-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdemo.py
More file actions
executable file
Β·160 lines (134 loc) Β· 5.97 KB
/
demo.py
File metadata and controls
executable file
Β·160 lines (134 loc) Β· 5.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
#!/usr/bin/env python3
"""
Demo script showing firewall capabilities without requiring root access
"""
import json
import time
from datetime import datetime, timedelta
from colorama import Fore, Style, init
# Initialize colorama
init(autoreset=True)
def load_config():
"""Load the firewall configuration"""
try:
with open('firewall_config.json', 'r') as f:
return json.load(f)
except Exception:
return {
"thresholds": {
"syn_flood_threshold": 100,
"connection_threshold": 50,
"packet_rate_threshold": 1000,
"port_scan_threshold": 20,
"icmp_flood_threshold": 100
},
"block_duration": 300
}
def simulate_attack_detection():
"""Simulate what the firewall would detect"""
config = load_config()
print(f"{Fore.CYAN}π‘οΈ Firewall Attack Detection Demo{Style.RESET_ALL}")
print("=" * 50)
# Show configuration
print(f"{Fore.YELLOW}Current Thresholds:{Style.RESET_ALL}")
for key, value in config['thresholds'].items():
print(f" {key.replace('_', ' ').title()}: {value}")
print(f"\nBlock Duration: {config.get('block_duration', 300)} seconds")
print(f"Whitelist: {', '.join(['127.0.0.1', '::1', '192.168.1.1'])}")
print(f"\n{Fore.GREEN}π Monitoring Network Traffic...{Style.RESET_ALL}")
# Simulate different attack scenarios
scenarios = [
{
"ip": "203.0.113.45",
"attack": "SYN Flood",
"packets": 150,
"threshold": config['thresholds']['syn_flood_threshold'],
"description": "Excessive SYN packets detected"
},
{
"ip": "198.51.100.23",
"attack": "Port Scan",
"packets": 25,
"threshold": config['thresholds']['port_scan_threshold'],
"description": "Scanning multiple ports"
},
{
"ip": "192.0.2.100",
"attack": "ICMP Flood",
"packets": 120,
"threshold": config['thresholds']['icmp_flood_threshold'],
"description": "ICMP ping flood detected"
},
{
"ip": "203.0.113.77",
"attack": "Connection Flood",
"packets": 75,
"threshold": config['thresholds']['connection_threshold'],
"description": "Rapid connection attempts"
}
]
blocked_ips = []
for i, scenario in enumerate(scenarios):
time.sleep(1)
print(f"\nπ Analyzing traffic from {scenario['ip']}...")
print(f" {scenario['attack']}: {scenario['packets']}/min (threshold: {scenario['threshold']}/min)")
if scenario['packets'] > scenario['threshold']:
print(f"{Fore.RED}π¨ ATTACK DETECTED: {scenario['attack']} from {scenario['ip']}{Style.RESET_ALL}")
print(f"{Fore.RED}π« BLOCKING IP: {scenario['ip']} - {scenario['description']}{Style.RESET_ALL}")
blocked_ips.append({
'ip': scenario['ip'],
'reason': scenario['attack'],
'time': datetime.now()
})
else:
print(f"{Fore.GREEN}β
Traffic within normal limits{Style.RESET_ALL}")
# Show summary
print(f"\n{Fore.CYAN}π Attack Detection Summary{Style.RESET_ALL}")
print("=" * 30)
print(f"Total packets analyzed: {sum(s['packets'] for s in scenarios)}")
print(f"Attacks detected: {len(blocked_ips)}")
print(f"IPs blocked: {len(blocked_ips)}")
if blocked_ips:
print(f"\n{Fore.RED}π« Blocked IPs:{Style.RESET_ALL}")
for block in blocked_ips:
print(f" {block['ip']} - {block['reason']} at {block['time'].strftime('%H:%M:%S')}")
print(f"\n{Fore.YELLOW}βΉοΈ In real operation:{Style.RESET_ALL}")
print(" β’ These IPs would be blocked via iptables")
print(" β’ Blocking would last 5 minutes (configurable)")
print(" β’ All activity would be logged to firewall.log")
print(" β’ Real-time monitoring of network interfaces")
def show_features():
"""Show detailed firewall features"""
print(f"\n{Fore.CYAN}π‘οΈ Firewall Features{Style.RESET_ALL}")
print("=" * 25)
features = [
("Real-time Monitoring", "Captures and analyzes all network packets"),
("SYN Flood Protection", "Detects TCP SYN flood attacks"),
("Port Scan Detection", "Identifies port scanning attempts"),
("ICMP Flood Protection", "Blocks ICMP ping floods"),
("Connection Rate Limiting", "Prevents connection flooding"),
("Automatic IP Blocking", "Uses iptables to block malicious IPs"),
("Configurable Thresholds", "Customize detection sensitivity"),
("IP Whitelisting", "Protect trusted IP addresses"),
("Time-based Unblocking", "Automatically unblock IPs after timeout"),
("Comprehensive Logging", "Detailed logs of all firewall activity"),
("Real-time Statistics", "Live monitoring dashboard"),
("Multi-interface Support", "Monitor specific network interfaces")
]
for feature, description in features:
print(f"{Fore.GREEN}β
{Style.RESET_ALL} {Fore.YELLOW}{feature}:{Style.RESET_ALL} {description}")
def main():
print(f"{Fore.MAGENTA}{'=' * 60}{Style.RESET_ALL}")
print(f"{Fore.MAGENTA}π‘οΈ SIMPLE DDOS/DOS PROTECTION FIREWALL DEMO{Style.RESET_ALL}")
print(f"{Fore.MAGENTA}{'=' * 60}{Style.RESET_ALL}")
show_features()
print(f"\n{Fore.CYAN}Press Enter to run attack detection demo...{Style.RESET_ALL}")
input()
simulate_attack_detection()
print(f"\n{Fore.GREEN}π To start the real firewall:{Style.RESET_ALL}")
print(f" sudo python3 run.py --start")
print(f"\n{Fore.YELLOW}π§ͺ To test the firewall:{Style.RESET_ALL}")
print(f" python3 test_attacks.py 127.0.0.1")
print(f"\n{Fore.BLUE}π See README.md for complete documentation{Style.RESET_ALL}")
if __name__ == "__main__":
main()