dergeorg/NtopngGlobe
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

geoip -> fast-geopip + uid's + Local resources + data filtering v2

Browse Source
This commit is contained in:
Georg Reisinger
2022-02-01 16:34:41 +01:00
parent 3ff5f659f4
commit 3a1b0cc7df
15 changed files with 62178 additions and 579 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
model/alerts.js
View File

@ -1,60 +1,12 @@
var alerts = [{
first_seen: 1643634860,
srv_city_name: '',
ip_version: 4,
action: 'store',
pool_id: 0,
srv_continent_name: '',
score: 10,
entity_val: 'flow',
vlan_id: 0,
cli2srv_bytes: 236,
cli_country_name: '',
entity_id: 4,
srv_asn: 0,
l7_proto: 5,
is_cli_attacker: false,
srv_name: 'pdns6.ultradns.co.uk',
srv_ip: '204.74.115.1',
proto: 17,
json: '{"ntopng.key":184352024,"hash_entry_id":21200,"info":"65.127.154.156.in-addr.arpa","alert_generation": {"script_key":"udp_unidirectional","subdir":"flow"}}',
srv_country_name: '',
community_id: '1:iKl3Ri2iIm0GunF8jR1DEatNOlw=',
alert_id: 26,
is_srv_attacker: false,
srv_blacklisted: false,
alerts_map: '04000000',
srv_os: '',
cli_localhost: true,
cli_asn: 0,
srv2cli_packets: 0,
cli2srv_packets: 4,
tstamp: 1643634921,
cli_name: 'opnsense.localdomain',
cli_continent_name: '',
srv2cli_bytes: 0,
l7_cat: 14,
'proto.ndpi': 'DNS',
ifid: 2,
observation_point_id: 0,
srv_localhost: false,
cli_port: 42530,
cli_blacklisted: false,
dns_last_query: '65.127.154.156.in-addr.arpa',
is_flow_alert: true,
srv_port: 53,
l7_master_proto: 0,
is_cli_victim: false,
cli_ip: '62.178.50.96',
cli_city_name: '',
cli_os: 'Android 11.0',
is_srv_victim: false
}];
var alerts = [];
const {
v4: uuidv4
} = require('uuid');
function addAlert(first_seen, srv_city_name, ip_version, action, pool_id, srv_continent_name, score, entity_val, vlan_id, cli2srv_bytes, cli_country_name, entity_id, srv_asn, l7_proto, is_cli_attacker, srv_name, srv_ip, proto, json, srv_country_name, community_id, alert_id, is_srv_attacker, srv_blacklisted, alerts_map, srv_os, cli_localhost, cli_asn, srv2cli_packets, cli2srv_packets, tstamp, cli_name, cli_continent_name, srv2cli_bytes, l7_cat, ifid, observation_point_id, srv_localhost, cli_port, cli_blacklisted, dns_last_query, is_flow_alert, srv_port, l7_master_proto, is_cli_victim, cli_ip, cli_city_name, cli_os, is_srv_victim){
// function addAlert(srv_name, srv_ip, srv_port, json, cli_ip, cli_port){
var data = {
uid: uuidv4(),
first_seen:first_seen,
srv_city_name:srv_city_name,
ip_version:ip_version,
@ -108,6 +60,7 @@ function addAlert(first_seen, srv_city_name, ip_version, action, pool_id, srv_co
}
if(!alerts.some(x => x.cli_ip === data.cli_ip && x.srv_ip === data.srv_ip)) {
alerts.push(data);
return data.uid
}
}
@ -115,7 +68,12 @@ function getAlerts(){
return alerts;
}
function getAlert(uid){
return alerts.filter(i => i.uid === uid);
}
module.exports = {
getAlerts,
getAlerts,
getAlert,
addAlert
};

171
model/globedata.js
View File

@ -3,91 +3,163 @@ var data = {
arc: []
}
var colors = {
loc: "green",
arc: ["green", "red"],
var settings = {
location: {
home: {
lat: 48.1,
lng: 16.3
},
precision: 0
},
colors: {
loc: {
default: "green",
dualsender: "orange"
},
arc: {
default: ["green", "red"],
dualsender: ["orange", "orange"]
}
},
sizes: {
loc: {
default: 0.1
},
arc: {
default: 1.1
}
}
}
var stroke = {
loc: 0.1,
arc: 1.1
}
var geoip = require('fast-geoip');
var geoip = require('geoip-lite');
function addArc(src, dest){
async function addArc(src, dest, uid){
const arcName = src + " -> " + dest;
if(!data.arc.some(x => x.name === arcName)) {
if (!src.includes("192.168.1.")) {
var geoSrc = geoip.lookup(src);
var startLat = geoSrc.ll[0]
var startLng = geoSrc.ll[1]
var geoSrc = undefined;
var startLat = undefined;
var startLng = undefined;
var geoDest = undefined;
var endLat = undefined;
var endLng = undefined;
if(data.arc.some(x => x.name === arcName)) {
console.log("is scho da")
}else{
console.log(src.includes("192.168.1.") || src.includes("127.0.0.1"))
console.log(dest.includes("192.168.1.") || dest.includes("127.0.0.1"))
if (src.includes("192.168.1.") || src.includes("127.0.0.1")) {
startLat = round(settings.location.home.lat, settings.location.precision)
startLng = round(settings.location.home.lng, settings.location.precision)
} else {
console.log("w")
geoSrc = await geoip.lookup(src);
startLat = round(geoSrc.ll[0], settings.location.precision)
startLng = round(geoSrc.ll[1], settings.location.precision)
if (geoSrc == undefined) {
startLat = round(settings.location.home.lat, settings.location.precision)
startLng = round(settings.location.home.lng, settings.location.precision)
}
}
if (!dest.includes("192.168.1.")) {
var geoDest = geoip.lookup(dest);
var endLat = geoDest.ll[0]
var endLng = geoDest.ll[1]
if (dest.includes("192.168.1.") || dest.includes("127.0.0.1")) {
endLat = round(settings.location.home.lat, settings.location.precision)
endLng = round(settings.location.home.lng, settings.location.precision)
} else {
console.log("w")
geoDest = await geoip.lookup(dest);
endLat = round(geoDest.ll[0], settings.location.precision)
endLng = round(geoDest.ll[1], settings.location.precision)
if (geoDest == undefined) {
endLat = round(settings.location.home.lat, settings.location.precision)
endLng = round(settings.location.home.lng, settings.location.precision)
}
}
// console.log(geoSrc, geoDest)
if (geoSrc == undefined) {
startLat = 48.1712
startLng = 16.321
}
if (geoDest == undefined) {
endLat = 48.1712
endLng = 16.321
}
console.log(endLat, endLng)
var dat = {
uid: uid,
name: arcName,
startLat: startLat,
startLng: startLng,
endLat: endLat,
endLng: endLng,
color: colors.arc,
stroke: stroke.arc
color: settings.colors.arc.default,
stroke: settings.sizes.arc.default
}
console.log(arcName)
data.arc.push(dat);
addLoc(arcName, startLat, startLng)
if(data.arc.some(x => x.startLat === startLat && x.startLng === startLng && x.endLat === endLat && x.endLng === endLng)){
console.log("is scho da 2")
}else {
const newUid = addLoc(arcName, startLat, startLng, uid)
dat.uid = newUid;
if (!data.arc.some(x => x.startLat === startLat && x.startLng === startLng && x.endLat === endLat && x.endLng === endLng)) {
if (!data.arc.some(x => x.startLat === endLat && x.startLng === endLng && x.endLat === startLat && x.endLng === startLng)) {
data.arc.push(dat);
console.log(dat.uid)
} else {
const dataIndex = data.arc.findIndex(x => x.startLat === endLat && x.startLng === endLng && x.endLat === startLat && x.endLng === startLng);
data.arc[dataIndex].color = settings.colors.arc.dualsender;
}
} else {
const dataIndex = data.arc.findIndex(x => x.startLat === startLat && x.startLng === startLng && x.endLat === endLat && x.endLng === endLng);
const arcuid = data.arc[dataIndex].uid;
var loc = getLoc(arcuid)
loc.color = settings.colors.loc.dualsender;
editLoc(loc);
console.log("selbe richtiung schon da")
}
}
}
console.log("NACH IS SCHO DA")
}
function addLoc(name, lat, lng){
function round(value, precision) {
var multiplier = Math.pow(10, precision || 0);
return Math.round(value * multiplier) / multiplier;
}
function addLoc(name, lat, lng, uid){
var dat = {
uid: uid,
name: name,
lat: lat,
lng: lng,
size: stroke.loc,
color: colors.loc
size: settings.sizes.loc.default,
color: settings.colors.loc.default
};
if(!data.loc.some(x => x.lat === lat && x.lng === lng)) {
data.loc.push(dat);
return dat.uid
}else{
const dataIndex = data.loc.findIndex(obj => obj.lat === lat && obj.lng === lng);
data.loc[dataIndex].name = data.loc[dataIndex].name + "<br>" + name;
data.loc[dataIndex].name = data.loc[dataIndex].name + "<br>\n" + name;
return data.loc[dataIndex].uid
}
}
function getLocColor(){
return colors.loc;
return settings.colors.loc.default;
}
function getArcColor(){
return colors.arc;
return settings.colors.arc.default;
}
function getData(){
return data;
}
function getDisplayData(){
return {
arc: filterUid(data.arc),
loc: filterUid(data.loc)
}
}
function filterUid(tofilter){
var ret = []
tofilter.forEach(a => {
const {uid, ...newObj} = a;
ret.push(newObj)
})
return ret
}
function getLocData(){
return data.loc;
}
@ -96,7 +168,16 @@ function getArcData(){
return data.arc;
}
function getLoc(uid){
return data.loc[data.loc.findIndex(x => x.uid === uid)];
}
function editLoc(loc){
const dataIndex = data.loc.findIndex(x => x.uid === loc.uid);
data.loc[dataIndex] = loc;
}
module.exports = {
addArc, addLoc, getLocData, getArcColor, getData, getArcData, getLocColor
addArc, addLoc, getLocData, getArcColor, getData, getArcData, getLocColor, getDisplayData
}