def uninstall_keepalived(args=""): """ Remove Keepalived from the server. """ app.print_verbose("Uninstall Keepalived") os.chdir("/") _chkconfig("keepalived", "off") _service("keepalived", "stop") x("yum -y remove keepalived") x("rm -rf {0}*".format(KA_CONF_DIR)) del_iptables_chain() iptables.save()
def uninstall_keepalived(args=""): """ Remove Keepalived from the server. """ app.print_verbose("Uninstall Keepalived") os.chdir("/") _chkconfig("keepalived","off") _service("keepalived","stop") x("yum -y remove keepalived") x("rm -rf {0}*".format(KA_CONF_DIR)) del_iptables_chain() iptables.save()
def remove_all_ips(self): if not self.require("real_id"): return errors.throw(errors.BACKEND_INVALID_INPUT) # vps IP addresses ac = api.api_call("vm_ips", { 'vps_id': self.vps_id }) ret = ac.execute() if ret != errors.ERR_SUCCESS: return ret # remove IPs from iptables try: ips = ac.output()[0]['ip'] # loop through IPs and remove for ip in ips: iptables.delete_rule( "PANENTHE_BW", "-d %s" % ip, self.do_execute ) iptables.delete_rule( "PANENTHE_BW", "-s %s" % ip, self.do_execute ) except (IndexError, KeyError): pass # save rules srv = self.get_server() error = iptables.save(srv.do_execute, srv.get_remote_distro()) if error != errors.ERR_SUCCESS: return error
def add_ip(self): if not self.require(["real_id", "ip", "netmask", "gateway"]): return errors.throw(errors.BACKEND_INVALID_INPUT) # incoming traffic (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-d %s" % self.ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # outgoing traffic (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-s %s" % self.ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # save rules srv = self.get_server() error = iptables.save(srv.do_execute, srv.get_remote_distro()) if error != errors.ERR_SUCCESS: return error
def cleanup_bw(self): self.require_remote() # delete rules iptables.delete_rule("FORWARD", "-j PANENTHE_BW", self.do_execute) # delete chains iptables.delete_chain("PANENTHE_BW", self.do_execute) # delete cron self.do_execute("sed -r \"/# panenthe_bw$/d\" -i \"%s\"" % glob.config.get("paths", "crontab") ) # save iptables rules error = iptables.save(self.do_execute, self.get_remote_distro()) return error
def remove_ip(self): if not self.require(["real_id", "ip"]): return errors.throw(errors.BACKEND_INVALID_INPUT) # incoming traffic iptables.delete_rule( "PANENTHE_BW", "-d %s" % self.ip, self.do_execute ) # outgoing traffic iptables.delete_rule( "PANENTHE_BW", "-s %s" % self.ip, self.do_execute ) # save rules srv = self.get_server() error = iptables.save(srv.do_execute, srv.get_remote_distro()) if error != errors.ERR_SUCCESS: return error
def initialize_bw(self): self.require_remote() # sanity (of which I have none) self.cleanup_bw() # create chains (exit_code,_,_) = iptables.add_chain("PANENTHE_BW", self.do_execute) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # create rule for INPUT table (exit_code,_,_) = iptables.insert_rule( "INPUT", "-j PANENTHE_BW", self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # create rule for FORWARD table (exit_code,_,_) = iptables.insert_rule( "FORWARD", "-j PANENTHE_BW", self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # create rule for OUTPUT table (exit_code,_,_) = iptables.insert_rule( "OUTPUT", "-j PANENTHE_BW", self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # server IP addresses ac = api.api_call("server_ips", { 'server_id': self.get_server_id() }) ret = ac.execute() if ret != errors.ERR_SUCCESS: return ret result = ac.output() # use IPs try: result[0] result[0]['ip'] ips = result[0]['ip'] # loop through IPs for ip in ips: iptables.add_rule("PANENTHE_BW", "-d %s" % ip, self.do_execute) iptables.add_rule("PANENTHE_BW", "-s %s" % ip, self.do_execute) # there might not be any IPs yet except (IndexError, KeyError): pass # save iptables rules error = iptables.save(self.do_execute, self.get_remote_distro()) return error
def unsuspend_ip(self): if not self.require("ip"): return errors.throw(errors.BACKEND_INVALID_INPUT) # FORWARD table incoming iptables.delete_rule( "FORWARD", "-d %s -m comment --comment panenthe_suspend -j %s" % ( executer.escape(self.ip), glob.config.get("server", "suspend_mode") ), self.do_execute ) # FORWARD table outgoing iptables.delete_rule( "FORWARD", "-s %s -m comment --comment panenthe_suspend -j %s" % ( executer.escape(self.ip), glob.config.get("server", "suspend_mode") ), self.do_execute ) # INPUT table incoming iptables.delete_rule( "INPUT", "-d %s -m comment --comment panenthe_suspend -j %s" % ( executer.escape(self.ip), glob.config.get("server", "suspend_mode") ), self.do_execute ) # INPUT table outgoing iptables.delete_rule( "INPUT", "-s %s -m comment --comment panenthe_suspend -j %s" % ( executer.escape(self.ip), glob.config.get("server", "suspend_mode") ), self.do_execute ) # OUTPUT table incoming iptables.delete_rule( "OUTPUT", "-d %s -m comment --comment panenthe_suspend -j %s" % ( executer.escape(self.ip), glob.config.get("server", "suspend_mode") ), self.do_execute ) # OUTPUT table outgoing iptables.delete_rule( "OUTPUT", "-s %s -m comment --comment panenthe_suspend -j %s" % ( executer.escape(self.ip), glob.config.get("server", "suspend_mode") ), self.do_execute ) # save rules srv = self.get_server() error = iptables.save(srv.do_execute, srv.get_remote_distro()) if error != errors.ERR_SUCCESS: return error