thomasciesla/JTL-WAFI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jtl-wafi-agent.py aktualisiert

Browse Source
This commit is contained in:
thomasciesla
2025-12-19 22:09:10 +01:00
parent 7295133b51
commit 8bab66c2fa
1 changed files with 18 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
jtl-wafi-agent.py
View File

@@ -1,6 +1,6 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
""" """
GeoIP Agent v2.0.0 - WebSocket Real-Time Agent JTL-WAFi Agent v2.0.0 - WebSocket Real-Time Agent
Vollständige Neuimplementierung mit: Vollständige Neuimplementierung mit:
- WebSocket-basierte Echtzeit-Kommunikation - WebSocket-basierte Echtzeit-Kommunikation
@@ -37,14 +37,14 @@ from logging.handlers import RotatingFileHandler
# ============================================================================= # =============================================================================
# VERSION # VERSION
# ============================================================================= # =============================================================================
VERSION = "2.0.0" VERSION = "2.3.0"
# ============================================================================= # =============================================================================
# PFADE - AGENT # PFADE - AGENT
# ============================================================================= # =============================================================================
CONFIG_DIR = "/etc/geoip-agent" CONFIG_DIR = "/etc/jtl-wafi"
TOKEN_FILE = "/etc/geoip-agent/token" TOKEN_FILE = "/etc/jtl-wafi/token"
LOG_FILE = "/var/log/geoip-agent.log" LOG_FILE = "/var/log/jtl-wafi.log"
# ============================================================================= # =============================================================================
# PFADE - SHOPS # PFADE - SHOPS
@@ -597,14 +597,14 @@ def setup_logging(debug: bool = False):
pass pass
# Logger konfigurieren # Logger konfigurieren
logger = logging.getLogger('geoip_agent') logger = logging.getLogger('jtl_wafi_agent')
logger.setLevel(log_level) logger.setLevel(log_level)
logger.handlers = handlers logger.handlers = handlers
return logger return logger
# Global Logger (wird in main() initialisiert) # Global Logger (wird in main() initialisiert)
logger = logging.getLogger('geoip_agent') logger = logging.getLogger('jtl_wafi_agent')
# ============================================================================= # =============================================================================
@@ -802,7 +802,7 @@ def generate_php_bot_ip_ranges() -> str:
# ============================================================================= # =============================================================================
GEOIP_SCRIPT_TEMPLATE = '''<?php GEOIP_SCRIPT_TEMPLATE = '''<?php
/** /**
* GeoIP Blocking Script - {region_name} * JTL-WAFi Blocking Script - {region_name}
* Valid until: {expiry_date} * Valid until: {expiry_date}
* FAIL-OPEN: If cache is corrupt/empty, traffic is allowed through * FAIL-OPEN: If cache is corrupt/empty, traffic is allowed through
*/ */
@@ -864,7 +864,7 @@ if (!$cache_valid) {{
@file_put_contents($cache_file, serialize($allowed_ranges)); @file_put_contents($cache_file, serialize($allowed_ranges));
$cache_valid = true; $cache_valid = true;
}} else {{ }} else {{
error_log("GeoIP FAIL-OPEN: Could not load valid IP ranges (got " . count($allowed_ranges) . ", need $min_ranges)"); error_log("JTL-WAFi FAIL-OPEN: Could not load valid IP ranges (got " . count($allowed_ranges) . ", need $min_ranges)");
return; return;
}} }}
}} }}
@@ -1407,7 +1407,7 @@ def activate_blocking(shop: str, silent: bool = True, mode: str = "geoip",
f.write(geoip_content) f.write(geoip_content)
set_owner(blocking_file, uid, gid) set_owner(blocking_file, uid, gid)
# Step 3: Cache generieren (nur bei GeoIP) # Step 3: Cache generieren (nur bei JTL-WAFi)
if not bot_mode: if not bot_mode:
success, range_count, error = generate_and_validate_cache(httpdocs, geo_region, uid, gid) success, range_count, error = generate_and_validate_cache(httpdocs, geo_region, uid, gid)
if not success and not silent: if not success and not silent:
@@ -1753,7 +1753,7 @@ def rotate_shop_logs():
# ============================================================================= # =============================================================================
# GEOIP AGENT - WebSocket Client # GEOIP AGENT - WebSocket Client
# ============================================================================= # =============================================================================
class GeoIPAgent: class JTLWAFiAgent:
""" """
WebSocket-basierter Agent für Echtzeit-Kommunikation mit dem Dashboard. WebSocket-basierter Agent für Echtzeit-Kommunikation mit dem Dashboard.
""" """
@@ -2252,7 +2252,7 @@ class GeoIPAgent:
def run(self): def run(self):
"""Startet den Agent.""" """Startet den Agent."""
logger.info("=" * 60) logger.info("=" * 60)
logger.info(f"GeoIP Agent v{VERSION} (WebSocket Real-Time)") logger.info(f"JTL-WAFi Agent v{VERSION} (WebSocket Real-Time)")
logger.info(f"Hostname: {self.hostname}") logger.info(f"Hostname: {self.hostname}")
logger.info(f"Agent-ID: {self.agent_id}") logger.info(f"Agent-ID: {self.agent_id}")
logger.info(f"Dashboard: {self.dashboard_url}") logger.info(f"Dashboard: {self.dashboard_url}")
@@ -2274,12 +2274,12 @@ class GeoIPAgent:
def create_systemd_service(): def create_systemd_service():
"""Erstellt systemd Service-Datei.""" """Erstellt systemd Service-Datei."""
service = """[Unit] service = """[Unit]
Description=GeoIP Agent v2.0 (WebSocket) Description=JTL-WAFi Agent v2.0 (WebSocket)
After=network.target After=network.target
[Service] [Service]
Type=simple Type=simple
ExecStart=/usr/bin/python3 /opt/geoip-agent/geoip_agent.py ExecStart=/usr/bin/python3 /opt/jtl-wafi/jtl_wafi_agent.py
Restart=always Restart=always
RestartSec=10 RestartSec=10
User=root User=root
@@ -2288,13 +2288,13 @@ Environment=PYTHONUNBUFFERED=1
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
""" """
service_path = "/etc/systemd/system/geoip-agent.service" service_path = "/etc/systemd/system/jtl-wafi-agent.service"
try: try:
with open(service_path, 'w') as f: with open(service_path, 'w') as f:
f.write(service) f.write(service)
print(f"✅ Service erstellt: {service_path}") print(f"✅ Service erstellt: {service_path}")
print(" Aktivieren mit: systemctl daemon-reload && systemctl enable --now geoip-agent") print(" Aktivieren mit: systemctl daemon-reload && systemctl enable --now jtl-wafi-agent")
except PermissionError: except PermissionError:
print("❌ Root-Rechte erforderlich!") print("❌ Root-Rechte erforderlich!")
sys.exit(1) sys.exit(1)
@@ -2324,7 +2324,7 @@ def main():
import argparse import argparse
parser = argparse.ArgumentParser( parser = argparse.ArgumentParser(
description=f"GeoIP Agent v{VERSION} - WebSocket Real-Time Agent" description=f"JTL-WAFi Agent v{VERSION} - WebSocket Real-Time Agent"
) )
parser.add_argument( parser.add_argument(
"--url", "--url",
@@ -2372,7 +2372,7 @@ def main():
sys.exit(1) sys.exit(1)
# Agent starten # Agent starten
agent = GeoIPAgent(dashboard_url=args.url) agent = JTLWAFiAgent(dashboard_url=args.url)
agent.run() agent.run()