-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
208 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
include LICENSE README.md requirements.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,75 @@ | ||
# deterrers-cli | ||
Command line client for DETERRERS | ||
# Command line client for DETERRERS | ||
|
||
A command line client making it easy to interact with the DETERRERS perimeter | ||
firewall portal to registr and configuration IP addresses and firewall | ||
profiles. | ||
|
||
**Warning:** The API of DETERRERS used by this tool is still experimental and somewhat fragile. | ||
Most notably, this often leads to unexpected errors returned by the API. | ||
|
||
|
||
## Installation | ||
|
||
Use pip to install the latest version: | ||
|
||
``` | ||
pip install deterrers-cli | ||
``` | ||
|
||
## Configuration | ||
|
||
To configure the client, create a file `~/.deterrers.yml` with the following content: | ||
|
||
```yaml | ||
url: https://deterrers.example.com | ||
token: <api-token> | ||
``` | ||
## Usane | ||
Use the context based help to get information about available commands: | ||
``` | ||
❯ deterrers-cli --help | ||
Usage: python -m deterrerscli [OPTIONS] COMMAND [ARGS]... | ||
|
||
Options: | ||
--help Show this message and exit. | ||
|
||
Commands: | ||
action Activate firewall profile or block IP address in perimeter... | ||
add Add IP address to DETERRERS. | ||
delete Delete IP address from DETERRERS. | ||
get Get information about an IP address in DETERRERS. | ||
hosts List all IPs added to DETERRERS. | ||
update Update IP address in DETERRERS. | ||
``` | ||
Help about adding new IP addresses: | ||
``` | ||
❯ deterrers-cli add --help | ||
Usage: python -m deterrerscli add [OPTIONS] IPV4 | ||
|
||
Add IP address to DETERRERS. | ||
|
||
Options: | ||
-a, --admin TEXT [required] | ||
--help Show this message and exit. | ||
``` | ||
|
||
## Example | ||
|
||
```sh | ||
# Delete IP 192.0.0.1 from DETERRERS | ||
❯ deterrers-cli delete 192.0.0.1 | ||
|
||
# Add IP 192.0.0.1 with group `virtUOS` as admins | ||
❯ deterrers-cli add --admin virtUOS 192.0.0.1 | ||
|
||
# Set firewall profile `SSH` | ||
❯ deterrers-cli update --profile ssh 192.0.0.1 | ||
|
||
# Activate firewall profile | ||
❯ deterrers-cli action register 192.0.0.1 | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
import click | ||
import deterrersapi | ||
import pathlib | ||
import json | ||
import yaml | ||
|
||
deterrers = None | ||
|
||
profiles = click.Choice( | ||
('', 'HTTP', 'SSH', 'HTTP+SSH', 'Multipurpose'), | ||
case_sensitive=False) | ||
host_firewalls = click.Choice( | ||
('', 'UFW', 'FirewallD', 'nftables'), | ||
case_sensitive=False) | ||
|
||
|
||
def print_format(data, format: str): | ||
if format == 'yaml': | ||
print(yaml.dump(data)) | ||
else: | ||
print(json.dumps(data, indent=4)) | ||
|
||
|
||
@click.group() | ||
def cli(): | ||
global deterrers | ||
with open(pathlib.Path().home() / '.deterrers.yml', 'r') as f: | ||
config = yaml.safe_load(f) | ||
deterrers = deterrersapi.Deterrers(config['url'], config['token']) | ||
|
||
|
||
@cli.command() | ||
@click.option('--format', default='json', help='Output format (json or yaml)') | ||
def hosts(format): | ||
'''List all IPs added to DETERRERS. | ||
''' | ||
data = deterrers.hosts() | ||
print_format(data, format) | ||
|
||
|
||
@cli.command() | ||
@click.option('--format', default='json', help='Output format (json or yaml)') | ||
@click.argument('ipv4') | ||
def get(format, ipv4): | ||
'''Get information about an IP address in DETERRERS. | ||
''' | ||
data = deterrers.get(ipv4) | ||
print_format(data, format) | ||
|
||
|
||
@cli.command() | ||
@click.argument('ipv4') | ||
def delete(ipv4): | ||
'''Delete IP address from DETERRERS. | ||
''' | ||
deterrers.delete(ipv4) | ||
|
||
|
||
@cli.command() | ||
@click.option('--admin', '-a', multiple=True, required=True) | ||
@click.argument('ipv4') | ||
def add(ipv4, admin): | ||
'''Add IP address to DETERRERS. | ||
''' | ||
deterrers.add(ipv4, admin) | ||
|
||
|
||
@cli.command() | ||
@click.option('--profile', '-p', default='', type=profiles) | ||
@click.option('--firewall', '-f', default='', type=host_firewalls) | ||
@click.argument('ipv4') | ||
def update(ipv4, profile, firewall): | ||
'''Update IP address in DETERRERS. | ||
''' | ||
deterrers.update(ipv4, profile, firewall) | ||
|
||
|
||
@cli.group() | ||
def action(): | ||
'''Activate firewall profile or block IP address in perimeter firewall. | ||
''' | ||
pass | ||
|
||
|
||
@action.command() | ||
@click.argument('ipv4') | ||
def register(ipv4): | ||
'''Activate profile in perimeter firewall. | ||
''' | ||
deterrers.action(ipv4, 'register') | ||
|
||
|
||
@action.command() | ||
@click.argument('ipv4') | ||
def block(ipv4): | ||
'''Block IP address perimeter firewall. | ||
''' | ||
deterrers.action(ipv4, 'block') | ||
|
||
|
||
if __name__ == '__main__': | ||
cli() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
deterrers-api | ||
PyYAML | ||
Click |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
from setuptools import setup | ||
import os | ||
|
||
|
||
def read(filename): | ||
path = os.path.abspath(os.path.dirname(__file__)) | ||
with open(os.path.join(path, filename), encoding='utf-8') as f: | ||
return f.read() | ||
|
||
|
||
setup( | ||
name='deterrers-cli', | ||
version='0.2', | ||
description='Command line client for DETERRERS', | ||
url='https://github.com/virtUOS/proteuscmd', | ||
author='Lars Kiesow', | ||
author_email='lkiesow@uos.de', | ||
license='MIT', | ||
packages=['deterrerscli'], | ||
license_files=('LICENSE'), | ||
include_package_data=True, | ||
install_requires=read('requirements.txt').split(), | ||
long_description=read('README.md'), | ||
long_description_content_type='text/markdown', | ||
entry_points={ | ||
'console_scripts': ['deterrers-cli = deterrerscli.__main__:cli'], | ||
}) |