Agent: Add timeouts and improve firewall rule handling code

2022-04-05 14:52:35 +03:00 · 2022-04-05 14:52:35 +03:00 · e40703dcac
parent 4497ea0003
commit e40703dcac
1 changed files with 25 additions and 13 deletions
--- a/monkey/infection_monkey/network/firewall.py
+++ b/monkey/infection_monkey/network/firewall.py
@ -1,18 +1,23 @@
+import logging
 import platform
 import subprocess
 import sys

+from common.common_consts.timeouts import SHORT_REQUEST_TIMEOUT
+
+logger = logging.getLogger(__name__)
+

 def _run_netsh_cmd(command, args):
-    cmd = subprocess.Popen(
+    output = subprocess.check_output(
        "netsh %s %s"
        % (
            command,
            " ".join(['%s="%s"' % (key, value) for key, value in list(args.items()) if value]),
        ),
-        stdout=subprocess.PIPE,
+        timeout=SHORT_REQUEST_TIMEOUT,
    )
-    return cmd.stdout.read().strip().lower().endswith("ok.")
+    return output.strip().lower().endswith("ok.")


 class FirewallApp(object):
@ -44,17 +49,21 @@ class WinAdvFirewall(FirewallApp):

    def is_enabled(self):
        try:
-            cmd = subprocess.Popen("netsh advfirewall show currentprofile", stdout=subprocess.PIPE)
-            out = cmd.stdout.readlines()
-
-            for line in out:
-                if line.startswith("State"):
-                    state = line.split()[-1].strip()
-
-            return state == "ON"
+            out = subprocess.check_output(
+                "netsh advfirewall show currentprofile", timeout=SHORT_REQUEST_TIMEOUT
+            )
+        except subprocess.TimeoutExpired:
+            return None
        except Exception:
            return None

+        for line in out.decode().splitlines():
+            if line.startswith("State"):
+                state = line.split()[-1].strip()
+                return state == "ON"
+
+        return None
+
    def add_firewall_rule(
        self, name="Firewall", direction="in", action="allow", program=sys.executable, **kwargs
    ):
@ -66,8 +75,11 @@ class WinAdvFirewall(FirewallApp):
                return True
            else:
                return False
-        except Exception:
-            return None
+        except subprocess.CalledProcessError as err:
+            logger.info(f"Failed adding a firewall rule: {err.stdout}")
+        except subprocess.TimeoutExpired:
+            logger.info("Timeout expired trying to add a firewall rule.")
+        return None

    def remove_firewall_rule(self, name="Firewall", **kwargs):
        netsh_args = {"name": name}