Baffle-WAF/baffle-hub
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Lots of updates

Browse Source
This commit is contained in:
Dan Milne
2025-11-11 16:54:52 +11:00
parent 26216da9ca
commit cc8213f87a
41 changed files with 1463 additions and 614 deletions
Download Patch File Download Diff File Expand all files Collapse all files

171
app/views/network_ranges/show.html.erb
View File

@@ -68,6 +68,21 @@
<dd class="mt-1 text-sm text-gray-900"><%= @network_range.ipv4? ? "IPv4" : "IPv6" %></dd>
</div>
<!-- Supernet display -->
<% parent_with_intelligence = @network_range.parent_with_intelligence %>
<% if parent_with_intelligence && parent_with_intelligence.cidr != @network_range.cidr %>
<div>
<dt class="text-sm font-medium text-gray-500">Supernet</dt>
<dd class="mt-1 text-sm text-gray-900">
<%= link_to parent_with_intelligence.cidr, network_range_path(parent_with_intelligence),
class: "text-blue-600 hover:text-blue-800 hover:underline font-mono" %>
<% if parent_with_intelligence.company.present? %>
<span class="ml-2 text-xs text-gray-500">(<%= parent_with_intelligence.company %>)</span>
<% end %>
</dd>
</div>
<% end %>
<% if @network_range.asn.present? %>
<div>
<dt class="text-sm font-medium text-gray-500">ASN</dt>
@@ -220,12 +235,12 @@
<% end %>
<!-- Associated Rules -->
<div class="bg-white shadow rounded-lg mb-6">
<div class="bg-white shadow rounded-lg mb-6" data-controller="quick-create-rule">
<div class="px-6 py-4 border-b border-gray-200">
<div class="flex items-center justify-between">
<h3 class="text-lg font-medium text-gray-900">Associated Rules (<%= @associated_rules.count %>)</h3>
<% if @network_range.persisted? %>
<button type="button" onclick="toggleQuickCreateRule()" class="inline-flex items-center px-3 py-1.5 border border-transparent text-sm font-medium rounded-md text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500">
<button type="button" data-action="click->quick-create-rule#toggle" data-quick-create-rule-target="toggle" class="inline-flex items-center px-3 py-1.5 border border-transparent text-sm font-medium rounded-md text-white bg-blue-600 hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-blue-500">
<svg class="w-4 h-4 mr-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 4v16m8-8H4" />
</svg>
@@ -239,7 +254,7 @@
<!-- Quick Create Rule Form -->
<% if @network_range.persisted? %>
<div id="quick_create_rule" class="hidden border-b border-gray-200">
<div id="quick_create_rule" data-quick-create-rule-target="form" class="hidden border-b border-gray-200">
<div class="px-6 py-4 bg-blue-50">
<%= form_with(model: Rule.new, url: rules_path, local: true,
class: "space-y-4",
@@ -290,7 +305,7 @@
{
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
id: "quick_rule_type_select",
onchange: "toggleRuleTypeFields()"
data: { quick_create_rule_target: "ruleTypeSelect", action: "change->quick-create-rule#updateRuleTypeFields" }
} %>
<p class="mt-1 text-xs text-gray-500">Select the type of rule to create</p>
</div>
@@ -308,7 +323,10 @@
['Monitor - Log but allow', 'monitor']
], 'deny'),
{ },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" } %>
{
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
data: { quick_create_rule_target: "actionSelect", action: "change->quick-create-rule#updateRuleTypeFields" }
} %>
<p class="mt-1 text-xs text-gray-500">Action to take when rule matches</p>
</div>
</div>
@@ -331,19 +349,20 @@
</div>
<!-- Pattern-based Rule Fields -->
<div id="pattern_fields" class="hidden space-y-4">
<div id="pattern_fields" data-quick-create-rule-target="patternFields" class="hidden space-y-4">
<div>
<%= form.label :conditions, "Pattern/Conditions", class: "block text-sm font-medium text-gray-700" %>
<%= form.text_area :conditions, rows: 3,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
placeholder: "Enter pattern or JSON conditions...",
id: "quick_conditions_field" %>
<p class="mt-1 text-xs text-gray-500" id="pattern_help_text">Pattern will be used for matching</p>
id: "quick_conditions_field",
data: { quick_create_rule_target: "conditionsField" } %>
<p class="mt-1 text-xs text-gray-500" id="pattern_help_text" data-quick-create-rule-target="helpText">Pattern will be used for matching</p>
</div>
</div>
<!-- Rate Limit Fields -->
<div id="rate_limit_fields" class="hidden space-y-4">
<div id="rate_limit_fields" data-quick-create-rule-target="rateLimitFields" class="hidden space-y-4">
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<div>
<%= label_tag :rate_limit, "Request Limit", class: "block text-sm font-medium text-gray-700" %>
@@ -363,7 +382,7 @@
</div>
<!-- Redirect Fields -->
<div id="redirect_fields" class="hidden space-y-4">
<div id="redirect_fields" data-quick-create-rule-target="redirectFields" class="hidden space-y-4">
<div>
<%= label_tag :redirect_url, "Redirect URL", class: "block text-sm font-medium text-gray-700" %>
<%= text_field_tag :redirect_url,
@@ -405,7 +424,7 @@
<!-- Form Actions -->
<div class="flex justify-end space-x-3 pt-4 border-t border-blue-200">
<button type="button" onclick="toggleQuickCreateRule()" class="px-4 py-2 text-sm font-medium text-gray-700 bg-white border border-gray-300 rounded-md hover:bg-gray-50">
<button type="button" data-action="click->quick-create-rule#toggle" class="px-4 py-2 text-sm font-medium text-gray-700 bg-white border border-gray-300 rounded-md hover:bg-gray-50">
Cancel
</button>
<%= form.submit "Create Rule", class: "px-4 py-2 text-sm font-medium text-white bg-blue-600 border border-transparent rounded-md hover:bg-blue-700" %>
@@ -532,7 +551,7 @@
<!-- Recent Events -->
<% if @related_events.any? %>
<div class="bg-white shadow rounded-lg">
<div class="bg-white shadow rounded-lg" data-controller="timeline" data-timeline-mode-value="events">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Recent Events (<%= @related_events.count %>)</h3>
</div>
@@ -549,15 +568,22 @@
</thead>
<tbody class="bg-white divide-y divide-gray-200">
<% @related_events.first(20).each do |event| %>
<tr class="hover:bg-gray-50">
<tr class="hover:bg-gray-50 cursor-pointer" onclick="window.location='<%= event_path(event) %>'">
<td class="px-6 py-4 whitespace-nowrap text-sm text-gray-900">
<%= event.timestamp.strftime("%H:%M:%S") %>
<div class="text-gray-900" data-timeline-target="timestamp" data-iso="<%= event.timestamp.iso8601 %>">
<%= event.timestamp.strftime("%H:%M:%S") %>
</div>
<div class="text-xs text-gray-500" data-timeline-target="date" data-iso="<%= event.timestamp.iso8601 %>">
<%= event.timestamp.strftime("%Y-%m-%d") %>
</div>
</td>
<td class="px-6 py-4 whitespace-nowrap text-sm font-mono text-gray-900">
<%= event.ip_address %>
</td>
<td class="px-6 py-4 whitespace-nowrap text-sm text-gray-900">
<%= event.request_path || "-" %>
<td class="px-6 py-4 text-sm text-gray-900">
<div class="max-w-md break-all">
<%= event.request_path || "-" %>
</div>
</td>
<td class="px-6 py-4 whitespace-nowrap">
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium <%= event.waf_action == 'deny' ? 'bg-red-100 text-red-800' : 'bg-green-100 text-green-800' %>">
@@ -565,9 +591,34 @@
</span>
</td>
<td class="px-6 py-4 text-sm text-gray-900">
<div class="truncate max-w-xs" title="<%= event.user_agent %>">
<%= event.user_agent&.truncate(50) || "-" %>
</div>
<% if event.user_agent.present? %>
<% ua = parse_user_agent(event.user_agent) %>
<div class="space-y-0.5" title="<%= ua[:raw] %>">
<div class="font-medium text-gray-900">
<%= ua[:name] if ua[:name].present? %>
<% if ua[:version].present? && ua[:name].present? %>
<span class="text-gray-500 font-normal"><%= ua[:version] %></span>
<% end %>
</div>
<% if ua[:os_name].present? %>
<div class="text-xs text-gray-500">
<%= ua[:os_name] %>
<% if ua[:os_version].present? %>
<%= ua[:os_version] %>
<% end %>
</div>
<% end %>
<% if ua[:bot] %>
<div class="text-xs">
<span class="inline-flex items-center px-2 py-0.5 rounded-full bg-orange-100 text-orange-800">
🤖 <%= ua[:bot_name] || 'Bot' %>
</span>
</div>
<% end %>
</div>
<% else %>
<span class="text-gray-400">-</span>
<% end %>
</td>
</tr>
<% end %>
@@ -578,85 +629,3 @@
<% end %>
</div>
<script>
function toggleQuickCreateRule() {
const formDiv = document.getElementById('quick_create_rule');
formDiv.classList.toggle('hidden');
// Reset form when hiding
if (formDiv.classList.contains('hidden')) {
resetQuickCreateForm();
}
}
function toggleRuleTypeFields() {
const ruleType = document.getElementById('quick_rule_type_select').value;
const action = document.querySelector('select[name="rule[action]"]').value;
// Hide all optional fields
document.getElementById('pattern_fields').classList.add('hidden');
document.getElementById('rate_limit_fields').classList.add('hidden');
document.getElementById('redirect_fields').classList.add('hidden');
// Show relevant fields based on rule type
if (['path_pattern', 'header_pattern', 'query_pattern', 'body_signature'].includes(ruleType)) {
document.getElementById('pattern_fields').classList.remove('hidden');
updatePatternHelpText(ruleType);
} else if (ruleType === 'rate_limit') {
document.getElementById('rate_limit_fields').classList.remove('hidden');
}
// Show redirect fields if action is redirect
if (action === 'redirect') {
document.getElementById('redirect_fields').classList.remove('hidden');
}
}
function updatePatternHelpText(ruleType) {
const helpText = document.getElementById('pattern_help_text');
const conditionsField = document.getElementById('quick_conditions_field');
switch(ruleType) {
case 'path_pattern':
helpText.textContent = 'Regex pattern to match URL paths (e.g.,\\.env$|wp-admin|phpmyadmin)';
conditionsField.placeholder = 'Example: \\.env$|\\.git|config\\.php|wp-admin';
break;
case 'header_pattern':
helpText.textContent = 'JSON with header_name and pattern (e.g., {"header_name": "User-Agent", "pattern": "bot.*"})';
conditionsField.placeholder = 'Example: {"header_name": "User-Agent", "pattern": ".*[Bb]ot.*"}';
break;
case 'query_pattern':
helpText.textContent = 'Regex pattern to match query parameters (e.g., union.*select|<script)';
conditionsField.placeholder = 'Example: (?:union|select|insert|update|delete).*\\s+(?:union|select)';
break;
case 'body_signature':
helpText.textContent = 'Regex pattern to match request body content (e.g., OR 1=1|<script)';
conditionsField.placeholder = 'Example: (?:OR\\s+1\\s*=\\s*1|AND\\s+1\\s*=\\s*1|UNION\\s+SELECT)';
break;
}
}
function resetQuickCreateForm() {
const form = document.querySelector('#quick_create_rule form');
if (form) {
form.reset();
// Reset rule type to default
document.getElementById('quick_rule_type_select').value = 'network';
toggleRuleTypeFields();
}
}
// Initialize the form visibility state
document.addEventListener('DOMContentLoaded', function() {
// Set up action change listener to show/hide redirect fields
const actionSelect = document.querySelector('select[name="rule[action]"]');
if (actionSelect) {
actionSelect.addEventListener('change', function() {
toggleRuleTypeFields();
});
}
// Initialize field visibility
toggleRuleTypeFields();
});
</script>