webapp: fix PCAP_FILE=false behaviour

ANSSI-FR · May 17, 2024 · 692f93f · 692f93f
1 parent 07e0b97
commit 692f93f
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 11 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -18,8 +18,13 @@ services:
     build: ./webapp
     image: anssi/shovel-webapp:dev
     volumes:
+      # You may remove the next line if `PCAP_FILE=false`.
       - "./input_pcaps:/input_pcaps:ro"
-      - "./suricata/output:/suricata/output:ro"
+      # Write access is required in SQLite `mode=ro` as readers need to record
+      # a mark in the WAL file. If you need to make the volume read-only, then
+      # use `immutable=1` parameter in SQLite databases URI. In immutable mode,
+      # SQLite doesn't follow changes made to the database.
+      - "./suricata/output:/suricata/output:rw"
     ports:
       - 127.0.0.1:8000:8000
     env_file:

diff --git a/webapp/main.py b/webapp/main.py
@@ -129,6 +129,10 @@ async def api_flow_get(request):
     result = {"flow": row_to_dict(flow)}
     app_proto = result["flow"].get("app_proto")
 
+    # Make sure `pcap_filename` is empty if PCAP_FILE=false
+    if not PCAP_FILE:
+        result["flow"]["pcap_filename"] = ""
+
     # Get associated fileinfo
     # See https://docs.suricata.io/en/suricata-6.0.9/file-extraction/file-extraction.html
     if app_proto in ["http", "http2", "smtp", "ftp", "nfs", "smb"]:
@@ -307,6 +311,7 @@ async def lifespan(app):
 PAYLOAD_DB_URI = config(
     "PAYLOAD_DB_URI", cast=str, default="file:../suricata/output/payload.db?mode=ro"
 )
+PCAP_FILE = config("PCAP_FILE", cast=bool)
 CTF_CONFIG = {
     "start_date": config("CTF_START_DATE", cast=str),
     "tick_length": config("CTF_TICK_LENGTH", cast=int),
@@ -330,18 +335,11 @@ async def lifespan(app):
         Route("/api/flow/{flow_id:int}/raw", api_flow_raw_get),
         Route("/api/replay-http/{flow_id:int}", api_replay_http),
         Route("/api/replay-raw/{flow_id:int}", api_replay_raw),
+        Mount("/static", StaticFiles(directory="static")),
         Mount(
-            "/static",
-            StaticFiles(directory="static"),
-        ),
-        Mount(
-            "/input_pcaps",
-            StaticFiles(directory="../input_pcaps"),
-        ),
-        Mount(
-            "/filestore",
-            StaticFiles(directory="../suricata/output/filestore"),
+            "/input_pcaps", StaticFiles(directory="../input_pcaps", check_dir=PCAP_FILE)
         ),
+        Mount("/filestore", StaticFiles(directory="../suricata/output/filestore")),
     ],
     lifespan=lifespan,
 )