python/jc
1
0
Fork 0
mirror of https://github.com/kellyjonbrazil/jc.git synced 2025-07-13 01:20:24 +02:00
Code Issues Releases Activity

add support for rule comments and LIMIT and REJECT actions

Browse Source
This commit is contained in:
Kelly Brazil
2021-04-21 16:55:14 -07:00
parent f638aca092
commit 74f623f8d6
5 changed files with 43 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/parsers/ufw.md
View File

@ -43,7 +43,8 @@ Schema:
"from_transport": string, # null if from_service is set
"from_start_port": integer, # null if from_service is set
"from_end_port": integer, # null if from_service is set
"from_service": string # null if any above are set
"from_service": string, # null if any above are set
"comment": string # null if no comment
}
]
}
@ -70,6 +71,7 @@ Examples:
"to_service": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -90,6 +92,7 @@ Examples:
"to_service": null,
"to_ip": "::",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -110,6 +113,7 @@ Examples:
"to_end_port": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -130,6 +134,7 @@ Examples:
"to_start_port": 0,
"to_end_port": 65535,
"to_service": null,
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -150,6 +155,7 @@ Examples:
"to_start_port": 0,
"to_end_port": 65535,
"to_service": null,
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -181,6 +187,7 @@ Examples:
"to_service": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -201,6 +208,7 @@ Examples:
"to_service": null,
"to_ip": "::",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -221,6 +229,7 @@ Examples:
"to_end_port": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -241,6 +250,7 @@ Examples:
"to_start_port": "0",
"to_end_port": "65535",
"to_service": null,
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -261,6 +271,7 @@ Examples:
"to_start_port": "0",
"to_end_port": "65535",
"to_service": null,
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",

25
jc/parsers/ufw.py
View File

@ -40,7 +40,8 @@ Schema:
"from_transport": string, # null if from_service is set
"from_start_port": integer, # null if from_service is set
"from_end_port": integer, # null if from_service is set
"from_service": string # null if any above are set
"from_service": string, # null if any above are set
"comment": string # null if no comment
}
]
}
@ -67,6 +68,7 @@ Examples:
"to_service": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -87,6 +89,7 @@ Examples:
"to_service": null,
"to_ip": "::",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -107,6 +110,7 @@ Examples:
"to_end_port": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -127,6 +131,7 @@ Examples:
"to_start_port": 0,
"to_end_port": 65535,
"to_service": null,
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -147,6 +152,7 @@ Examples:
"to_start_port": 0,
"to_end_port": 65535,
"to_service": null,
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -178,6 +184,7 @@ Examples:
"to_service": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -198,6 +205,7 @@ Examples:
"to_service": null,
"to_ip": "::",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -218,6 +226,7 @@ Examples:
"to_end_port": null,
"to_ip": "0.0.0.0",
"to_ip_prefix": "0",
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -238,6 +247,7 @@ Examples:
"to_start_port": "0",
"to_end_port": "65535",
"to_service": null,
"comment": null,
"from_ip": "::",
"from_ip_prefix": "0",
"from_interface": "any",
@ -258,6 +268,7 @@ Examples:
"to_start_port": "0",
"to_end_port": "65535",
"to_service": null,
"comment": null,
"from_ip": "0.0.0.0",
"from_ip_prefix": "0",
"from_interface": "any",
@ -329,6 +340,16 @@ def _parse_to_from(linedata, direction, rule_obj=None):
else:
rule_obj['index'] = None
# pull out comments, if they exist
if direction == 'from':
RE_COMMENT = re.compile(r'#.+$')
comment_match = re.search(RE_COMMENT, linedata)
if comment_match:
rule_obj['comment'] = comment_match.group(0).lstrip('#').strip()
linedata = re.sub(RE_COMMENT, '', linedata)
else:
rule_obj['comment'] = None
# pull (v6)
RE_V6 = re.compile(r'\(v6\)')
v6_match = re.search(RE_V6, linedata)
@ -481,7 +502,7 @@ def parse(data, raw=False, quiet=False):
# Split on action. Left of Action is 'to', right of Action is 'from'
rule_obj = {}
splitline = re.split(r'(ALLOW IN|ALLOW OUT|DENY IN|DENY OUT|ALLOW|DENY)', line)
splitline = re.split(r'(ALLOW IN|ALLOW OUT|ALLOW FWD|DENY IN|DENY OUT|DENY FWD|LIMIT IN|LIMIT OUT|LIMIT FWD|REJECT IN|REJECT OUT|REJECT FWD|ALLOW|DENY|LIMIT|REJECT)', line)
to_line = splitline[0]
action_line = splitline[1]
action_list = action_line.split()

2
tests/fixtures/generic/ufw-numbered.json vendored
View File

File diff suppressed because one or more lines are too long

2
tests/fixtures/generic/ufw.json vendored
View File

File diff suppressed because one or more lines are too long

12
tests/fixtures/generic/ufw.out vendored
View File

@ -7,16 +7,16 @@ To Action From
-- ------ ----
22/tcp ALLOW IN Anywhere
22/tcp (v6) ALLOW OUT Anywhere (v6)
443/tcp DENY 192.168.0.1
443/tcp DENY 192.168.0.1 # nice comment
443/udp DENY OUT 192.168.0.7 8080:8081
22/tcp ALLOW 192.168.0.0/24
22/udp ALLOW 192.168.0.0/24 8080:8081 on en0
22/tcp (v6) ALLOW IN 2405:204:7449:49fc:f09a:6f4a:bc93:1955/64 on en1
22/tcp (v6) ALLOW FWD 2405:204:7449:49fc:f09a:6f4a:bc93:1955/64 on en1 #commenting this rule
80 ALLOW IN Anywhere
8080 (v6) ALLOW IN Anywhere (v6)
Apache Full ALLOW IN Anywhere
8080 (v6) REJECT IN Anywhere (v6)
Apache Full ALLOW IN Anywhere # a comment
Apache Full (v6) ALLOW IN Anywhere (v6)
OpenSSH (v6) DENY IN Anywhere (v6)
10.10.10.10 8080 on enp34s0 ALLOW 127.0.0.1 8000
50200:50300/tcp (v6) ALLOW Anywhere (v6)
Anywhere (v6) ALLOW IN 2405:204:7449:49fc:f09a:6f4a:bc93:1955
50200:50300/tcp (v6) DENY FWD Anywhere (v6)
Anywhere (v6) LIMIT 2405:204:7449:49fc:f09a:6f4a:bc93:1955 # this is a comment