def add_ip(self): if not self.require(["real_id", "ip", "netmask", "gateway"]): return errors.throw(errors.BACKEND_INVALID_INPUT) # incoming traffic (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-d %s" % self.ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # outgoing traffic (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-s %s" % self.ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # save rules srv = self.get_server() error = iptables.save(srv.do_execute, srv.get_remote_distro()) if error != errors.ERR_SUCCESS: return error
def initialize_bw(self): self.require_remote() # sanity (of which I have none) self.cleanup_bw() # create chains (exit_code,_,_) = iptables.add_chain("PANENTHE_BW", self.do_execute) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # create rule for INPUT table (exit_code,_,_) = iptables.insert_rule( "INPUT", "-j PANENTHE_BW", self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # create rule for FORWARD table (exit_code,_,_) = iptables.insert_rule( "FORWARD", "-j PANENTHE_BW", self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # create rule for OUTPUT table (exit_code,_,_) = iptables.insert_rule( "OUTPUT", "-j PANENTHE_BW", self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # server IP addresses ac = api.api_call("server_ips", { 'server_id': self.get_server_id() }) ret = ac.execute() if ret != errors.ERR_SUCCESS: return ret result = ac.output() # use IPs try: result[0] result[0]['ip'] ips = result[0]['ip'] # loop through IPs for ip in ips: iptables.add_rule("PANENTHE_BW", "-d %s" % ip, self.do_execute) iptables.add_rule("PANENTHE_BW", "-s %s" % ip, self.do_execute) # there might not be any IPs yet except (IndexError, KeyError): pass # save iptables rules error = iptables.save(self.do_execute, self.get_remote_distro()) return error
def usage_bandwidth(self): if not self.require("real_id"): return errors.throw(errors.BACKEND_INVALID_INPUT) # vps IP addresses ac = api.api_call("vm_get_info", { 'vps_id': self.vps_id }) ret = ac.execute() if ret != errors.ERR_SUCCESS: return ret result = ac.output() # check output try: self.ips = result[0]['ip'] # error with output except IndexError: return errors.throw(errors.BACKEND_ERR_UNKNOWN) # no IPs associated with it, so nothing to update except KeyError: return errors.throw(errors.ERR_SUCCESS) # get IP stats total_destination = 0 total_source = 0 for ip in self.ips: (exit_code,stdout,_) = self.do_execute( "%s -nvxL PANENTHE_BW | /usr/bin/env grep \"%s\" | " % ( glob.config.get("paths", "iptables"), ip ) + "/usr/bin/env sed -r \"s/[ ]+/ /g\"" ) for line in stdout: data = line.split(" ") # 2 is bytes, 7 is source IP, 8 is destination IP if data[7] == "0.0.0.0/0" and data[8] != "0.0.0.0/0": total_destination += int(data[2]) elif data[8] == "0.0.0.0/0" and data[7] != "0.0.0.0/0": total_source += int(data[2]) # update PHP (php_exit_code,_,_) = php.db_update( "vps_stats", "update_bandwidth", str(self.server['server_id']), str(self.vps_id), str(total_destination), str(total_source) ) # php exit code if php_exit_code != 0: return php_exit_codes.translate(php_exit_code) # set up iptables for the rules since PHP was updated successfully for ip in self.ips: # add #1 (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-d %s" % ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # add #2 (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-s %s" % ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) return errors.throw(errors.ERR_SUCCESS)