diff options
author | Steven Hessing <steven.hessing@gmail.com> | 2017-09-21 22:08:43 -0700 |
---|---|---|
committer | Steven Hessing <steven.hessing@gmail.com> | 2017-10-01 06:44:13 -0700 |
commit | 3b23203ce95c48a08b417a303ee8c6dc47f6eb60 (patch) | |
tree | da05505b65ccd4f31880dcbc2c67416331e7fa74 | |
parent | 72b90c0a10678392692bd6b99301daba8792258a (diff) |
luci-app-noddos: Noddos, device-aware cloud-powered firewall (new package)
Signed-off-by: Steven Hessing <steven.hessing@gmail.com>
6 files changed, 290 insertions, 0 deletions
diff --git a/applications/luci-app-noddos/Makefile b/applications/luci-app-noddos/Makefile new file mode 100644 index 0000000000..4c2b9044a9 --- /dev/null +++ b/applications/luci-app-noddos/Makefile @@ -0,0 +1,18 @@ +# Copyright (C) 2017 Steven Hessing (steven.hessing@gmail.com) +# Based on initial implementation by Stan Grishin (stangri@melmac.net) +# This is free software, licensed under the GNU General Public License v3. + +include $(TOPDIR)/rules.mk + +PKG_LICENSE:=GPLv3 +PKG_MAINTAINER:=Steven Hessing <steven.hessing@gmail.com> + +LUCI_TITLE:=Noddos Service Web UI +LUCI_DESCRIPTION:=Provides Web UI for Noddos service. +LUCI_DEPENDS:=+luci +noddos +LUCI_PKGARCH:=all +PKG_RELEASE:=1 + +include ../../luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/applications/luci-app-noddos/htdocs/cgi-bin/clientdetails b/applications/luci-app-noddos/htdocs/cgi-bin/clientdetails new file mode 100755 index 0000000000..6ff4ce59f2 --- /dev/null +++ b/applications/luci-app-noddos/htdocs/cgi-bin/clientdetails @@ -0,0 +1,91 @@ +#!/usr/bin/lua + +-- clientdetails.lua : Provides details about client devices discovered by Noddos +-- Copyright (C) 2017 Steven Hessing (steven.hessing@gmail.com) +-- This is free software, licensed under the GNU General Public License v3. + +require "nixio.fs" + +print ("Content-type: Text/html\n") +local info = os.getenv("QUERY_STRING") + +local params = {} +local echo = {} + +function print_row(key) + print ("<tr><th>") + print (key) + print ("</th><td>") + print (device[key]) + print ("</td></tr>") +end + +for name, value in string.gmatch(info .. '&', '(.-)%=(.-)%&') do + value = string.gsub(value , '%+', ' ') + value = string.gsub(value , '%%(%x%x)', function(dpc) + return string.char(tonumber(dpc,16)) + end ) + params[name] = value + + value = string.gsub(value, "%&", "&") + value = string.gsub(value, "%<", "<") + value = string.gsub(value, '%"', """) + echo[name] = value +end + +device = {} +profile = {} + +if nixio.fs.access("/var/lib/noddos/DeviceDump.json") then + io.input("/var/lib/noddos/DeviceDump.json") + local t = io.read("*all") + local json = require "luci.jsonc" + local devdump = json.parse(t) + for i, v in ipairs(devdump) do + if v.MacAddress == params["mac"] then + device = v + end + end + io.input("/var/lib/noddos/DeviceProfiles.json") + t = io.read("*all") + local temp = json.parse(t) + for i, v in ipairs(temp) do + if device.DeviceProfileUuid == v.DeviceProfileUuid then + profile = v + end + end +end +pagetop = [[ +<html> + <head> + <title>Client Details by Noddos</title> + <meta charset="utf-8"> + <!--[if lt IE 9]><script src="/luci-static/bootstrap/html5.js?v=git-17.100.70571-29fabe2"></script><![endif]--> + <meta name="viewport" content="initial-scale=1.0"> + <link rel="stylesheet" href="/luci-static/bootstrap/cascade.css?v=git-17.100.70571-29fabe2"> + <link rel="stylesheet" media="only screen and (max-device-width: 854px)" href="/luci-static/bootstrap/mobile.css?v=git-17.100.70571-29fabe2" type="text/css" /> + <link rel="shortcut icon" href="/luci-static/bootstrap/favicon.ico"> + <script src="/luci-static/resources/xhr.js?v=git-17.100.70571-29fabe2"></script> + </head> + <body text=blue> + <h1>Client Details</h1> +]] +print (pagetop) + +if params["mac"] ~= nil then + print ("<table>") + for i, key in ipairs{"MacAddress", "Ipv4Address", "Ipv6Address", "DeviceProfileUuid", "DhcpHostname", "DhcpVendor", "SsdpFriendlyName", "SsdpLocation", "SsdpManufacturer", "SsdpModelName", "SsdpModelUrl", "SsdpSerialNumber", "SsdpServer","SsdpUserAgent", "MdnsDeviceUrl", "MdnsHw", "MdnsManufacturer", "MdnsModelName", "MdnsOs", "WsDiscoveryTypes", "WsDiscoveryXaddrs", "DnsQueries"} do + print_row(key) + end + print ("</table>") +else + print ("no mac address specified") +end + +pagebase = [[<br><br> +Client Details by +<a href=http://www.noddos.io>Noddos</a> +</body></html> +]] + +print (pagebase) diff --git a/applications/luci-app-noddos/luasrc/controller/noddos.lua b/applications/luci-app-noddos/luasrc/controller/noddos.lua new file mode 100644 index 0000000000..c45e24bc97 --- /dev/null +++ b/applications/luci-app-noddos/luasrc/controller/noddos.lua @@ -0,0 +1,10 @@ +-- Copyright 2017 Steven Hessing (steven.hessing@gmail.com) +-- This is free software, licensed under the GNU General Public License v3. +-- /usr/lib/lua/luci/controller/noddos.lua + +module("luci.controller.noddos", package.seeall) +function index() + entry({"admin", "status", "noddos"}, template("noddos/clients"), _("Noddos Clients"), 3) + entry({"admin", "network", "noddos"}, cbi("noddos"), _("Noddos Client Tracking"), 55) +end + diff --git a/applications/luci-app-noddos/luasrc/model/cbi/noddos.lua b/applications/luci-app-noddos/luasrc/model/cbi/noddos.lua new file mode 100644 index 0000000000..3abb73bc66 --- /dev/null +++ b/applications/luci-app-noddos/luasrc/model/cbi/noddos.lua @@ -0,0 +1,46 @@ +-- Copyright 2017 Steven Hessing (steven.hessing@gmail.com) +-- This is free software, licensed under the GNU General Public License v3. +-- /usr/lib/lua/luci/model/cbi/noddos.lua + +m = Map("noddos", translate("Client Firewall"), + translate("Noddos controls traffic from the clients on your network to the Internet. " .. + "This helps protect your network, the bandwidth on your Internet connection and " .. + "the Internet")) + +s = m:section(TypedSection, "noddos", translate("Server Settings")) +s.anonymous = true +s.addremove = false + +s:option(Flag, "rfc1918", + translate("Private networks"), + translate("Report traffic to private networks (10/8, 172.16/12, 192.168/16, fd75:6b5d:352c:ed05::/64)")).default=false + +s:option(Flag, "upload", + translate("Upload anonimized traffic stats"), + translate("Uploading your statistics helps improving device recognition " .. + "and discovering hacked devices & botnets")) + +o = s:option(DynamicList, "whitelistipv4", + translate("Excluded IPv4 addresses"), + translate("Don't monitor these IPv4 addresses")) +o.optional = true +o.placeholder = "127.0.0.1 192.168.1.1" +o.delimiter = " " +o.datatype="list(ip4addr)" + +o = s:option(DynamicList, "whitelistipv6", + translate("Excluded IPv6 addresses"), + translate("Don't monitor these IPv6 addresses")) +o.optional = true +o.delimiter = " " +o.datatype="list(ip6addr)" + +o = s:option(DynamicList, "whitelistmac", + translate("Excluded MAC addresses"), + translate("Don't monitor these MAC addresses")) +o.optional = true +o.delimiter = " " +o.datatype="list(macaddr)" + +return m + diff --git a/applications/luci-app-noddos/luasrc/view/noddos/clients.htm b/applications/luci-app-noddos/luasrc/view/noddos/clients.htm new file mode 100644 index 0000000000..45c9ca8c1e --- /dev/null +++ b/applications/luci-app-noddos/luasrc/view/noddos/clients.htm @@ -0,0 +1,111 @@ +<%# + Copyright (C) 2017 Steven Hessing <steven.hessing@gmail.com> + This is free software, licensed under the GNU General Public License v3. + /usr/lib/lua/luci/view/clients.htm +-%> + +<%- + + require "nixio.fs" + require "os" + + local last_modified = "<boottime>" + local style = true + local v + local devdump + + if nixio.fs.access("/var/lib/noddos/DeviceDump.json") then + last_modified = os.date("%c", nixio.fs.stat("/var/lib/noddos/DeviceDump.json")['mtime']) + io.input("/var/lib/noddos/DeviceDump.json") + t = io.read("*all") + devdump = luci.jsonc.parse(t) + io.input("/var/lib/noddos/DeviceProfiles.json") + t = io.read("*all") + temp = luci.jsonc.parse(t) + devicevalues = {} + for i, v in ipairs(temp) do + devicevalues[v.DeviceProfileUuid] = v + end + end +-%> + +<%+header%> + +<div class="cbi-map" id="cbi-network"> + <h2 name="content"><%:Clients%></h2> + <div class="cbi-map-descr"><%:The following clients have been discovered on the network. The last discovery was completed at %><%=last_modified%></div> + + <fieldset class="cbi-section"> + <legend>Recognized Clients</legend> + <div class="cbi-section-node"> + <table class="cbi-section-table"> + <tr class="cbi-section-table-titles"> + <th class="cbi-section-table-cell">Hostname</th> + <th class="cbi-section-table-cell">IPv4</th> + <th class="cbi-section-table-cell">MAC</th> + <th class="cbi-section-table-cell">Manufacturer</th> + <th class="cbi-section-table-cell">Model</th> + <th class="cbi-section-table-cell">Class</th> + </tr> + + <% + for i,v in ipairs(devdump) do + if v.DeviceProfileUuid ~= "" then + %> + <tr class="cbi-section-table-row cbi-rowstyle-<%=(style and 1 or 2)%>"> + <td class="cbi-value-field"><%=v.Hostname%></td> + <td class="cbi-value-field"><%=v.Ipv4Address%></td> + <td class="cbi-value-field"><a href="/cgi-bin/clientdetails?mac=<%=v.MacAddress%>"><%=v.MacAddress%></a></td> + <td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].Manufacturer%></td> + <td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].Model%></td> + <td class="cbi-value-field"><%=devicevalues[v.DeviceProfileUuid].ThingClass%></td> + </tr> + <% + style=false + end + end + %> + </table> + </div> + </fieldset> + <br /> + <fieldset class="cbi-section"> + <legend>Unrecognized Clients</legend> + <div class="cbi-section-node"> + <table class="cbi-section-table"> + <tr class="cbi-section-table-titles"> + <th class="cbi-section-table-cell">Hostname</th> + <th class="cbi-section-table-cell">IPv4</th> + <th class="cbi-section-table-cell">MAC</th> + <th class="cbi-section-table-cell">Manufacturer</th> + <th class="cbi-section-table-cell">Model</th> + <th class="cbi-section-table-cell">DhcpVendor</th> + <th class="cbi-section-table-cell">DhcpHostname</th> + </tr> + + <% + for i,v in ipairs(devdump) do + if v.DeviceProfileUuid == "" then + %> + <tr class="cbi-section-table-row cbi-rowstyle-<%=(style and 1 or 2)%>"> + <td class="cbi-value-field"><%=v.Hostname%></td> + <td class="cbi-value-field"><%=v.Ipv4Address%></td> + <td class="cbi-value-field"><a href="/cgi-bin/clientdetails?mac=<%=v.MacAddress%>"><%=v.MacAddress%></a></td> + <td class="cbi-value-field"><%=v.SsdpManufacturer%></td> + <td class="cbi-value-field"><%=v.SsdpModelName%></td> + <td class="cbi-value-field"><%=v.DhcpVendor1%></td> + <td class="cbi-value-field"><%=v.DhcpHostname%></td> + </tr> + <% + style=false + end + end + %> + </table> + </div> + </fieldset> + +</div> + +<%+footer%> + diff --git a/applications/luci-app-noddos/root/etc/uci-defaults/40_luci-noddos b/applications/luci-app-noddos/root/etc/uci-defaults/40_luci-noddos new file mode 100644 index 0000000000..17abbc41ca --- /dev/null +++ b/applications/luci-app-noddos/root/etc/uci-defaults/40_luci-noddos @@ -0,0 +1,14 @@ +#!/bin/sh + +# Copyright (C) 2017 Steven Hessing (steven.hessing@live.com) +# This is free software, licensed under the GNU General Public License v3 + +uci -q batch <<-EOF >/dev/null + delete ucitrack.@noddos[-1] + add ucitrack noddos + set ucitrack.@noddos[-1].init=noddos + commit ucitrack +EOF + +rm -f /tmp/luci-indexcache +exit 0 |