From 4d4b0c7e03eb0e4f94000d48f2c6803c9155e801 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Sat, 3 Aug 2019 22:08:18 +0500 Subject: [PATCH] bug fix to csf --- CyberCP/secMiddleware.py | 2 +- firewall/firewallManager.py | 14 ++++++++++---- plogical/csf.py | 10 +++++++++- 3 files changed, 20 insertions(+), 6 deletions(-) diff --git a/CyberCP/secMiddleware.py b/CyberCP/secMiddleware.py index 19612eee0..b54053a34 100755 --- a/CyberCP/secMiddleware.py +++ b/CyberCP/secMiddleware.py @@ -60,7 +60,7 @@ def __call__(self, request): if request.build_absolute_uri().find('docker') > -1 or request.build_absolute_uri().find('cloudAPI') > -1 or request.build_absolute_uri().find('filemanager') > -1 or request.build_absolute_uri().find('verifyLogin') > -1 or request.build_absolute_uri().find('submitUserCreation') > -1: continue - if key == 'imageByPass' or key == 'passwordByPass' or key == 'cronCommand' or key == 'emailMessage' or key == 'configData' or key == 'rewriteRules' or key == 'modSecRules' or key == 'recordContentTXT' or key == 'SecAuditLogRelevantStatus' or key == 'fileContent': + if key == 'ports' or key == 'imageByPass' or key == 'passwordByPass' or key == 'cronCommand' or key == 'emailMessage' or key == 'configData' or key == 'rewriteRules' or key == 'modSecRules' or key == 'recordContentTXT' or key == 'SecAuditLogRelevantStatus' or key == 'fileContent': continue if value.find(';') > -1 or value.find('&&') > -1 or value.find('|') > -1 or value.find('...') > -1 \ or value.find("`") > -1 or value.find("$") > -1 or value.find("(") > -1 or value.find(")") > -1 \ diff --git a/firewall/firewallManager.py b/firewall/firewallManager.py index 664977e3a..9641325c4 100755 --- a/firewall/firewallManager.py +++ b/firewall/firewallManager.py @@ -11,14 +11,11 @@ import plogical.CyberCPLogFileWriter as logging from plogical.virtualHostUtilities import virtualHostUtilities import subprocess -import shlex -from plogical.installUtilities import installUtilities from django.shortcuts import HttpResponse, render from random import randint import time from plogical.firewallUtilities import FirewallUtilities from firewall.models import FirewallRules -import thread from plogical.modSec import modSec from plogical.csf import CSF from plogical.processUtilities import ProcessUtilities @@ -1482,8 +1479,17 @@ def modifyPorts(self): protocol = data['protocol'] ports = data['ports'] + portsPath = '/tmp/ports' + + if os.path.exists(portsPath): + os.remove(portsPath) + + writeToFile = open(portsPath, 'w') + writeToFile.write(ports) + writeToFile.close() + execPath = "sudo /usr/local/CyberCP/bin/python2 " + virtualHostUtilities.cyberPanel + "/plogical/csf.py" - execPath = execPath + " modifyPorts --protocol " + protocol + " --ports " + ports + execPath = execPath + " modifyPorts --protocol " + protocol + " --ports " + portsPath output = ProcessUtilities.outputExecutioner(execPath) if output.find("1,None") > -1: diff --git a/plogical/csf.py b/plogical/csf.py index 6972fedda..715ee78f2 100755 --- a/plogical/csf.py +++ b/plogical/csf.py @@ -212,11 +212,14 @@ def changeStatus(controller, status): print '0',str(msg) @staticmethod - def modifyPorts(protocol, ports): + def modifyPorts(protocol, portsPath): try: + data = open('/etc/csf/csf.conf', 'r').readlines() writeToFile = open('/etc/csf/csf.conf', 'w') + ports = open(portsPath, 'r').read() + if protocol == 'TCP_IN': for items in data: if items.find('TCP_IN') > -1 and items.find('=') > -1 and (items[0] != '#'): @@ -249,6 +252,11 @@ def modifyPorts(protocol, ports): command = 'csf -r' subprocess.call(shlex.split(command)) + try: + os.remove(portsPath) + except: + pass + print '1,None' except BaseException, msg: