Example #1
0
    def createLogger(self):
        from cattivo.firewall.iptables.nflog.logger import NFLogLoggerServer

        group = cattivo.config.getint("firewall", "log-group")
        self.logServer = NFLogLoggerServer(group)
        self.logServer.startService()
        reactor.addSystemEventTrigger("after", "shutdown",
                    self.logServer.stopService)

        return defer.succeed(None)
Example #2
0
class Launcher(Loggable):
    options = None

    def createClientList(self):
        clientlist_type_name = cattivo.config.get("clientlist", "type")
        clientlist_type = namedAny(clientlist_type_name)

        self.clientList = clientlist_type()
        dfr = self.clientList.initialize()

        return dfr

    def createFirewall(self):
        from cattivo.firewall.firewall import Firewall

        address = cattivo.config.get("bouncer", "bind-address")
        port = cattivo.config.getint("bouncer", "port")
        self.firewall = Firewall(address, port, self.clientList)
        dfr = self.firewall.initialize()
        dfr.addCallback(self.firewallInitializeCb)

        return dfr

    def createLogger(self):
        from cattivo.firewall.iptables.nflog.logger import NFLogLoggerServer

        group = cattivo.config.getint("firewall", "log-group")
        self.logServer = NFLogLoggerServer(group)
        self.logServer.startService()
        reactor.addSystemEventTrigger("after", "shutdown",
                    self.logServer.stopService)

        return defer.succeed(None)

    def firewallInitializeCb(self, result):
        reactor.addSystemEventTrigger("after", "shutdown", self.stopFirewall)

    def stopFirewall(self):
        return self.firewall.clean()

    def createBouncer(self):
        self.bouncer_port = reactor.listenTCP(port=cattivo.config.getint("bouncer", "port"),
                factory=BouncerSite(self.firewall,
                        cattivo.config.get("authenticator", "host")),
                        interface=cattivo.config.get("bouncer", "bind-address"))

        # set IP_TRANSPARENT for TPROXY to work
        self.bouncer_port.socket.setsockopt(SOL_IP, IP_TRANSPARENT, 1)

        return defer.succeed(None)

    def createCleaner(self):
        type_name = cattivo.config.get("cleaner", "type")
        cleaner_server_type = namedAny(type_name)
        port = cattivo.config.getint("cleaner", "port")
        address = cattivo.config.get("cleaner", "bind-address")
        self.cleaner_server_port = reactor.listenTCP(port=port,
                factory=cleaner_server_type(self.firewall), interface=address)

        return defer.succeed(None)

    def createClientlistServer(self):
        type_name = cattivo.config.get("clientlist-server", "type")
        clientlist_server_type = namedAny(type_name)
        port = cattivo.config.getint("clientlist-server", "port")
        address = cattivo.config.get("clientlist-server", "bind-address")
        self.clientlist_server_port = reactor.listenTCP(port=port,
                factory=clientlist_server_type(), interface=address)

        return defer.succeed(None)

    def createLogServer(self):
        type_name = cattivo.config.get("logger-server", "type")
        log_server_type = namedAny(type_name)
        port = cattivo.config.getint("logger-server", "port")
        address = cattivo.config.get("logger-server", "bind-address")
        self.log_server_port = reactor.listenTCP(port=port,
                factory=log_server_type(), interface=address)

        return defer.succeed(None)

    def create_option_parser(self):
        parser = OptionParser()
        parser.add_option('--config-file', type='string', default="cattivo.conf")
        parser.add_option('--debug', type='string', action='append')
        parser.add_option('--debug-file', type='string')
        parser.add_option("--clientlist-server",
                action="store_true", default=False)
        parser.add_option("--logger-server",
                action="store_true", default=False)

        return parser

    def start(self):
        try:
            dfr = self.startUnchecked()
        except:
            return self.startError(defer.fail())

        dfr.addErrback(self.startError)

    def initLog(self):
        loggable.init(self.options, cattivo.config)

    def startUnchecked(self):
        loggable.init(self.options, cattivo.config)

        self.ensureTwistedPair()
        dfr = task.coiterate(self.iterateStart())
        return dfr

    def ensureTwistedPair(self):
        try:
            import twisted.pair
        except ImportError:
            import new
            m = new.module("twisted.pair")
            sys.modules["twisted.pair"] = m
            global twisted
            twisted.pair = m
            m.__file__ = os.path.join(sibpath(__file__, "twisted_pair"), "__init__.pyc")
            m.__path__ = [sibpath(__file__, "twisted_pair")]

    def logServiceStartCb(self, result, service):
        self.info("%s created successfully" % service)

        return result

    def logServiceStartEb(self, failure, service):
        self.warning("failure creating service %s: %s" % (service,
                getFailureMessage(failure)))

        return failure

    def startServiceLogged(self, name, method, *args, **kw):
        self.info("starting service %s" % name)
        dfr = method(*args, **kw)
        dfr.addCallback(self.logServiceStartCb, name)
        dfr.addErrback(self.logServiceStartEb, name)

        return dfr

    def iterateStart(self):
        yield self.startServiceLogged("clientlist", self.createClientList)
        yield self.startServiceLogged("firewall", self.createFirewall)
        yield self.startServiceLogged("logger", self.createLogger)
        yield self.startServiceLogged("bouncer", self.createBouncer)
        yield self.startServiceLogged("cleaner", self.createCleaner)
        if self.options.clientlist_server:
            yield self.startServiceLogged("clientlist-server",
                    self.createClientlistServer)

        if self.options.logger_server:
            yield self.startServiceLogged("logger-server",
                    self.createLogServer)

    def startError(self, failure):
        reactor.stop()
        failure.raiseException()

    def loadConfig(self, config_file):
        config = RawConfigParser()
        config.read(config_file)

        cattivo.config = config

        return config

    def main(self):
        self.option_parser = self.create_option_parser()
        self.options, self.args = self.option_parser.parse_args()

        try:
            self.loadConfig(self.options.config_file)
        except IOError, e:
            self.option_parser.error(str(e))
            return 1

        reactor.callWhenRunning(self.start)
        reactor.run()