upload

2025-10-28 21:27:10 +01:00
commit 7b41672d05
14 changed files with 1253 additions and 0 deletions
--- a/backends/ufw.py
+++ b/backends/ufw.py
@@ -0,0 +1,78 @@
+"""
+Backend dla UFW (Uncomplicated Firewall)
+"""
+
+import subprocess
+from .base import FirewallBackend
+
+
+class UFWBackend(FirewallBackend):
+    """Backend dla UFW"""
+    
+    def test_availability(self):
+        """Sprawdza czy UFW jest dostępny"""
+        try:
+            result = subprocess.run(
+                ['ufw', 'version'], 
+                capture_output=True,
+                timeout=5
+            )
+            return result.returncode == 0
+        except:
+            return False
+            
+    def ban_ip(self, ip, duration):
+        """Banuje IP używając UFW"""
+        try:
+            # UFW nie wspiera natywnie timeout, więc używamy prostego deny
+            cmd = ['ufw', 'deny', 'from', ip]
+            
+            result = subprocess.run(cmd, capture_output=True, timeout=5)
+            
+            if result.returncode == 0:
+                self.logger.debug(f"UFW ban successful for {ip}")
+                # UFW wymaga reload
+                subprocess.run(['ufw', 'reload'], capture_output=True, timeout=5)
+                return True
+            else:
+                self.logger.error(f"UFW ban failed: {result.stderr.decode()}")
+                return False
+                
+        except Exception as e:
+            self.logger.error(f"Error banning IP with UFW: {e}")
+            return False
+            
+    def unban_ip(self, ip):
+        """Usuwa ban używając UFW"""
+        try:
+            cmd = ['ufw', 'delete', 'deny', 'from', ip]
+            result = subprocess.run(cmd, capture_output=True, timeout=5)
+            
+            if result.returncode == 0:
+                self.logger.debug(f"UFW unban successful for {ip}")
+                subprocess.run(['ufw', 'reload'], capture_output=True, timeout=5)
+                return True
+            else:
+                self.logger.warning(f"UFW unban may have failed")
+                return False
+                
+        except Exception as e:
+            self.logger.error(f"Error unbanning IP with UFW: {e}")
+            return False
+            
+    def is_banned(self, ip):
+        """Sprawdza czy IP jest zbanowany"""
+        try:
+            cmd = ['ufw', 'status', 'numbered']
+            result = subprocess.run(cmd, capture_output=True, text=True, timeout=5)
+            
+            # Szukaj IP z DENY
+            for line in result.stdout.split('\n'):
+                if ip in line and 'DENY' in line:
+                    return True
+                    
+            return False
+            
+        except Exception as e:
+            self.logger.error(f"Error checking ban status: {e}")
+            return False