Ejemplo n.º 1
0
def check_dpkg():
    purge_list = []
    with hide('stdout'):
        for i, line in enumerate(str(run('dpkg -l')).splitlines()):
            if i < 6:
                continue
            if line.startswith(b'ii'):
                continue
            line = line.strip()
            if line.startswith(b'rc'):
                purge_list.append(line.split()[1])
                continue
            print(line)
    if purge_list:
        sudo('aptitude -y purge ' + ' '.join(purge_list))
Ejemplo n.º 2
0
def check_dpkg():
    purge_list = []
    with hide('stdout'):
        for i, line in enumerate(str(run('dpkg -l')).splitlines()):
            if i < 6:
                continue
            if line.startswith(b'ii'):
                continue
            line = line.strip()
            if line.startswith(b'rc'):
                purge_list.append(line.split()[1])
                continue
            print(line)
    if purge_list:
        sudo('aptitude -y purge ' + ' '.join(purge_list))
Ejemplo n.º 3
0
def ip6tables():
    with hide('stdout'):
        rules = sudo('ip6tables -n -v -L INPUT')
    tcpports = ';'.join(get_port_list(rules, 'tcp')) or '22'
    udpports = ';'.join(get_port_list(rules, 'udp'))
    sudo('ip6tables -P INPUT ACCEPT')
    sudo('ip6tables -F INPUT')
    sudo('ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT')
    sudo('ip6tables -A INPUT -i lo -j ACCEPT')
    sudo('ip6tables -A INPUT -p ipv6-icmp -j ACCEPT')
    print('line split by semicolon.')
    if '22' not in tcpports:
        print('WARNING: ssh default port not in tcp list,\
 this may cause connection broken.')
    set_ports('ipv6', 'tcp', 'ip6tables', tcpports)
    set_ports('ipv6', 'udp', 'ip6tables', udpports)
    sudo('ip6tables -P INPUT DROP')
Ejemplo n.º 4
0
def ip6tables():
    with hide('stdout'):
        rules = sudo('ip6tables -n -v -L INPUT')
    tcpports = ';'.join(get_port_list(rules, 'tcp')) or '22'
    udpports = ';'.join(get_port_list(rules, 'udp'))
    sudo('ip6tables -P INPUT ACCEPT')
    sudo('ip6tables -F INPUT')
    sudo('ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT')
    sudo('ip6tables -A INPUT -i lo -j ACCEPT')
    sudo('ip6tables -A INPUT -p ipv6-icmp -j ACCEPT')
    print('line split by semicolon.')
    if '22' not in tcpports:
        print('WARNING: ssh default port not in tcp list,\
 this may cause connection broken.')
    set_ports('ipv6', 'tcp', 'ip6tables', tcpports)
    set_ports('ipv6', 'udp', 'ip6tables', udpports)
    sudo('ip6tables -P INPUT DROP')