diff --git a/IP_Blacklist.txt b/IP_Blacklist.txt new file mode 100644 index 0000000..7fe9a4a --- /dev/null +++ b/IP_Blacklist.txt @@ -0,0 +1,100 @@ +217.172.119.65 +216.155.88.178 +203.29.26.241 +201.220.102.146 +201.186.136.86 +201.157.254.26 +200.97.233.125 +200.69.77.213 +196.20.12.21 +195.202.164.203 +194.143.251.39 +194.143.249.252 +191.102.64.147 +191.29.78.104 +190.109.0.229 +190.103.74.236 +186.200.174.206 +186.67.127.2 +186.30.116.134 +185.134.21.163 +185.134.21.25 +185.128.136.212 +183.88.170.160 +181.191.140.134 +181.129.49.213 +181.30.28.228 +180.183.226.99 +179.189.193.89 +179.158.240.178 +179.0.68.130 +178.217.102.225 +177.185.32.1 +177.136.86.59 +177.128.115.181 +177.73.112.62 +177.37.96.144 +176.119.134.51 +170.238.112.71 +155.138.133.215 +154.0.14.113 +152.67.193.5 +150.158.98.201 +149.28.159.68 +143.255.18.196 +143.208.200.26 +140.238.14.138 +138.97.235.25 +131.72.68.95 +123.57.251.175 +121.43.159.196 +119.76.143.4 +117.1.248.199 +117.0.155.167 +116.110.102.205 +114.67.94.46 +113.226.245.42 +112.118.170.87 +108.175.3.159 +106.14.198.220 +104.248.162.117 +103.233.156.45 +103.200.38.190 +103.164.117.194 +103.148.210.246 +103.111.225.197 +103.1.184.238 +93.124.114.146 +89.251.29.21 +82.165.222.133 +82.165.189.21 +74.208.251.112 +70.35.199.217 +62.216.85.185 +61.15.245.160 +58.37.105.151 +54.94.213.243 +54.83.147.79 +52.220.124.77 +52.53.114.181 +52.2.177.222 +47.243.233.113 +47.242.199.162 +47.242.199.2 +47.242.194.195 +47.242.168.228 +47.242.114.147 +47.242.111.54 +46.246.14.22 +46.246.4.2 +45.236.170.66 +45.225.184.177 +45.225.140.15 +45.189.4.74 +45.186.140.67 +45.173.6.149 +45.173.6.98 +45.170.100.193 +45.167.90.85 +45.160.124.233 +14.139.161.31 \ No newline at end of file diff --git a/network_monitor.py b/network_monitor.py index 8371a3b..b8685b6 100644 --- a/network_monitor.py +++ b/network_monitor.py @@ -80,9 +80,13 @@ class NetworkMonitor(QMainWindow): self.actionSavePCAP = QAction('Save as pcap', self) self.actionSavePCAP.triggered.connect(self.savePacketsPCAP) + self.actionSaveBLIP = QAction('Log Violations', self) + self.actionSaveBLIP.triggered.connect(self.savePacketsBLIP) + self.saveMenu = QMenu('Save', self) self.saveMenu.addAction(self.actionSaveCSV) self.saveMenu.addAction(self.actionSavePCAP) + self.saveMenu.addAction(self.actionSaveBLIP) self.menubar.addMenu(self.saveMenu) self.actionScroll = QAction('Disable Auto Scroll', self) @@ -161,18 +165,7 @@ class NetworkMonitor(QMainWindow): self.tableWidget.setItem(rowpos, 5, QTableWidgetItem(str(tableData['length']))) self.tableWidget.setItem(rowpos, 6, QTableWidgetItem(tableData['info'])) - if(tableData['Protocol'] == 'TCP'): - self.setColortoRow(self.tableWidget, rowpos, QColor(173,191, 255)) - elif(tableData['Protocol'] == 'UDP'): - self.setColortoRow(self.tableWidget, rowpos, QColor(157,240,255)) - elif(tableData['Protocol'] == 'ARP'): - self.setColortoRow(self.tableWidget, rowpos, QColor(157,240,77)) - elif(tableData['Protocol'] == 'ICMP'): - self.setColortoRow(self.tableWidget, rowpos, QColor(255, 182, 193)) - elif(tableData['Protocol'] == 'IP'): - self.setColortoRow(self.tableWidget, rowpos, QColor(160, 182, 193)) - elif(tableData['Protocol'] == 'Other'): - self.setColortoRow(self.tableWidget, rowpos, QColor(125,125,146)) + self.setColortoRow(self.tableWidget, rowpos, tableData['RowColor']) self.vbar = self.tableWidget.verticalScrollBar() self._scroll = self.vbar.value() == self.vbar.maximum() @@ -186,10 +179,15 @@ class NetworkMonitor(QMainWindow): def savePacketsPCAP(self): path = QFileDialog.getSaveFileName(self, 'Save File', '', 'pcap(*.pcap)') - print(path[0][-4:]) path = str(path[0]) wrpcap(path, self.worker.packetList) - + + def savePacketsBLIP(self): + path = QFileDialog.getSaveFileName(self, 'Save File', '', 'pcap(*.pcap)') + path = str(path[0]) + wrpcap(path, self.worker.blackListAccess) + self.worker.blackListAccess = [] + def savePacketsCSV(self): path = QFileDialog.getSaveFileName(self, 'Save File', '', 'CSV(*.csv)') with open(path[0], 'w') as stream: diff --git a/network_monitor_thread.py b/network_monitor_thread.py index ea4e730..ee696c9 100644 --- a/network_monitor_thread.py +++ b/network_monitor_thread.py @@ -8,9 +8,13 @@ from scapy.layers.l2 import * class NetworkMonitorThread(QObject): def __init__(self, interface, parent=None): + + self.IP_blacklist = set(line.strip() for line in open('IP_Blacklist.txt')) + print(self.IP_blacklist) QObject.__init__(self, parent=parent) self.interface = interface self.packetList = [] + self.blackListAccess = [] self.end = False quitBool = pyqtSignal(int) @@ -64,8 +68,22 @@ class NetworkMonitorThread(QObject): tableViewPart['Protocol'] = "IP" else: tableViewPart['Protocol'] = "Other" - - + + if(tableViewPart['source'] in self.IP_blacklist or tableViewPart['destination'] in self.IP_blacklist): + tableViewPart['RowColor'] = QColor(238, 75, 43) + self.blackListAccess.append(packet) + elif(tableViewPart['Protocol'] == 'TCP'): + tableViewPart['RowColor'] = QColor(173,191, 255) + elif(tableViewPart['Protocol'] == 'UDP'): + tableViewPart['RowColor'] = QColor(157,240,255) + elif(tableViewPart['Protocol'] == 'ARP'): + tableViewPart['RowColor'] = QColor(157,240,77) + elif(tableViewPart['Protocol'] == 'ICMP'): + tableViewPart['RowColor'] = QColor(255, 182, 193) + elif(tableViewPart['Protocol'] == 'IP'): + tableViewPart['RowColor'] = QColor(160, 182, 193) + elif(tableViewPart['Protocol'] == 'Other'): + tableViewPart['RowColor'] = QColor(125,125,146) QApplication.processEvents() self.packetData.emit((packet, tableViewPart))