From ed4e83a0d28089b8c6f842dd2e5028b7a5338db3 Mon Sep 17 00:00:00 2001 From: midefos Date: Tue, 31 Dec 2024 13:28:54 +0100 Subject: [PATCH] some renaming, and adding chatgpt readme --- README.md | 173 ++++++++++++++++++++++++++++++++++++++++++++++++++++ src/cli.rs | 14 ++--- src/main.rs | 4 +- 3 files changed, 182 insertions(+), 9 deletions(-) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..548c4f6 --- /dev/null +++ b/README.md @@ -0,0 +1,173 @@ +# Martillo Maldito + +**Martillo Maldito** is an `iptables` wrapper that simplifies firewall rule management in an intuitive and structured way. This CLI allows you to manage secured ports, block IPs, save rules, and more. + +--- + +## Features + +- Retrieve all banned IPs. +- Query and manage secured ports. +- Allow or deny access by IP for specific ports. +- Rule persistence. +- Optional Docker integration. + +--- + +## Requirements + +- Rust 1.65 or higher. +- `iptables` installed and configured on the system. +- Proper permissions to manage `iptables` rules (e.g., running as root). + +--- + +## Installation + +1. Clone the repository: + + ```bash + git clone https://github.com/your_user/martillo_maldito.git + cd martillo_maldito + ``` + +2. Build the project: + + ```bash + cargo build --release + ``` + +3. Optionally, copy the executable to a directory in your PATH: + + ```bash + cp target/release/martillo_maldito /usr/local/bin/ + ``` + +--- + +## Usage + +### General Syntax + +```bash +martillo_maldito [options] +``` + +### Available Commands + +#### 1. Retrieve all banned IPs + +```bash +martillo_maldito get-banned-ips [--docker | -d] +``` + +**Options:** +- `--docker`, `-d`: Includes rules in Docker environments. + +#### 2. Retrieve all secured ports + +```bash +martillo_maldito get-secured-ports [--docker | -d] +``` + +#### 3. Retrieve all secured ports with allowed IPs + +```bash +martillo_maldito get-secured-ports-with-allowed-ips [--docker | -d] +``` + +#### 4. Check if a port is secured + +```bash +martillo_maldito is-port-secured --port [--docker | -d] +``` + +**Options:** +- `--port`, `-p`: Specifies the port to check. +- `--docker`, `-d`: Includes rules in Docker environments. + +#### 5. Secure a port + +```bash +martillo_maldito secure-port --port [--position ] [--docker | -d] +``` + +**Options:** +- `--port`, `-p`: Specifies the port to secure. +- `--position`, `-P`: Specifies the rule position in `iptables`. +- `--docker`, `-d`: Includes rules in Docker environments. + +#### 6. Unsecure a port + +```bash +martillo_maldito unsecure-port --port [--docker | -d] +``` + +**Options:** +- `--port`, `-p`: Specifies the port to unsecure. +- `--docker`, `-d`: Includes rules in Docker environments. + +#### 7. Allow an IP for a port + +```bash +martillo_maldito allow-ip-for-port --ip --port [--position ] [--docker | -d] +``` + +**Options:** +- `--ip`, `-i`: Specifies the IP to allow. +- `--port`, `-p`: Specifies the port to allow the IP on. +- `--position`, `-P`: Specifies the rule position. +- `--docker`, `-d`: Includes rules in Docker environments. + +#### 8. Remove an allowed IP from a port + +```bash +martillo_maldito remove-allow-ip-port --ip --port [--docker | -d] +``` + +**Options:** +- `--ip`, `-i`: Specifies the IP to remove. +- `--port`, `-p`: Specifies the port to remove the IP from. +- `--docker`, `-d`: Includes rules in Docker environments. + +#### 9. Save rules + +```bash +martillo_maldito save-rules +``` + +Saves all current `iptables` rules for future restoration. + +--- + +## Examples + +1. **Retrieve all banned IPs:** + + ```bash + martillo_maldito get-banned-ips + ``` + +2. **Secure port 8080 with Docker enabled:** + + ```bash + martillo_maldito secure-port -p 8080 -d + ``` + +3. **Allow access to IP 192.168.1.10 on port 22:** + + ```bash + martillo_maldito allow-ip-for-port -i 192.168.1.10 -p 22 + ``` + +4. **Save all current rules:** + + ```bash + martillo_maldito save-rules + ``` + +--- + +## Disclaimer + +This repository is designed solely for experimental or educational purposes. It is not intended for use in production environments or critical projects. Use at your own risk. diff --git a/src/cli.rs b/src/cli.rs index fd07169..52776f5 100644 --- a/src/cli.rs +++ b/src/cli.rs @@ -3,18 +3,18 @@ use structopt::StructOpt; #[derive(Debug, StructOpt)] #[structopt(name = "martillo_maldito", about = "A IPTables wrapper")] pub enum Cli { - #[structopt(about = "List all banned ips")] + #[structopt(about = "Get all banned ips")] GetBannedIps { #[structopt(name = "Docker", short = "d", long = "docker")] docker: bool, }, - #[structopt(about = "List all secured ports")] - ListSecuredPorts { + #[structopt(about = "Get all secured ports")] + GetSecuredPorts { #[structopt(name = "Docker", short = "d", long = "docker")] docker: bool, }, - #[structopt(about = "Map secured ports to allowed ips")] - MapSecuredPortsAllowedIps { + #[structopt(about = "Get all secured ports with allowed ips")] + GetSecuredPortsWithAllowedIps { #[structopt(name = "Docker", short = "d", long = "docker")] docker: bool, }, @@ -41,7 +41,7 @@ pub enum Cli { #[structopt(name = "Docker", short = "d", long = "docker")] docker: bool, }, - #[structopt(about = "Allow an IP for port")] + #[structopt(about = "Allow an IP for a port")] AllowIpForPort { #[structopt(name = "IP to allow", short = "i", long = "ip")] ip: String, @@ -61,6 +61,6 @@ pub enum Cli { #[structopt(name = "Docker", short = "d", long = "docker")] docker: bool, }, - #[structopt(about = "Saves the configuration")] + #[structopt(about = "Saves the rules")] SaveRules, } diff --git a/src/main.rs b/src/main.rs index a9fb82b..8a2595d 100644 --- a/src/main.rs +++ b/src/main.rs @@ -10,11 +10,11 @@ fn main() { let banned_ips = MartilloMaldito::ipv4(docker).get_banned_ips(); println!("{}", serde_json::to_string(&banned_ips).unwrap()); } - Cli::ListSecuredPorts { docker } => { + Cli::GetSecuredPorts { docker } => { let secured_ports = MartilloMaldito::ipv4(docker).get_secured_ports(); println!("{}", serde_json::to_string(&secured_ports).unwrap()); } - Cli::MapSecuredPortsAllowedIps { docker } => { + Cli::GetSecuredPortsWithAllowedIps { docker } => { let secured_ports_with_allowed_ips = MartilloMaldito::ipv4(docker).get_secured_ports_with_allowed_ips(); println!(