vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-05 10:41:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Adds new REST API v2/

Browse source 
Addresses #5269
This commit is contained in:
Simone Mainardi 2021-07-08 09:57:46 +02:00
parent 1f24dec3e3
commit b117e8a23a
178 changed files with 6639 additions and 124 deletions
Download patch file Download diff file Expand all files Collapse all files

270
scripts/lua/rest/v2/get/host/active.lua Normal file
View file

@ -0,0 +1,270 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
require "flow_utils"
local format_utils = require("format_utils")
local json = require "dkjson"
local rest_utils = require("rest_utils")
--
-- Read list of active hosts
-- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "1"}' http://localhost:3000/lua/rest/v2/get/host/active.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
local res = {}
local ifid = _GET["ifid"]
-- Pagination:
local all = _GET["all"]
local currentPage = _GET["currentPage"]
local perPage = _GET["perPage"]
local sortColumn = _GET["sortColumn"] -- ip, name, since, last, alerts, country, vlan, num_flows, traffic, thpt
local sortOrder = _GET["sortOrder"]
-- Filters
local mode = _GET["mode"] -- all local remote broadcast_domain filtered blacklisted dhcp
local ipversion = _GET["version"]
local protocol = _GET["protocol"]
local traffic_type = _GET["traffic_type"]
local asn = _GET["asn"]
local vlan = _GET["vlan"]
local network = _GET["network"]
local cidr = _GET["network_cidr"]
local pool = _GET["pool"]
local country = _GET["country"]
local os_ = tonumber(_GET["os"])
local mac = _GET["mac"]
local top_hidden = ternary(_GET["top_hidden"] == "1", true, nil)
if isEmptyString(ifid) then
rc = rest_utils.consts.err.invalid_interface
rest_utils.answer(rc)
return
end
interface.select(ifid)
if not isEmptyString(_GET["sortColumn"]) then
-- Backward compatibility
_GET["sortColumn"] = "column_" .. _GET["sortColumn"]
sortColumn = _GET["sortColumn"]
end
if(currentPage == nil) then
currentPage = 1
else
currentPage = tonumber(currentPage)
end
if(perPage == nil) then
perPage = getDefaultTableSize()
else
perPage = tonumber(perPage)
tablePreferences("rows_number",perPage)
end
local traffic_type_filter
if traffic_type == "one_way" then
traffic_type_filter = 1 -- ntop_typedefs.h TrafficType traffic_type_one_way
elseif traffic_type == "bidirectional" then
traffic_type_filter = 2 -- ntop_typedefs.h TrafficType traffic_type_bidirectional
end
if isEmptyString(mode) then
mode = "all"
end
interface.select(ifname)
local to_skip = (currentPage-1) * perPage
if(sortOrder == "desc") then sOrder = false else sOrder = true end
local filtered_hosts = false
local blacklisted = false
local anomalous = false
local dhcp_hosts = false
local hosts_retrv_function = interface.getHostsInfo
if mode == "local" then
hosts_retrv_function = interface.getLocalHostsInfo
elseif mode == "remote" then
hosts_retrv_function = interface.getRemoteHostsInfo
elseif mode == "broadcast_domain" then
hosts_retrv_function = interface.getBroadcastDomainHostsInfo
elseif mode == "filtered" then
filtered_hosts = true
elseif mode == "blacklisted" then
blacklisted_hosts = true
elseif mode == "dhcp" then
dhcp_hosts = true
end
local hosts_stats = hosts_retrv_function(false, sortColumn, perPage, to_skip, sOrder,
country, os_, tonumber(vlan), tonumber(asn),
tonumber(network), mac,
tonumber(pool), tonumber(ipversion),
tonumber(protocol), traffic_type_filter,
filtered_hosts, blacklisted_hosts, top_hidden, anomalous, dhcp_hosts, cidr)
if hosts_stats == nil then
rest_utils.answer(rest_utils.consts.err.not_found)
return
end
hosts_stats = hosts_stats["hosts"]
if hosts_stats == nil then
rest_utils.answer(rest_utils.consts.err.internal_error)
return
end
if all ~= nil then
perPage = 0
currentPage = 0
end
function get_host_name(h)
if h["name"] == nil then
if h["ip"] ~= nil then
h["name"] = ip2label(h["ip"])
else
h["name"] = h["mac"]
end
end
return(h["name"])
end
local vals = {}
local num = 0
for key, value in pairs(hosts_stats) do
num = num + 1
postfix = string.format("0.%04u", num)
if(isEmptyString(sortColumn)) then
vals[key] = key
elseif(sortColumn == "column_name") then
hosts_stats[key]["name"] = get_host_name(hosts_stats[key])
vals[hosts_stats[key]["name"]..postfix] = key
elseif(sortColumn == "column_since") then
vals[hosts_stats[key]["seen.first"]+postfix] = key
elseif(sortColumn == "column_alerts") then
vals[hosts_stats[key]["num_alerts"]+postfix] = key
elseif(sortColumn == "column_last") then
vals[hosts_stats[key]["seen.last"]+postfix] = key
elseif(sortColumn == "column_country") then
vals[hosts_stats[key]["country"]..postfix] = key
elseif(sortColumn == "column_vlan") then
vals[hosts_stats[key]["vlan"]..postfix] = key
elseif(sortColumn == "column_num_flows") then
local t = hosts_stats[key]["active_flows.as_client"]+hosts_stats[key]["active_flows.as_server"]
vals[t+postfix] = key
elseif(sortColumn == "column_num_dropped_flows") then
local t = hosts_stats[key]["flows.dropped"] or 0
vals[t+postfix] = key
elseif(sortColumn == "column_traffic") then
vals[hosts_stats[key]["bytes.sent"]+hosts_stats[key]["bytes.rcvd"]+postfix] = key
elseif(sortColumn == "column_thpt") then
vals[hosts_stats[key]["throughput_bps"]+postfix] = key
elseif(sortColumn == "column_queries") then
vals[hosts_stats[key]["queries.rcvd"]+postfix] = key
elseif(sortColumn == "column_ip") then
vals[hosts_stats[key]["ipkey"]+postfix] = key
else
vals[key] = key
end
end
if sortOrder == "asc" then
funct = asc
else
funct = rev
end
local data = {}
for _key, _value in pairsByKeys(vals, funct) do
local record = {}
local key = vals[_key]
local value = hosts_stats[key]
local symkey = hostinfo2jqueryid(hosts_stats[key])
record["key"] = symkey
record["first_seen"] = value["seen.first"]
record["last_seen"] = value["seen.last"]
record["vlan"] = value["vlan"]
record["ip"] = stripVlan(key)
record["os"] = value["os"]
record["num_alerts"] = value["num_alerts"]
local host = interface.getHostInfo(hosts_stats[key].ip, hosts_stats[key].vlan)
if host ~= nil then
record["country"] = host["country"]
record["is_blacklisted"] = host["is_blacklisted"]
end
local name = value["name"]
if isEmptyString(name) then
local hinfo = hostkey2hostinfo(key)
name = hostinfo2label(hinfo)
end
if isEmptyString(name) then
name = key
end
if value["ip"] ~= nil then
local label = hostinfo2label(value)
if label ~= value["ip"] and name ~= label then
name = name .. " ["..label.."]"
end
end
record["name"] = name
record["thpt"] = {}
record["thpt"]["pps"] = value["throughput_pps"]
record["thpt"]["bps"] = value["throughput_bps"]*8
record["bytes"] = {}
record["bytes"]["total"] = (value["bytes.sent"]+value["bytes.rcvd"])
record["bytes"]["sent"] = value["bytes.sent"]
record["bytes"]["recvd"] = value["bytes.rcvd"]
record["is_localhost"] = value["localhost"]
record["is_multicast"] = value["is_multicast"]
record["is_broadcast"] = value["is_broadcast"]
record["is_broadcast_domain"] = value["broadcast_domain_host"]
record["num_flows"] = {}
record["num_flows"]["total"] = (value["active_flows.as_client"] + value["active_flows.as_server"])
record["num_flows"]["as_client"] = (value["active_flows.as_client"])
record["num_flows"]["as_server"] = (value["active_flows.as_server"])
data[#data + 1] = record
end -- for
res = {
perPage = perPage,
currentPage = currentPage,
totalRows = total,
data = data,
sort = {
{
sortColumn,
sortOrder
}
},
}
rest_utils.answer(rc, res)

10
scripts/lua/rest/v2/get/host/alert/exclusions.lua Normal file
View file

@ -0,0 +1,10 @@
--
-- (C) 2019-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
local alert_rest_utils = require "alert_rest_utils"
alert_rest_utils.get_alert_exclusions("host", _GET["host"])

57
scripts/lua/rest/v2/get/host/alert/list.lua Normal file
View file

@ -0,0 +1,57 @@
--
-- (C) 2021-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
package.path = dirs.installdir .. "/scripts/lua/modules/alert_store/?.lua;" .. package.path
local auth = require "auth"
local rest_utils = require("rest_utils")
local host_alert_store = require "host_alert_store".new()
--
-- Read alerts data
-- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "1"}' http://localhost:3000/lua/rest/v2/get/host/alert/list.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
local res = {}
local ifid = _GET["ifid"]
local format = _GET["format"] or "json"
local no_html = (format == "txt")
if not auth.has_capability(auth.capabilities.alerts) then
rest_utils.answer(rest_utils.consts.err.not_granted)
return
end
if isEmptyString(ifid) then
rc = rest_utils.consts.err.invalid_interface
rest_utils.answer(rc)
return
end
interface.select(ifid)
-- Fetch the results
local alerts, recordsFiltered = host_alert_store:select_request()
for _, _value in ipairs(alerts or {}) do
res[#res + 1] = host_alert_store:format_record(_value, no_html)
end
if no_html then
res = host_alert_store:to_csv(res)
rest_utils.vanilla_payload_response(rc, res, "text/csv")
else
rest_utils.extended_answer(rc, {records = res}, {
["draw"] = tonumber(_GET["draw"]),
["recordsFiltered"] = recordsFiltered,
["recordsTotal"] = #res
}, format)
end

43
scripts/lua/rest/v2/get/host/alert/ts.lua Normal file
View file

@ -0,0 +1,43 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
package.path = dirs.installdir .. "/scripts/lua/modules/alert_store/?.lua;" .. package.path
local auth = require "auth"
local alert_utils = require "alert_utils"
local alert_consts = require "alert_consts"
local alert_entities = require "alert_entities"
local rest_utils = require("rest_utils")
local host_alert_store = require "host_alert_store".new()
local alert_severities = require "alert_severities"
--
-- Read alerts count by time
-- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "1"}' http://localhost:3000/lua/rest/v2/get/host/alert/ts.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
if not auth.has_capability(auth.capabilities.alerts) then
rest_utils.answer(rest_utils.consts.err.not_granted)
return
end
local ifid = _GET["ifid"]
if isEmptyString(ifid) then
rc = rest_utils.consts.err.invalid_interface
rest_utils.answer(rc)
return
end
interface.select(ifid)
local res = host_alert_store:count_by_severity_and_time_request()
rest_utils.answer(rc, res)

128
scripts/lua/rest/v2/get/host/custom_data.lua Normal file
View file

@ -0,0 +1,128 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
local json = require ("dkjson")
local tracker = require("tracker")
local rest_utils = require("rest_utils")
--
-- Read information about a host and maps host fields into custom fields
-- Example: curl -s -u admin:admin -H "Content-Type: application/json" -H "Content-Type: application/json" -d '{"host": "192.168.2.222", "ifid":"0"}' http://localhost:3000/lua/rest/v2/get/host/custom_data.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
local res = {}
local field_aliases = {}
local ifid = _GET["ifid"]
local fields = _GET["field_alias"]
if isEmptyString(ifid) then
rest_utils.answer(rest_utils.consts.err.invalid_interface)
return
end
interface.select(ifid)
-- Valid fields:
-- 1) All: {"field_alias": "all"} - Dump all host stats.
-- -- Or --
-- All: Omit the "field_alias" parameter.
-- 2) Aliases: {"field_alias": "bytes.sent=tdb,packets.sent=tdp"}
-- 3) Mixed: {"field_alias": "bytes.sent=tdb,packets.sent,ndpi=dpi"}
--
-- If the 'fields' parameter is missing 'all' host stat
-- fields will be dumped...
if (fields == nil) then
field_aliases[#field_aliases + 1] = "all=all"
else
--
-- Invalid field alias...
if isEmptyString(fields) then
rest_utils.answer(rest_utils.consts.err.invalid_args)
return
end
--
-- Build host stats fields to use with potential aliases...
local field = fields:split(",") or {fields}
for _, fa in pairs(field) do
local comp = fa:split("=")
if (comp ~= nil) then
--
-- Field and alias...
field_aliases[#field_aliases + 1] = comp[1] .. "=" .. comp[2]
else
--
-- Alias same as field...
field_aliases[#field_aliases + 1] = fa .. "=" .. fa
end
end
end
local hostparam = _GET["host"]
if ((hostparam ~= nil) or (not isEmptyString(hostparam))) then
--
-- Single host:
local host_info = url2hostinfo(_GET)
local host = interface.getHostInfo(host_info["host"], host_info["vlan"])
if not host then
rest_utils.answer(rest_utils.consts.err.not_found)
return
else
--
-- Check for 'all' host stat fields...
if (field_aliases[1] == "all=all") then
res = host
else
--
-- Process selective host stat fields...
for _, fa in pairs(field_aliases) do
local comp = fa:split("=")
local field = comp[1]
local alias = comp[2]
if (host[field] ~= nil) then
--
-- Add host field stat with potential alias name...
res[alias] = host[field]
end
end
end
tracker.log("get_host_custom_data_json", {ifid, host_info["host"], host_info["vlan"], field_aliases})
rest_utils.answer(rc, res)
return
end
else
--
-- All hosts:
local hosts_stats = interface.getHostsInfo()
hosts_stats = hosts_stats["hosts"]
for key, value in pairs(hosts_stats) do
local host = interface.getHostInfo(key)
if (host ~= nil) then
local hdata = {}
if (field_aliases[1] == "all=all") then
hdata = host
else
for _, fa in pairs(field_aliases) do
local comp = fa:split("=")
local field = comp[1]
local alias = comp[2]
if (host[field] ~= nil) then
hdata[alias] = host[field]
end
end
end
res[#res + 1] = hdata
end
end
tracker.log("get_host_custom_data_json", {ifid, "All Hosts", field_aliases})
rest_utils.answer(rc, res)
return
end

131
scripts/lua/rest/v2/get/host/data.lua Normal file
View file

@ -0,0 +1,131 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
local json = require ("dkjson")
local tracker = require("tracker")
local rest_utils = require("rest_utils")
--
-- Read information about a host
-- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "1", "host" : "192.168.1.1"}' http://localhost:3000/lua/rest/v2/get/host/data.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
local res = {}
local ifid = _GET["ifid"]
local host_info = url2hostinfo(_GET)
-- whether to return host statistics: on by default
local host_stats = _GET["host_stats"]
-- whether to return statistics regarding host flows: off by default
local host_stats_flows = _GET["host_stats_flows"]
local host_stats_flows_num = _GET["limit"]
if isEmptyString(ifid) then
rest_utils.answer(rest_utils.consts.err.invalid_interface)
return
end
if isEmptyString(host_info["host"]) then
rest_utils.answer(rest_utils.consts.err.invalid_args)
return
end
interface.select(ifid)
local host = interface.getHostInfo(host_info["host"], host_info["vlan"])
if not host then
rest_utils.answer(rest_utils.consts.err.not_found)
return
end
local function flows2protocolthpt(flows)
local protocol_thpt = {}
for _, flow in pairs(flows) do
local proto_ndpi = ""
if flow["proto.ndpi"] == nil or flow["proto.ndpi"] == "" then
goto continue
else
proto_ndpi = flow["proto.ndpi"]
end
if protocol_thpt[proto_ndpi] == nil then
protocol_thpt[proto_ndpi] =
{["cli2srv"]={["throughput_bps"]=0, ["throughput_pps"]=0},
["srv2cli"]={["throughput_bps"]=0, ["throughput_pps"]=0}}
end
for _, dir in pairs({"cli2srv", "srv2cli"}) do
for _, dim in pairs({"bps", "pps"}) do
protocol_thpt[proto_ndpi][dir]["throughput_"..dim] =
protocol_thpt[proto_ndpi][dir]["throughput_"..dim] + flow[dir..".throughput_"..dim]
end
end
::continue::
end
return protocol_thpt
end
-- hosts stats are on by default, one must explicitly disable them
if not (host_stats == nil or host_stats == "" or host_stats == "true" or host_stats == "1") then
host = {}
end
-- host flow stats are off by default and must be explicitly enabled
if host_stats_flows ~= nil and host_stats_flows ~= "" then
if host_stats_flows_num == nil or tonumber(host_stats_flows_num) == nil then
-- default: do not limit the number of flows
host_stats_flows_num = 99999
else
-- ... unless otherwise specified
host_stats_flows_num = tonumber(host_stats_flows_num)
end
local total = 0
local pageinfo = {["sortColumn"]="column_bytes", ["a2zSortOrder"]=false,
["maxHits"]=host_stats_flows_num, ["toSkip"]=0, ["detailedResults"]=true}
--local flows = interface.getFlowsInfo(host_info["host"], nil, "column_bytes", host_stats_flows_num, 0, false)
local flows = interface.getFlowsInfo(host_info["host"], pageinfo)
flows = flows["flows"]
for i, fl in ipairs(flows) do
flows[i] = {
["srv.ip"] = fl["srv.ip"], ["cli.ip"] = fl["cli.ip"],
["srv.port"] = fl["srv.port"], ["cli.port"] = fl["cli.port"],
["proto.ndpi_id"] = fl["proto.ndpi_id"], ["proto.ndpi"] = fl["proto.ndpi"],
["bytes"] = fl["bytes"],
["cli2srv.throughput_bps"] = round(fl["throughput_cli2srv_bps"], 2),
["srv2cli.throughput_bps"] = round(fl["throughput_srv2cli_bps"], 2),
["cli2srv.throughput_pps"] = round(fl["throughput_cli2srv_pps"], 2),
["srv2cli.throughput_pps"] = round(fl["throughput_srv2cli_pps"], 2),
}
if fl["proto.l4"] == "TCP" then
flows[i]["cli2srv.tcp_flags"] = TCPFlags2table(fl["cli2srv.tcp_flags"])
flows[i]["srv2cli.tcp_flags"] = TCPFlags2table(fl["srv2cli.tcp_flags"])
flows[i]["tcp_established"] = fl["tcp_established"]
end
end
host["ndpiThroughputStats"] = flows2protocolthpt(flows)
host["flows"] = flows
host["flows_count"] = total
end
res = host
tracker.log("host_get_json", {host_info["host"], host_info["vlan"]})
rest_utils.answer(rc, res)

58
scripts/lua/rest/v2/get/host/dscp/stats.lua Normal file
View file

@ -0,0 +1,58 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
local stats_utils = require("stats_utils")
local rest_utils = require("rest_utils")
local dscp_consts = require "dscp_consts"
--
-- Read DSCP statistics for a hsot
-- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "1", "host" : "192.168.56.103", "direction": "recv"}' http://localhost:3000/lua/rest/v2/get/host/dscp/stats.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
local ifid = _GET["ifid"]
local host_info = url2hostinfo(_GET)
local direction = _GET["direction"]
if isEmptyString(ifid) then
rc = rest_utils.consts.err.invalid_interface
rest_utils.answer(rc)
return
end
local received_stats = false
if direction == "recv" then
received_stats = true
end
interface.select(ifid)
local res = {}
local tot = 0
local stats = interface.getHostInfo(host_info["host"], host_info["vlan"])
if stats == nil then
rest_utils.answer(rest_utils.consts.err.not_found)
return
end
for key, value in pairsByKeys(stats.dscp, asc) do
res[#res + 1] = {
label = dscp_consts.ds_class_descr(key),
value = ternary(received_stats, value['packets.rcvd'], value['packets.sent'])
}
end
local collapsed = stats_utils.collapse_stats(res, 1)
rest_utils.answer(rc, collapsed)

76
scripts/lua/rest/v2/get/host/fingerprint/data.lua Normal file
View file

@ -0,0 +1,76 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
local graph_utils = require "graph_utils"
require "flow_utils"
require "historical_utils"
local fingerprint_utils = require "fingerprint_utils"
local rest_utils = require("rest_utils")
local available_fingerprints = {
ja3 = {
stats_key = "ja3_fingerprint",
href = function(fp) return '<A HREF="https://sslbl.abuse.ch/ja3-fingerprints/'..fp..'" target="_blank">'..fp..'</A> <i class="fas fa-external-link-alt"></i>' end
},
hassh = {
stats_key = "hassh_fingerprint",
href = function(fp) return fp end
}
}
-- Parameters used for the rest answer --
local rc
local res = {}
local ifid = _GET["ifid"]
local host_info = url2hostinfo(_GET)
local fingerprint_type = _GET["fingerprint_type"]
-- #####################################################################
local stats
if isEmptyString(fingerprint_type) then
rc = rest_utils.consts.err.invalid_args
rest_utils.answer(rc)
return
end
if isEmptyString(ifid) then
rc = rest_utils.consts.err.invalid_interface
rest_utils.answer(rc)
return
end
if isEmptyString(host_info["host"]) then
rc = rest_utils.consts.err.invalid_args
rest_utils.answer(rc)
return
end
if(host_info["host"] ~= nil) then
stats = interface.getHostInfo(host_info["host"], host_info["vlan"])
end
stats = stats or {}
if fingerprint_type == "ja3" then
stats = stats and stats.ja3_fingerprint or {}
elseif fingerprint_type == "hassh" then
stats = stats and stats.hassh_fingerprint or {}
end
for key, value in pairs(stats) do
res[#res + 1] = value
res[#res][fingerprint_type] = key
end
rc = rest_utils.consts.success.ok
rest_utils.answer(rc, res)

77
scripts/lua/rest/v2/get/host/fingerprint/ja3.lua Normal file
View file

@ -0,0 +1,77 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
local graph_utils = require "graph_utils"
require "flow_utils"
require "historical_utils"
local fingerprint_utils = require "fingerprint_utils"
local rest_utils = require("rest_utils")
local available_fingerprints = {
ja3 = {
stats_key = "ja3_fingerprint",
href = function(fp) return '<A HREF="https://sslbl.abuse.ch/ja3-fingerprints/'..fp..'" target="_blank">'..fp..'</A> <i class="fas fa-external-link-alt"></i>' end
},
hassh = {
stats_key = "hassh_fingerprint",
href = function(fp) return fp end
}
}
-- Parameters used for the rest answer --
local rc
local res = {}
local ifid = _GET["ifid"]
local host_info = url2hostinfo(_GET)
local fingerprint_type = _GET["fingerprint_type"]
-- #####################################################################
local stats
if isEmptyString(fingerprint_type) then
rc = rest_utils.consts.err.invalid_args
rest_utils.answer(rc)
return
end
if isEmptyString(ifid) then
rc = rest_utils.consts.err.invalid_interface
rest_utils.answer(rc)
return
end
if isEmptyString(host_info["host"]) then
rc = rest_utils.consts.err.invalid_args
rest_utils.answer(rc)
return
end
if(host_info["host"] ~= nil) then
stats = interface.getHostInfo(host_info["host"], host_info["vlan"])
end
stats = stats or {}
if fingerprint_type == "ja3" then
stats = stats and stats.ja3_fingerprint
elseif fingerprint_type == "hassh" then
stats = stats and stats.hassh_fingerprint
end
tprint(stats)
for key, value in pairs(stats) do
res[#res + 1] = value
res[#res]["ja3_fingerprint"] = key
end
rc = rest_utils.consts.success.ok
rest_utils.answer(rc, res)

46
scripts/lua/rest/v2/get/host/interfaces.lua Normal file
View file

@ -0,0 +1,46 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
local json = require ("dkjson")
local rest_utils = require("rest_utils")
--
-- Retrieves all ntopng interfaces of a given host
-- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"host" : "192.168.1.1"}' http://localhost:3000/lua/rest/v2/get/host/interfaces.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
local res = {}
local host_info = url2hostinfo(_GET)
if isEmptyString(host_info["host"]) then
rest_utils.answer(rest_utils.consts.err.invalid_args)
return
end
local host_key = hostinfo2hostkey(host_info)
-- Use the host as key in the response so it will be easier to extend
-- this endpoint with multiple hosts if necessary
res[host_key] = {}
for ifid, _ in pairs(interface.getIfNames()) do
-- Possibly allowerd interface already enforced by iterator
interface.select(ifid)
local cur_host_info = interface.getHostInfo(host_key)
if cur_host_info then
-- Host found on the given interface
res[host_key][#res[host_key] + 1] = {ifid = interface.getId()}
end
end
rest_utils.answer(rc, res)

85
scripts/lua/rest/v2/get/host/l7/stats.lua Normal file
View file

@ -0,0 +1,85 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
require "lua_utils"
local rest_utils = require("rest_utils")
local stats_utils = require("stats_utils")
--
-- Read statistics about nDPI application protocols for a hsot
-- Example: curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "1", "host": "192.168.1.1"}' http://localhost:3000/lua/rest/v2/get/host/l7/stats.lua
--
-- NOTE: in case of invalid login, no error is returned but redirected to login
--
local rc = rest_utils.consts.success.ok
local res = {}
local ifid = _GET["ifid"]
local host_info = url2hostinfo(_GET)
local breed = _GET["breed"]
local ndpi_category = _GET["ndpi_category"]
if isEmptyString(ifid) then
rc = rest_utils.consts.err.invalid_interface
rest_utils.answer(rc)
return
end
local show_breed = false
if breed == "true" then
show_breed = true
end
local show_ndpi_category = false
if ndpi_category == "true" then
show_ndpi_category = true
end
interface.select(ifid)
local ndpi_protos = interface.getnDPIProtocols()
local function getAppUrl(app)
if ndpi_protos[app] ~= nil then
return ntop.getHttpPrefix().."/lua/flows_stats.lua?application="..app
end
return nil
end
local tot = 0
local stats = interface.getHostInfo(host_info["host"], host_info["vlan"])
if stats == nil then
rest_utils.answer(rest_utils.consts.err.not_found)
return
end
tot = stats["bytes.sent"] + stats["bytes.rcvd"]
local _ifstats = computeL7Stats(stats, show_breed, show_ndpi_category)
for key, value in pairsByValues(_ifstats, rev) do
local duration = 0
if(stats["ndpi"][key] ~= nil) then
duration = stats["ndpi"][key]["duration"]
end
res[#res + 1] = {
label = key,
value = value,
duration = duration,
}
end
local collapsed = stats_utils.collapse_stats(res, 1, 3 --[[ threshold ]])
rest_utils.answer(rc, collapsed)

12
scripts/lua/rest/v2/get/host/pool/members.lua Normal file
View file

@ -0,0 +1,12 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
local host_pools = require "host_pools"
local pools_rest_utils = require "pools_rest_utils"
pools_rest_utils.get_pool_members(host_pools)

12
scripts/lua/rest/v2/get/host/pool_by_member.lua Normal file
View file

@ -0,0 +1,12 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
local host_pools = require "host_pools"
local pools_rest_utils = require "pools_rest_utils"
pools_rest_utils.get_pool_by_member(host_pools)

12
scripts/lua/rest/v2/get/host/pools.lua Normal file
View file

@ -0,0 +1,12 @@
--
-- (C) 2013-21 - ntop.org
--
local dirs = ntop.getDirs()
package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
local host_pools = require "host_pools"
local pools_rest_utils = require "pools_rest_utils"
pools_rest_utils.get_pools(host_pools)