From 9aadcd70bf798ad7d887890e776e66279052981b Mon Sep 17 00:00:00 2001 From: usmannasir Date: Tue, 15 Oct 2024 12:21:38 +0500 Subject: [PATCH] bug fix: docker apps add proxy in lsws ent as well --- plogical/DockerSites.py | 40 ++++++- plogical/test.py | 203 +++++++++++++++++++++++++++++++++ plogical/test1.py | 247 +++++++++++++++++++++++++++++++++------- 3 files changed, 449 insertions(+), 41 deletions(-) diff --git a/plogical/DockerSites.py b/plogical/DockerSites.py index 535cedce7..867e4ddd8 100644 --- a/plogical/DockerSites.py +++ b/plogical/DockerSites.py @@ -176,9 +176,11 @@ class Docker_Sites(multi.Thread): @staticmethod def SetupProxy(port): - ConfPath = '/usr/local/lsws/conf/httpd_config.conf' - data = open(ConfPath, 'r').read() + import xml.etree.ElementTree as ET + if ProcessUtilities.decideServer() == ProcessUtilities.OLS: + ConfPath = '/usr/local/lsws/conf/httpd_config.conf' + data = open(ConfPath, 'r').read() StringCheck = f"127.0.0.1:{port}" if data.find(StringCheck) == -1: ProxyContent = f""" @@ -197,6 +199,40 @@ extprocessor docker{port} {{ WriteToFile.write(ProxyContent) WriteToFile.close() + else: + ConfPath = '/usr/local/lsws/conf/httpd_config.xml' + data = open(ConfPath, 'r').read() + + # Parse the XML + root = ET.fromstring(data) + + # Find the node + ext_processor_list = root.find('extProcessorList') + + # Create the new node + new_ext_processor = ET.Element('extProcessor') + + # Add child elements to the new + ET.SubElement(new_ext_processor, 'type').text = 'proxy' + ET.SubElement(new_ext_processor, 'name').text = f'docker{port}' + ET.SubElement(new_ext_processor, 'address').text = f'127.0.0.1:{port}' + ET.SubElement(new_ext_processor, 'maxConns').text = '35' + ET.SubElement(new_ext_processor, 'pcKeepAliveTimeout').text = '60' + ET.SubElement(new_ext_processor, 'initTimeout').text = '60' + ET.SubElement(new_ext_processor, 'retryTimeout').text = '60' + ET.SubElement(new_ext_processor, 'respBuffer').text = '0' + + # Append the new to the + ext_processor_list.append(new_ext_processor) + + # Write the updated XML content to a new file or print it out + tree = ET.ElementTree(root) + tree.write(ConfPath, encoding='UTF-8', xml_declaration=True) + + # Optionally, print the updated XML + ET.dump(root) + + @staticmethod def SetupHTAccess(port, htaccess): ### Update htaccess diff --git a/plogical/test.py b/plogical/test.py index e69de29bb..929a337a8 100644 --- a/plogical/test.py +++ b/plogical/test.py @@ -0,0 +1,203 @@ +import xml.etree.ElementTree as ET + +xml_string = ''' + + $HOSTNAME + 2 + nobody + nobody + 0 + / + 0 + 120M + /tmp/lshttpd/swap + 1 + 1 + 0 + /usr/local/lsws/conf/httpd.conf + 0 + 0 + 1 + 5 + $SERVER_ROOT/conf/mime.properties + 0 + 0 + 86400 + 1 + usman@cyberpersons.com + + + $SERVER_ROOT/logs/error.log + DEBUG + 0 + 10M + 1 + 1 + + + $SERVER_ROOT/logs/access.log + %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" + 10M + 30 + 1 + + + index.html, index.php + + 0 + .htaccess + + + 1 + image/*=A604800, text/css=A604800, application/x-javascript=A604800, application/javascript=A604800 + + + 10000 + 10000 + 300 + 1000 + 5 + 0 + 0 + 8192 + 16380 + 500M + 8K + 500M + 4096 + 20M + 256K + 40M + 1 + 1 + 4 + 1 + text/*,application/x-javascript,application/javascript,application/xml, image/svg+xml + 1 + 1 + 1 + 6 + 1M + 300 + + + 1 + + + + 1 + 0 + 000 + 000 + + + 0 + 0 + 0 + 0 + 10000 + 10000 + 15 + 300 + + + 200 + 11 + 10 + 0 + 300 + 600 + 1450M + 1500M + 1400 + 1450 + + + 0 + 0 + deny,log,status:403 + 1 + /tmp + $SERVER_ROOT/logs/security_audit.log + + + XSS attack + log,deny,status:403,msg:'XSS attack' + 1 + + + / + /etc/* + /dev/* + $SERVER_ROOT/conf/* + $SERVER_ROOT/admin/conf/* + + + ALL, 127.0.0.1T, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 104.16.0.0/12T, 108.162.192.0/18T, 131.0.72.0/22T, 141.101.64.0/18T, 162.158.0.0/15T, 172.64.0.0/13T, 173.245.48.0/20T, 188.114.96.0/20T, 190.93.240.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 2400:cb00::/32T, 2405:8100::/32T, 2405:b500::/32T, 2606:4700::/32T, 2803:f800::/32T, 2a06:98c0::/29T, 2c0f:f248::/32T, 192.88.134.0/23T, 185.93.228.0/22, 66.248.200.0/22T, 208.109.0.0/22T, 2a02:fe80::/29T + + + + + lsapi + lsphp5 +
uds://tmp/lshttpd/lsphp5.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/fcgi-bin/lsphp5 + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + + proxy + docker100 +
127.0.0.1:1100
+ 60 + -1 + 60 + 60 + 0 + + +''' + +# Parse the XML content + +root = ET.fromstring(xml_string) + +# Find the node +ext_processor_list = root.find('extProcessorList') + +# Create the new node +new_ext_processor = ET.Element('extProcessor') +port = '100' + +# Add child elements to the new +ET.SubElement(new_ext_processor, 'type').text = 'proxy' +ET.SubElement(new_ext_processor, 'name').text = f'docker{port}' +ET.SubElement(new_ext_processor, 'address').text = f'127.0.0.1:{port}' +ET.SubElement(new_ext_processor, 'maxConns').text = '35' +ET.SubElement(new_ext_processor, 'pcKeepAliveTimeout').text = '60' +ET.SubElement(new_ext_processor, 'initTimeout').text = '60' +ET.SubElement(new_ext_processor, 'retryTimeout').text = '60' +ET.SubElement(new_ext_processor, 'respBuffer').text = '0' + +# Append the new to the +ext_processor_list.append(new_ext_processor) + +# Write the updated XML content to a new file or print it out +tree = ET.ElementTree(root) +#tree.write(ConfPath, encoding='UTF-8', xml_declaration=True) + +# Optionally, print the updated XML +ET.dump(root) diff --git a/plogical/test1.py b/plogical/test1.py index 8c0f284e3..545b660bc 100644 --- a/plogical/test1.py +++ b/plogical/test1.py @@ -1,39 +1,208 @@ -# import socket -# -# def reverse_dns_lookup(ip_address): -# try: -# host_name, _, _ = socket.gethostbyaddr(ip_address) -# return host_name -# except socket.herror as e: -# # Handle errors, e.g., if reverse DNS lookup fails -# return None -# -# # Example usage -# ip_address_to_check = "95.217.248.69" -# result = reverse_dns_lookup(ip_address_to_check) -# -# if result: -# print(f"Reverse DNS lookup for {ip_address_to_check}: {result}") -# else: -# print(f"Reverse DNS lookup failed for {ip_address_to_check}") -# -# -# import socket -# -# def reverse_dns_lookup_bypass_cache(ip_address): -# try: -# # Use getnameinfo to bypass DNS cache -# host_name, _ = socket.getnameinfo((ip_address, 0), socket.NI_NAMEREQD) -# return host_name -# except socket.herror as e: -# # Handle errors, e.g., if reverse DNS lookup fails -# return None -# -# # Example usage -# ip_address_to_check = "95.217.248.69" -# result = reverse_dns_lookup_bypass_cache(ip_address_to_check) -# -# if result: -# print(f"Reverse DNS lookup for {ip_address_to_check}: {result}") -# else: -# print(f"Reverse DNS lookup failed for {ip_address_to_check}") \ No newline at end of file +import xml.etree.ElementTree as ET + +xml_string = ''' + + $HOSTNAME + 2 + nobody + nobody + 0 + / + 0 + 120M + /tmp/lshttpd/swap + 1 + 1 + 0 + /usr/local/lsws/conf/httpd.conf + 0 + 0 + 1 + 5 + $SERVER_ROOT/conf/mime.properties + 0 + 0 + 86400 + 1 + usman@cyberpersons.com + + + $SERVER_ROOT/logs/error.log + DEBUG + 0 + 10M + 1 + 1 + + + $SERVER_ROOT/logs/access.log + %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" + 10M + 30 + 1 + + + index.html, index.php + + 0 + .htaccess + + + 1 + image/*=A604800, text/css=A604800, application/x-javascript=A604800, application/javascript=A604800 + + + 10000 + 10000 + 300 + 1000 + 5 + 0 + 0 + 8192 + 16380 + 500M + 8K + 500M + 4096 + 20M + 256K + 40M + 1 + 1 + 4 + 1 + text/*,application/x-javascript,application/javascript,application/xml, image/svg+xml + 1 + 1 + 1 + 6 + 1M + 300 + + + 1 + + + + 1 + 0 + 000 + 000 + + + 0 + 0 + 0 + 0 + 10000 + 10000 + 15 + 300 + + + 200 + 11 + 10 + 0 + 300 + 600 + 1450M + 1500M + 1400 + 1450 + + + 0 + 0 + deny,log,status:403 + 1 + /tmp + $SERVER_ROOT/logs/security_audit.log + + + XSS attack + log,deny,status:403,msg:'XSS attack' + 1 + + + / + /etc/* + /dev/* + $SERVER_ROOT/conf/* + $SERVER_ROOT/admin/conf/* + + + ALL, 127.0.0.1T, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 104.16.0.0/12T, 108.162.192.0/18T, 131.0.72.0/22T, 141.101.64.0/18T, 162.158.0.0/15T, 172.64.0.0/13T, 173.245.48.0/20T, 188.114.96.0/20T, 190.93.240.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 2400:cb00::/32T, 2405:8100::/32T, 2405:b500::/32T, 2606:4700::/32T, 2803:f800::/32T, 2a06:98c0::/29T, 2c0f:f248::/32T, 192.88.134.0/23T, 185.93.228.0/22, 66.248.200.0/22T, 208.109.0.0/22T, 2a02:fe80::/29T + + + + + lsapi + lsphp5 +
uds://tmp/lshttpd/lsphp5.sock
+ 35 + PHP_LSAPI_CHILDREN=35 + 60 + 0 + 1 + 0 + 3 + $SERVER_ROOT/fcgi-bin/lsphp5 + 100 + 1 + 0 + 2047M + 2047M + 400 + 500 + + + + proxy + docker100 +
127.0.0.1:1100
+ 60 + -1 + 60 + 60 + 0 + + +''' + +# Parse the XML content + +root = ET.fromstring(xml_string) + +# Find the node +ext_processor_list = root.find('extProcessorList') + +# Create the new node +new_ext_processor = ET.Element('extProcessor') +port = '200' + +# Add child elements to the new +ET.SubElement(new_ext_processor, 'type').text = 'proxy' +ET.SubElement(new_ext_processor, 'name').text = f'docker{port}' +ET.SubElement(new_ext_processor, 'address').text = f'127.0.0.1:{port}' +ET.SubElement(new_ext_processor, 'maxConns').text = '35' +ET.SubElement(new_ext_processor, 'pcKeepAliveTimeout').text = '60' +ET.SubElement(new_ext_processor, 'initTimeout').text = '60' +ET.SubElement(new_ext_processor, 'retryTimeout').text = '60' +ET.SubElement(new_ext_processor, 'respBuffer').text = '0' + +# Append the new to the +ext_processor_list.append(new_ext_processor) + +# Write the updated XML content to a new file or print it out +tree = ET.ElementTree(root) +# tree.write(ConfPath, encoding='UTF-8', xml_declaration=True) +from xml.dom import minidom + +rough_string = ET.tostring(root, 'utf-8') +reparsed = minidom.parseString(rough_string) +print(reparsed.toprettyxml(indent=" ")) + +# Optionally, print the updated XML +# ET.dump(root)