def genbworgsql(orgid,viewname,shid): # debug #print "executing white list domainsql" # Make sure there is no existing lists before going to the trouble of creating the SQL, additional views # will use the same white and black lists. This could change in a later release bwresult = inputOrgId(orgid) # needed to get the status, using length of list to avoid global vars if bwresult[0]: print "\nWarning\nThat org id appears to have white and black lists already," print "if this is an additional view for the same organiation this message can be ignored" return # values for SQL statements defwhitedom = viewname + "-white.local" defwhitehost = "ignore." + defwhitedom defblackdom = viewname + "-black.local" defblackhost = "confirm." + defblackdom defdesc = "Default entry created on setup, not expected to be used" dstamp = date.isoformat(datetime.now()) defip = str(iptoint_dm.dotQuadtoInt('198.51.100.187')) deftype = 'A' # # Whitelist domain sqlstr = "INSERT into whitelist_domain (org_id,wl_domain,wld_desc,wld_date) VALUES ('" + str(orgid) +"','" + defwhitedom +"','" + defdesc +"','" + dstamp +"');" #print sqlstr wldresult=menudbinsert_dm.dbinsert(sqlstr) if wldresult == 1: print "Default white list domain table entry for this organization created successfully" else: print "You may need to manually check the whitelist_domain table" # Whitelist host sqlstr = "INSERT into whitelist_host (org_id,wlh_type,wl_host,wlh_ip,wlh_desc,wlh_date) VALUES ('"\ + str(orgid) + "','" + deftype + "','" + defwhitehost + "','" + defip + "','" + defdesc +"','" + dstamp +"');" #print sqlstr wldresult=menudbinsert_dm.dbinsert(sqlstr) if wldresult == 1: print "Default white list host table entry for this organization created successfully" else: print "You may need to manually check the whitelist_host table" # Blacklist domain sqlstr = "INSERT into blacklist_domain (org_id,bl_domain,bld_sinkhole,bld_desc,bld_date) VALUES ('" \ + str(orgid) +"','" + defblackdom + "','" + str(shid) + "','" + defdesc +"','" + dstamp +"');" #print sqlstr wldresult=menudbinsert_dm.dbinsert(sqlstr) if wldresult == 1: print "Default black list domain table entry for this organization created successfully" else: print "You may need to manually check the blacklist_domain table" # Blacklist host sqlstr = "INSERT into blacklist_host (org_id,blh_type,bl_host,blh_ip,blh_sinkhole,blh_desc,blh_date) VALUES ('"\ + str(orgid) + "','" + deftype + "','" + defblackhost + "','" + defip + "','" + str(shid) + "','" + defdesc +"','" + dstamp +"');" #print sqlstr wldresult=menudbinsert_dm.dbinsert(sqlstr) if wldresult == 1: print "Default black list host table entry for this organization created successfully" else: print "You may need to manually check the blacklist_host table" return wldresult
def doView(mwlist): #print "do menu view" #for val in mwlist: # print val # create a dictionary to collect all the results to generate SQL inserts or update viewDict = dict() # insert org id into dictionary viewDict['org_id'] = mwlist[2] if mwlist[1] != 'update': # start the menu to gather view details viewmenuactive=True while viewmenuactive: getviewname = True print "\nYou are about to provide the data needed for a new Bind View and related zone files." print "\nThe view must be a unique name within the system," print "it must also be a single word with no spaces, letters, dashes, underscores and digits ok" while getviewname: uvinput = raw_input("Enter view name: ") uvinput = uvinput.strip().lower() vresult = inputView(uvinput) # needed to get the status, using length of list to avoid global vars if not vresult[0]: viewDict['view_name'] = vresult[1] getviewname = False getmonip = True while getmonip: print "\nIdeally you want to direct suspicious traffic to a server you control, AKA, sinkhole" uvlinput = raw_input("What is the internal IP for the monitoring application? ( dotted quad): ") uvlinput = iptoint_dm.dotQuadtoInt(uvlinput) if uvlinput > 10: viewDict['sh_ip'] = uvlinput getmonip = False else: print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again" print"\nProvide a short description of this sink hole, EG, .net app running in Calgary office" getmondesc = True while getmondesc: uvlinput = raw_input("Description: ") uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1') #print uvlinput if uvlinput == 'invalid_format': continue else: viewDict['sh_desc'] = uvlinput getmondesc = False getviewip = True viewClientIPList=[] print "\nDefine the source IP(s)/ subnets for the recursive clients using this view( dotted quad or cidr): " while getviewip: addrtype= raw_input("Is this a single IP or subnet (ip|cidr)? ") addrtype = addrtype.strip().lower() if addrtype == 'ip': uvsinput = raw_input("What is the source IP for the recursive clients?( dotted quad): ") uvsinput = inputSani_dm.inputSanitizer(uvsinput,'ip') if uvsinput == 'invalid_format': print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again" continue else: uvsinput = raw_input("What is the source subnet for the recursive clients?( cidr notation): ") uvsinput = inputSani_dm.inputSanitizer(uvsinput,'cidr') if uvsinput == 'invalid_format': print "hmm, looks like that wasn't cidr notation, EG 172.16.28.0/26, please enter again" continue viewClientIPList.append(uvsinput) nextIP = raw_input("\nDo you need to add another IP address (yes|no)?") nextIP = nextIP.strip().lower() if nextIP == 'no': getviewip = False # build IPs and cidr into a CSV string to be used with views rcsvclients = ",".join(map(str,viewClientIPList)) viewDict['view_src_acl_ips'] = rcsvclients # build into an ACL data structure later on getviewdesc = True print"\nProvide a short description of what's behind these IP addresses, EG, Eastern office or Engineering dept" while getviewdesc: uvlinput = raw_input("Description: ") uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1') #print uvlinput if uvlinput == 'invalid_format': continue else: viewDict['view_desc'] = uvlinput getviewdesc = False print "\n please standby, generating a view specific domain for RPZ usage." dompart = genRandomString_dm.genString(7) hostpart = genRandomString_dm.genString(6) shfqdn = hostpart + '.' + dompart + '.local' print "\n created this virtually unguessable FQDN just for this view: " + shfqdn viewDict['sh_fqdn'] = shfqdn # generate the list to be fed to db-insert_sinkholedata sinkholesql = insertsinkholedata_dm.parsemenudict(viewDict) #print sinkholesql shresult=menudbinsert_dm.dbinsert(sinkholesql) #print shresult if shresult == 1: print "sinkhole table entry created successfully" # grab teh sinkhole id to dump into the view table shselect = ['sinkhole_id','view_sinkholes','sh_fqdn',shfqdn] thisresultlist = menudbselect_dm.dbRecordSelect(shselect) if len(thisresultlist) == 1: viewDict['def_sh_id'] = thisresultlist[0] else: print "failed to retrieve sinkhole ID, you should probably exit and debug this" else: print "You may need to manually check the view_sinkholes table" #generate tsig_key meta data, ( this is static even if the keys are updated oid = viewDict['org_id'] vname = viewDict['view_name'] tsigid = genTsigData_dm.gentsigsql(oid,vname) newtsigid = tsigid[0] viewDict['tsig_id'] = newtsigid # debug dictionary contents #for key,val in viewDict.iteritems(): # print key, '-->', viewDict[key] # generate the list from dictinary values and push data viewsqlinsert=[viewDict['org_id'],viewDict['view_name'],viewDict['def_sh_id'],viewDict['view_src_acl_ips'],viewDict['view_desc'],viewDict['tsig_id']] # debug (org_id,view_name,def_sh_id,view_src_acl_ips,view_desc,tsig_id) #for val in viewsqlinsert: # print val thisviewid = insertviewdata_dm.genviewgsql(viewsqlinsert) newviewid = thisviewid[0] if len(thisviewid) == 1: print "\nProgress report: \nCreation of view " + viewDict['view_name'] + " confirmed successful, please generate an view file for this organization now, menu/genorgview\n" # generate black and white list entries since there is a now a view for the org print "\nStand by, just making a few internal database updates" shid = viewDict['def_sh_id'] wlcreate = genDefListData_dm.genbworgsql(oid,vname,shid) if wlcreate == 1: print "All black list and white list default records were successfully initialized" # exit do view menu viewmenuactive=False return