python/jc
1
0
Fork 0
mirror of https://github.com/kellyjonbrazil/jc.git synced 2025-06-19 00:17:51 +02:00
Code Issues Releases Activity

process iptables data

Browse Source
This commit is contained in:
Kelly Brazil
2019-11-04 16:59:14 -08:00
parent 7ee0d49424
commit 9e5cd90da7
1 changed files with 131 additions and 261 deletions
Download Patch File Download Diff File Expand all files Collapse all files

392
jc/parsers/iptables.py
View File

@ -7,316 +7,118 @@ Usage:
Examples: Examples:
$ sudo iptables -L -t nat | jc --iptables -p $ sudo iptables --line-numbers -v -L -t nat | jc --iptables -p
[ [
{ {
"chain": "PREROUTING", "chain": "PREROUTING",
"rules": [ "rules": [
{ {
"num": 1,
"pkts": 2183,
"bytes": 186000,
"target": "PREROUTING_direct", "target": "PREROUTING_direct",
"prot": "all", "prot": "all",
"opt": "--", "opt": null,
"in": "any",
"out": "any",
"source": "anywhere", "source": "anywhere",
"destination": "anywhere" "destination": "anywhere"
}, },
{ {
"num": 2,
"pkts": 2183,
"bytes": 186000,
"target": "PREROUTING_ZONES_SOURCE", "target": "PREROUTING_ZONES_SOURCE",
"prot": "all", "prot": "all",
"opt": "--", "opt": null,
"in": "any",
"out": "any",
"source": "anywhere", "source": "anywhere",
"destination": "anywhere" "destination": "anywhere"
}, },
{ {
"num": 3,
"pkts": 2183,
"bytes": 186000,
"target": "PREROUTING_ZONES", "target": "PREROUTING_ZONES",
"prot": "all", "prot": "all",
"opt": "--", "opt": null,
"in": "any",
"out": "any",
"source": "anywhere", "source": "anywhere",
"destination": "anywhere" "destination": "anywhere"
}, },
{ {
"num": 4,
"pkts": 0,
"bytes": 0,
"target": "DOCKER", "target": "DOCKER",
"prot": "all", "prot": "all",
"opt": "--", "opt": null,
"in": "any",
"out": "any",
"source": "anywhere", "source": "anywhere",
"destination": "anywhere", "destination": "anywhere",
"options": "ADDRTYPE match dst-type LOCAL" "options": "ADDRTYPE match dst-type LOCAL"
} }
] ]
}, },
{
"chain": "INPUT",
"rules": []
},
{
"chain": "OUTPUT",
"rules": [
{
"target": "OUTPUT_direct",
"prot": "all",
"opt": "--",
"source": "anywhere",
"destination": "anywhere"
},
{
"target": "DOCKER",
"prot": "all",
"opt": "--",
"source": "anywhere",
"destination": "!loopback/8",
"options": "ADDRTYPE match dst-type LOCAL"
}
]
},
... ...
] ]
$ sudo iptables -vnL -t filter | jc --iptables -p $ sudo iptables --line-numbers -v -L -t nat | jc --iptables -p -r
[ [
{ {
"chain": "INPUT", "chain": "PREROUTING",
"rules": [ "rules": [
{ {
"pkts": "1571", "num": "1",
"bytes": "3394K", "pkts": "2183",
"target": "ACCEPT", "bytes": "186K",
"target": "PREROUTING_direct",
"prot": "all", "prot": "all",
"opt": "--", "opt": "--",
"in": "*", "in": "any",
"out": "*", "out": "any",
"source": "0.0.0.0/0", "source": "anywhere",
"destination": "0.0.0.0/0", "destination": "anywhere"
"options": "ctstate RELATED,ESTABLISHED"
}, },
{ {
"pkts": "0", "num": "2",
"bytes": "0", "pkts": "2183",
"target": "ACCEPT", "bytes": "186K",
"target": "PREROUTING_ZONES_SOURCE",
"prot": "all", "prot": "all",
"opt": "--", "opt": "--",
"in": "lo", "in": "any",
"out": "*", "out": "any",
"source": "0.0.0.0/0", "source": "anywhere",
"destination": "0.0.0.0/0" "destination": "anywhere"
}, },
{ {
"pkts": "711", "num": "3",
"bytes": "60126", "pkts": "2183",
"target": "INPUT_direct", "bytes": "186K",
"target": "PREROUTING_ZONES",
"prot": "all", "prot": "all",
"opt": "--", "opt": "--",
"in": "*", "in": "any",
"out": "*", "out": "any",
"source": "0.0.0.0/0", "source": "anywhere",
"destination": "0.0.0.0/0" "destination": "anywhere"
},
{
"pkts": "711",
"bytes": "60126",
"target": "INPUT_ZONES_SOURCE",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "711",
"bytes": "60126",
"target": "INPUT_ZONES",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "DROP",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0",
"options": "ctstate INVALID"
},
{
"pkts": "710",
"bytes": "60078",
"target": "REJECT",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0",
"options": "reject-with icmp-host-prohibited"
}
]
},
{
"chain": "FORWARD",
"rules": [
{
"pkts": "0",
"bytes": "0",
"target": "DOCKER-ISOLATION",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
}, },
{ {
"num": "4",
"pkts": "0", "pkts": "0",
"bytes": "0", "bytes": "0",
"target": "DOCKER", "target": "DOCKER",
"prot": "all", "prot": "all",
"opt": "--", "opt": "--",
"in": "*", "in": "any",
"out": "docker0", "out": "any",
"source": "0.0.0.0/0", "source": "anywhere",
"destination": "0.0.0.0/0" "destination": "anywhere",
}, "options": "ADDRTYPE match dst-type LOCAL"
{
"pkts": "0",
"bytes": "0",
"target": "ACCEPT",
"prot": "all",
"opt": "--",
"in": "*",
"out": "docker0",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0",
"options": "ctstate RELATED,ESTABLISHED"
},
{
"pkts": "0",
"bytes": "0",
"target": "ACCEPT",
"prot": "all",
"opt": "--",
"in": "docker0",
"out": "!docker0",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "ACCEPT",
"prot": "all",
"opt": "--",
"in": "docker0",
"out": "docker0",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "ACCEPT",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0",
"options": "ctstate RELATED,ESTABLISHED"
},
{
"pkts": "0",
"bytes": "0",
"target": "ACCEPT",
"prot": "all",
"opt": "--",
"in": "lo",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "FORWARD_direct",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "FORWARD_IN_ZONES_SOURCE",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "FORWARD_IN_ZONES",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "FORWARD_OUT_ZONES_SOURCE",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "FORWARD_OUT_ZONES",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0"
},
{
"pkts": "0",
"bytes": "0",
"target": "DROP",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0",
"options": "ctstate INVALID"
},
{
"pkts": "0",
"bytes": "0",
"target": "REJECT",
"prot": "all",
"opt": "--",
"in": "*",
"out": "*",
"source": "0.0.0.0/0",
"destination": "0.0.0.0/0",
"options": "reject-with icmp-host-prohibited"
} }
] ]
}, },
@ -325,8 +127,73 @@ $ sudo iptables -vnL -t filter | jc --iptables -p
""" """
def parse(data): def process(proc_data):
output = [] '''schema:
[
{
"chain": string,
"rules": [
{
"num" integer,
"pkts": integer,
"bytes": integer, # converted based on suffix
"target": string,
"prot": string,
"opt": string, # "--" = Null
"in": string,
"out": string,
"source": string,
"destination": string,
"options": string
}
]
}
]
'''
for entry in proc_data:
for rule in entry['rules']:
int_list = ['num', 'pkts']
for key in int_list:
if key in rule:
try:
key_int = int(rule[key])
rule[key] = key_int
except (ValueError, TypeError):
rule[key] = None
if 'bytes' in rule:
multiplier = 1
if rule['bytes'][-1] == 'K':
multiplier = 1000
rule['bytes'] = rule['bytes'].rstrip('K')
elif rule['bytes'][-1] == 'M':
multiplier = 1000000
rule['bytes'] = rule['bytes'].rstrip('M')
elif rule['bytes'][-1] == 'G':
multiplier = 1000000000
rule['bytes'] = rule['bytes'].rstrip('G')
elif rule['bytes'][-1] == 'T':
multiplier = 1000000000000
rule['bytes'] = rule['bytes'].rstrip('T')
elif rule['bytes'][-1] == 'P':
multiplier = 1000000000000000
rule['bytes'] = rule['bytes'].rstrip('P')
try:
bytes_int = int(rule['bytes'])
rule['bytes'] = bytes_int * multiplier
except (ValueError, TypeError):
rule['bytes'] = None
if 'opt' in rule:
if rule['opt'] == '--':
rule['opt'] = None
return proc_data
def parse(data, raw=False):
raw_output = []
chain = {} chain = {}
headers = [] headers = []
@ -335,7 +202,7 @@ def parse(data):
for line in cleandata: for line in cleandata:
if line.find('Chain') == 0: if line.find('Chain') == 0:
output.append(chain) raw_output.append(chain)
chain = {} chain = {}
headers = [] headers = []
@ -346,7 +213,7 @@ def parse(data):
continue continue
elif line.find('target') == 0 or line.find('pkts') == 1: elif line.find('target') == 0 or line.find('pkts') == 1 or line.find('num') == 0:
headers = [] headers = []
headers = [h for h in ' '.join(line.lower().strip().split()).split() if h] headers = [h for h in ' '.join(line.lower().strip().split()).split() if h]
headers.append("options") headers.append("options")
@ -359,6 +226,9 @@ def parse(data):
if temp_rule: if temp_rule:
chain['rules'].append(temp_rule) chain['rules'].append(temp_rule)
output = list(filter(None, output)) raw_output = list(filter(None, raw_output))
return output if raw:
return raw_output
else:
return process(raw_output)