def initialize_bw(self):
self.require_remote()
# sanity (of which I have none)
self.cleanup_bw()
# create chains
(exit_code,_,_) = iptables.add_chain("PANENTHE_BW", self.do_execute)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# create rule for INPUT table
(exit_code,_,_) = iptables.insert_rule(
"INPUT", "-j PANENTHE_BW", self.do_execute
)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# create rule for FORWARD table
(exit_code,_,_) = iptables.insert_rule(
"FORWARD", "-j PANENTHE_BW", self.do_execute
)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# create rule for OUTPUT table
(exit_code,_,_) = iptables.insert_rule(
"OUTPUT", "-j PANENTHE_BW", self.do_execute
)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# server IP addresses
ac = api.api_call("server_ips", {
'server_id': self.get_server_id()
})
ret = ac.execute()
if ret != errors.ERR_SUCCESS: return ret
result = ac.output()
# use IPs
try:
result[0]
result[0]['ip']
ips = result[0]['ip']
# loop through IPs
for ip in ips:
iptables.add_rule("PANENTHE_BW", "-d %s" % ip, self.do_execute)
iptables.add_rule("PANENTHE_BW", "-s %s" % ip, self.do_execute)
# there might not be any IPs yet
except (IndexError, KeyError): pass
# save iptables rules
error = iptables.save(self.do_execute, self.get_remote_distro())
return error
def suspend_ip(self):
if not self.require("ip"):
return errors.throw(errors.BACKEND_INVALID_INPUT)
# FORWARD table incoming
(exit_code,_,_) = iptables.insert_rule(
"FORWARD", "-d %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# fail
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# FORWARD table outgoing
(exit_code,_,_) = iptables.insert_rule(
"FORWARD", "-s %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# fail
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# INPUT table incoming
(exit_code,_,_) = iptables.insert_rule(
"INPUT", "-d %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# fail
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# INPUT table outgoing
(exit_code,_,_) = iptables.insert_rule(
"INPUT", "-s %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# fail
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# OUTPUT table incoming
(exit_code,_,_) = iptables.insert_rule(
"OUTPUT", "-d %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# fail
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# OUTPUT table outgoing
(exit_code,_,_) = iptables.insert_rule(
"OUTPUT", "-s %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# fail
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# save rules
srv = self.get_server()
error = iptables.save(srv.do_execute, srv.get_remote_distro())
if error != errors.ERR_SUCCESS:
return error
