Ejemplo n.º 1
0
def genbworgsql(orgid,viewname,shid):
    # debug
    #print "executing white list domainsql"
    # Make sure there is no existing lists before going to the trouble of creating the SQL, additional views
    # will use the same white and black lists. This could change in a later release
    bwresult = inputOrgId(orgid) # needed to get the status, using length of list to avoid global vars
    if bwresult[0]:
        print "\nWarning\nThat org id appears to have white and black lists already,"
        print "if this is an additional view for the same organiation this message can be ignored"
        return
    # values for SQL statements
    defwhitedom =  viewname + "-white.local"
    defwhitehost = "ignore." + defwhitedom
    defblackdom = viewname + "-black.local"
    defblackhost = "confirm." + defblackdom
    defdesc = "Default entry created on setup, not expected to be used"
    dstamp = date.isoformat(datetime.now())
    defip = str(iptoint_dm.dotQuadtoInt('198.51.100.187'))
    deftype = 'A'
    #
    # Whitelist domain
    sqlstr = "INSERT into whitelist_domain (org_id,wl_domain,wld_desc,wld_date) VALUES ('" + str(orgid) +"','" + defwhitedom +"','" + defdesc +"','" + dstamp +"');"
    #print sqlstr
    wldresult=menudbinsert_dm.dbinsert(sqlstr)
    if wldresult == 1:
        print "Default white list domain table entry for this organization created successfully"
    else:
        print "You may need to manually check the whitelist_domain table"
    # Whitelist host
    sqlstr = "INSERT into whitelist_host (org_id,wlh_type,wl_host,wlh_ip,wlh_desc,wlh_date) VALUES ('"\
             + str(orgid) + "','" + deftype + "','" + defwhitehost + "','" + defip + "','" + defdesc +"','" + dstamp +"');"
    #print sqlstr
    wldresult=menudbinsert_dm.dbinsert(sqlstr)
    if wldresult == 1:
        print "Default white list host table entry for this organization created successfully"
    else:
        print "You may need to manually check the whitelist_host table"
        # Blacklist domain
    sqlstr = "INSERT into blacklist_domain (org_id,bl_domain,bld_sinkhole,bld_desc,bld_date) VALUES ('" \
             + str(orgid) +"','" + defblackdom + "','" + str(shid) + "','" + defdesc +"','" + dstamp +"');"
    #print sqlstr
    wldresult=menudbinsert_dm.dbinsert(sqlstr)
    if wldresult == 1:
        print "Default black list domain table entry for this organization created successfully"
    else:
        print "You may need to manually check the blacklist_domain table"
    # Blacklist host
    sqlstr = "INSERT into blacklist_host (org_id,blh_type,bl_host,blh_ip,blh_sinkhole,blh_desc,blh_date) VALUES ('"\
             + str(orgid) + "','" + deftype + "','" + defblackhost + "','" + defip + "','" + str(shid) + "','" + defdesc +"','" + dstamp +"');"
    #print sqlstr
    wldresult=menudbinsert_dm.dbinsert(sqlstr)
    if wldresult == 1:
        print "Default black list host table entry for this organization created successfully"
    else:
        print "You may need to manually check the blacklist_host table"
    return wldresult
Ejemplo n.º 2
0
def doView(mwlist):
    #print "do menu view"
    #for val in mwlist:
    #    print val
    # create a dictionary to collect all the results to generate SQL inserts or update
    viewDict = dict()
    # insert org id into dictionary
    viewDict['org_id'] = mwlist[2]
    if mwlist[1] != 'update':
        # start the menu to gather view details
        viewmenuactive=True
        while viewmenuactive:
            getviewname = True
            print "\nYou are about to provide the data needed for a new Bind View and related zone files."
            print "\nThe view must be a unique name within the system,"
            print "it must also be a single word with no spaces, letters, dashes, underscores and digits ok"
            while getviewname:
                uvinput = raw_input("Enter view name: ")
                uvinput = uvinput.strip().lower()
                vresult = inputView(uvinput) # needed to get the status, using length of list to avoid global vars
                if not vresult[0]:
                    viewDict['view_name'] = vresult[1]
                    getviewname = False

            getmonip = True
            while getmonip:
                print "\nIdeally you want to direct suspicious traffic to a server you control, AKA, sinkhole"
                uvlinput = raw_input("What is the internal IP for the monitoring application? ( dotted quad): ")
                uvlinput = iptoint_dm.dotQuadtoInt(uvlinput)
                if uvlinput > 10:
                    viewDict['sh_ip'] = uvlinput
                    getmonip = False
                else:
                    print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again"

            print"\nProvide a short description of this sink hole, EG, .net app running in Calgary office"
            getmondesc = True
            while getmondesc:
                uvlinput = raw_input("Description: ")
                uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1')
                #print uvlinput
                if uvlinput == 'invalid_format':
                    continue
                else:
                    viewDict['sh_desc'] = uvlinput
                    getmondesc = False

            getviewip = True
            viewClientIPList=[]
            print "\nDefine the source IP(s)/ subnets for the recursive clients using this view( dotted quad or cidr): "
            while getviewip:
                addrtype= raw_input("Is this a single IP or subnet (ip|cidr)? ")
                addrtype = addrtype.strip().lower()
                if addrtype == 'ip':
                    uvsinput = raw_input("What is the source IP for the recursive clients?( dotted quad): ")
                    uvsinput = inputSani_dm.inputSanitizer(uvsinput,'ip')
                    if uvsinput == 'invalid_format':
                        print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again"
                        continue
                else:
                    uvsinput = raw_input("What is the source subnet for the recursive clients?( cidr notation): ")
                    uvsinput = inputSani_dm.inputSanitizer(uvsinput,'cidr')
                    if uvsinput == 'invalid_format':
                        print "hmm, looks like that wasn't cidr notation, EG 172.16.28.0/26, please enter again"
                        continue
                viewClientIPList.append(uvsinput)
                nextIP = raw_input("\nDo you need to add another IP address (yes|no)?")
                nextIP = nextIP.strip().lower()
                if nextIP == 'no':
                    getviewip = False
                    # build IPs and cidr into a CSV string to be used with views
                    rcsvclients  = ",".join(map(str,viewClientIPList))
                    viewDict['view_src_acl_ips'] = rcsvclients  # build into an ACL data structure later on

            getviewdesc = True
            print"\nProvide a short description of what's behind these IP addresses,  EG, Eastern office or Engineering dept"
            while getviewdesc:
                uvlinput = raw_input("Description: ")
                uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1')
                #print uvlinput
                if uvlinput == 'invalid_format':
                    continue
                else:
                    viewDict['view_desc'] = uvlinput
                    getviewdesc = False

            print "\n please standby, generating a view specific domain for RPZ usage."
            dompart = genRandomString_dm.genString(7)
            hostpart = genRandomString_dm.genString(6)
            shfqdn = hostpart + '.' + dompart + '.local'
            print "\n created this virtually unguessable FQDN just for this view: " + shfqdn
            viewDict['sh_fqdn'] = shfqdn
            # generate the list to be fed to db-insert_sinkholedata
            sinkholesql = insertsinkholedata_dm.parsemenudict(viewDict)
            #print sinkholesql
            shresult=menudbinsert_dm.dbinsert(sinkholesql)
            #print shresult
            if shresult == 1:
                print "sinkhole table entry created successfully"
                # grab teh sinkhole id to dump into the view table
                shselect = ['sinkhole_id','view_sinkholes','sh_fqdn',shfqdn]
                thisresultlist = menudbselect_dm.dbRecordSelect(shselect)
                if len(thisresultlist) == 1:
                    viewDict['def_sh_id'] = thisresultlist[0]
                else:
                    print "failed to retrieve sinkhole ID, you should probably exit and debug this"
            else:
                print "You may need to manually check the view_sinkholes table"

            #generate tsig_key meta data, ( this is static even if the keys are updated
            oid = viewDict['org_id']
            vname = viewDict['view_name']
            tsigid = genTsigData_dm.gentsigsql(oid,vname)
            newtsigid = tsigid[0]
            viewDict['tsig_id'] = newtsigid
            # debug dictionary contents
            #for key,val in viewDict.iteritems():
            #    print key, '-->', viewDict[key]
            # generate the list from dictinary values and push data
            viewsqlinsert=[viewDict['org_id'],viewDict['view_name'],viewDict['def_sh_id'],viewDict['view_src_acl_ips'],viewDict['view_desc'],viewDict['tsig_id']]
            # debug                 (org_id,view_name,def_sh_id,view_src_acl_ips,view_desc,tsig_id)
            #for val in viewsqlinsert:
            #    print val
            thisviewid = insertviewdata_dm.genviewgsql(viewsqlinsert)
            newviewid = thisviewid[0]
            if len(thisviewid) == 1:
                print "\nProgress report: \nCreation of view " + viewDict['view_name'] + " confirmed successful, please generate an view file for this organization now, menu/genorgview\n"

            # generate black and white list entries since there is a now a view for the org
            print "\nStand by, just making a few internal database updates"
            shid = viewDict['def_sh_id']
            wlcreate = genDefListData_dm.genbworgsql(oid,vname,shid)
            if wlcreate == 1:
                print "All black list and white list default records were successfully initialized"

            # exit do view menu
            viewmenuactive=False

    return