def setPort(self,get): try: port = get['port'] if int(port) < 1 or int(port) > 65535: return public.returnMsg(False,'PORT_CHECK_RANGE') file = web.ctx.session.setupPath + '/pure-ftpd/etc/pure-ftpd.conf' conf = public.readFile(file) rep = u"\n#?\s*Bind\s+[0-9]+\.[0-9]+\.[0-9]+\.+[0-9]+,([0-9]+)" #preg_match(rep,conf,tmp) conf = re.sub(rep,"\nBind 0.0.0.0," + port,conf) public.writeFile(file,conf) public.ExecShell('/etc/init.d/pure-ftpd restart') public.WriteLog('TYPE_FTP', "FTP_PORT",(port,)) #添加防火墙 #data = ftpinfo(port=port,ps = 'FTP端口') get.port=port get.ps = public.getMsg('FTP_PORT_PS'); firewalls.firewalls().AddAcceptPort(get) web.ctx.session.port=port return public.returnMsg(True, 'EDIT_SUCCESS') except Exception,ex: public.WriteLog('TYPE_FTP', 'FTP_PORT_ERR',(str(ex),)) return public.returnMsg(False,'EDIT_ERROR')
def setPanel(self,get): #return public.returnMsg(False,'体验服务器,禁止修改!') if not public.IsRestart(): return public.returnMsg(False,'EXEC_ERR_TASK'); if get.domain: reg = "^([\w\-\*]{1,100}\.){1,4}(\w{1,10}|\w{1,10}\.\w{1,10})$"; if not re.match(reg, get.domain): return public.returnMsg(False,'SITE_ADD_ERR_DOMAIN'); isReWeb = False oldPort = web.ctx.host.split(':')[1]; newPort = get.port; if oldPort != get.port: if self.IsOpen(get.port): return public.returnMsg(False,'PORT_CHECK_EXISTS',(get,port,)) if int(get.port) >= 65535 or int(get.port) < 100: return public.returnMsg(False,'PORT_CHECK_RANGE'); public.writeFile('data/port.pl',get.port) import firewalls get.ps = public.getMsg('PORT_CHECK_PS'); fw = firewalls.firewalls(); fw.AddAcceptPort(get); get.port = oldPort; get.id = public.M('firewall').where("port=?",(oldPort,)).getField('id'); fw.DelAcceptPort(get); isReWeb = True if get.webname != web.ctx.session.webname: web.ctx.session.webname = get.webname public.writeFile('data/title.pl',get.webname); limitip = public.readFile('data/limitip.conf'); if get.limitip != limitip: public.writeFile('data/limitip.conf',get.limitip); public.writeFile('data/domain.conf',get.domain.strip()) public.writeFile('data/iplist.txt',get.address) public.M('config').where("id=?",('1',)).save('backup_path,sites_path',(get.backup_path,get.sites_path)) web.ctx.session.config['backup_path'] = get.backup_path web.ctx.session.config['sites_path'] = get.sites_path data = {'uri':web.ctx.fullpath,'host':web.ctx.host.split(':')[0]+':'+newPort,'status':True,'isReWeb':isReWeb,'msg':public.getMsg('PANEL_SAVE')} public.WriteLog('TYPE_PANEL','PANEL_SAVE',(newPort,get.domain,get.backup_path,get.sites_path,get.address,get.limitip)) return data
def get_ssh_errorlogin(self,get): fp = open('/var/log/secure','r'); l = fp.readline(); data = {}; data['intrusion'] = []; data['intrusion_total'] = 0; data['defense'] = []; data['defense_total'] = 0; data['success'] = []; data['success_total'] = 0; limit = 100; while l: if l.find('Failed password for root') != -1: if len(data['intrusion']) > limit: del(data['intrusion'][0]); data['intrusion'].append(l); data['intrusion_total'] += 1; elif l.find('Accepted') != -1: if len(data['success']) > limit: del(data['success'][0]); data['success'].append(l); data['success_total'] += 1; elif l.find('refused') != -1: if len(data['defense']) > limit: del(data['defense'][0]); data['defense'].append(l); data['defense_total'] += 1; l = fp.readline(); months = {'Jan':'01','Feb':'02','Mar':'03','Apr':'04','May':'05','June':'06','July':'07','Aug':'08','Sept':'09','Oct':'10','Nov':'11','Dec':'12'} intrusion = []; for g in data['intrusion']: tmp = {} tmp1 = g.split(); tmp['date'] = months[tmp1[0]] + '/' + tmp1[1] + ' ' + tmp1[2]; tmp['user'] = tmp1[8]; tmp['address'] = tmp1[10]; intrusion.append(tmp); data['intrusion'] = intrusion; success = []; for g in data['success']: tmp = {} tmp1 = g.split(); tmp['date'] = months[tmp1[0]] + '/' + tmp1[1] + ' ' + tmp1[2]; tmp['user'] = tmp1[8]; tmp['address'] = tmp1[10]; success.append(tmp); data['success'] = success; defense = [] for g in data['defense']: tmp = {} tmp1 = g.split(); tmp['date'] = months[tmp1[0]] + '/' + tmp1[1] + ' ' + tmp1[2]; tmp['user'] = '******'; tmp['address'] = tmp1[8]; defense.append(tmp); data['defense'] = defense; import firewalls; data['ssh'] = firewalls.firewalls().GetSshInfo(get); return data;
def setPHPMyAdmin(self,get): import re; #try: if public.get_webserver() == 'nginx': filename = web.ctx.session.setupPath + '/nginx/conf/nginx.conf'; else: filename = web.ctx.session.setupPath + '/apache/conf/extra/httpd-vhosts.conf'; conf = public.readFile(filename); if hasattr(get,'port'): mainPort = public.readFile('data/port.pl').strip(); if mainPort == get.port: return public.returnMsg(False,'SOFT_PHPVERSION_ERR_PORT_RE'); if public.get_webserver() == 'nginx': rep = "listen\s+([0-9]+)\s*;" oldPort = re.search(rep,conf).groups()[0]; conf = re.sub(rep,'listen ' + get.port + ';\n',conf); else: rep = "Listen\s+([0-9]+)\s*\n"; oldPort = re.search(rep,conf).groups()[0]; conf = re.sub(rep,"Listen " + get.port + "\n",conf,1); rep = "VirtualHost\s+\*:[0-9]+" conf = re.sub(rep,"VirtualHost *:" + get.port,conf,1); if oldPort == get.port: return public.returnMsg(False,'SOFT_PHPVERSION_ERR_PORT'); public.writeFile(filename,conf); import firewalls get.ps = public.getMsg('SOFT_PHPVERSION_PS'); fw = firewalls.firewalls(); fw.AddAcceptPort(get); public.serviceReload(); public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_PORT',(get.port,)) get.id = public.M('firewall').where('port=?',(oldPort,)).getField('id'); get.port = oldPort; fw.DelAcceptPort(get); return public.returnMsg(True,'SET_PORT_SUCCESS'); if hasattr(get,'phpversion'): if public.get_webserver() == 'nginx': filename = web.ctx.session.setupPath + '/nginx/conf/enable-php.conf'; conf = public.readFile(filename); rep = "php-cgi.*\.sock" conf = re.sub(rep,'php-cgi-' + get.phpversion + '.sock',conf,1); else: rep = "php-cgi.*\.sock" conf = re.sub(rep,'php-cgi-' + get.phpversion + '.sock',conf,1); public.writeFile(filename,conf); public.serviceReload(); public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_PHP',(get.phpversion,)) return public.returnMsg(True,'SOFT_PHPVERSION_SET'); if hasattr(get,'password'): import panelSite; if(get.password == 'close'): return panelSite.panelSite().CloseHasPwd(get); else: return panelSite.panelSite().SetHasPwd(get); if hasattr(get,'status'): if conf.find(web.ctx.session.setupPath + '/stop') != -1: conf = conf.replace(web.ctx.session.setupPath + '/stop',web.ctx.session.setupPath + '/phpmyadmin'); msg = public.getMsg('START') else: conf = conf.replace(web.ctx.session.setupPath + '/phpmyadmin',web.ctx.session.setupPath + '/stop'); msg = public.getMsg('STOP') public.writeFile(filename,conf); public.serviceReload(); public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_STATUS',(msg,)) return public.returnMsg(True,'SOFT_PHPMYADMIN_STATUS',(msg,));
def POST(self): import firewalls firewallObject = firewalls.firewalls() defs = ('GetList','AddDropAddress','DelDropAddress','FirewallReload','SetFirewallStatus','AddAcceptPort','DelAcceptPort','SetSshStatus','SetPing','SetSshPort','GetSshInfo') return publicObject(firewallObject,defs);
def setPHPMyAdmin(self,get): import re #try: filename = self.__get_webserver_conffile() if public.get_webserver() == 'openlitespeed': filename = "/www/server/panel/vhost/openlitespeed/detail/phpmyadmin.conf" conf = public.readFile(filename) if not conf: return public.returnMsg(False,'ERROR') if hasattr(get,'port'): mainPort = public.readFile('data/port.pl').strip() rulePort = ['80','443','21','20','8080','8081','8089','11211','6379'] oldPort = "888" if get.port in rulePort: return public.returnMsg(False,'AJAX_PHPMYADMIN_PORT_ERR') if public.get_webserver() == 'nginx': rep = r"listen\s+([0-9]+)\s*;" oldPort = re.search(rep,conf).groups()[0] conf = re.sub(rep,'listen ' + get.port + ';\n',conf) elif public.get_webserver() == 'apache': rep = r"Listen\s+([0-9]+)\s*\n" oldPort = re.search(rep,conf).groups()[0] conf = re.sub(rep,"Listen " + get.port + "\n",conf,1) rep = r"VirtualHost\s+\*:[0-9]+" conf = re.sub(rep,"VirtualHost *:" + get.port,conf,1) else: filename = '/www/server/panel/vhost/openlitespeed/listen/888.conf' conf = public.readFile(filename) reg = r"address\s+\*:(\d+)" tmp = re.search(reg,conf) if tmp: oldPort = tmp.groups(1) conf = re.sub(reg,"address *:{}".format(get.port),conf) if oldPort == get.port: return public.returnMsg(False,'SOFT_PHPVERSION_ERR_PORT') public.writeFile(filename,conf) import firewalls get.ps = public.getMsg('SOFT_PHPVERSION_PS') fw = firewalls.firewalls() fw.AddAcceptPort(get) public.serviceReload() public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_PORT',(get.port,)) get.id = public.M('firewall').where('port=?',(oldPort,)).getField('id') get.port = oldPort fw.DelAcceptPort(get) return public.returnMsg(True,'SET_PORT_SUCCESS') if hasattr(get,'phpversion'): if public.get_webserver() == 'nginx': filename = public.GetConfigValue('setup_path') + '/nginx/conf/enable-php.conf' conf = public.readFile(filename) rep = r"php-cgi.*\.sock" conf = re.sub(rep,'php-cgi-' + get.phpversion + '.sock',conf,1) elif public.get_webserver() == 'apache': rep = r"php-cgi.*\.sock" conf = re.sub(rep,'php-cgi-' + get.phpversion + '.sock',conf,1) else: reg = r'/usr/local/lsws/lsphp\d+/bin/lsphp' conf = re.sub(reg,'/usr/local/lsws/lsphp{}/bin/lsphp'.format(get.phpversion),conf) public.writeFile(filename,conf) public.serviceReload() public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_PHP',(get.phpversion,)) return public.returnMsg(True,'SOFT_PHPVERSION_SET') if hasattr(get,'password'): import panelSite if(get.password == 'close'): return panelSite.panelSite().CloseHasPwd(get) else: return panelSite.panelSite().SetHasPwd(get) if hasattr(get,'status'): if conf.find(public.GetConfigValue('setup_path') + '/stop') != -1: conf = conf.replace(public.GetConfigValue('setup_path') + '/stop',public.GetConfigValue('setup_path') + '/phpmyadmin') msg = public.getMsg('START') else: conf = conf.replace(public.GetConfigValue('setup_path') + '/phpmyadmin',public.GetConfigValue('setup_path') + '/stop') msg = public.getMsg('STOP') public.writeFile(filename,conf) public.serviceReload() public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_STATUS',(msg,)) return public.returnMsg(True,'SOFT_PHPMYADMIN_STATUS',(msg,))
def setPanel(self,get): if not public.IsRestart(): return public.returnMsg(False,'EXEC_ERR_TASK'); isReWeb = False sess_out_path = 'data/session_timeout.pl' if 'session_timeout' in get: session_timeout = int(get.session_timeout) s_time_tmp = public.readFile(sess_out_path) if not s_time_tmp: s_time_tmp = '0' if int(s_time_tmp) != session_timeout: if session_timeout < 300: return public.returnMsg(False,'超时时间不能小于300秒') public.writeFile(sess_out_path,str(session_timeout)) isReWeb = True workers_p = 'data/workers.pl' if 'workers' in get: workers = int(get.workers) if int(public.readFile(workers_p)) != workers: if workers < 1 or workers > 1024: return public.returnMsg(False,'面板线程数范围应该在1-1024之间') public.writeFile(workers_p,str(workers)) isReWeb = True if get.domain: reg = "^([\w\-\*]{1,100}\.){1,4}(\w{1,10}|\w{1,10}\.\w{1,10})$"; if not re.match(reg, get.domain): return public.returnMsg(False,'SITE_ADD_ERR_DOMAIN'); oldPort = public.GetHost(True); newPort = get.port; if oldPort != get.port: get.port = str(int(get.port)) if self.IsOpen(get.port): return public.returnMsg(False,'PORT_CHECK_EXISTS',(get.port,)) if int(get.port) >= 65535 or int(get.port) < 100: return public.returnMsg(False,'PORT_CHECK_RANGE'); public.writeFile('data/port.pl',get.port) import firewalls get.ps = public.getMsg('PORT_CHECK_PS'); fw = firewalls.firewalls(); fw.AddAcceptPort(get); get.port = oldPort; get.id = public.M('firewall').where("port=?",(oldPort,)).getField('id'); fw.DelAcceptPort(get); isReWeb = True if get.webname != session['title']: session['title'] = get.webname public.SetConfigValue('title',get.webname) limitip = public.readFile('data/limitip.conf'); if get.limitip != limitip: public.writeFile('data/limitip.conf',get.limitip); public.writeFile('data/domain.conf',get.domain.strip()) public.writeFile('data/iplist.txt',get.address) public.M('config').where("id=?",('1',)).save('backup_path,sites_path',(get.backup_path,get.sites_path)) session['config']['backup_path'] = os.path.join('/',get.backup_path) session['config']['sites_path'] = os.path.join('/',get.sites_path) mhost = public.GetHost() if get.domain.strip(): mhost = get.domain data = {'uri':request.path,'host':mhost+':'+newPort,'status':True,'isReWeb':isReWeb,'msg':public.getMsg('PANEL_SAVE')} public.WriteLog('TYPE_PANEL','PANEL_SET_SUCCESS',(newPort,get.domain,get.backup_path,get.sites_path,get.address,get.limitip)) if isReWeb: public.restart_panel() return data
def setPHPMyAdmin(self, get): import re #try: if public.get_webserver() == 'nginx': filename = web.ctx.session.setupPath + '/nginx/conf/nginx.conf' else: filename = web.ctx.session.setupPath + '/apache/conf/extra/httpd-vhosts.conf' conf = public.readFile(filename) if hasattr(get, 'port'): mainPort = public.readFile('data/port.pl').strip() if mainPort == get.port: return public.returnMsg(False, 'SOFT_PHPVERSION_ERR_PORT_RE') if public.get_webserver() == 'nginx': rep = "listen\s+([0-9]+)\s*;" oldPort = re.search(rep, conf).groups()[0] conf = re.sub(rep, 'listen ' + get.port + ';\n', conf) else: rep = "Listen\s+([0-9]+)\s*\n" oldPort = re.search(rep, conf).groups()[0] conf = re.sub(rep, "Listen " + get.port + "\n", conf, 1) rep = "VirtualHost\s+\*:[0-9]+" conf = re.sub(rep, "VirtualHost *:" + get.port, conf, 1) if oldPort == get.port: return public.returnMsg(False, 'SOFT_PHPVERSION_ERR_PORT') public.writeFile(filename, conf) import firewalls get.ps = public.getMsg('SOFT_PHPVERSION_PS') fw = firewalls.firewalls() fw.AddAcceptPort(get) public.serviceReload() public.WriteLog('TYPE_SOFT', 'SOFT_PHPMYADMIN_PORT', (get.port, )) get.id = public.M('firewall').where('port=?', (oldPort, )).getField('id') get.port = oldPort fw.DelAcceptPort(get) return public.returnMsg(True, 'SET_PORT_SUCCESS') if hasattr(get, 'phpversion'): if public.get_webserver() == 'nginx': filename = web.ctx.session.setupPath + '/nginx/conf/enable-php.conf' conf = public.readFile(filename) rep = "php-cgi.*\.sock" conf = re.sub(rep, 'php-cgi-' + get.phpversion + '.sock', conf, 1) else: rep = "php-cgi.*\.sock" conf = re.sub(rep, 'php-cgi-' + get.phpversion + '.sock', conf, 1) public.writeFile(filename, conf) public.serviceReload() public.WriteLog('TYPE_SOFT', 'SOFT_PHPMYADMIN_PHP', (get.phpversion, )) return public.returnMsg(True, 'SOFT_PHPVERSION_SET') if hasattr(get, 'password'): import panelSite if (get.password == 'close'): return panelSite.panelSite().CloseHasPwd(get) else: return panelSite.panelSite().SetHasPwd(get) if hasattr(get, 'status'): if conf.find(web.ctx.session.setupPath + '/stop') != -1: conf = conf.replace(web.ctx.session.setupPath + '/stop', web.ctx.session.setupPath + '/phpmyadmin') msg = public.getMsg('START') else: conf = conf.replace(web.ctx.session.setupPath + '/phpmyadmin', web.ctx.session.setupPath + '/stop') msg = public.getMsg('STOP') public.writeFile(filename, conf) public.serviceReload() public.WriteLog('TYPE_SOFT', 'SOFT_PHPMYADMIN_STATUS', (msg, )) return public.returnMsg(True, 'SOFT_PHPMYADMIN_STATUS', (msg, ))
def __check_port_appect(self, get): import firewalls get.port = str(self.get_rsync_conf(None)['global']['port']) get.ps = '数据同步工具rsync端口' firewalls.firewalls().AddAcceptPort(get)
def setPanel(self, get): if not public.IsRestart(): return public.returnMsg(False, 'EXEC_ERR_TASK') if get.domain: reg = "^([\w\-\*]{1,100}\.){1,4}(\w{1,10}|\w{1,10}\.\w{1,10})$" if not re.match(reg, get.domain): return public.returnMsg(False, 'SITE_ADD_ERR_DOMAIN') isReWeb = False try: oldPort = web.ctx.host.split(':')[1] except: oldPort = public.readFile('data/port.pl').strip() newPort = get.port if oldPort != get.port: get.port = str(int(get.port)) if self.IsOpen(get.port): return public.returnMsg(False, 'PORT_CHECK_EXISTS', (get.port, )) if int(get.port) >= 65535 or int(get.port) < 100: return public.returnMsg(False, 'PORT_CHECK_RANGE') public.writeFile('data/port.pl', get.port) import firewalls get.ps = public.getMsg('PORT_CHECK_PS') fw = firewalls.firewalls() fw.AddAcceptPort(get) get.port = oldPort get.id = public.M('firewall').where("port=?", (oldPort, )).getField('id') fw.DelAcceptPort(get) isReWeb = True if get.webname != web.ctx.session.webname: web.ctx.session.webname = get.webname public.writeFile('data/title.pl', get.webname) limitip = public.readFile('data/limitip.conf') if get.limitip != limitip: public.writeFile('data/limitip.conf', get.limitip) public.writeFile('data/domain.conf', get.domain.strip()) public.writeFile('data/iplist.txt', get.address) public.M('config').where("id=?", ('1', )).save( 'backup_path,sites_path', (get.backup_path, get.sites_path)) web.ctx.session.config['backup_path'] = get.backup_path web.ctx.session.config['sites_path'] = get.sites_path mhost = web.ctx.host.split(':')[0] if get.domain.strip(): mhost = get.domain data = { 'uri': web.ctx.fullpath, 'host': mhost + ':' + newPort, 'status': True, 'isReWeb': isReWeb, 'msg': public.getMsg('PANEL_SAVE') } public.WriteLog('TYPE_PANEL', 'PANEL_SAVE', (newPort, get.domain, get.backup_path, get.sites_path, get.address, get.limitip)) self.setService() if isReWeb: os.system("sleep 2 && /etc/init.d/bt restart &") return data
def setPHPMyAdmin(self,get): import re; #try: filename = self.__get_webserver_conffile() conf = public.readFile(filename) if not conf: return public.returnMsg(False,'ERROR') if hasattr(get,'port'): mainPort = public.readFile('data/port.pl').strip() rulePort = ['80','443','21','20','8080','8081','8089','11211','6379'] if get.port in rulePort: return public.returnMsg(False,'AJAX_PHPMYADMIN_PORT_ERR') if public.get_webserver() == 'nginx': rep = "listen\s+([0-9]+)\s*;" oldPort = re.search(rep,conf).groups()[0] conf = re.sub(rep,'listen ' + get.port + ';\n',conf) else: rep = "Listen\s+([0-9]+)\s*\n" oldPort = re.search(rep,conf).groups()[0] conf = re.sub(rep,"Listen " + get.port + "\n",conf,1) rep = "VirtualHost\s+\*:[0-9]+" conf = re.sub(rep,"VirtualHost *:" + get.port,conf,1) if oldPort == get.port: return public.returnMsg(False,'SOFT_PHPVERSION_ERR_PORT') public.writeFile(filename,conf) import firewalls get.ps = public.getMsg('SOFT_PHPVERSION_PS') fw = firewalls.firewalls() fw.AddAcceptPort(get); public.serviceReload() public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_PORT',(get.port,)) get.id = public.M('firewall').where('port=?',(oldPort,)).getField('id') get.port = oldPort fw.DelAcceptPort(get) return public.returnMsg(True,'SET_PORT_SUCCESS') if hasattr(get,'phpversion'): if public.get_webserver() == 'nginx': filename = public.GetConfigValue('setup_path') + '/nginx/conf/enable-php.conf' conf = public.readFile(filename) rep = "php-cgi.*\.sock" conf = re.sub(rep,'php-cgi-' + get.phpversion + '.sock',conf,1) else: rep = "php-cgi.*\.sock" conf = re.sub(rep,'php-cgi-' + get.phpversion + '.sock',conf,1) public.writeFile(filename,conf) public.serviceReload() public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_PHP',(get.phpversion,)) return public.returnMsg(True,'SOFT_PHPVERSION_SET') if hasattr(get,'password'): import panelSite; if(get.password == 'close'): return panelSite.panelSite().CloseHasPwd(get) else: return panelSite.panelSite().SetHasPwd(get) if hasattr(get,'status'): if conf.find(public.GetConfigValue('setup_path') + '/stop') != -1: conf = conf.replace(public.GetConfigValue('setup_path') + '/stop',public.GetConfigValue('setup_path') + '/phpmyadmin') msg = public.getMsg('START') else: conf = conf.replace(public.GetConfigValue('setup_path') + '/phpmyadmin',public.GetConfigValue('setup_path') + '/stop') msg = public.getMsg('STOP') public.writeFile(filename,conf) public.serviceReload() public.WriteLog('TYPE_SOFT','SOFT_PHPMYADMIN_STATUS',(msg,)) return public.returnMsg(True,'SOFT_PHPMYADMIN_STATUS',(msg,))