Browse Source

Merge branch 'master' of github.com:crowdsecurity/crowdsec

Thibault bui Koechlin 5 năm trước cách đây
mục cha
commit
004fd84be9

+ 0 - 1
cmd/crowdsec-cli/api.go

@@ -102,7 +102,6 @@ func pullTOP() error {
 		if _, ok := item["scenario"]; !ok {
 			continue
 		}
-		item["scenario"] = fmt.Sprintf("api: %s", item["scenario"])
 
 		if _, ok := item["action"]; !ok {
 			continue

+ 47 - 16
cmd/crowdsec-cli/ban.go

@@ -20,10 +20,11 @@ import (
 
 var remediationType string
 var atTime string
-var all bool
 
 //user supplied filters
 var ipFilter, rangeFilter, reasonFilter, countryFilter, asFilter string
+var displayLimit int
+var displayAPI, displayALL bool
 
 func simpleBanToSignal(targetIP string, reason string, expirationStr string, action string, asName string, asNum string, country string, banSource string) (types.SignalOccurence, error) {
 	var signalOcc types.SignalOccurence
@@ -216,10 +217,9 @@ func BanList() error {
 		table.SetHeader([]string{"Source", "Ip", "Reason", "Bans", "Action", "Country", "AS", "Events", "Expiration"})
 
 		dispcount := 0
-		totcount := 0
 		apicount := 0
 		for _, rm := range ret {
-			if !all && rm["source"] == "api" {
+			if !displayAPI && rm["source"] == "api" {
 				apicount++
 				if _, ok := uniqAS[rm["as"]]; !ok {
 					uniqAS[rm["as"]] = true
@@ -227,27 +227,55 @@ func BanList() error {
 				if _, ok := uniqCN[rm["cn"]]; !ok {
 					uniqCN[rm["cn"]] = true
 				}
-				continue
 			}
-			if dispcount < 20 {
-				table.Append([]string{rm["source"], rm["iptext"], rm["reason"], rm["bancount"], rm["action"], rm["cn"], rm["as"], rm["events_count"], rm["until"]})
+			if displayALL {
+				if rm["source"] == "api" {
+					if displayAPI {
+						table.Append([]string{rm["source"], rm["iptext"], rm["reason"], rm["bancount"], rm["action"], rm["cn"], rm["as"], rm["events_count"], rm["until"]})
+						dispcount++
+						continue
+					}
+				} else {
+					table.Append([]string{rm["source"], rm["iptext"], rm["reason"], rm["bancount"], rm["action"], rm["cn"], rm["as"], rm["events_count"], rm["until"]})
+					dispcount++
+					continue
+				}
+			} else if dispcount < displayLimit {
+				if displayAPI {
+					if rm["source"] == "api" {
+						table.Append([]string{rm["source"], rm["iptext"], rm["reason"], rm["bancount"], rm["action"], rm["cn"], rm["as"], rm["events_count"], rm["until"]})
+						dispcount++
+						continue
+					}
+				} else {
+					if rm["source"] != "api" {
+						table.Append([]string{rm["source"], rm["iptext"], rm["reason"], rm["bancount"], rm["action"], rm["cn"], rm["as"], rm["events_count"], rm["until"]})
+						dispcount++
+						continue
+					}
+				}
 			}
-			totcount++
-			dispcount++
-
 		}
 		if dispcount > 0 {
-			if !all {
-				fmt.Printf("%d local decisions:\n", totcount)
+			if !displayAPI {
+				fmt.Printf("%d local decisions:\n", dispcount)
+			} else if displayAPI && !displayALL {
+				fmt.Printf("%d decision from API\n", dispcount)
+			} else if displayALL && displayAPI {
+				fmt.Printf("%d decision from crowdsec and API\n", dispcount)
 			}
 			table.Render() // Send output
-			if dispcount > 20 {
+			if dispcount > displayLimit && !displayALL {
 				fmt.Printf("Additional records stripped.\n")
 			}
 		} else {
-			fmt.Printf("No local decisions.\n")
+			if displayAPI {
+				fmt.Println("No API decisions")
+			} else {
+				fmt.Println("No local decisions")
+			}
 		}
-		if !all {
+		if !displayAPI {
 			fmt.Printf("And %d records from API, %d distinct AS, %d distinct countries\n", apicount, len(uniqAS), len(uniqCN))
 		}
 	}
@@ -404,7 +432,8 @@ cscli ban del range 1.2.3.0/24`,
 		Short: "List local or api bans/remediations",
 		Long: `List the bans, by default only local decisions.
 
-If --all/-a is specified, api-provided bans will be displayed too.
+If --all/-a is specified, bans will be displayed without limit (--limit).
+Default limit is 50.
 
 Time can be specified with --at and support a variety of date formats:  
  - Jan  2 15:04:05  
@@ -427,12 +456,14 @@ Time can be specified with --at and support a variety of date formats:
 		},
 	}
 	cmdBanList.PersistentFlags().StringVar(&atTime, "at", "", "List bans at given time")
-	cmdBanList.PersistentFlags().BoolVarP(&all, "all", "a", false, "List as well bans received from API")
+	cmdBanList.PersistentFlags().BoolVarP(&displayALL, "all", "a", false, "List bans without limit")
+	cmdBanList.PersistentFlags().BoolVarP(&displayAPI, "api", "", false, "List as well bans received from API")
 	cmdBanList.PersistentFlags().StringVar(&ipFilter, "ip", "", "List bans for given IP")
 	cmdBanList.PersistentFlags().StringVar(&rangeFilter, "range", "", "List bans belonging to given range")
 	cmdBanList.PersistentFlags().StringVar(&reasonFilter, "reason", "", "List bans containing given reason")
 	cmdBanList.PersistentFlags().StringVar(&countryFilter, "country", "", "List bans belonging to given country code")
 	cmdBanList.PersistentFlags().StringVar(&asFilter, "as", "", "List bans belonging to given AS name")
+	cmdBanList.PersistentFlags().IntVar(&displayLimit, "limit", 50, "Limit of bans to display (default 50)")
 
 	cmdBan.AddCommand(cmdBanList)
 	return cmdBan

+ 13 - 5
cmd/crowdsec-cli/install.go

@@ -71,7 +71,7 @@ you should [update cscli](./cscli_update.md).
 
 	var cmdInstallParser = &cobra.Command{
 		Use:     "parser [config]",
-		Short:   "Install given log parser",
+		Short:   "Install given parser",
 		Long:    `Fetch and install given parser from hub`,
 		Example: `cscli install parser crowdsec/xxx`,
 		Args:    cobra.MinimumNArgs(1),
@@ -79,7 +79,9 @@ you should [update cscli](./cscli_update.md).
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("failed to get Hub index : %v", err)
 			}
-			InstallItem(args[0], cwhub.PARSERS)
+			for _, name := range args {
+				InstallItem(name, cwhub.PARSERS)
+			}
 		},
 	}
 	cmdInstall.AddCommand(cmdInstallParser)
@@ -93,7 +95,9 @@ you should [update cscli](./cscli_update.md).
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("failed to get Hub index : %v", err)
 			}
-			InstallItem(args[0], cwhub.SCENARIOS)
+			for _, name := range args {
+				InstallItem(name, cwhub.SCENARIOS)
+			}
 		},
 	}
 	cmdInstall.AddCommand(cmdInstallScenario)
@@ -108,7 +112,9 @@ you should [update cscli](./cscli_update.md).
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("failed to get Hub index : %v", err)
 			}
-			InstallItem(args[0], cwhub.COLLECTIONS)
+			for _, name := range args {
+				InstallItem(name, cwhub.COLLECTIONS)
+			}
 		},
 	}
 	cmdInstall.AddCommand(cmdInstallCollection)
@@ -124,7 +130,9 @@ As a reminder, postoverflows are parsing configuration that will occur after the
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("failed to get Hub index : %v", err)
 			}
-			InstallItem(args[0], cwhub.PARSERS_OVFLW)
+			for _, name := range args {
+				InstallItem(name, cwhub.PARSERS_OVFLW)
+			}
 		},
 	}
 	cmdInstall.AddCommand(cmdInstallPostoverflow)

+ 16 - 21
cmd/crowdsec-cli/remove.go

@@ -71,15 +71,13 @@ func NewRemoveCmd() *cobra.Command {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
 
-			if remove_all && len(args) == 0 {
+			if remove_all {
 				RemoveMany(cwhub.PARSERS, "")
-			} else if len(args) == 1 {
-				RemoveMany(cwhub.PARSERS, args[0])
 			} else {
-				_ = cmd.Help()
-				return
+				for _, name := range args {
+					RemoveMany(cwhub.PARSERS, name)
+				}
 			}
-			//fmt.Println("remove/disable parser: " + strings.Join(args, " "))
 		},
 	}
 	cmdRemove.AddCommand(cmdRemoveParser)
@@ -92,13 +90,12 @@ func NewRemoveCmd() *cobra.Command {
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
-			if remove_all && len(args) == 0 {
+			if remove_all {
 				RemoveMany(cwhub.SCENARIOS, "")
-			} else if len(args) == 1 {
-				RemoveMany(cwhub.SCENARIOS, args[0])
 			} else {
-				_ = cmd.Help()
-				return
+				for _, name := range args {
+					RemoveMany(cwhub.SCENARIOS, name)
+				}
 			}
 		},
 	}
@@ -112,13 +109,12 @@ func NewRemoveCmd() *cobra.Command {
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
-			if remove_all && len(args) == 0 {
+			if remove_all {
 				RemoveMany(cwhub.COLLECTIONS, "")
-			} else if len(args) == 1 {
-				RemoveMany(cwhub.COLLECTIONS, args[0])
 			} else {
-				_ = cmd.Help()
-				return
+				for _, name := range args {
+					RemoveMany(cwhub.COLLECTIONS, name)
+				}
 			}
 		},
 	}
@@ -133,13 +129,12 @@ func NewRemoveCmd() *cobra.Command {
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
-			if remove_all && len(args) == 0 {
+			if remove_all {
 				RemoveMany(cwhub.PARSERS_OVFLW, "")
-			} else if len(args) == 1 {
-				RemoveMany(cwhub.PARSERS_OVFLW, args[0])
 			} else {
-				_ = cmd.Help()
-				return
+				for _, name := range args {
+					RemoveMany(cwhub.PARSERS_OVFLW, name)
+				}
 			}
 		},
 	}

+ 17 - 17
cmd/crowdsec-cli/upgrade.go

@@ -124,14 +124,14 @@ cscli upgrade --force # Overwrite tainted configuration
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
-			if len(args) == 1 {
-				UpgradeConfig(cwhub.PARSERS, args[0])
-				//UpgradeConfig(cwhub.PARSERS_OVFLW, "")
-			} else if upgrade_all {
+			if upgrade_all {
 				UpgradeConfig(cwhub.PARSERS, "")
 			} else {
-				_ = cmd.Help()
+				for _, name := range args {
+					UpgradeConfig(cwhub.PARSERS, name)
+				}
 			}
+
 		},
 	}
 	cmdUpgrade.AddCommand(cmdUpgradeParser)
@@ -146,12 +146,12 @@ cscli upgrade --force # Overwrite tainted configuration
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
-			if len(args) == 1 {
-				UpgradeConfig(cwhub.SCENARIOS, args[0])
-			} else if upgrade_all {
+			if upgrade_all {
 				UpgradeConfig(cwhub.SCENARIOS, "")
 			} else {
-				_ = cmd.Help()
+				for _, name := range args {
+					UpgradeConfig(cwhub.SCENARIOS, name)
+				}
 			}
 		},
 	}
@@ -168,12 +168,12 @@ cscli upgrade --force # Overwrite tainted configuration
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
-			if len(args) == 1 {
-				UpgradeConfig(cwhub.COLLECTIONS, args[0])
-			} else if upgrade_all {
+			if upgrade_all {
 				UpgradeConfig(cwhub.COLLECTIONS, "")
 			} else {
-				_ = cmd.Help()
+				for _, name := range args {
+					UpgradeConfig(cwhub.COLLECTIONS, name)
+				}
 			}
 		},
 	}
@@ -191,12 +191,12 @@ cscli upgrade --force # Overwrite tainted configuration
 			if err := cwhub.GetHubIdx(); err != nil {
 				log.Fatalf("Failed to get Hub index : %v", err)
 			}
-			if len(args) == 1 {
-				UpgradeConfig(cwhub.PARSERS_OVFLW, args[0])
-			} else if upgrade_all {
+			if upgrade_all {
 				UpgradeConfig(cwhub.PARSERS_OVFLW, "")
 			} else {
-				_ = cmd.Help()
+				for _, name := range args {
+					UpgradeConfig(cwhub.PARSERS_OVFLW, name)
+				}
 			}
 		},
 	}

+ 0 - 3
pkg/cwhub/hubMgmt.go

@@ -813,9 +813,6 @@ func HubStatus(itype string, name string, list_all bool) []map[string]string {
 		log.Errorf("type %s doesn't exist", itype)
 		return nil
 	}
-	if list_all {
-		log.Printf("only enabled ones")
-	}
 
 	var mli []map[string]string
 	/*remember, you do it for the user :)*/