def lock_ip(self, iplist): cmdlist = [] lock_list = self.cache.setSmembers() for ip in iplist: work_log.debug(f"{ip}") if ip not in lock_list: cmd = ( f"""sed -i '/http_x_forwarded_for/s/")/|{ip}")/' {self.deny_conf}""" ) cmdlist.append(cmd) else: work_log.error(f"lock: {ip} in lock_list") if not cmdlist: # 需解锁的IP并未屏蔽 # 多个IP中部分存在的情况暂缓 return {"redata": str(iplist) + " IP地址已经在锁定列表", "recode": 1} rundata = self.run_task_list(cmdlist) if rundata.get('recode') == 0: self.cache.setAdd(ip) work_log.info('cache lock') elif rundata.get('recode') == 8: self.cache.setAdd(ip) work_log.info(f'server run error, yes cache +lock') elif rundata.get('recode') == 9: work_log.info(f'server run error, not cache +lock') return rundata
def HostCpuData(self, data): ip = data.get("ip") # current_time = time.strftime('%Y-%m-%d %H:%M:%S') old_time = time.strftime("%Y-%m-%d_%X", time.localtime(time.time() - 3600)) try: abc = (db.session.query( func.date_format(t_host_cpu.ctime, "%H:%i:%s").label("ctime"), t_host_cpu.cpu, ).filter(t_host_cpu.ip == ip, t_host_cpu.ctime > old_time).all()) except Exception as e: work_log.error('select db HostCpuData error') work_log.error(str(e)) return {"recode": 9, "redata": str(e)} x_name = [] cpu = [] work_log.debug(str(abc)) for i in abc: x_name.append(str(i.ctime)) cpu.append(format(i.cpu, ".2f")) value = {"x_name": x_name, "y_data": {"cpu": cpu}} return {"recode": 0, "redata": value}
def net_port_scan(self, ip, port): try: work_dir = conf_data("work_dir") source_file = work_dir + "/utils/port_scan.py" des_file = "/tmp/port_scan.py" work_log.debug("copy file to remote") self.ssh_file_put(source_file, des_file) except Exception as e: work_log.error('scp port check file to remote server error') return 9 cmd0 = "chmod u+x " + des_file cmd1 = des_file + " " + ip + " " + str(port) cmd2 = "rm " + des_file try: work_log.debug("chmod file") self.ssh_cmd(cmd0) work_log.debug("exec remote file") cmdstatus, taskstatus = self.ssh_cmd(cmd1, stdout=True) work_log.info(str(taskstatus)) work_log.debug("rm file to remote") self.ssh_cmd(cmd2) recode = int(taskstatus.rstrip("\n")) work_log.info(str(recode)) except Exception as e: work_log.error("remote exec cmd error") work_log.error(str(e)) recode = 2 return recode work_log.debug("port scan recode: %s" % recode)
def nginx_task(self, ip, task): work_log.debug("nginx_task task: " + str(task)) if task == "start": recode, data = self.__ssh_cmd(ip, self.start_cmd) elif task == "stop": recode, data = self.__ssh_cmd(ip, self.stop_cmd) elif task == "reload": recode, data = self.__ssh_cmd(ip, self.reload_cmd) elif task == "restart": self.__ssh_cmd(ip, self.stop_cmd) recode, data = self.__ssh_cmd(ip, self.start_cmd) elif task == "show_access_log": cmd = "tail -n 200 " + self.nginx_access_log recode, data = self.__ssh_cmd(ip, cmd) elif task == "show_error_log": cmd = "tail -n 200 " + self.nginx_error_log recode, data = self.__ssh_cmd(ip, cmd) elif task == "clear_access_log": cmd = "> " + self.nginx_access_log recode, data = self.__ssh_cmd(ip, cmd) else: return {"recode": 2, "redata": "not found task"} if not data: data = "sucesse" newdata = {"redata": data, "recode": recode} return newdata
def v3_nginx(): work_log.info(str(request.path)) work_log.info("request service interface, ip: %s " % (request.remote_addr)) work_log.debug(str(request.json)) try: if request.json.get("obj") != "dmz_nginx": return "", 404 except Exception as e: return "", 404 try: task = request.json.get("task") iplist = request.json.get("ip") if task in ["lock", "unlock", "clearlock", "showlock"]: info = Nginx_Acl() data = info.run_task(iplist, task) if task == "showlock": data = {"ip": data.get("redata")} work_log.info('return: ' + str(data)) return jsonify(data) else: return jsonify({"redata": "req format error", "recode": 1}) except Exception as e: work_log.error(str(e)) return jsonify({"redata": "run error", "recode": 2})
def v2_upload(): work_log.debug(str(request.path)) work_log.info("request host interface ip: %s" % (request.remote_addr)) try: file = request.files["file"] ip = request.form["ip"] destdir = request.form["dir"] user = request.form["user"] if not ip or not destdir: return "", 404 work_log.info( f"upload file, ip: {ip}, filename: {file.filename}, dest: {destdir}, user: {user}" ) tmp_dir = conf_data("work_tmp_dir") local_tmp = os.path.join(tmp_dir, file.filename) dest = os.path.join(destdir, file.filename) file.save(local_tmp) # 保存临时文件 info = UpDownFile(ip, user) data = info.upload(local_tmp, dest) os.remove(local_tmp) # 删除临时文件 return jsonify(data) except Exception as e: work_log.error("upload file run error") work_log.error(str(e)) return jsonify({"recode": 9, "redata": str(e)}) else: return "", 200
def run_task(self, task): if self.port and int(self.port) >= 17101 and int(self.port) <= 17106: return self.single_service(task) elif not self.port: work_log.debug('single no port') return self.single_host_server(task) else: return {"recode": 1, "redata": "参数错误"}
def nginx_single(self, data): task = data.get("task") info = NginxManager() server = data.get("server") work_log.debug("nginx task: %s, server: %s " % (str(task), str(server))) data = info.nginx_task(server, task) return data
def port_scan(self, ip, port): work_log.debug("networkmanager local port_scan: " + str(ip) + " : " + str(port)) socket.setdefaulttimeout(2) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) result = s.connect_ex((ip, int(port))) work_log.debug("networkmanager local port_scan, recode: " + str(result)) return result
def v2_downfile(file_name): '''从服务器自身的临时目录下载文件''' work_log.debug("---------------") work_log.debug(str(request.path)) work_log.info("request host interface ip: %s" % (request.remote_addr)) if request.method == "GET": tmp_dir = conf_data("work_tmp_dir") return send_from_directory(tmp_dir, file_name, as_attachment=True)
def run_task(self, data): task = data.get("task") work_log.debug(str(data)) if task == "check_port": return self.check_port(data) elif task == "iptable": return {"recode": 1, 'redata': "未开放"} else: work_log.debug(str("task not found")) return {"recode": 1, 'redata': "参数错误"}
def run_task(self, data): work_log.debug(str(data)) unit = data.get("unit") if unit == "nginx": return self.nginx(data) if unit == "memcached": return self.memcached(data) if unit == "weblogic": return self.weblogic(data)
def _weblogic_ssh_cmd(self, cmd): work_log.info("weblogic_ssh host: %s cmd: %s" % (self.ip, cmd)) try: ssh = HostBaseCmd(self.ip, user=self.user) data = ssh.ssh_cmd(cmd, stdout=True) work_log.debug("_weblogic_ssh_cmd redata: %s" % str(data)) return data except Exception as e: work_log.error("_weblogic_ssh_cmd Exception error") work_log.error(str(e)) return [2, str(e)]
def run_cmd_task(self, arg, stdout=False): pool = Pool(processes=self.processes) info = [] work_log.debug(str(self.hostlist)) for host in self.hostlist: info.append(pool.apply_async(self._ssh_cmd, (host, arg, stdout))) pool.close() pool.join() data = [] for i in info: data.append(i.get()) return data
def run(self): work_log.debug(str(self.data)) task = self.data.get("task") arg = self.data.get("arg") if task == 'cmd': return self.cmd(arg) elif task == 'unit': return self.unit(arg) elif task == 'script': return self.script(arg) else: work_log.error('form error') return {"recode": 1, "redata": "format error"}
def remote_check_port(self, server, ip, port): work_log.info('login remote server check port') try: info = HostBaseCmd(server, scp=True) redata = info.net_port_scan(ip=ip, port=port) except Exception as e: work_log.error(str(e)) return {"recode": 9, 'redata': '连接服务器失败'} work_log.debug("port scan status: "+str(redata)) if redata == 0: return {"recode": 0, 'redata': '探测成功'} else: return {"recode": 4, 'redata': '探测失败'}
def sms_send(): work_log.debug('no phone arg') if request.method == "GET": work_log.debug(str(request.path)) phone = request.args.get("phone") if not phone: return "error", 404 else: body = request.args.get("body") work_log.info(str(body)) phone_list = phone.split(",") work_log.debug(str(phone_list)) sms = Sms_tools() data = sms.send_mess(phone_list, body) if data == 1: work_log.error("link sms webservice interface error") return "", 510 elif data == 2: work_log.error("webservice interface args error") return "", 511 else: work_log.debug(str("sms_send yes-------------")) return "", 200 else: work_log.error('other error') return "error", 404
def check_url(self, url): work_log.info("checkweburl: " + str(url)) try: info = CheckWebInterface() recode = info.get_url_status_code(url, timeout=2) work_log.debug(str(recode)) if recode == 200: return {"recode": 0, "redata": "success 成功"} else: return {"recode": recode, "redata": "error"} except Exception as e: work_log.error("checkweburl error") work_log.error(str(e)) return {"recode": 9, "redata": "server error"}
def ssh_cmd(self, cmd, stdout=False): work_log.info("ssh_cmd host: %s cmd: %s" % (self.ip, cmd)) try: run_stdout, run_stderr = self.runshell(cmd) if run_stderr: # 先记录执行的错误输出 work_log.error("ssh_cmd is error stdout") work_log.error(str(run_stderr)) # 需要标准输出的情况 if stdout: if run_stderr: return [2, run_stderr.decode("utf-8")] else: work_log.debug("ssh_cmd success, run_stdout") work_log.debug(str(run_stdout)) return [0, run_stdout.decode("utf-8")] # 不需要标准输出的情况 if run_stderr: return [2, run_stderr.decode("utf-8")] else: work_log.debug("ssh_cmd success, run_stdout") work_log.debug(str(run_stdout)) return [0, "success"] except Exception as e: work_log.error("ssh_cmd Exception error") work_log.error(str(e)) return False
def v2_local(): work_log.debug(str(request.path)) try: key = request.json.get("key") if verify_key(key) and request.json.get("obj") == "local": info = LocalTask(request.json.get("content")) data = info.run() return jsonify(data) else: work_log.error("req verify_key or obj error") return "", 404 except Exception as e: work_log.error("host run error") work_log.error(str(e)) return jsonify({"recode": 9, "redata": str(e)})
def local_check_port(self, ip, port): work_log.debug('local exec remote port test') info = NetworkManager() try: recode = info.port_scan(ip, port) if recode == 0: return {"recode": recode, 'redata': '成功'} elif recode == 1: return {"recode": 4, 'redata': '主机存在端口不可访问'} else: return {"recode": 4, 'redata': '目标不能访问'} except Exception as e: work_log.error(str(e)) redata = "scan error" return {"recode": 2, 'redata': '程序错误'}
def send_mess(self, mobile_list, content): rspXml_body = [] url = conf_data("sms_conf", "url") password = conf_data("sms_conf", "passwd") try: work_log.info(url) work_log.info(mobile_list) work_log.info(content) client = Client(url) except Exception as e: work_log.error("link sms webservice interface url error") work_log.error(str(e)) return 1 for mobile in mobile_list: reqXml = ( """<?xml version=\"1.0\" encoding=\"UTF-8\"?> <SmsServiceReq><SmsList> <Mobile>""" + mobile + """</Mobile> <Contents><![CDATA[""" + content + """]]></Contents></SmsList> </SmsServiceReq>""") work_log.debug("-------------------------------------") work_log.debug(str(mobile)) work_log.debug("send sms xml") work_log.debug(str(reqXml)) work_log.debug("-------------------------------------") action = "00" target = "0101" brief = self.md5s(password + action + reqXml + target) try: rspXml = client.service.smsService(target, action, reqXml, brief) work_log.info("send_mess yes-----------------------------") work_log.info(str(mobile)) work_log.info(str(content)) work_log.info("send_mess rspXml---------------------------") work_log.info(str(rspXml)) work_log.info("send_mess yes-----------------------------") except Exception as e: work_log.error("send_mess error----------------------------") work_log.error(str(reqXml)) work_log.error("send_mess error----------------------------") work_log.error(str(e)) work_log.error("send_mess error----------------------------") return 2 rspXml_body.append(rspXml) return rspXml_body
def v2_service(): work_log.debug(str(request.path)) work_log.debug("request service interface, ip: %s " % (request.remote_addr)) try: key = request.json.get("key") if verify_key(key) and request.json.get("obj") == "service": info = Service() data = info.run_task(request.json.get("content")) work_log.info(str(data)) return jsonify(data) else: work_log.error("req verify_key or obj error") return "", 404 except Exception as e: work_log.error("req format error") work_log.error(str(e)) return "", 404
def run_task_group(self, task): work_log.debug(f"weblogic group: {self.group}, task: {task}") try: if task == "start": data = self.start_wg_group() elif task == "stop": data = self.stop_wg_group() else: return {"recode": 9, "redata": "参数错误"} if any(map(self.checkRunData, data)): return {"recode": 2, "redata": data} else: return {"recode": 0, "redata": data} except Exception as e: work_log.error("run_task_group task error") work_log.error(str(e)) return {"recode": 9, "redata": str(e)}
def v2_down(): '''原理:从指定服务器上下载文件到临时目录,再返回一个文件的get下载路径''' work_log.debug("---------------") work_log.debug(str(request.path)) work_log.info("request host interface ip: %s" % (request.remote_addr)) try: key = request.json.get("key") if not verify_key(key) and request.json.get("obj") != "file": work_log.error("req verify_key or obj error") return "", 404 except Exception as e: work_log.error(str(e)) work_log.error("req verify_key or obj error") return "", 404 info = DownRemoteFile(request.json.get("content")) data = info.down() return jsonify(data)
def start_weblogic_single_service(self, port=None): '''port 为给此函数传的参数,如过没有则使用类中的端口''' work_log.debug("start_weblogic_single_service") if not port: # all service cmd = " ".join([ self.service_script, "weblogic", "start", str(int(self.port) - 17100) ]) else: cmd = " ".join([ self.service_script, "weblogic", "start", str(int(port) - 17100) ]) work_log.debug(str(cmd)) run_data = self._weblogic_ssh_cmd(cmd) if run_data[0] == 0: return {"recode": 0, "redata": "success"} else: return {"recode": run_data[0], "redata": run_data[1]}
def memcached(self, data): types = data.get("types") task = data.get("task") if types == 'single': server = data.get("server") port = data.get("port") if task in ["start", "stop"]: info = MemcachedManagerSingle(server, port) return info.run_task(task) if types == 'group': group = data.get("group") if group not in conf_data("mc_group"): work_log.debug(f"memcached grou not find") return {"recode": 9, "redata": "参数错误-group错误"} if task in ["start", "stop"]: info = MemcachedManagerGroup(group) return info.run_task(task) return {"recode": 1, "redata": "format error"} return {"recode": 1, "redata": "format error"}
def update_host(self, mess): try: work_log.debug(str(mess)) hostid = mess.get("id") data = t_conf_host.query.filter_by(id=hostid).first() if not data: work_log.info("host id is not found %d" % hostid) return {"recode": 4, "redata": "host not found"} work_log.debug(str(data)) data.id = (mess.get("id"), ) data.ip_v4 = (mess.get("ip_v4"), ) data.ip_v6 = (mess.get("ip_v6"), ) data.ip_v4_m = (mess.get("ip_v4_m"), ) data.name = (mess.get("name"), ) data.operating_system = (mess.get("operating_system"), ) data.hostname = (mess.get("hostname"), ) data.cpu_number = (mess.get("cpu_number"), ) data.memory_size = (mess.get("memory_size"), ) data.sn = (mess.get("sn"), ) data.address = (mess.get("address"), ) data.belong_machineroom = (mess.get("belong_machineroom"), ) data.rack = (mess.get("rack"), ) data.manufacturer = (mess.get("manufacturer"), ) data.dev_type = (mess.get("dev_type"), ) data.dev_category = (mess.get("dev_category"), ) data.produce = (mess.get("produce"), ) data.level = (mess.get("level"), ) data.info = mess.get("info") db.session.commit() work_log.info("update host --- yes") return {"recode": 0, "redata": "ok"} except Exception as e: work_log.error("update host --- error") work_log.error(str(e)) return {"recode": 9, "redata": "error"}
def v2_network(): work_log.debug(str(request.path)) work_log.debug("request network interface, ip: %s " % (request.remote_addr)) if request.method == "GET": ping_ipaddr = request.args.get("ping") checkurl = request.args.get("checkurl") if ping_ipaddr: info = NetWork() data = info.ping(ping_ipaddr) return jsonify(data) elif checkurl: info = Service() data = info.check_url(checkurl) return jsonify(data) else: work_log.error(str("req format error")) return "", 404 elif request.method == "POST": try: key = request.json.get("key") if verify_key(key) and request.json.get("obj") == "network": info = NetWork() data = info.run_task(request.json.get("content")) work_log.info(str(data)) return jsonify(data) else: work_log.error("req verify_key or obj error") return "", 404 except Exception as e: work_log.error("req error") work_log.error(str(e)) return "", 404 else: return "", 404
def unlock_ip(self, iplist): cmdlist = [] lock_list = self.cache.setSmembers() for ip in iplist: work_log.debug(f"{ip}") if ip in lock_list: cmd = f"""sed -i '/http_x_forwarded_for/s/|{ip}//' {self.deny_conf}""" cmdlist.append(cmd) else: work_log.error(f"unlock: {ip} no in lock_list") if not cmdlist: # 需解锁的IP并未屏蔽 return {"redata": str(iplist) + " IP地址未在锁定列表", "recode": 1} rundata = self.run_task_list(cmdlist) if rundata.get('recode') == 0: self.cache.setRemove(ip) work_log.info('cache unlock') elif rundata.get('recode') == 8: self.cache.setRemove(ip) work_log.info('server run error, yes cache unlock') elif rundata.get('recode') == 9: work_log.info('server run error, not cache unlock') return rundata