def smtp_add(ip_list):
'''
接受前端传送额ip列表 然后将其添加到配置文件中
'''
response = BaseResponse()
host_ip = ["10.58.47.39", "10.58.47.40"]
try:
ip_list = json.loads(ip_list)
print "ip_____list", ip_list
if len(ip_list) == 0:
raise Exception(u'你总得输个IP地址吧!')
error_ip = []
for ip in ip_list:
if not ipv4_re.match(str(ip)):
error_ip.append(str(ip))
# raise Exception(u'ip address error %s' % ip)
print "error_ip_list", error_ip
if len(error_ip) != 0:
response.message = u'输入IP地址格式错误'
return response
smtp_cmd = make_add_smtp_cmd(ip_list) # smtp执行的命令
host_pwd_info = pwd_query.main(host_ip, [], "P")
host_file_status = create_ansible_host_file(host_pwd_info, 'smtp_host')
if not host_file_status.status:
raise Exception('create ansible smtp host failed')
ansible_obj = Ansible_API(host_file_status.data)
ansible_obj.host = "smtp_host"
run_cmd_resule = ansible_obj.shell_run(smtp_cmd)
response.status = True
response.data = run_cmd_resule
except Exception, e:
response.message = str(e.message)
def get_host_rules(data):
'''
获取主机下的所有iptables规则
:param data:
:return:
'''
response = BaseResponse()
ip_list = data.get('ip_list', None) # 输入的IP地址
envir = data.get('envir', None) # 环境
value_list = [ip_list, envir]
for i in value_list:
if i is None:
response.message = u'请检查提交的数据'
return response
ipv4_re = re.compile(
r'^(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}$'
)
error_ip = []
host_ip = ip_list.strip().split(",")
for ip in host_ip:
if not ipv4_re.match(ip):
error_ip.append(ip)
if len(error_ip) > 0:
response.host_ip = error_ip
response.ip_status = False
response.message = u"IP地址出现错误!!!"
return response
set_host = list(set(host_ip)) # 将列表去重
pwd_check = pwd_query.main(set_host, [], envir) # 调用密码API 获取密码的列表 *****
if len(pwd_check) == 0:
response.message = u"密码检测失败!!请检查所选环境和密码是否存在~"
response.pwd_status = False
return response
re_list = [] # 存放每台IP的执行结果
for host_info in pwd_check:
ip = host_info['ip']
pwd = host_info['pwd']
iptables_obj = execute_iptables.RunIptables([], ip, pwd) # 连接服务器对象
exe_re = iptables_obj.get_all_rules() # 获取规则的方法
re_list.append(exe_re)
response.data = re_list
response.status = True
return response
def send_file(file_dir, data, username):
response = BaseResponse()
try:
# 开始读取文件中的内容
filename = data.get('file_name', None)
envir = data.get('envir', None)
if envir is None:
response.message = u'请检查所选环境'
return response
file_dir = file_dir + "host_ip.xlsx"
is_have = os.path.isfile(file_dir)
if not is_have:
response.message = u'指定文件不存在'
return response
ip_info_dict = read_ip_from_file(file_dir)
ip_list = ip_info_dict['ip_list']
pwd_check = pwd_query.main(ip_list, ip_info_dict['ip_info_list'],
envir)
if len(pwd_check) == 0:
response.pwd_state = False
response.message = u"密码检测失败!!请检查所选环境和密码是否存在~"
return response
create_host_file(pwd_check) # 生成一个全新的hosts文件
send_file_obj = Ansible_API()
send_result = send_file_obj.send_file(filename)
log_manager.ansible_file_log(username, ip_list, filename)
no_pass_host = check_no_password_host(ip_list, pwd_check)
response.no_pass = no_pass_host
response.status = True
response.data = send_result
return response
except Exception, e:
response.message = str(e)
return response
def run_script(script_dir, host_dir, data, username):
'''
调用API 和 上传的IP文件去运行脚本
data = {u'ip_type': [u'file'], u'envir': [u'T'], u'script_name': [u'ip_show.sh'], u'ip_list': [u'']}
'''
response = BaseResponse()
try:
# 开始读取文件中的内容
envir = data.get('envir', None)
if envir is None:
response.message = u'请检查所选环境'
return response
if data.get('ip_type') == 'input': # 页面点击的是 手动输入IP地址
print 'ip_type', data.get('ip_type')
ip_str = data.get('ip_list', None).strip()
if not ip_str:
response.message = u'请输入IP地址'
return response
ip_list = ip_str.split(",")
ip_list = [i.strip() for i in ip_list]
pwd_check = pwd_query.main(ip_list, [], envir)
if len(pwd_check) == 0:
response.pwd_state = False
response.message = u"密码检测失败!!请检查所选环境和密码是否存在~"
return response
no_pass_host = check_no_password_host(ip_list, pwd_check)
create_host_file(pwd_check)
else:
host_path = host_dir + "host_ip.xlsx"
is_have = os.path.isfile(host_path)
if not is_have:
response.message = u'指定IP文件不存在'
return response
ip_info_dict = read_ip_from_file(host_path)
ip_list = ip_info_dict['ip_list']
pwd_check = pwd_query.main(ip_list, ip_info_dict['ip_info_list'],
envir)
if len(pwd_check) == 0:
response.pwd_state = False
response.message = u"密码检测失败!!请检查所选环境和密码是否存在~"
return response
no_pass_host = check_no_password_host(ip_list, pwd_check)
create_host_file(pwd_check) # 生成一个全新的hosts文件
script_name = data.get('script_name', None)
script_path = script_dir + script_name
script_have = os.path.isfile(script_path)
if not script_have:
response.message = u'脚本文件不存在'
return response
send_file_obj = Ansible_API()
send_result = send_file_obj.run_script(script_path)
log_manager.ansible_script_log(username, ip_list, script_name)
response.status = True
response.no_pass = no_pass_host
response.data = send_result
return response
except Exception, e:
print "execute script error::: %s" % e
response.message = str(e)
return response
def cmd_execute(data, username):
'''
执行命令
'''
response = AnsibleResponse()
try:
ip_list = data.get('ip_list', None)
envir = data.get('envir', None)
cmd = data.get('cmd', None)
value_list = [ip_list, envir, cmd]
for i in value_list:
if not i:
response.message = u'请检查提交的数据'
return response
ipv4_re = re.compile(
r'^(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}$'
)
error_ip = []
# host_ip = ip_list.strip().split(",")
host_ip = [i.strip() for i in ip_list.strip().split(",")]
for ip in host_ip:
if not ipv4_re.match(ip.strip()):
error_ip.append(ip.strip())
if len(error_ip) > 0:
response.status = False
response.ip_state = False
response.message = u"IP地址出现错误!!!"
return response
set_host = list(set(host_ip)) # 将列表去重
pwd_check = pwd_query.main(set_host, [],
envir) # 调用密码API 获取密码的列表 *****
# w = [{'ip': '192.168.1.1', 'pwd': 'werg344wv23f56h56', 'user': '******'}]
if len(pwd_check) == 0:
response.pwd_state = False
response.message = u"密码检测失败!!请检查所选环境和密码是否存在~"
return response
check_re = []
for ip_dict in pwd_check:
check_re.append(ip_dict['ip'])
no_pass_list = set(set_host) ^ set(check_re)
# deny_cmd = ['reboot', 'rm', 'shutdown', 'half', 'mkfs', 'init']
deny_cmd = ['reboot', 'shutdown', 'half', 'mkfs']
for i in deny_cmd:
if i in cmd:
response.cmd_state = False
response.message = u"输入的命令含有非法字符串 '%s'" % i
return response
create_host_file(pwd_check) # 生成一个全新的hosts文件
cmd_obj = Ansible_API()
cmd_result = cmd_obj.shell_run(cmd)
log_manager.ansible_shell_log(username, set_host, cmd)
response.status = True
response.data = cmd_result
if len(no_pass_list) > 0:
response.no_pass = u'密码查询失败: %s' % ", ".join(no_pass_list)
return response
except Exception, e:
response.message = str(e)
return response
def execute_init_rules(data, request):
'''
执行初始化的iptables规则
1、获取IP
2、确认环境
3、根据环境和IP去获取密码
4、根绝前端规则ID表,来确认规则的条数,然后获取到初始化表中的规则
5、登陆服务器 执行添加规则命令
6、确认规则已经生效
7、返回执行的状态
'''
response = IptablesCheck()
ip_list = data.get('ip_list', None)
envir = data.get('envir', None)
rule_id_list = data.get('rule_id_list', None)
rule_id_list = json.loads(rule_id_list)
value_list = [ip_list, envir, rule_id_list]
for i in value_list:
if i is None:
response.message = u'请检查提交的数据'
return response
ipv4_re = re.compile(
r'^(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}$'
)
error_ip = []
host_ip = ip_list.strip().split(",")
for ip in host_ip:
if not ipv4_re.match(ip.strip()):
error_ip.append(ip)
print "error_--------------ip", error_ip
if len(error_ip) > 0:
response.host_ip = error_ip
response.ip_status = False
response.message = u"IP地址出现错误!!!"
return response
set_host = list(set(host_ip)) # 将列表去重
pwd_check = pwd_query.main(set_host, [], envir) # 调用密码API 获取密码的列表 *****
if len(pwd_check) == 0:
response.message = u"密码检测失败!!请检查所选环境和密码是否存在~"
response.pwd_status = False
return response
# 获取iptables初始的规则 根据前端传递的ID列表
rule_list = iptables_handle.get_rules_by_ids(rule_id_list) # 获取所有ID的规则
rule_str_list = [] # 将规则添加到列表中
for i in rule_list:
rule_str_list.append(str(i))
re_list = [] # 存放每台IP的执行结果
for host_info in pwd_check:
ip = host_info['ip']
pwd = host_info['pwd']
iptables_obj = execute_iptables.RunIptables(rule_str_list, ip, pwd)
exe_re = iptables_obj.execute_iptables()
re_list.append(exe_re)
iptableslog_manager.iptables_init_log(request.userinfo.get('cn_name'),
request.userinfo.get('user_id'),
ip_list) # 将初始化记录写入日志
response.status = True
response.data = re_list
return response
def add_rule_str(data):
'''
获取主机下的所有iptables规则
:param data:
:return:
'''
response = BaseResponse()
ip_list = data.get('ip_list', None) # 输入的IP地址
envir = data.get('envir', None) # 环境
rule_cmd_list = data.get('rule_cmd_list') # 要添加的规则IP
rule_cmd_list = json.loads(rule_cmd_list)
value_list = [ip_list, envir]
for i in value_list:
if i is None:
response.message = u'请检查提交的数据是否为空'
return response
ipv4_re = re.compile(
r'^(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}$'
)
error_ip = []
host_ip = ip_list.strip().split(",")
for ip in host_ip:
if not ipv4_re.match(ip):
error_ip.append(ip.strip())
if len(error_ip) > 0:
response.host_ip = error_ip
response.ip_status = False
response.message = u"IP地址出现错误!!!"
return response
set_host = list(set(host_ip)) # 将列表去重
pwd_check = pwd_query.main(set_host, [], envir) # 调用密码API 获取密码的列表 *****
if len(pwd_check) == 0:
response.message = u"密码检测失败!!请检查所选环境和密码是否存在~"
response.pwd_status = False
return response
re_list = [] # 存放每台IP的执行结果
all_cmd_list = []
error_list = []
# 将输入的规则IP 和 对应类型的规则拼接在一起
if len(rule_cmd_list) > 0:
for cmd_str in rule_cmd_list:
if cmd_str.strip().startswith('iptables'):
all_cmd_list.append(cmd_str)
else:
error_list.append(cmd_str)
if len(error_list) > 0:
response.message = u"命令输入错误,请检查。 %s " % ",".join(error_list)
response.cmd_status = False
return response
for host_info in pwd_check:
ip = host_info['ip']
pwd = host_info['pwd']
iptables_obj = execute_iptables.RunIptables(all_cmd_list, ip,
pwd) # 连接服务器对象
exe_re = iptables_obj.execute_iptables() # 获取规则的方法
re_list.append(exe_re)
response.data = re_list
response.status = True
return response