Open keram79 opened 7 years ago
Rafiot
commented
7 years ago aha, good point, the proxy parameters aren't passed to the modules.
A quick fix would be to start misp-modules with http_proxy set but it would be much better to pass the proxy parameters from the MISP config to the modules.
ScottyAU
commented
7 years ago @Rafiot can you elaborate on starting with http_proxy as an interim fix?
I just tried that but couldn't get it to work - most likley user error - but just wanted to check i am doing it correctly...
I've triple checked and the http_proxy and https_proxy vars are set on the box for all users...
Thanks!
frennkie
commented
7 years ago How is this issue related to #61 (duplicate?!)?
Where would be the best place to put the configuration of the proxy? I see two options: 1) config file somewhere in the file system which is read and interpreted by tornado 2) in the main MISP database - being passed to tornado when a module is called
I guess 1) is easier to implement and 2) is more user friendly...
I don't have any experience with Cake/PHP but I could look into implementing it independently in Python with a config file for the misp-modules.
typonino
commented
7 years ago I have tested two things:
I have created a "modules.cfg" file in the expansion module folder with something like this:
[PROXY]
http = http://user:pass@proxy.gw.com:80
https = http://user:pass@proxy.gw.com:80
[SSL]
cafile = /path/to/my/cathen for the first case add something like this:
import configparser
import os
session = requests.Session()
try:
config = configparser.ConfigParser()
config.read(os.path.join(os.path.dirname(os.path.abspath(__file__)), 'modules.cfg'))
if 'PROXY' in config.sections():
proxies = {}
if 'http' in config['PROXY']:
proxies['http'] = config.get('PROXY', 'http')
if 'https' in config['PROXY']:
proxies['https'] = config.get('PROXY', 'https')
if 'http' in proxies or 'https' in proxies:
session.proxies = proxies
if 'SSL' in config.sections()
if 'cafile' in config['SSL']:
session.verify = config.get('SSL', 'cafile')
except:
passthen use the "session" object instead of "requests" in code.
for second case add something like this:
import configparser
import os
try:
config = configparser.ConfigParser()
config.read(os.path.join(os.path.dirname(os.path.abspath(__file__)), 'modules.cfg'))
if 'PROXY' in config.sections():
if 'http' in config['PROXY']:
os.environ["HTTP_PROXY"] = config.get('PROXY', 'http')
if 'https' in config['PROXY']:
os.environ["HTTPS_PROXY"] = config.get('PROXY', 'https')
if 'SSL' in config.sections():
if 'cafile' in config['SSL']:
os.environ["REQUESTS_CA_BUNDLE"] = config.get('SSL', 'cafile')
except:
passthe second way, simulates passing the environment variable to the script and requires no further modification and if exception occurred, script still continues with no matter.
Regards,
xg5-simon
commented
6 years ago Is this feature likely to be added as a milestone?
@ScottyAU did you eventually have any luck starting the misp-modules with http_proxy and https_proxy environmental variables set?
ScottyAU
commented
6 years ago @xg5-simon we did with some. Did you have a problem with one in particular? Happy to check ours to see.
chrisinmtown
commented
3 years ago We also need to configure our misp-modules installation for a proxy. I hope that you all found a good solution in the 3 years that this issue has been open. Will you please share?
p.s. to @frennkie I do not think this is dupe of #61, that calls for per-module proxies, and I think this issue is just about a global proxy setting for the misp-modules feature.
Our MISP is placed in an internal environment, internet services are only reachable by going through a squid proxy (without any auth, as our MISP IP is whitelisted). While syncing with other MISP instances in the internet works after configuring the proxy in the "Settings-->Proxy" tab, misp-modules like virustotal, countrycode etc. fail. Is this not implemented yet, or did I just miss the required step while working through the readme?