IP Blacklisting (just row color change)

IP_Blacklist.txt

@@ -0,0 +1,100 @@
+217.172.119.65
+216.155.88.178
+203.29.26.241
+201.220.102.146
+201.186.136.86
+201.157.254.26
+200.97.233.125
+200.69.77.213
+196.20.12.21
+195.202.164.203
+194.143.251.39
+194.143.249.252
+191.102.64.147
+191.29.78.104
+190.109.0.229
+190.103.74.236
+186.200.174.206
+186.67.127.2
+186.30.116.134
+185.134.21.163
+185.134.21.25
+185.128.136.212
+183.88.170.160
+181.191.140.134
+181.129.49.213
+181.30.28.228
+180.183.226.99
+179.189.193.89
+179.158.240.178
+179.0.68.130
+178.217.102.225
+177.185.32.1
+177.136.86.59
+177.128.115.181
+177.73.112.62
+177.37.96.144
+176.119.134.51
+170.238.112.71
+155.138.133.215
+154.0.14.113
+152.67.193.5
+150.158.98.201
+149.28.159.68
+143.255.18.196
+143.208.200.26
+140.238.14.138
+138.97.235.25
+131.72.68.95
+123.57.251.175
+121.43.159.196
+119.76.143.4
+117.1.248.199
+117.0.155.167
+116.110.102.205
+114.67.94.46
+113.226.245.42
+112.118.170.87
+108.175.3.159
+106.14.198.220
+104.248.162.117
+103.233.156.45
+103.200.38.190
+103.164.117.194
+103.148.210.246
+103.111.225.197
+103.1.184.238
+93.124.114.146
+89.251.29.21
+82.165.222.133
+82.165.189.21
+74.208.251.112
+70.35.199.217
+62.216.85.185
+61.15.245.160
+58.37.105.151
+54.94.213.243
+54.83.147.79
+52.220.124.77
+52.53.114.181
+52.2.177.222
+47.243.233.113
+47.242.199.162
+47.242.199.2
+47.242.194.195
+47.242.168.228
+47.242.114.147
+47.242.111.54
+46.246.14.22
+46.246.4.2
+45.236.170.66
+45.225.184.177
+45.225.140.15
+45.189.4.74
+45.186.140.67
+45.173.6.149
+45.173.6.98
+45.170.100.193
+45.167.90.85
+45.160.124.233
+14.139.161.31

network_monitor.py

@@ -80,9 +80,13 @@ class NetworkMonitor(QMainWindow):
         self.actionSavePCAP = QAction('Save as pcap', self)
         self.actionSavePCAP.triggered.connect(self.savePacketsPCAP)
         
+        self.actionSaveBLIP = QAction('Log Violations', self)
+        self.actionSaveBLIP.triggered.connect(self.savePacketsBLIP)
+        
         self.saveMenu = QMenu('Save', self)
         self.saveMenu.addAction(self.actionSaveCSV)
         self.saveMenu.addAction(self.actionSavePCAP)
+        self.saveMenu.addAction(self.actionSaveBLIP)
         self.menubar.addMenu(self.saveMenu)
         
         self.actionScroll = QAction('Disable Auto Scroll', self)
@@ -161,18 +165,7 @@ class NetworkMonitor(QMainWindow):
         self.tableWidget.setItem(rowpos, 5, QTableWidgetItem(str(tableData['length'])))
         self.tableWidget.setItem(rowpos, 6, QTableWidgetItem(tableData['info']))
         
-        if(tableData['Protocol'] == 'TCP'):
-            self.setColortoRow(self.tableWidget, rowpos, QColor(173,191, 255))
-        elif(tableData['Protocol'] == 'UDP'):
-            self.setColortoRow(self.tableWidget, rowpos, QColor(157,240,255))
-        elif(tableData['Protocol'] == 'ARP'):
-            self.setColortoRow(self.tableWidget, rowpos, QColor(157,240,77))
-        elif(tableData['Protocol'] == 'ICMP'):
-            self.setColortoRow(self.tableWidget, rowpos, QColor(255, 182, 193))
-        elif(tableData['Protocol'] == 'IP'):
-            self.setColortoRow(self.tableWidget, rowpos, QColor(160, 182, 193))
-        elif(tableData['Protocol'] == 'Other'):
-            self.setColortoRow(self.tableWidget, rowpos, QColor(125,125,146))
+        self.setColortoRow(self.tableWidget, rowpos, tableData['RowColor'])
         
         self.vbar = self.tableWidget.verticalScrollBar()
         self._scroll = self.vbar.value() == self.vbar.maximum()
@@ -186,10 +179,15 @@ class NetworkMonitor(QMainWindow):
             
     def savePacketsPCAP(self):
         path = QFileDialog.getSaveFileName(self, 'Save File', '', 'pcap(*.pcap)')
-        print(path[0][-4:])
         path = str(path[0])
         wrpcap(path, self.worker.packetList)
     
+    def savePacketsBLIP(self):
+        path = QFileDialog.getSaveFileName(self, 'Save File', '', 'pcap(*.pcap)')
+        path = str(path[0])
+        wrpcap(path, self.worker.blackListAccess)
+        self.worker.blackListAccess = []
+    
     def savePacketsCSV(self):
         path = QFileDialog.getSaveFileName(self, 'Save File', '', 'CSV(*.csv)')
         with open(path[0], 'w') as stream:

network_monitor_thread.py

@@ -8,9 +8,13 @@ from scapy.layers.l2 import *
 
 class NetworkMonitorThread(QObject):
     def __init__(self, interface, parent=None):
+        
+        self.IP_blacklist = set(line.strip() for line in open('IP_Blacklist.txt'))
+        print(self.IP_blacklist)
         QObject.__init__(self, parent=parent)
         self.interface = interface
         self.packetList = []
+        self.blackListAccess = []
         self.end = False
 
     quitBool = pyqtSignal(int)
@@ -65,7 +69,21 @@ class NetworkMonitorThread(QObject):
         else:
             tableViewPart['Protocol'] = "Other"
          
-        
+        if(tableViewPart['source'] in self.IP_blacklist or tableViewPart['destination'] in self.IP_blacklist):
+            tableViewPart['RowColor'] = QColor(238, 75, 43)
+            self.blackListAccess.append(packet)
+        elif(tableViewPart['Protocol'] == 'TCP'):
+            tableViewPart['RowColor'] = QColor(173,191, 255)
+        elif(tableViewPart['Protocol'] == 'UDP'):
+            tableViewPart['RowColor'] = QColor(157,240,255)
+        elif(tableViewPart['Protocol'] == 'ARP'):
+            tableViewPart['RowColor'] = QColor(157,240,77)
+        elif(tableViewPart['Protocol'] == 'ICMP'):
+            tableViewPart['RowColor'] = QColor(255, 182, 193)
+        elif(tableViewPart['Protocol'] == 'IP'):
+            tableViewPart['RowColor'] = QColor(160, 182, 193)            
+        elif(tableViewPart['Protocol'] == 'Other'):
+            tableViewPart['RowColor'] = QColor(125,125,146)
         
         QApplication.processEvents()
         self.packetData.emit((packet, tableViewPart))