frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-03-01 10:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize user-provided inputs

Browse Source
This commit is contained in:
billz 2024-03-08 08:59:36 +01:00
parent b80151be28
commit 00f90f1f73
3 changed files with 37 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
api/modules/client.py
View File

@ -2,27 +2,37 @@ import subprocess
import json import json
def get_active_clients_amount(interface): def get_active_clients_amount(interface):
output = subprocess.run(f'''cat '/var/lib/misc/dnsmasq.leases' | grep -iwE "$(arp -i '{interface}' | grep -oE "(([0-9]|[a-f]|[A-F]){{{2}}}:){{{5}}}([0-9]|[a-f]|[A-F]){{{2}}}")"''', shell=True, capture_output=True, text=True) arp_output = subprocess.run(['arp', '-i', interface], capture_output=True, text=True)
return(len(output.stdout.splitlines())) mac_addresses = arp_output.stdout.splitlines()
if mac_addresses:
grep_pattern = '|'.join(mac_addresses)
output = subprocess.run(['grep', '-iwE', grep_pattern, '/var/lib/misc/dnsmasq.leases'], capture_output=True, text=True)
return len(output.stdout.splitlines())
else:
return 0
def get_active_clients(interface): def get_active_clients(interface):
#does not run like intended, but it works.... arp_output = subprocess.run(['arp', '-i', interface], capture_output=True, text=True)
output = subprocess.run(f'''cat '/var/lib/misc/dnsmasq.leases' | grep -iwE "$(arp -i '{interface}' | grep -oE "(([0-9]|[a-f]|[A-F]){{{2}}}:){{{5}}}([0-9]|[a-f]|[A-F]){{{2}}}")"''', shell=True, capture_output=True, text=True) arp_mac_addresses = set(line.split()[2] for line in arp_output.stdout.splitlines()[1:])
clients_list = []
for line in output.stdout.splitlines(): dnsmasq_output = subprocess.run(['cat', '/var/lib/misc/dnsmasq.leases'], capture_output=True, text=True)
active_clients = []
for line in dnsmasq_output.stdout.splitlines():
fields = line.split() fields = line.split()
mac_address = fields[1]
client_data = { if mac_address in arp_mac_addresses:
"timestamp": int(fields[0]), client_data = {
"mac_address": fields[1], "timestamp": int(fields[0]),
"ip_address": fields[2], "mac_address": fields[1],
"hostname": fields[3], "ip_address": fields[2],
"client_id": fields[4], "hostname": fields[3],
} "client_id": fields[4],
}
active_clients.append(client_data)
clients_list.append(client_data) json_output = json.dumps(active_clients, indent=2)
return json_output
json_output = json.dumps(clients_list, indent=2)
return json_output

4
api/modules/openvpn.py
View File

@ -34,8 +34,8 @@ def client_login_active():
return(active_config[1]) return(active_config[1])
def client_config_list(client_config): def client_config_list(client_config):
output = subprocess.run(f"cat /etc/openvpn/client/{client_config}", shell=True, capture_output=True, text=True).stdout.strip() output = subprocess.run(["cat", f"/etc/openvpn/client/{client_config}"], capture_output=True, text=True).stdout.strip()
return output.split('\n') return output.split('\n')
#TODO: where is the logfile?? #TODO: where is the logfile??
#TODO: is service connected? #TODO: is service connected?

11
api/modules/wireguard.py
View File

@ -19,8 +19,13 @@ def client_config_active():
return(active_config[1]) return(active_config[1])
def client_config_list(client_config): def client_config_list(client_config):
output = subprocess.run(f"cat /etc/wireguard/{client_config}", shell=True, capture_output=True, text=True).stdout.strip() config_path = f"/etc/wireguard/{client_config}"
return output.split('\n') try:
with open(config_path, 'r') as f:
output = f.read().strip()
return output.split('\n')
except FileNotFoundError:
raise FileNotFoundError("Client configuration file not found")
#TODO: where is the logfile?? #TODO: where is the logfile??
#TODO: is service connected? #TODO: is service connected?