infidel/iptables-parser
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update makefile

Browse Source
This commit is contained in:
Yosafat Marselino Agus 2023-10-24 18:04:36 +07:00
parent d4fb2a4de5
commit 5d70137d56
7 changed files with 1899 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.swp
*.so
lib/

10
Makefile Normal file
View File

@ -0,0 +1,10 @@
CC=gcc
CFLAGS=
SFLAGS=-shared -fPIC
TARGET_DIR=lib
parser_lib.so: $(TARGET_DIR)
$(CC) $(SFLAGS) iptables_parser_lib.c -o $(TARGET_DIR)/$@
parser: $(TARGET_DIR)
$(CC) iptables_parser.c -o $(TARGET_DIR)/$@

11
Readme.md Normal file
View File

@ -0,0 +1,11 @@
# Infidel's iptables log parser
## Codes
### wrapper.py
Reads, iptables.log and calls the c `parser_lib.so`. Feed the parser library with lines from iptables log.
### parser_lib.so
Process the sed like operation on the line by line feeded by `wrapper.py`.

1456
example/iptables.log Normal file
View File

File diff suppressed because it is too large Load Diff

157
iptables_parser.c Normal file
View File

@ -0,0 +1,157 @@
#include <stdio.h>
#include <string.h>
int main()
{
int h,i,j,k,l,v,w,x,y,ctr,dtr;
char str_in[200];
char newString[200][200];
char newParam[100][100];
char str_final[50];
char *filename = "example/iptables.log";
FILE *fp = fopen(filename, "r");
if (fp == NULL)
{
printf("Error: could not open file %s", filename);
return 1;
}
// reading line by line, max 256 bytes
const unsigned MAX_LENGTH = 256;
char buffer[MAX_LENGTH];
h = 0;
while (fgets(buffer, MAX_LENGTH, fp)) {
h = h + 1;
}
//printf(" %d\n ", h);
i = 0;
fclose(fp);
fp = fopen(filename, "r");
while (fgets(buffer, MAX_LENGTH, fp)) {
// printf("- %d -", i);
if ( i > h-10 ) {
j=0; ctr=0;
printf("\n%d -> %s \n", i, buffer);
//printf("[%d]\t[ Param ]\t\t[ Value ] \n", i);
for (x=0; x <= (strlen(buffer)); x++)
{
if(buffer[x]==' '|| buffer[x]=='\0' || buffer[x]=='\n'){
newString[ctr][j]='\0';
ctr++;
j=0;
}
else {
newString[ctr][j]=buffer[x];
j++;
}
}
for (v=0; v <= ctr ; v++) {
// printf("[ %d ]----> %s \n", v, newString[v]);
strcpy(str_in, newString[v]);
// printf("\n[%d]----> %s \n", i, str_in);
k=0; dtr=0;
memset(newParam, 0, sizeof newParam);
for (w=0; w <= (strlen(str_in)) ; w++) {
if(str_in[w]=='='){
newParam[dtr][k]='\0';
dtr++;
k=0;
}
// else if(str_in[w]!='\n' && str_in[w]!=' ') {
else {
newParam[dtr][k]=str_in[w];
k++;
}
}
strcpy(str_final, newParam[0]);
// if ( newParam[0] && newParam[0][0] != "\n" ) {
if ( *str_final == EOF ) {
// if strcmp(&str_final, '\n') {
continue;
}
//printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, newParam[1]);
// printf("*******************\n");
// printf("-< %s >-\n", str_final);
// printf("-< %s >-\n", newParam[1]);
// if (str_final=="SRC"){
// printf("[ Value %d]----> %s \n", i, newParam[1]);
// for (l=0; l <= dtr ; l++) {
// printf("[ + %d]----> %s \n", w, newParam[l]);
// }
if (strcmp(str_final,"SRC") == 0){
printf("[.]----------------------------------------n");
printf("-< %s >-\n", str_final);
printf("-< %s >-\n", newParam[1]);
//printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, newParam[1]);
}
if (strcmp(str_final,"DST") == 0){
printf("-< %s >-\n", str_final);
printf("-< %s >-\n", newParam[1]);
//printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, newParam[1]);
}
if (strcmp(str_final,"SPT") == 0){
printf("-< %s >-\n", str_final);
printf("-< %s >-\n", newParam[1]);
//printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, newParam[1]);
}
if (strcmp(str_final,"DPT") == 0){
printf("-< %s >-\n", str_final);
printf("-< %s >-\n", newParam[1]);
//printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, newParam[1]);
}
}
// j=0; ctr=0;
// for (v=0; v <= (strlen(newString)); v++) {
// if(newString[v]=='='){
// newParam[ctr][j]='\0';
// ctr++;
// j=0;
// }
// else {
// newParam[ctr][j]=newString[v];
// j++;
// }
// }
}
i = i +1 ;
// printf("\n==================================================================================\n");
}
// close the file
fclose(fp);
return 0;
}

218
iptables_parser_lib.c Normal file
View File

@ -0,0 +1,218 @@
#include <stdio.h>
#include <string.h>
int h,i,j,k,l,v,w,x,y,ctr,dtr;
char str_in[200];
char newString[200][200];
char newParam[100][100];
char str_final[50];
char * lineParser(char * py_args)
{
// char newParam[100][100];
// char newString[100][100];
// char str_in[100];
//
char * ret_str = malloc(strlen(py_args));
j=0; ctr=0;
printf("\n%d -> %s \n", i, py_args);
printf("[%d]\t[ Param ]\t\t[ Value ] \n", i);
for (x=0; x <= (strlen(py_args)); x++)
{
if(py_args[x]==' '|| py_args[x]=='\0' || py_args[x]=='\n'){
newString[ctr][j]='\0';
ctr++;
j=0;
}
else {
newString[ctr][j]=py_args[x];
j++;
}
}
for (v=0; v <= ctr ; v++) {
strcpy(str_in, newString[v]);
k=0; dtr=0;
memset(newParam, 0, sizeof newParam);
for (w=0; w <= (strlen(str_in)) ; w++) {
if(str_in[w]=='='){
newParam[dtr][k]='\0';
dtr++;
k=0;
}
// else if(str_in[w]!='\n' && str_in[w]!=' ') {
else {
newParam[dtr][k]=str_in[w];
k++;
}
}
strcpy(str_final, newParam[0]);
strcat(ret_str, newParam[0]);
strcat(ret_str, "=");
// if ( newParam[0] && newParam[0][0] != "\n" ) {
if ( *str_final == EOF ) {
// if strcmp(&str_final, '\n') {
continue;
}
strcat(ret_str, newParam[1]);
strcat(ret_str, ";");
printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, ret_str);
}
// printf("--------------------------------------------------------------------------------------------\n");
// printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, newParam[1]);
// printf("--------------------------------------------------------------------------------------------\n");
char * fucker = malloc(sizeof(ret_str));
printf("\n==================================================================================\n");
strcat(fucker, ret_str);
// memcpy(fucker, "Fuckery", sizeof("Fuckery"));
printf(" Local value : %s\n", ret_str);
printf(" PY value : %s\n", py_args);
free(ret_str);
// free(fucker);
return fucker;
}
const char * iptablesParser(char * py_args)
{
char *filename = "/var/log/iptables.log";
FILE *fp = fopen(filename, "r");
if (fp == NULL)
{
printf("Error: could not open file %s", filename);
return "Error";
}
// reading line by line, max 256 bytes
const unsigned MAX_LENGTH = 256;
char buffer[MAX_LENGTH];
h = 0;
while (fgets(buffer, MAX_LENGTH, fp)) {
h = h + 1;
}
printf(" %d\n ", h);
i = 0;
fclose(fp);
fp = fopen(filename, "r");
while (fgets(buffer, MAX_LENGTH, fp)) {
// printf("- %d -", i);
if ( i < 20 ) {
j=0; ctr=0;
printf("\n%d -> %s \n", i, buffer);
printf("[%d]\t[ Param ]\t\t[ Value ] \n", i);
for (x=0; x <= (strlen(buffer)); x++)
{
if(buffer[x]==' '|| buffer[x]=='\0' || buffer[x]=='\n'){
newString[ctr][j]='\0';
ctr++;
j=0;
}
else {
newString[ctr][j]=buffer[x];
j++;
}
}
for (v=0; v <= ctr ; v++) {
// printf("[ %d ]----> %s \n", v, newString[v]);
strcpy(str_in, newString[v]);
// printf("\n[%d]----> %s \n", i, str_in);
k=0; dtr=0;
memset(newParam, 0, sizeof newParam);
for (w=0; w <= (strlen(str_in)) ; w++) {
if(str_in[w]=='='){
newParam[dtr][k]='\0';
dtr++;
k=0;
}
// else if(str_in[w]!='\n' && str_in[w]!=' ') {
else {
newParam[dtr][k]=str_in[w];
k++;
}
}
strcpy(str_final, newParam[0]);
// if ( newParam[0] && newParam[0][0] != "\n" ) {
if ( *str_final == EOF ) {
// if strcmp(&str_final, '\n') {
continue;
}
printf("[%d]\t[ %s ]\t\t[ %s ] \n", v, str_final, newParam[1]);
// printf("[ Value %d]----> %s \n", i, newParam[1]);
// for (l=0; l <= dtr ; l++) {
// printf("[ + %d]----> %s \n", w, newParam[l]);
// }
}
// j=0; ctr=0;
// for (v=0; v <= (strlen(newString)); v++) {
// if(newString[v]=='='){
// newParam[ctr][j]='\0';
// ctr++;
// j=0;
// }
// else {
// newParam[ctr][j]=newString[v];
// j++;
// }
// }
}
i = i +1 ;
// printf("\n==================================================================================\n");
}
// close the file
fclose(fp);
char * fucker = malloc(sizeof("Fuckery"));
printf("\n==================================================================================\n");
strcpy(fucker, "Fuckery");
// memcpy(fucker, "Fuckery", sizeof("Fuckery"));
printf(" Local value : %s\n", fucker);
printf(" PY value : %s\n", py_args);
return str_final;
}

44
wrapper.py Executable file
View File

@ -0,0 +1,44 @@
#!/usr/bin/env python3
from ctypes import *
import _ctypes
def c_parser(log_line):
so_file = "lib/parser_lib.so"
iptablesParser = CDLL(so_file)
iptablesParser.iptablesParser.argtype = c_char_p
iptablesParser.iptablesParser.restype = c_char_p
iptablesParser.lineParser.argtype = c_char_p
iptablesParser.lineParser.restype = c_char_p
parser_arg = log_line.encode('utf-8')
# c_return = iptablesParser.iptablesParser(parser_arg)
c_return = iptablesParser.lineParser(parser_arg)
_ctypes.dlclose(iptablesParser._handle)
# iptablesParser.freeme(c_return)
print()
print("[ Return on Python ]"+"-"*50+"[+]")
print(c_return.decode("utf-8"))
print(c_return)
def file_pointer():
f = open("/var/log/iptables.log", "r")
i = 0
for x in f:
print()
print("*"*100)
print("SEQUENCE : ",i)
print("*"*100)
print(str(i)+" -> "+x)
c_parser(str(x))
if i >= 3:
break
i = i + 1
file_pointer()