forked from wunnox/python_grundlagen
-
Notifications
You must be signed in to change notification settings - Fork 0
/
U7.5_Firewall.py
executable file
·219 lines (193 loc) · 5.65 KB
/
U7.5_Firewall.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
#!/usr/local/bin/python3
##############################################
#
# Name: U7.5_Firewall.py
#
# Author: Peter Christen
#
# Version: 1.1
#
# Date: 20.11.2015
# Date: 22.01.2017 Argparse ergänzt
#
# Purpose: Liest xlsx-Dateien mit Firewall Logs ein
#
##############################################
import string
import sys
import os
import sqlite3
import socket
import datetime
import openpyxl
import argparse
from openpyxl import load_workbook
from openpyxl.styles import PatternFill, Border, Side, Alignment, Protection, Font, Color, colors
# Argparse Eingabe prüfen
parser = argparse.ArgumentParser(
description='Excel Firewall-Log-Auszüge einlesen und neue Excel Files erstellen')
parser.add_argument(
'-c',
action='store_true',
help="Datenbank initial erstellen")
parser.add_argument('-r', metavar='Excel Datei', nargs=1,
help="Excel-File mit Firewall-Logauszug einlesen")
parser.add_argument(
'-p',
metavar='Port',
nargs=1,
help="Excel-File mit Verbindungen für einen spezifischen Port erstellen")
parser.add_argument(
'-t',
metavar='IP-Adresse',
nargs=1,
help="Excel-File mit Verbindungen für eine spezifische Target-IP erstellen")
parser.add_argument(
'-s',
metavar='IP-Adresse',
nargs=1,
help="Excel-File mit Verbindungen für eine spezifische Source-IP erstellen")
args = parser.parse_args()
# Grundvariabeln setzen
mydatabase = "U7.5_Firewallog.db"
connection = sqlite3.connect(mydatabase)
cursor = connection.cursor()
target = 'None'
source = 'None'
port = 'None'
readlog = 0
makexcel = 0
exceltargetname = "U7.5_Firewall_Log_Target.xlsx"
excelsourcename = "U7.5_Firewall_Log_Source.xlsx"
excelportname = "U7.5_Firewall_Log_Port.xlsx"
################### Keine Aenderungen mehr nötig ab hier ################
# Eingaben auswerten
if args.r:
readlog = 1
sourcefile = args.r[0]
elif args.t:
makexcel = 1
target = args.t[0]
ExcelName = exceltargetname
Titel = "Firewall Verbindungen auf Target IP " + target
elif args.s:
makexcel = 1
source = args.s[0]
ExcelName = excelsourcename
Titel = "Firewall Verbindungen von Source IP " + source
elif args.p:
makexcel = 1
port = args.p[0]
ExcelName = excelportname
Titel = "Firewall Verbindungen auf Port " + port
elif args.c:
cursor.execute(
'create table if not exists firelog ( sourceip varchar(20), targetip varchar(20), port varchar(20), protokoll varchar(10), count int)')
cursor.execute(
'CREATE INDEX if not exists firelog_ind on firelog (sourceip, targetip, port)')
print("Database created")
sys.exit(0)
# Functions
def colsize(col):
if col > 90:
col = col - 26
b = chr(col)
col = 'A' + b
else:
col = str(chr(col))
return col
# Firewall log einlesen
if readlog == 1:
# xlsx-File öffnen
wb = load_workbook(filename=sourcefile, read_only=True)
first_sheet = wb.get_sheet_names()[0]
worksheet = wb.get_sheet_by_name(first_sheet)
# xlsx-File einlesen
r = 0
w = []
for row in worksheet.iter_rows():
r += 1
c = 0
for cell in row:
c += 1
w.append(cell.value)
po = str(w[3]).split(".")
cursor.execute("replace into firelog values(?,?,?,?,?)",
(w[0], w[1], w[2], po[0], w[4]))
# print w[0],w[1],w[2],po[0],w[4],w[5]
del w[:]
cursor.execute("delete from firelog where sourceip like 'Source IP'")
connection.commit()
print(str(r) + " Zeilen eingelesen")
if makexcel == 1:
# Erstelle Excel aus Firewall DB
now = datetime.datetime.now()
datum = now.strftime("%d.%m.%Y %H:%M")
# Excel erstellen
wb = openpyxl.Workbook()
ws1 = wb.worksheets[0]
ws1.title = 'Verbindungen'
# Styles definieren
# Font
fontT = Font(bold=True, size=14, color=colors.BLACK)
fontb = Font(bold=True, color=colors.BLACK)
# Alignment
alignC = Alignment(
horizontal='center',
vertical='top',
text_rotation=0,
shrink_to_fit=False,
wrap_text=False)
alignR = Alignment(
horizontal='right',
vertical='top',
text_rotation=0,
shrink_to_fit=False,
wrap_text=False)
alignL = Alignment(
horizontal='left',
vertical='top',
text_rotation=0,
shrink_to_fit=False,
wrap_text=False)
# Kollonengroesse definieren
ws1.column_dimensions["A"].width = 14.0
ws1.column_dimensions["B"].width = 14.0
ws1.column_dimensions["C"].width = 8.0
ws1.column_dimensions["D"].width = 7.0
ws1['A1'].font = fontT
ws1['A1'].value = Titel
ws1['A3'].font = fontb
ws1['A3'].value = "SourceIP"
ws1['B3'].font = fontb
ws1['B3'].value = "TargetIP"
ws1['C3'].font = fontb
ws1['C3'].value = "Port"
ws1['D3'].font = fontb
ws1['D3'].value = "Protokoll"
# Daten aus der Datenbanken einfuegen
coln = 65
z = 4
if target != 'None':
cursor.execute("select * from firelog where targetip=?", (target,))
if source != 'None':
cursor.execute("select * from firelog where sourceip=?", (source,))
if port != 'None':
cursor.execute("select * from firelog where port=?", (port,))
for row in cursor:
col = colsize(coln)
ce = col + str(z)
ws1[ce].value = row[0]
col = colsize(coln + 1)
ce = col + str(z)
ws1[ce].value = row[1]
col = colsize(coln + 2)
ce = col + str(z)
ws1[ce].value = row[2]
col = colsize(coln + 3)
ce = col + str(z)
ws1[ce].value = row[3]
z += 1
wb.save(filename=ExcelName)
connection.commit()
cursor.close()