2023-01-08 14:09:13 +01:00
|
|
|
use crate::api::apiserver;
|
2022-12-30 20:18:15 +01:00
|
|
|
use crate::config::{Context, GIT_VERSION};
|
2023-01-08 21:16:06 +01:00
|
|
|
use crate::fw::{fwblock, fwinit};
|
2023-01-15 16:05:34 +01:00
|
|
|
use crate::ip::{filter, IpData, IpEvent};
|
2023-01-15 22:07:56 +01:00
|
|
|
use crate::utils::{read_lines, sleep_ms};
|
2023-01-08 14:09:13 +01:00
|
|
|
use crate::ws::send_to_ipbl_ws;
|
|
|
|
|
use crate::zmqcom::{send_to_ipbl_zmq, zmqinit};
|
2022-05-27 13:59:17 +02:00
|
|
|
|
|
|
|
|
use chrono::prelude::*;
|
2022-12-30 20:18:15 +01:00
|
|
|
use chrono::prelude::{DateTime, Local};
|
2022-07-01 15:51:41 +02:00
|
|
|
use chrono::Duration;
|
2022-12-30 20:18:15 +01:00
|
|
|
use nix::sys::inotify::InotifyEvent;
|
2022-05-27 13:59:17 +02:00
|
|
|
use std::collections::HashMap;
|
|
|
|
|
use std::sync::Arc;
|
|
|
|
|
use tokio::sync::mpsc::{channel, Receiver, Sender};
|
2023-01-10 18:00:40 +01:00
|
|
|
use tokio::sync::RwLock;
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
pub const PKG_NAME: &str = env!("CARGO_PKG_NAME");
|
2022-05-27 13:59:17 +02:00
|
|
|
const BL_CHAN_SIZE: usize = 32;
|
|
|
|
|
const ZMQ_CHAN_SIZE: usize = 64;
|
2023-01-08 14:09:13 +01:00
|
|
|
const API_CHAN_SIZE: usize = 64;
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2022-12-30 20:18:15 +01:00
|
|
|
pub async fn run() {
|
2023-01-15 22:07:56 +01:00
|
|
|
let globalctx = Context::new().await;
|
|
|
|
|
let ctxarc = Arc::new(RwLock::new(globalctx));
|
|
|
|
|
let mut ret: Vec<String> = Vec::new();
|
2023-01-08 21:16:06 +01:00
|
|
|
|
|
|
|
|
let pkgversion = format!("{}@{}", env!("CARGO_PKG_VERSION"), GIT_VERSION);
|
|
|
|
|
|
|
|
|
|
let mut last_cfg_reload: DateTime<Local> = Local::now().trunc_subsecs(0);
|
|
|
|
|
println!("Launching {}, version {}", PKG_NAME, pkgversion);
|
|
|
|
|
|
|
|
|
|
let (_apitx, mut apirx): (Sender<String>, Receiver<String>) = channel(API_CHAN_SIZE);
|
2023-01-08 14:09:13 +01:00
|
|
|
//let tcpsocket = apiinit(&ctx, &apitx).await;
|
|
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
let ctxclone = Arc::clone(&ctxarc);
|
|
|
|
|
apiserver(&ctxclone).await.unwrap();
|
2022-05-27 13:59:17 +02:00
|
|
|
|
|
|
|
|
// initialize the firewall table
|
2023-01-08 21:16:06 +01:00
|
|
|
fwinit();
|
2022-09-17 22:31:30 +02:00
|
|
|
let mut fwlen: usize = 0;
|
2022-05-27 13:59:17 +02:00
|
|
|
|
|
|
|
|
// initialize zeromq sockets
|
2023-01-15 16:05:34 +01:00
|
|
|
let (ipeventtx, mut ipeventrx): (Sender<IpEvent>, Receiver<IpEvent>) = channel(ZMQ_CHAN_SIZE);
|
|
|
|
|
let zmqreqsocket = zmqinit(&ctxclone, &ipeventtx).await;
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
let mut blrx = watchfiles(&ctxclone).await;
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
let ctxclone = Arc::clone(&ctxarc);
|
2022-05-27 13:59:17 +02:00
|
|
|
tokio::spawn(async move {
|
2023-01-15 16:05:34 +01:00
|
|
|
compare_files_changes(&ctxclone, &mut blrx, &ipeventtx).await;
|
2022-05-27 13:59:17 +02:00
|
|
|
});
|
|
|
|
|
|
2023-01-15 16:40:27 +01:00
|
|
|
let ipevent_bootstrap = IpEvent {
|
|
|
|
|
msgtype: String::from("bootstrap"),
|
2023-01-15 16:05:34 +01:00
|
|
|
ipdata: IpData {
|
|
|
|
|
ip: "".to_string(),
|
|
|
|
|
src: "".to_string(),
|
|
|
|
|
date: "".to_string(),
|
|
|
|
|
hostname: "".to_string(),
|
|
|
|
|
mode: "".to_string(),
|
|
|
|
|
},
|
2022-09-11 23:35:44 +02:00
|
|
|
};
|
2023-01-15 22:07:56 +01:00
|
|
|
send_to_ipbl_zmq(&zmqreqsocket, &ipevent_bootstrap, &mut ret).await;
|
2022-09-11 23:35:44 +02:00
|
|
|
|
2022-05-27 13:59:17 +02:00
|
|
|
loop {
|
2023-01-15 22:07:56 +01:00
|
|
|
ret = Vec::new();
|
2022-05-27 13:59:17 +02:00
|
|
|
|
|
|
|
|
// wait for logs parse and zmq channel receive
|
2023-01-08 14:09:13 +01:00
|
|
|
//let mut received_ip = ipdatarx.recv();
|
2023-01-15 16:05:34 +01:00
|
|
|
let ipdata_wait = ipeventrx.recv();
|
2023-01-08 21:16:06 +01:00
|
|
|
let apimsg_wait = apirx.recv();
|
2023-01-15 22:07:56 +01:00
|
|
|
let force_wait = sleep_ms(500);
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
let ctxclone = Arc::clone(&ctxarc);
|
2022-09-11 23:35:44 +02:00
|
|
|
|
2023-01-08 14:09:13 +01:00
|
|
|
tokio::select! {
|
2023-01-08 21:16:06 +01:00
|
|
|
val = ipdata_wait => {
|
2023-01-15 15:32:41 +01:00
|
|
|
let received_ip = val.unwrap();
|
2023-01-08 21:16:06 +01:00
|
|
|
|
2023-01-10 18:00:40 +01:00
|
|
|
let mut ctx = ctxclone.write().await;
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-15 16:40:27 +01:00
|
|
|
if received_ip.msgtype == "bootstrap".to_string() {
|
2023-01-15 16:05:34 +01:00
|
|
|
for ip_to_send in ctx.get_blocklist_toblock().await {
|
2023-01-15 16:53:58 +01:00
|
|
|
let ipe = IpEvent{
|
2023-01-15 16:05:34 +01:00
|
|
|
msgtype: String::from("init"),
|
|
|
|
|
ipdata: ip_to_send,
|
|
|
|
|
};
|
2023-01-15 22:07:56 +01:00
|
|
|
send_to_ipbl_zmq(&zmqreqsocket, &ipe, &mut ret).await;
|
2023-01-08 14:09:13 +01:00
|
|
|
}
|
2023-01-15 16:53:58 +01:00
|
|
|
continue
|
2023-01-08 14:09:13 +01:00
|
|
|
}
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-08 14:09:13 +01:00
|
|
|
// refresh context blocklist
|
2023-01-15 16:05:34 +01:00
|
|
|
let filtered_ip = ctx.update_blocklist(&received_ip.ipdata).await;
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-08 14:09:13 +01:00
|
|
|
// send ip list to ws and zmq sockets
|
2023-01-15 15:32:41 +01:00
|
|
|
if let Some(ip) = filtered_ip {
|
2023-01-15 16:53:58 +01:00
|
|
|
if received_ip.msgtype != "init" {
|
|
|
|
|
println!("sending {} to ws and zmq", ip.ip);
|
|
|
|
|
let event = IpEvent{
|
|
|
|
|
msgtype: String::from("add"),
|
|
|
|
|
ipdata: ip,
|
|
|
|
|
};
|
2023-01-15 22:07:56 +01:00
|
|
|
send_to_ipbl_ws(&ctx, &event, &mut ret).await;
|
|
|
|
|
send_to_ipbl_zmq(&zmqreqsocket, &event, &mut ret).await;
|
2023-01-15 16:53:58 +01:00
|
|
|
}
|
2022-07-01 15:51:41 +02:00
|
|
|
}
|
2023-01-08 14:09:13 +01:00
|
|
|
}
|
2023-01-15 22:07:56 +01:00
|
|
|
_val = apimsg_wait => {}
|
2023-01-15 20:03:32 +01:00
|
|
|
_val = force_wait => {}
|
2023-01-08 14:09:13 +01:00
|
|
|
};
|
2023-01-08 21:16:06 +01:00
|
|
|
|
|
|
|
|
let toblock;
|
|
|
|
|
{
|
2023-01-10 18:00:40 +01:00
|
|
|
let mut ctx = ctxarc.write().await;
|
2023-01-08 21:16:06 +01:00
|
|
|
ctx.gc_blocklist().await;
|
|
|
|
|
toblock = ctx.get_blocklist_toblock().await;
|
|
|
|
|
}
|
|
|
|
|
// apply firewall blocking
|
2023-01-11 18:00:23 +01:00
|
|
|
match fwblock(&toblock, &mut ret, &mut fwlen) {
|
|
|
|
|
Ok(_) => {}
|
|
|
|
|
Err(err) => {
|
|
|
|
|
println!("Err: {err}, unable to push firewall rules, use super user")
|
|
|
|
|
}
|
|
|
|
|
};
|
2023-01-08 21:16:06 +01:00
|
|
|
|
|
|
|
|
// log lines
|
|
|
|
|
if ret.len() > 0 {
|
|
|
|
|
println!("{ret}", ret = ret.join(", "));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
let now_cfg_reload = Local::now().trunc_subsecs(0);
|
|
|
|
|
if (now_cfg_reload - last_cfg_reload) > Duration::seconds(5) {
|
|
|
|
|
// reload configuration from the server
|
2023-01-10 18:00:40 +01:00
|
|
|
let mut ctx = ctxclone.write().await;
|
2023-01-08 21:16:06 +01:00
|
|
|
match ctx.load().await {
|
|
|
|
|
Ok(_) => {
|
|
|
|
|
last_cfg_reload = Local::now().trunc_subsecs(0);
|
|
|
|
|
}
|
|
|
|
|
Err(err) => {
|
|
|
|
|
println!("error loading config: {err}");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
}
|
2022-05-27 13:59:17 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-10 18:00:40 +01:00
|
|
|
async fn watchfiles(ctxarc: &Arc<RwLock<Context>>) -> Receiver<FileEvent> {
|
2022-05-27 13:59:17 +02:00
|
|
|
let (bltx, blrx): (Sender<FileEvent>, Receiver<FileEvent>) = channel(BL_CHAN_SIZE);
|
2023-01-08 21:16:06 +01:00
|
|
|
let ctxclone = Arc::clone(ctxarc);
|
2022-05-27 13:59:17 +02:00
|
|
|
tokio::spawn(async move {
|
|
|
|
|
loop {
|
2023-01-08 21:16:06 +01:00
|
|
|
let events;
|
|
|
|
|
let instance;
|
2022-05-27 13:59:17 +02:00
|
|
|
{
|
2023-01-10 18:00:40 +01:00
|
|
|
let ctx = ctxclone.read().await;
|
2023-01-08 21:16:06 +01:00
|
|
|
instance = ctx.instance.clone();
|
2022-05-27 13:59:17 +02:00
|
|
|
}
|
|
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
events = instance.read_events().unwrap();
|
|
|
|
|
|
2022-09-21 21:03:01 +02:00
|
|
|
for inevent in events {
|
2022-05-27 13:59:17 +02:00
|
|
|
let date: DateTime<Local> = Local::now().trunc_subsecs(0);
|
2022-09-21 21:03:01 +02:00
|
|
|
bltx.send(FileEvent { inevent, date }).await.unwrap();
|
2022-05-27 13:59:17 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
blrx
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-23 13:17:20 +02:00
|
|
|
async fn get_last_file_size(w: &mut HashMap<String, u64>, path: &str) -> (u64, bool) {
|
2022-05-27 13:59:17 +02:00
|
|
|
let currentlen = match std::fs::metadata(&path.to_string()) {
|
|
|
|
|
Ok(u) => u.len().clone(),
|
2022-09-23 13:17:20 +02:00
|
|
|
Err(_) => 0u64,
|
2022-05-27 13:59:17 +02:00
|
|
|
};
|
2022-09-21 21:03:01 +02:00
|
|
|
let lastlen = match w.insert(path.to_string(), currentlen) {
|
2022-05-27 13:59:17 +02:00
|
|
|
Some(u) => u,
|
2022-09-23 13:17:20 +02:00
|
|
|
None => 0u64,
|
2022-05-27 13:59:17 +02:00
|
|
|
};
|
2022-09-23 13:17:20 +02:00
|
|
|
(lastlen, lastlen != currentlen)
|
2022-05-27 13:59:17 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async fn compare_files_changes(
|
2023-01-10 18:00:40 +01:00
|
|
|
ctxarc: &Arc<RwLock<Context>>,
|
2022-09-21 21:03:01 +02:00
|
|
|
inrx: &mut Receiver<FileEvent>,
|
2023-01-15 16:05:34 +01:00
|
|
|
ipeventtx: &Sender<IpEvent>,
|
2022-05-27 13:59:17 +02:00
|
|
|
) {
|
2022-09-21 21:03:01 +02:00
|
|
|
let mut tnets;
|
2022-05-27 13:59:17 +02:00
|
|
|
loop {
|
2022-09-21 21:03:01 +02:00
|
|
|
let modfiles = inrx.recv().await.unwrap();
|
|
|
|
|
let mut iplist: Vec<IpData> = vec![];
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
let sask;
|
|
|
|
|
let sas;
|
|
|
|
|
{
|
2023-01-10 18:00:40 +01:00
|
|
|
let ctx = ctxarc.read().await;
|
2023-01-08 21:16:06 +01:00
|
|
|
sas = ctx.clone().sas;
|
|
|
|
|
sask = sas.keys();
|
|
|
|
|
tnets = ctx.cfg.build_trustnets();
|
|
|
|
|
}
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2022-09-21 21:03:01 +02:00
|
|
|
match modfiles.inevent.name {
|
2022-05-27 13:59:17 +02:00
|
|
|
Some(name) => {
|
2022-09-21 21:03:01 +02:00
|
|
|
let filename = name.to_str().unwrap();
|
2023-01-08 21:16:06 +01:00
|
|
|
for sak in sask {
|
|
|
|
|
let sa = sas.get(sak).unwrap();
|
2022-09-21 21:03:01 +02:00
|
|
|
if modfiles.inevent.wd == sa.wd {
|
|
|
|
|
let handle: String;
|
2022-05-27 13:59:17 +02:00
|
|
|
if sa.filename.as_str() == "" {
|
2022-09-21 21:03:01 +02:00
|
|
|
handle = format!("{}/{}", &sa.fullpath, filename);
|
|
|
|
|
} else if filename.starts_with(sa.filename.as_str()) {
|
|
|
|
|
handle = sa.fullpath.to_owned();
|
2022-05-27 13:59:17 +02:00
|
|
|
} else {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-08 21:16:06 +01:00
|
|
|
let (filesize, sizechanged);
|
|
|
|
|
{
|
2023-01-10 18:00:40 +01:00
|
|
|
let mut ctx = ctxarc.write().await;
|
2023-01-08 21:16:06 +01:00
|
|
|
let sa = ctx.sas.get_mut(sak).unwrap();
|
|
|
|
|
(filesize, sizechanged) =
|
|
|
|
|
get_last_file_size(&mut sa.watchedfiles, &handle).await;
|
|
|
|
|
}
|
2022-09-23 13:17:20 +02:00
|
|
|
|
|
|
|
|
if !sizechanged {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2022-05-27 13:59:17 +02:00
|
|
|
|
2022-09-21 21:03:01 +02:00
|
|
|
match read_lines(&handle, filesize) {
|
2022-05-27 13:59:17 +02:00
|
|
|
Some(lines) => {
|
|
|
|
|
filter(
|
|
|
|
|
lines,
|
2022-09-21 21:03:01 +02:00
|
|
|
&mut iplist,
|
|
|
|
|
&tnets,
|
2022-05-27 13:59:17 +02:00
|
|
|
&sa.regex,
|
2022-07-01 15:51:41 +02:00
|
|
|
&sa.set.src,
|
2022-09-21 21:03:01 +02:00
|
|
|
&modfiles.date,
|
2022-05-27 13:59:17 +02:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
None => {}
|
|
|
|
|
};
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-09-21 21:03:01 +02:00
|
|
|
for ip in iplist {
|
2023-01-15 16:05:34 +01:00
|
|
|
let ipevent = IpEvent {
|
2023-01-15 16:40:27 +01:00
|
|
|
msgtype: String::from("add"),
|
2023-01-15 16:05:34 +01:00
|
|
|
ipdata: ip,
|
|
|
|
|
};
|
|
|
|
|
ipeventtx.send(ipevent).await.unwrap();
|
2022-05-27 13:59:17 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
None => {}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-12-30 20:18:15 +01:00
|
|
|
|
|
|
|
|
pub struct FileEvent {
|
|
|
|
|
pub inevent: InotifyEvent,
|
|
|
|
|
pub date: DateTime<Local>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl std::fmt::Debug for FileEvent {
|
|
|
|
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
|
|
|
|
write!(f, "{ie:?}", ie = self.inevent)
|
|
|
|
|
}
|
|
|
|
|
}
|
