Baffle-WAF/baffle-hub
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Updates

Browse Source
This commit is contained in:
Dan Milne
2025-11-14 16:35:49 +11:00
parent df94ac9720
commit 6433f6c5bb
30 changed files with 833 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

144
app/views/network_ranges/show.html.erb
View File

@@ -251,6 +251,39 @@
</div>
</div>
<% end %>
<% if @network_range.persisted? && @network_range.agent_tally.any? %>
<div class="border-t border-gray-200 pt-4">
<h4 class="text-sm font-medium text-gray-900 mb-2">Top User Agents</h4>
<div class="space-y-1">
<% @network_range.agent_tally.sort_by { |ua, count| -count }.first(5).each do |user_agent, count| %>
<div class="flex justify-between text-sm">
<span class="text-gray-600 truncate" title="<%= user_agent %>">
<% if user_agent.present? %>
<% ua = parse_user_agent(user_agent) %>
<% if ua[:name].present? %>
<%= ua[:name] %>
<% if ua[:version].present? %>
<span class="text-gray-400">(<%= ua[:version] %>)</span>
<% end %>
<% if ua[:bot] %>
<span class="inline-flex items-center px-1.5 py-0.5 rounded text-xs bg-orange-100 text-orange-800 ml-1">
🤖 <%= ua[:bot_name] || 'Bot' %>
</span>
<% end %>
<% else %>
<%= truncate(user_agent, length: 50) %>
<% end %>
<% else %>
<em class="text-gray-400">Unknown</em>
<% end %>
</span>
<span class="font-medium"><%= count %></span>
</div>
<% end %>
</div>
</div>
<% end %>
</div>
</div>
<% end %>
@@ -312,15 +345,12 @@
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<!-- Rule Type -->
<div>
<%= form.label :rule_type, "Rule Type", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :rule_type,
<%= form.label :waf_rule_type, "Rule Type", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :waf_rule_type,
options_for_select([
['Network - IP/CIDR based blocking', 'network'],
['Rate Limit - Request rate limiting', 'rate_limit'],
['Path Pattern - URL path filtering', 'path_pattern'],
['Header Pattern - HTTP header filtering', 'header_pattern'],
['Query Pattern - Query parameter filtering', 'query_pattern'],
['Body Signature - Request body filtering', 'body_signature']
['Path Pattern - URL path filtering', 'path_pattern']
], 'network'),
{ },
{
@@ -333,15 +363,15 @@
<!-- Action -->
<div>
<%= form.label :action, "Action", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :action,
<%= form.label :waf_action, "Action", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :waf_action,
options_for_select([
['Deny - Block requests', 'deny'],
['Allow - Whitelist requests', 'allow'],
['Rate Limit - Throttle requests', 'rate_limit'],
['Redirect - Redirect to URL', 'redirect'],
['Challenge - Present CAPTCHA', 'challenge'],
['Monitor - Log but allow', 'monitor']
['Log - Log but allow', 'log']
], 'deny'),
{ },
{
@@ -468,13 +498,13 @@
<div>
<div class="flex items-center space-x-2">
<span class="text-sm font-medium text-gray-900">
<%= rule.action.upcase %> <%= rule.cidr %>
<%= rule.waf_action.upcase %> <%= rule.cidr %>
</span>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-blue-100 text-blue-800">
Priority: <%= rule.priority %>
</span>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-gray-100 text-gray-800">
<%= rule.rule_type.humanize %>
<%= rule.waf_rule_type.humanize %>
</span>
<% if rule.source.include?('surgical') %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-purple-100 text-purple-800">
@@ -523,51 +553,109 @@
<!-- Network Relationships -->
<div class="grid grid-cols-1 lg:grid-cols-2 gap-6 mb-6">
<!-- Parent Ranges -->
<% if @parent_ranges.any? %>
<% if @parent_ranges.any? || @supernet_rules.any? %>
<div class="bg-white shadow rounded-lg">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Parent Network Ranges</h3>
<h3 class="text-lg font-medium text-gray-900">
Supernet Ranges
<% if @supernet_rules.any? %>
<span class="ml-2 inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-blue-100 text-blue-800">
<%= @supernet_rules.count %> <%= 'rule'.pluralize(@supernet_rules.count) %>
</span>
<% end %>
</h3>
<p class="mt-1 text-sm text-gray-500">Broader networks that contain this range</p>
</div>
<div class="divide-y divide-gray-200">
<% @parent_ranges.each do |parent| %>
<div class="px-6 py-3">
<div class="flex items-center justify-between">
<div>
<div class="min-w-0 flex-1">
<%= link_to parent.cidr, network_range_path(parent), class: "text-sm font-medium text-gray-900 hover:text-blue-600" %>
<div class="text-sm text-gray-500">
Prefix: /<%= parent.prefix_length %> |
<% if parent.company.present? %><%= parent.company %> | <% end %>
<%= parent.source %>
</div>
<%# Show rules for this parent %>
<% parent_rules = @supernet_rules.select { |r| r.network_range_id == parent.id } %>
<% if parent_rules.any? %>
<div class="mt-2 pl-3 border-l-2 border-blue-200 space-y-1">
<% parent_rules.each do |rule| %>
<%= render 'rules/compact_rule', rule: rule %>
<% end %>
</div>
<% end %>
</div>
</div>
</div>
<% end %>
<%# Show supernet rules that don't have a parent range loaded %>
<% orphan_supernet_rules = @supernet_rules.reject { |r| @parent_ranges.map(&:id).include?(r.network_range_id) } %>
<% if orphan_supernet_rules.any? %>
<div class="px-6 py-3 bg-gray-50">
<div class="text-sm font-medium text-gray-700 mb-2">Additional Supernet Rules</div>
<div class="space-y-1">
<% orphan_supernet_rules.each do |rule| %>
<%= render 'rules/compact_rule', rule: rule %>
<% end %>
</div>
</div>
<% end %>
</div>
</div>
<% end %>
<!-- Child Ranges -->
<% if @child_ranges.any? %>
<% if @child_ranges.any? || @subnet_rules.any? %>
<div class="bg-white shadow rounded-lg">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Child Network Ranges</h3>
<h3 class="text-lg font-medium text-gray-900">
Subnet Ranges
<% if @subnet_rules.any? %>
<span class="ml-2 inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-blue-100 text-blue-800">
<%= @subnet_rules.count %> <%= 'rule'.pluralize(@subnet_rules.count) %>
</span>
<% end %>
</h3>
<p class="mt-1 text-sm text-gray-500">More specific networks within this range</p>
</div>
<div class="divide-y divide-gray-200">
<% @child_ranges.each do |child| %>
<div class="px-6 py-3">
<div class="flex items-center justify-between">
<div>
<div class="min-w-0 flex-1">
<%= link_to child.cidr, network_range_path(child), class: "text-sm font-medium text-gray-900 hover:text-blue-600" %>
<div class="text-sm text-gray-500">
Prefix: /<%= child.prefix_length %> |
<% if child.company.present? %><%= child.company %> | <% end %>
<%= child.source %>
</div>
<%# Show rules for this child %>
<% child_rules = @subnet_rules.select { |r| r.network_range_id == child.id } %>
<% if child_rules.any? %>
<div class="mt-2 pl-3 border-l-2 border-green-200 space-y-1">
<% child_rules.each do |rule| %>
<%= render 'rules/compact_rule', rule: rule %>
<% end %>
</div>
<% end %>
</div>
</div>
</div>
<% end %>
<%# Show subnet rules that don't have a child range loaded %>
<% orphan_subnet_rules = @subnet_rules.reject { |r| @child_ranges.map(&:id).include?(r.network_range_id) } %>
<% if orphan_subnet_rules.any? %>
<div class="px-6 py-3 bg-gray-50">
<div class="text-sm font-medium text-gray-700 mb-2">Additional Subnet Rules</div>
<div class="space-y-1">
<% orphan_subnet_rules.each do |rule| %>
<%= render 'rules/compact_rule', rule: rule %>
<% end %>
</div>
</div>
<% end %>
</div>
</div>
<% end %>
@@ -577,7 +665,20 @@
<% if @related_events.any? %>
<div class="bg-white shadow rounded-lg" data-controller="timeline" data-timeline-mode-value="events">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Recent Events (<%= @related_events.count %>)</h3>
<div class="flex items-center justify-between">
<h3 class="text-lg font-medium text-gray-900">Recent Events (<%= number_with_delimiter(@events_pagy.count) %>)</h3>
<% if @events_pagy.pages > 1 %>
<span class="text-sm text-gray-500">
Page <%= @events_pagy.page %> of <%= @events_pagy.pages %>
</span>
<% end %>
</div>
<!-- Top Pagination -->
<% if @events_pagy.pages > 1 %>
<div class="mt-4">
<%= pagy_nav_tailwind(@events_pagy, pagy_id: 'network_events_top') %>
</div>
<% end %>
</div>
<div class="overflow-x-auto">
<table class="min-w-full divide-y divide-gray-200">
@@ -591,7 +692,7 @@
</tr>
</thead>
<tbody class="bg-white divide-y divide-gray-200">
<% @related_events.first(20).each do |event| %>
<% @related_events.each do |event| %>
<tr class="hover:bg-gray-50 cursor-pointer" onclick="window.location='<%= event_path(event) %>'">
<td class="px-6 py-4 whitespace-nowrap text-sm text-gray-900">
<div class="text-gray-900" data-timeline-target="timestamp" data-iso="<%= event.timestamp.iso8601 %>">
@@ -649,6 +750,11 @@
</tbody>
</table>
</div>
<!-- Bottom Pagination -->
<% if @events_pagy.pages > 1 %>
<%= pagy_nav_tailwind(@events_pagy, pagy_id: 'network_events_bottom') %>
<% end %>
</div>
<% end %>
</div>