Ejemplo n.º 1
0
    def main(self):
        logger = uacLog().getLog()
        disable_file_system_redirection().__enter__()
        command = 'c:\\windows\\system32\\query user'
        currentPath = sys.path[0]
        config = configparser.RawConfigParser()
        config.read(os.path.join(currentPath,'uac.conf'))
        logger.info('UAC system start.')
        currentList = []
        while True:

            result = os.popen(command).readlines()
            newList = []
            for  line in result:
                name = str(line[0:9]).replace(' ','')
                if name != 'USERNAME':
                    newList.append(name)
            diff=list(set(newList).difference(set(currentList)))
            if diff == []:
                currentList = newList
            else:
                if len(diff) == 1:
                    username = diff[0]
                    logger.info('User login:'******'Emergency mode: ' + username)
                        else:
                            firewall.activate(username,loginuser.ipList)
                            logger.info('Set firewall for: ' + username)
                    except :
                        logger.critical('Database connection fail.')
                        firewall = winFirewall()
                        firewall.allfree()
                        logger.critical('Allow all IP.')
                    currentList = newList
                else:
                    currentList = newList
                    logger.critical('User login error:')
                    logger.critical('User login befor:')
                    for name in currentList:
                        logger.critical(name)
                    logger.critical('User login after:')
                    for name in newList:
                        logger.critical(name)
Ejemplo n.º 2
0
def test():
    username = '******'
    ipList = ['192.168.0.1', '192,168.0.2']

    firewall = winFirewall()
    firewall.test(username,ipList)
    try:
        assert firewall.commandList[0] == 'netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound'
        assert firewall.commandList[1] == 'netsh advfirewall firewall del rule name="uac"'
        assert firewall.commandList[2] == 'netsh advfirewall firewall add rule name="uac" dir=out action=allow enable=yes remoteip=10.177.132.36,192.168.0.1,192,168.0.2 profile=any'
        print('firewall.winFirewall.activate ...... pass')
    except:
        print('firewall.winFirewall.activate ...... failed')

    firewall = ipTables()
    firewall.test(username,ipList)
    try:
        assert firewall.commandList[0] == "iptables --line-numbers -L OUTPUT |awk '/UID match ejiaqxi/{print $1}'|sort -nr |while read num; do iptables -D OUTPUT ${num}; done"
        assert firewall.commandList[1] == "iptables -I OUTPUT -m owner --uid-owner ejiaqxi -j ACCEPT -d 192.168.0.1"
        assert firewall.commandList[2] == "iptables -I OUTPUT -m owner --uid-owner ejiaqxi -j ACCEPT -d 192,168.0.2"
        assert firewall.commandList[3] == "iptables -A OUTPUT -m owner --uid-owner ejiaqxi -j DROP"
        print('firewall.ipTables.activate ...... pass')
    except:
        print('firewall.ipTables.activate ...... failed')