,0 +1,46 @@
-- Copyright 2017 Steven Hessing (steven.hessing@gmail.com)
-- This is free software, licensed under the GNU General Public License v3.
-- /usr/lib/lua/luci/model/cbi/noddos.lua
m = Map("noddos", translate("Client Firewall"),
translate("Noddos controls traffic from the clients on your network to the Internet. " ..
"This helps protect your network, the bandwidth on your Internet connection and " ..
"the Internet"))
s = m:section(TypedSection, "noddos", translate("Server Settings"))
s.anonymous = true
s.addremove = false
s:option(Flag, "rfc1918",
translate("Private networks"),
translate("Report traffic to private networks (10/8, 172.16/12, 192.168/16, fd75:6b5d:352c:ed05::/64)")).default=false
s:option(Flag, "upload",
translate("Upload anonimized traffic stats"),
translate("Uploading your statistics helps improving device recognition " ..
"and discovering hacked devices & botnets"))
o = s:option(DynamicList, "whitelistipv4",
translate("Excluded IPv4 addresses"),
translate("Don't monitor these IPv4 addresses"))
o.optional = true
o.placeholder = "127.0.0.1 192.168.1.1"
o.delimiter = " "
o.datatype="list(ip4addr)"
o = s:option(DynamicList, "whitelistipv6",
translate("Excluded IPv6 addresses"),
translate("Don't monitor these IPv6 addresses"))
o.optional = true
o.delimiter = " "
o.datatype="list(ip6addr)"
o = s:option(DynamicList, "whitelistmac",
translate("Excluded MAC addresses"),
translate("Don't monitor these MAC addresses"))
o.optional = true
o.delimiter = " "
o.datatype="list(macaddr)"
return m

111
applications/luci-app-noddos/luasrc/view/noddos/clients.htm Normal file
View file

@ -0,0 +1,111 @@
<%#
Copyright (C) 2017 Steven Hessing <steven.hessing@gmail.com>
This is free software, licensed under the GNU General Public License v3.
/usr/lib/lua/luci/view/clients.htm
-%>
<%-
require "nixio.fs"
require "os"
local last_modified = "<boottime>"
local style = true
local v
local devdump
if nixio.fs.access("/var/lib/noddos/DeviceDump.json") then
last_modified = os.date("%c", nixio.fs.stat("/var/lib/noddos/DeviceDump.json")['mtime'])
io.input("/var/lib/noddos/DeviceDump.json")
t = io.read("*all")
devdump = luci.jsonc.parse(t)
io.input("/var/lib/noddos/DeviceProfiles.json")
t = io.read("*all")
temp = luci.jsonc.parse(t)
devicevalues = {}
for i, v in ipairs(temp) do
devicevalues[v.DeviceProfileUuid] = v
end
end
-%>
<%+header%>
<div class="cbi-map" id="cbi-network">
<h2 name="content"><%:Clients%></h2>
<div class="cbi-map-descr"><%:The following clients have been discovered on the network. The last discovery was completed at %><%=last_modified%></div>
<fieldset class="cbi-section">
<legend>Recognized Clients</legend>
<div class="cbi-section-node">
<table class="cbi-section-table">
<tr class="cbi-section-table-titles">
<th class="cbi-section-table-cell">Hostname</th>
<th class="cbi-section-table-cell">IPv4</th>
<th class="cbi-section-table-cell">MAC</th>
<th class="cbi-section-table-cell">Manufacturer</th>
<th class="cbi-section-table-cell">Model</th>
<th class="cbi-section-table-cell">Class</th>
</tr>
<%
for i,v in ipairs(devdump) do
if v.DeviceProfileUuid ~= "" then
%>
<tr class="cbi-section-table-row cbi-rowstyle-<%=(style and 1 or 2)%>">
<td class="cbi-value-field"><%=v.Hostname%></td>
<td class="cbi-value-field"><%=v.Ipv4Address%></td>
<td class="cbi-value-field"><a href="/cgi-bin/clientdetails?mac=<%=v.MacAddress%>"><%=v.MacAddress%></a></td>
<td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].Manufacturer%></td>
<td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].Model%></td>
<td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].ThingClass%></td>
</tr>
<%
style=false
end
end
%>
</table>
</div>
</fieldset>
<br />
<fieldset class="cbi-section">
<legend>Unrecognized Clients</legend>
<div class="cbi-section-node">
<table class="cbi-section-table">
<tr class="cbi-section-table-titles">
<th class="cbi-section-table-cell">Hostname</th>
<th class="cbi-section-table-cell">IPv4</th>
<th class="cbi-section-table-cell">MAC</th>
<th class="cbi-section-table-cell">Manufacturer</th>
<th class="cbi-section-table-cell">Model</th>
<th class="cbi-section-table-cell">DhcpVendor</th>
<th class="cbi-section-table-cell">DhcpHostname</th>
</tr>
<%
for i,v in ipairs(devdump) do
if v.DeviceProfileUuid == "" then
%>
<tr class="cbi-section-table-row cbi-rowstyle-<%=(style and 1 or 2)%>">
<td class="cbi-value-field"><%=v.Hostname%></td>
<td class="cbi-value-field"><%=v.Ipv4Address%></td>
<td class="cbi-value-field"><a href="/cgi-bin/clientdetails?mac=<%=v.MacAddress%>"><%=v.MacAddress%></a></td>
<td class="cbi-value-field"><%=v.SsdpManufacturer%></td>
<td class="cbi-value-field"><%=v.SsdpModelName%></td>
<td class="cbi-value-field"><%=v.DhcpVendor1%></td>
<td class="cbi-value-field"><%=v.DhcpHostname%></td>
</tr>
<%
style=false
end
end
%>
</table>
</div>
</fieldset>
</div>
<%+footer%>

14
applications/luci-app-noddos/root/etc/uci-defaults/40_luci-noddos Normal file
View file

@ -0,0 +1,14 @@
#!/bin/sh
# Copyright (C) 2017 Steven Hessing (steven.hessing@live.com)
# This is free software, licensed under the GNU General Public License v3
uci -q batch <<-EOF >/dev/null
delete ucitrack.@noddos[-1]
add ucitrack noddos
set ucitrack.@noddos[-1].init=noddos
commit ucitrack
EOF
rm -f /tmp/luci-indexcache
exit 0