Skip to content

Commit 5b23e62

Browse files
Kudzai P MatizirofaKudzai P Matizirofa
Kudzai P Matizirofa
authored and
Kudzai P Matizirofa
committed
Added firewall logging
1 parent 90357e0 commit 5b23e62

File tree

5 files changed

+25
-23
lines changed

5 files changed

+25
-23
lines changed

firewall.log

Whitespace-only changes.

firewall/__pycache__/packet.cpython-311.pyc

564 Bytes
Binary file not shown.

firewall/__pycache__/rule_list.cpython-311.pyc

278 Bytes
Binary file not shown.

firewall/packet.py

Lines changed: 22 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
11
from scapy.all import IP, TCP, sniff
2+
import logging # first of all import the module
3+
24

35
"""
46
Represents a network packet with source and destination IP addresses
@@ -13,32 +15,31 @@ def get_summary(self, pkt):
1315
for rule in self.rules:
1416
#print("src",pkt[IP].src, pkt[TCP].sport,"dst", pkt[IP].dst, pkt[TCP].dport)
1517
#Check if the ip address and port number matches
16-
if (
17-
( pkt[IP].src == rule[1]) or ( pkt[IP].dst == rule[3]) and
18-
( pkt[TCP].sport == rule[2]) or ( pkt[TCP].dport == rule[4])
19-
):
20-
#If they matches check if that rule is to be allowed or blocked
21-
if rule[0] == True: return "BLOCK", "src",pkt[IP].src, pkt[TCP].sport,"dst", pkt[IP].dst, pkt[TCP].dport
22-
elif rule[0] == False: return "ALLOW", "src",pkt[IP].src, pkt[TCP].sport,"dst", pkt[IP].dst, pkt[TCP].dport
18+
if (pkt[IP].src == rule[1] and pkt[IP].dst == rule[3]):
19+
20+
if(True): #pkt[TCP].sport == rule[2] ports changes a lot
21+
22+
#If they matches check if that rule is to be allowed or blocked
23+
if rule[0] == True:
24+
log = "Status: ", "BLOCK", "Src IP: ",pkt[IP].src, "Src Port:", pkt[TCP].sport,"Dst IP: ", pkt[IP].dst,"Dst Port:" ,pkt[TCP].dport
25+
logging.basicConfig(filename='firewall.log', filemode='w', format="%(asctime)s %(message)s")
26+
logging.warning(log)
27+
print(log)
28+
29+
elif rule[0] == False:
30+
log = "Status: ", "ALLOW", "Src IP: ",pkt[IP].src, "Src Port:", pkt[TCP].sport,"Dst IP: ", pkt[IP].dst,"Dst Port:" ,pkt[TCP].dport
31+
logging.basicConfig(filename='firewall.log', filemode='w', format="%(asctime)s %(message)s")
32+
logging.warning(log)
33+
print(log)
34+
2335
else:
24-
return "src",pkt[IP].src, pkt[TCP].sport,"dst", pkt[IP].dst, pkt[TCP].dport
36+
print("Src IP: ",pkt[IP].src, "Src Port:", pkt[TCP].sport,"Dst IP: ", pkt[IP].dst,"Dst Port:" ,pkt[TCP].dport)
2537
else:
26-
return "Waiting for pkt...."
38+
pass
39+
# return "Waiting for pkt...."
2740
except Exception as e:
2841
print(f"[ERR] Error could not get pkt: {e}")
2942
False
3043

3144
# capture = sniff(5)
3245
# capture.summary()
33-
# arr = [
34-
# [True, "192.168.36.44", "60916", "20.42.65.89", "443"], ##block
35-
# [True, "12.168.3.1009", "0", "10.0.0.100", "0"],
36-
# [True, "12.168.3.1009", "0", "10.0.0.100", "0"],
37-
# [False, "44.236.154.173", "443", "192.168.36.44", "61035"] ##allow
38-
# ]
39-
# packet = Packet(arr)
40-
# sniff(10,filter="ip",prn=packet.get_summary)
41-
42-
#sniff(filter="ip",prn=get_summary)
43-
# or it possible to filter with filter parameter...!
44-
#sniff(filter="ip and host 192.168.0.1",prn=get_summary)

run.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,15 +8,16 @@ def run():
88
print("FIREWALL IS RUNNING......")
99
try:
1010
rules = RuleList()
11-
rules.add_rule(False,'192.168.36.44', '57881', '93.184.221.240', '80')
11+
rules.add_rule(False,'192.168.36.205', '59770', '192.168.36.44', '443')
12+
rules.add_rule(True,'192.168.36.44', '60237', '209.197.3.8', '80')
13+
rules.add_rule(True,'192.168.36.44', '60181', '192.168.36.205', '53')
1214

1315
packet_manager = Packet(rules.get_all_rules())
1416
firewall = Firewall(packet_manager)
1517

1618
while True:
1719
for _ in range(10):
1820
firewall.run()
19-
print(rules.get_all_rules())
2021
time.sleep(100)
2122

2223
except KeyboardInterrupt:

0 commit comments

Comments
 (0)