NEWDEV MAC filter #539 🆕

README.md

@@ -98,7 +98,7 @@ Get visibility of what's going on on your WIFI/LAN network. Scan for devices, po
 
 [![GitHub Sponsors](https://img.shields.io/github/sponsors/jokob-sk?style=social)](https://github.com/sponsors/jokob-sk)
 
-Thank you to all the wonderful people who have sponsored this project (=prevented my burnout🔥🤯):
+Thank you to all the wonderful people who are sponsoring this project (=preventing my burnout🔥🤯):
 
 <!-- SPONSORS-LIST DO NOT MODIFY BELOW -->
 | All Sponsors |

docs/SUBNETS.md

@@ -31,7 +31,7 @@ Specify the network filter (which **significantly** speeds up the scan process).
 
 The adapter will probably be `eth0` or `eth1`. (Check `System info` > `Network Hardware` or run `iwconfig` in the container to find your interface name(s)) 
 
-> Run `iwconfig` in your container to find your interface name(s) (e.g.: `eth0`, `eth1`). 
+> Run `ip -o link show | awk -F': ' '!/lo|vir|docker/ {print $2}'` in your container to find your interface name(s) (e.g.: `eth0`, `eth1`). 
 
 ### VLANs
 

front/plugins/newdev_template/config.json

@@ -22,7 +22,27 @@
     }
   ],
   "settings":[
-    {
+        {
+          "function": "ignored_MACs",
+          "type": "list",
+          "default_value": [
+          ],
+          "options": [],
+          "localized": ["name", "description"],
+          "name": [
+            {
+              "language_code": "en_us",
+              "string": "Ignored MACs"
+            }
+          ],
+          "description": [
+            {
+              "language_code": "en_us",
+              "string": "List of MACs to ignore. Use <code>%</code> as a wildcard. <br/><br/>For example <code>02:42:ac:%</code> to filter out docker containers."
+            }
+          ]
+        },
+        {
           "function": "dev_MAC",
           "type": "readonly",
           "maxLength": 50,

pialert/device.py

@@ -3,7 +3,7 @@ import subprocess
 
 import conf
 import re
-from helper import timeNowTZ, get_setting, get_setting_value,resolve_device_name_dig, resolve_device_name_pholus, get_device_name_nslookup, check_IP_format
+from helper import timeNowTZ, get_setting, get_setting_value, list_to_where, resolve_device_name_dig, resolve_device_name_pholus, get_device_name_nslookup, check_IP_format
 from logger import mylog, print_log
 from const import vendorsPath
 
@@ -126,21 +126,32 @@ def create_new_devices (db):
 
     # Insert events for new devices from CurrentScan
     mylog('debug','[New Devices] New devices - 1 Events')
-    sql.execute (f"""INSERT INTO Events (eve_MAC, eve_IP, eve_DateTime,
+
+    query = f"""INSERT INTO Events (eve_MAC, eve_IP, eve_DateTime,
                         eve_EventType, eve_AdditionalInfo,
                         eve_PendingAlertEmail)
                     SELECT cur_MAC, cur_IP, '{startTime}', 'New Device', cur_Vendor, 1
                     FROM CurrentScan
                     WHERE NOT EXISTS (SELECT 1 FROM Devices
-                                      WHERE dev_MAC = cur_MAC) """ ) 
+                                      WHERE dev_MAC = cur_MAC) 
+                            {list_to_where('OR', 'cur_MAC', 'NOT LIKE', get_setting_value('NEWDEV_ignored_MACs'))}
+                """ 
 
-    mylog('debug','[New Devices] Insert Connection into session table')
+    
+    mylog('debug',f'[New Devices] Query: {query}')
+    
+    sql.execute(query)
+
+    mylog('debug',f'[New Devices] Insert Connection into session table')
+    
     sql.execute (f"""INSERT INTO Sessions (ses_MAC, ses_IP, ses_EventTypeConnection, ses_DateTimeConnection,
                         ses_EventTypeDisconnection, ses_DateTimeDisconnection, ses_StillConnected, ses_AdditionalInfo)
                     SELECT cur_MAC, cur_IP,'Connected','{startTime}', NULL , NULL ,1, cur_Vendor
                     FROM CurrentScan 
                     WHERE NOT EXISTS (SELECT 1 FROM Sessions
-                                      WHERE ses_MAC = cur_MAC) """)
+                                      WHERE ses_MAC = cur_MAC) 
+                            {list_to_where('OR', 'cur_MAC', 'NOT LIKE', get_setting_value('NEWDEV_ignored_MACs'))}
+                    """)
                     
     # Create new devices from CurrentScan
     mylog('debug','[New Devices] 2 Create devices')
@@ -189,7 +200,10 @@ def create_new_devices (db):
                                 ELSE '(unknown)' END,
                         cur_Vendor, cur_IP, ?, ?,
                         {newDevDefaults}
-                    FROM CurrentScan"""
+                    FROM CurrentScan
+                        WHERE 1=1
+                        {list_to_where('OR', 'cur_MAC', 'NOT LIKE', get_setting_value('NEWDEV_ignored_MACs'))}
+                """
 
 
     mylog('debug',f'[New Devices] Create devices SQL: {sqlQuery}')

pialert/helper.py

@@ -277,6 +277,9 @@ def get_setting(key):
 
 
 
+#-------------------------------------------------------------------------------
+# Settings
+#-------------------------------------------------------------------------------
 #-------------------------------------------------------------------------------
 #  Return setting value
 def get_setting_value(key):
@@ -312,8 +315,15 @@ def get_setting_value(key):
         elif set_type in ['integer.select', 'integer']:
             value = int(set_value)
         elif set_type in ['text.multiselect', 'list', 'subnets']:
+            #  Handle string 
+
+            mylog('debug', [f'[SETTINGS] Handling set_type: "{set_type}", set_value: "{set_value}"'])
+
+            if isinstance(set_value, str):
+                value = json.loads(set_value.replace("'", "\""))
             # Assuming set_value is a list in this case
-            value = set_value
+            elif isinstance(set_value, list):
+                value = set_value
         elif set_type == '.template':
             # Assuming set_value is a JSON object in this case
             value = json.loads(set_value)
@@ -325,6 +335,36 @@ def get_setting_value(key):
     return value
 
 
+#-------------------------------------------------------------------------------
+# Generate a WHERE condition for SQLite based on a list of values.
+def list_to_where(logical_operator, column_name, condition_operator, values_list):
+    """
+    Generate a WHERE condition for SQLite based on a list of values.
+
+    Parameters:
+    - logical_operator: The logical operator ('AND' or 'OR') to combine conditions.
+    - column_name: The name of the column to filter on.
+    - condition_operator: The condition operator ('LIKE', 'NOT LIKE', '=', '!=', etc.).
+    - values_list: A list of values to be included in the condition.
+
+    Returns:
+    - A string representing the WHERE condition.
+    """
+
+    if not values_list:
+        return ""  # Return an empty string if the list is empty to avoid breaking the SQL condition.
+
+    # Replace {s-quote} with single quote in values_list
+    values_list = [value.replace("{s-quote}", "'") for value in values_list]
+
+    # Build the WHERE condition
+    condition = f"{column_name} {condition_operator} '{values_list[0]}'"
+
+    for value in values_list[1:]:
+        condition += f" {logical_operator} {column_name} {condition_operator} '{value}'"
+
+    return f' AND ({condition}) ' 
+
 
 
 #-------------------------------------------------------------------------------