@@ -54,9 +54,17 @@ def log_changes(changes):
5454 with open (log_file_path , "a" ) as log_file :
5555 log_file .write (f"\n Changes made: { changes } )
5656
57+ def banner_UFW ():
58+ messagebox .showerror ("ALERT" ,"CIS recommends you to install ufw, you can proceed with the installation in the configure section" )
59+ return
5760
5861def is_ufw_installed ():
59- return bool (os .system ("command -v ufw >/dev/null 2>&1" ) == 0 )
62+ try :
63+ return bool (os .system ("command -v ufw >/dev/null 2>&1" ) == 0 )
64+ except FileNotFoundError :
65+ # Handle the FileNotFoundError
66+ banner_UFW ()
67+
6068
6169def ensure_ufw_installed ():
6270 root = tk .Tk ()
@@ -143,7 +151,7 @@ def is_ufw_enabled():
143151 return 'Status: active' in result .stdout
144152 except FileNotFoundError :
145153 # Handle the FileNotFoundError
146- messagebox . showerror ( "Error" , "'ufw' executable not found. Please ensure that UFW is installed." )
154+ banner_UFW ( )
147155 return False
148156 except subprocess .CalledProcessError as e :
149157 # If an error occurs while running the command
@@ -248,7 +256,9 @@ def is_loopback_interface_configured():
248256 for unconfigured_rule in unconfigured_rules :
249257 print ("\033 [33m" , unconfigured_rule , "\033 [0m" )
250258 return False
251-
259+ except FileNotFoundError :
260+ # Handle the FileNotFoundError
261+ banner_UFW ()
252262 except ValueError as ve :
253263 print ("Error:" , ve )
254264 except TypeError as ve :
@@ -257,42 +267,53 @@ def is_loopback_interface_configured():
257267 print ("Error:" , ve )
258268
259269def ensure_loopback_configured ():
260- print ("""
261- \033 [91m================ Configuring the Loopback Interface =================\033 [0m
262-
263- Loopback traffic is generated between processes on the machine and is typically critical to
264- the operation of the system. The loopback interface is the only place that loopback network
265- (127.0.0.0/8 for IPv4 and ::1/128 for IPv6) traffic should be seen. All other interfaces
266- should ignore traffic on this network as an anti-spoofing measure.
267- """ )
268- if not is_loopback_interface_configured ():
269- print ("\n All loopback interfaces are not configured, do you want to configure them, " )
270- var = y_n_choice ()
271- var .lower ()
272- if var == 'y' or var == 'yes' or var == '' :
273- line = """
274- User enabled configuring lo interfaces,
275- Commands executed when configuring loopback interfaces:
276- ufw allow in on lo
277- ufw allow out on lo
278- ufw deny in from 127.0.0.0/8
279- ufw deny in from ::1
280-
281- """
282- log_changes (line )
283- print ("\n Enabling configurations on lo interfaces..." )
284- os .system ("ufw allow in on lo" )
285- os .system ("ufw allow out on lo" )
286- os .system ("ufw deny in from 127.0.0.0/8" )
287- os .system ("ufw deny in from ::1" )
288- elif var == 'n' or var == 'no' :
289- line = "Loopback interface not configured"
270+ try :
271+ print ("""
272+ \033 [91m================ Configuring the Loopback Interface =================\033 [0m
273+
274+ Loopback traffic is generated between processes on the machine and is typically critical to
275+ the operation of the system. The loopback interface is the only place that loopback network
276+ (127.0.0.0/8 for IPv4 and ::1/128 for IPv6) traffic should be seen. All other interfaces
277+ should ignore traffic on this network as an anti-spoofing measure.
278+ """ )
279+ if not is_loopback_interface_configured ():
280+ print ("\n All loopback interfaces are not configured, do you want to configure them, " )
281+ var = y_n_choice ()
282+ var .lower ()
283+ if var == 'y' or var == 'yes' or var == '' :
284+ line = """
285+ User enabled configuring lo interfaces,
286+ Commands executed when configuring loopback interfaces:
287+ ufw allow in on lo
288+ ufw allow out on lo
289+ ufw deny in from 127.0.0.0/8
290+ ufw deny in from ::1
291+
292+ """
293+ log_changes (line )
294+ print ("\n Enabling configurations on lo interfaces..." )
295+ os .system ("ufw allow in on lo" )
296+ os .system ("ufw allow out on lo" )
297+ os .system ("ufw deny in from 127.0.0.0/8" )
298+ os .system ("ufw deny in from ::1" )
299+ elif var == 'n' or var == 'no' :
300+ line = "Loopback interface not configured"
301+ log_changes (line )
302+ print ("\n " ,line )
303+ else :
304+ line = "Loopback interface already configured"
290305 log_changes (line )
291306 print ("\n " ,line )
292- else :
293- line = "Loopback interface already configured"
294- log_changes (line )
295- print ("\n " ,line )
307+ except ValueError as ve :
308+ print ("Error:" , ve )
309+ except TypeError as ve :
310+ print ("Error:" , ve )
311+ except AttributeError as ve :
312+ print ("Error:" , ve )
313+ except FileNotFoundError :
314+ # Handle the FileNotFoundError
315+ banner_UFW ()
316+
296317#check if ufw outbound connections are already configured
297318def is_ufw_outbound_connections_configured ():
298319 try :
@@ -304,7 +325,9 @@ def is_ufw_outbound_connections_configured():
304325 else :
305326 print ("\033 [91mThe following outbound rule is not configured: ufw allow out on all" )
306327 return False
307-
328+ except FileNotFoundError :
329+ # Handle the FileNotFoundError
330+ banner_UFW ()
308331 except subprocess .CalledProcessError as e :
309332 print ("Error:" , e )
310333 return False
@@ -352,7 +375,7 @@ def get_allow_deny():
352375 root .withdraw ()
353376 while True :
354377 try :
355- allw_dny = simpledialog .askstring ("Enter rule (allow or deny): " , prompt = " "lower ()
378+ allw_dny = simpledialog .askstring ("Outbound Configurations" , " Enter rule (allow or deny): "lower ()
356379 if allw_dny not in 'allow' , 'deny' ]:
357380 raise ValueError ("Invalid rule. Please enter either 'allow' or 'deny'." )
358381 elif allw_dny is None :
@@ -379,7 +402,7 @@ def get_network_address():
379402 root .withdraw ()
380403 while True :
381404 try :
382- netadd = simpledialog .askstring ("Enter network address (in the format xxx.xxx.xxx.xxx): " , prompt = " "
405+ netadd = simpledialog .askstring ("Outbound Configurations" , " Enter network address (in the format xxx.xxx.xxx.xxx): "
383406 address_parts = netadd .split ('.' )
384407 # Use a regular expression to check if the input matches the expected format
385408 if not re .match (r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$' , netadd ) or not is_valid_network_address (address_parts ):
@@ -400,7 +423,7 @@ def get_proto():
400423 root .withdraw ()
401424 while True :
402425 try :
403- proto = simpledialog .askstring ("Enter protocol (tcp or udp): " , prompt = " "lower ()
426+ proto = simpledialog .askstring ("Outbound Configurations" , " Enter protocol (tcp or udp): "lower ()
404427 if proto not in 'tcp' , 'udp' ]:
405428 raise ValueError ("Invalid protocol. Please enter either 'tcp' or 'udp'." )
406429 elif proto is None :
@@ -420,7 +443,7 @@ def get_mask():
420443 root .withdraw ()
421444 while True :
422445 try :
423- mask = int (simpledialog .askstring ("Enter the whole number value of the subnet mask (16-32): " , prompt = " "lower ())
446+ mask = int (simpledialog .askstring ("Outbound Configurations" , " Enter the whole number value of the subnet mask (16-32): "lower ())
424447 if 16 <= mask <= 32 :
425448 return str (mask )
426449 elif mask is None :
@@ -455,7 +478,7 @@ def get_port_number(script_path):
455478 while True :
456479 try :
457480 ports_list = get_ports_as_a_list (script_path )
458- p_no = simpledialog .askinteger ("Enter the index number of the port to be configured:" , prompt = " "
481+ p_no = simpledialog .askinteger ("Outbound Configurations" , " Enter the index number of the port to be configured:"
459482
460483 # Check if the user pressed Cancel
461484
@@ -608,7 +631,9 @@ def scan_system_configuration():
608631 print ("Default deny policy is configured." )
609632 is_ufw_outbound_connections_configured ()
610633
611-
634+ except FileNotFoundError :
635+ # Handle the FileNotFoundError
636+ banner_UFW ()
612637 except ValueError as ve :
613638 print ("Error:" ,ve )
614639 except TypeError as ve :
0 commit comments