summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/controllers/intruders_controller.rb3
-rw-r--r--app/models/intruder.rb86
-rw-r--r--app/views/intruders/_form_core.html.haml4
-rw-r--r--app/views/intruders/_index_core.html.haml12
-rw-r--r--app/views/intruders/index.html.haml9
5 files changed, 79 insertions, 35 deletions
diff --git a/app/controllers/intruders_controller.rb b/app/controllers/intruders_controller.rb
index d3c767e..bdda230 100644
--- a/app/controllers/intruders_controller.rb
+++ b/app/controllers/intruders_controller.rb
@@ -2,7 +2,8 @@ class IntrudersController < ApplicationController
load_and_authorize_resource :intruder
def index
- @intruders = Intruder.order('list_type ASC, contact_last DESC').all
+ @intruders = Intruder.order('list_type ASC, contact_last DESC')
+ @list_types = @intruders.pluck(:list_type).uniq.sort
spread_breadcrumbs
end
diff --git a/app/models/intruder.rb b/app/models/intruder.rb
index 97e3773..9a1c39a 100644
--- a/app/models/intruder.rb
+++ b/app/models/intruder.rb
@@ -17,6 +17,10 @@ class Intruder < ActiveRecord::Base
before_validation :set_key_if_empty
+ after_create :check_if_new_entry_relevant
+ after_update :check_if_update_relevant
+ after_destroy :check_if_delete_relevant
+
def to_s
key
end
@@ -31,26 +35,6 @@ class Intruder < ActiveRecord::Base
end
end
- def self.write_firewall_blacklist
- firewall_blacklist_file = GsParameter.get('blacklist_file', 'perimeter', 'general')
- entry_template = GsParameter.get('blacklist_file_entry', 'perimeter', 'general')
- comment_template = GsParameter.get('blacklist_file_comment', 'perimeter', 'general')
- File.open(firewall_blacklist_file, 'w') do |file|
- Intruder.where(:list_type => 'blacklist').where('bans > 0').all.each do |entry|
- if ! comment_template.blank?
- file.write(self.expand_variables(comment_template, entry.to_hash) + "\n")
- end
- file.write(self.expand_variables(entry_template, entry.to_hash) + "\n")
- end
- end
- end
-
- def self.expand_variables(line, variables)
- return line.gsub(/\{([a-z_]+)\}/) do |m|
- variables[$1.to_sym]
- end
- end
-
def to_hash
return {
:key => self.key,
@@ -72,4 +56,66 @@ class Intruder < ActiveRecord::Base
self.key = self.contact_ip
end
end
+
+ def expand_variables(line, variables)
+ return line.gsub(/\{([a-z_]+)\}/) do |m|
+ variables[$1.to_sym]
+ end
+ end
+
+ def write_firewall_list
+ firewall_blacklist_file = GsParameter.get('blacklist_file', 'perimeter', 'general')
+ blacklist_entry_template = GsParameter.get('blacklist_file_entry', 'perimeter', 'general')
+ whitelist_entry_template = GsParameter.get('whitelist_file_entry', 'perimeter', 'general')
+ comment_template = GsParameter.get('blacklist_file_comment', 'perimeter', 'general')
+ File.open(firewall_blacklist_file, 'w') do |file|
+ Intruder.where(:list_type => ['whitelist', 'blacklist']).order('list_type DESC, contact_last ASC').all.each do |entry|
+ if !whitelist_entry_template.blank? && entry.list_type == 'whitelist'
+ if ! comment_template.blank?
+ file.write(expand_variables(comment_template, entry.to_hash) + "\n")
+ end
+ file.write(expand_variables(whitelist_entry_template, entry.to_hash) + "\n")
+ elsif !blacklist_entry_template.blank? && entry.list_type == 'blacklist' && entry.bans.to_i > 0
+ if ! comment_template.blank?
+ file.write(expand_variables(comment_template, entry.to_hash) + "\n")
+ end
+ file.write(expand_variables(blacklist_entry_template, entry.to_hash) + "\n")
+ end
+ end
+ end
+ end
+
+ def restart_firewall
+ command = GsParameter.get('ban_command', 'perimeter', 'general')
+ if !command.blank?
+ system expand_variables(command, self.to_hash)
+ end
+ end
+
+ def check_if_update_relevant
+ if key_changed? || contact_ip_changed? || list_type_changed? || bans_changed? || points_changed?
+ if !GsParameter.get("#{self.list_type}_file_entry", 'perimeter', 'general').blank?
+ write_firewall_list
+ restart_firewall
+ end
+ end
+ end
+
+ def check_if_new_entry_relevant
+ if !GsParameter.get("#{self.list_type}_file_entry", 'perimeter', 'general').blank?
+ if self.list_type != 'blacklist' || self.bans.to_i > 0
+ write_firewall_list
+ restart_firewall
+ end
+ end
+ end
+
+ def check_if_delete_relevant
+ if !GsParameter.get("#{self.list_type}_file_entry", 'perimeter', 'general').blank?
+ if self.list_type != 'blacklist' || self.bans.to_i > 0
+ write_firewall_list
+ restart_firewall
+ end
+ end
+ end
end
diff --git a/app/views/intruders/_form_core.html.haml b/app/views/intruders/_form_core.html.haml
index 780d8cd..a0c2eb0 100644
--- a/app/views/intruders/_form_core.html.haml
+++ b/app/views/intruders/_form_core.html.haml
@@ -1,5 +1,7 @@
.inputs
= f.input :list_type, :collection => Intruder::LIST_TYPES, :label => t('intruders.form.list_type.label'), :hint => conditional_hint('intruders.form.list_type.hint'), :include_blank => false
= f.input :contact_ip, :label => t('intruders.form.contact_ip.label'), :hint => conditional_hint('intruders.form.contact_ip.hint')
- = f.input :ban_end, :label => t('intruders.form.ban_end.label'), :hint => conditional_hint('intruders.form.ban_end.hint')
+ = f.input :points, :label => t('intruders.form.points.label'), :hint => conditional_hint('intruders.form.points.hint')
+ = f.input :bans, :label => t('intruders.form.bans.label'), :hint => conditional_hint('intruders.form.bans.hint'), as: :boolean
+
= f.input :comment, :label => t('intruders.form.comment.label'), :hint => conditional_hint('intruders.form.comment.hint')
diff --git a/app/views/intruders/_index_core.html.haml b/app/views/intruders/_index_core.html.haml
index 63f2253..b9c5a76 100644
--- a/app/views/intruders/_index_core.html.haml
+++ b/app/views/intruders/_index_core.html.haml
@@ -2,11 +2,8 @@
%tr
%th
%th= t('intruders.index.contact_ip')
- %th= t('intruders.index.contact_port')
%th= t('intruders.index.points')
- %th= t('intruders.index.bans')
%th= t('intruders.index.ban_last')
- %th= t('intruders.index.ban_end')
%th= t('intruders.index.contact_count')
%th= t('intruders.index.contact_last')
%th= t('intruders.index.contacts_per_second')
@@ -19,21 +16,16 @@
%td
- if intruder.list_type == 'whitelist'
%i.icon-ok
- - elsif intruder.bans > 0
+ - elsif intruder.bans.to_i > 0
%i.icon-fire
- - elsif intruder.points > 0
+ - elsif intruder.points.to_i > 0
%i.icon-warning-sign
%td= intruder.contact_ip
- %td= intruder.contact_port
%td= intruder.points
- %td= intruder.bans
%td
- if intruder.ban_last
= l intruder.ban_last, :format => :short
- %td
- - if intruder.ban_end
- = l intruder.ban_end, :format => :short
%td= intruder.contact_count
%td
diff --git a/app/views/intruders/index.html.haml b/app/views/intruders/index.html.haml
index 72b8882..79b4ceb 100644
--- a/app/views/intruders/index.html.haml
+++ b/app/views/intruders/index.html.haml
@@ -1,6 +1,9 @@
- content_for :title, t("intruders.index.page_title")
-- if @intruders && @intruders.count > 0
- = render "index_core", :intruders => @intruders
+- if @intruders && @intruders.count > 0 && @list_types && @list_types.count > 0
+ - @list_types.each do |list_type|
+ %h3= list_type
+ %table.table.table-striped
+ = render "index_core", :intruders => @intruders.where(:list_type => list_type)
-= render :partial => 'shared/create_link', :locals => {:child_class => Intruder} \ No newline at end of file
+= render :partial => 'shared/create_link', :locals => {:child_class => Intruder}