def main( rule , table, chain ):
# Enable on boot
data = ['#!/bin/sh' , \
'/sbin/iptables-restore < /etc/iptables.rules']
for value in data:
cow('/etc/network/if-pre-up.d/iptables', value)
command = rule.split(' ')
command.insert(0,'iptables')
command.insert(1,'-t')
command.insert(2, table)
# Apply rule
print('-----------------------------------')
print('RULE:')
print(command)
print('-----------------------------------')
for path in execute(command):
print(path, end='')
# Making the rules permanent
iptables_rules = open('/etc/iptables.rules', 'w')
p = subprocess.Popen(["iptables-save"], stdout=iptables_rules)
iptables_rules.close()
# Present updated chain on CLI
for path in execute([ 'iptables','-n','--line-numbers','-t', table, '-L', chain ]):
print(path, end='')
print('-----------------------------------')
def main():
# Restart the DNS server to apply the changes
for path in execute(["systemctl", "stop", "bind9"]):
print(path, end='')
for path in execute(["systemctl", "disable", "bind9"]):
print(path, end='')
def main(server1,server2,server3,max_cache_size):
max_cache_size = round(int(max_cache_size)*math.pow(10,6))
data = [ 'acl allowed {', \
'localhost;', \
'localnets;};', \
'options {', \
'directory "/var/cache/bind";', \
'recursion yes;', \
'allow-query {allowed;};', \
'forwarders {'+server1+';'+server2+';'+server3+';};', \
'max-cache-size '+str(max_cache_size)+';', \
'forward only;', \
'dnssec-enable yes;', \
'dnssec-validation yes;', \
'auth-nxdomain no;};' ]
file_dir = '/etc/bind/named.conf.options'
named = open( file_dir , 'w+' )
named.writelines('\n'.join(data))
named.close()
# Restart the DNS server to apply the changes
for path in execute(["systemctl","restart","bind9"]):
print(path , end = '')
for path in execute(["systemctl","enable","bind9"]):
print(path , end = '')
for path in execute(["named-checkconf"]):
print(path , end = '')
def main():
os.remove('/home/secrouter/eth_route/dns/parsed_cache.csv'
) # removing old cache list
# flush dns cache and reload the dns server
for path in execute(["rndc", "flush"]):
print(path, end='')
for path in execute(["rndc", "reload"]):
print(path, end='')
def main(interface, enable):
if enable == 'False':
for path in execute(["ip", 'l', 'set', interface, 'down']):
print(path, end="")
for path in execute(["ip", 'l', 'set', interface, 'up']):
print(path, end="")
else:
# request ip from the specified interface
for path in execute(["dhclient", '-4', '-v', interface]):
print(path, end="")
def main(interface, network, prefix, gateway):
networkprefix = network + "/" + prefix
# -------------------------- ip calculations -----------------------------
netmask = str(ipaddress.ip_network(networkprefix).netmask
) # makes the netmask calculation using the variable network
broadcast = str(ipaddress.ip_network(networkprefix).broadcast_address)
# -------------------------- --------------- -----------------------------
dhcp_dir = os.listdir('/etc/dhcpcd.d/')
for file in dhcp_dir:
if file == interface + '.conf.disabled':
os.rename('/etc/dhcpcd.d/' + interface + '.conf.disabled',
'/etc/dhcpcd.d/' + interface + '.conf')
# comment isc-dhcp-server
comment(interface, '/etc/default/isc-dhcp-server',
'INTERFACESv4=\"' + interface + '\"', False)
# comment dhcpcd to disable
commentary = 'include \"/etc/dhcpcd.d/' + interface + '.conf\";'
comment(interface, '/etc/dhcpcd.conf', commentary, False)
# Restart the dhcp server
for path in execute(['/etc/init.d/isc-dhcp-server', 'restart']):
print(path, end='')
def main(interface, network, prefix, gateway):
networkprefix = network + "/" + prefix
# -------------------------- ip calculations -----------------------------
netmask = str(ipaddress.ip_network(networkprefix).netmask)
broadcast = str(ipaddress.ip_network(networkprefix).broadcast_address)
# -------------------------- --------------- -----------------------------
dhcp_dir = os.listdir('/etc/dhcpcd.d')
for file in dhcp_dir:
if file == interface + '.conf':
os.rename('/etc/dhcpcd.d/' + interface + '.conf',
'/etc/dhcpcd.d/' + interface + '.conf.disabled')
# comment isc-dhcp-server
comment(interface, '/etc/default/isc-dhcp-server',
'INTERFACESv4=\"' + interface + '\"')
# comment dhcpcd to disable
comment(interface, '/etc/dhcpcd.conf',
'include \"/etc/dhcpcd.d/' + interface + '.conf' + '\";')
# Restart the server to apply the changes
for path in execute(['/etc/init.d/isc-dhcp-server', 'restart']):
print(path, end='')
def main():
for path in execute(["rndc", "dumpdb", "-cache"]):
print(path, end='')
parsed = open('/home/secrouter/eth_route/dns/parsed_cache.csv',
'w') # output file
with open('/var/cache/bind/named_dump.db',
'r') as dump: # file to be parsed
data = dump.readlines()
# regex notations
regex = '(^[^;]*$)'
regex2 = '(^[^$]*$)'
regex_ip = r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$'
regex_url = '(https?:\/\/)?([\da-zA-Z\.-]+)\.([a-zA-Z\.]{2,6})([\/\w\.-]*)*\/?'
# parsing
for line in data:
z = re.match(regex, line)
w = re.match(regex2, line)
if z and w:
parsed_data = z.group().strip().split()
for value in parsed_data:
u = re.match(regex_url, value)
i = re.match(regex_ip, value)
if u:
parsed_url = u.group().strip()
parsed.write(parsed_url)
if i:
parsed_ip = i.group().strip()
parsed.write(',' + parsed_ip + '\n')
parsed.close()
def main(enable,server1,server2):
# ENABLE
if enable == '0':
if server2 == '':
server2 = server1
data = [ '# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help',\
'driftfile /var/lib/ntp/ntp.drift', \
'# Enable this if you want statistics to be logged.', \
'#statsdir /var/log/ntpstats/', \
'statistics loopstats peerstats clockstats', \
'filegen loopstats file loopstats type day enable', \
'filegen peerstats file peerstats type day enable', \
'filegen clockstats file clockstats type day enable', \
'#Servers', \
'pool ' + server1, \
'pool ' + server2, \
'# By default, exchange time with everybody, but dont allow configuration.', \
'restrict -4 default kod notrap nomodify nopeer noquery limited', \
'# Local users may interrogate the ntp server more closely.', \
'restrict 127.0.0.1', \
'restrict ::1', \
' # Needed for adding pool entries', \
'restrict source notrap nomodify noquery' ]
file_dir = '/etc/ntp.conf'
named = open( file_dir , 'w+' )
named.writelines('\n'.join(data))
named.close()
# Restart the DNS server to apply the changes
for path in execute(["systemctl","restart","ntp"]):
print(path , end = '')
for path in execute(["systemctl","enable","ntp"]):
print(path , end = '')
for path in execute(["ntpq","-p"]):
print(path , end = '')
# DISABLE
else:
for path in execute(["systemctl","stop","ntp"]):
print(path , end = '')
for path in execute(["systemctl","disable","ntp"]):
print(path , end = '')
def main(interface, release):
# remove dhclient.leases
if release == False:
print(release)
dhcp_dir = os.listdir('/var/lib/dhcp')
for files in dhcp_dir:
# check if the file exist in the directory and erase it
if files == '/var/lib/dhcp/dhclient.leases':
print('the file exists')
os.remove('/var/lib/dhcp/dhclient.leases')
# release ip from the specified interface
for path in execute(["dhclient", '-4', '-v', interface]):
print(path, end="")
else:
print(release)
# renew ip from the specified interface
for path in execute(["dhclient", '-4', '-v', '-r', interface]):
print(path, end="")
def main(filename):
# Enable on boot
data = ['#!/bin/sh' , \
'/sbin/iptables-restore < /etc/iptables.rules']
for value in data:
cow('/etc/network/if-pre-up.d/iptables', value)
# Flusing old rules
for path in execute(["iptables", '-t', 'filter', '-F']):
print(path, end="")
for path in execute(["iptables", '-t', 'nat', '-F']):
print(path, end="")
shutil.copy2('/home/secrouter/tmp/' + filename, '/etc/iptables.rules')
for path in execute(["sh", '/etc/network/if-pre-up.d/iptables']):
print(path, end="")
# Retrieving new rules from uploaded file
#iptables_rules = open('/home/secrouter/tmp/' + filename, 'r')
#for line in iptables_rules:
# print(line)
#p = subprocess.Popen(["iptables-restore"], stdin=iptables_rules)
#p = subprocess.Popen(["iptables-restore"])
#p.stdin.readline(iptables_rules)
#p.stdin.close()
# Updating chains
#iptables_rules.close()
print('-------------FIREWALL--------------')
print('-----------------------------------')
print('NEW FILTER RULES:')
for path in execute(["iptables", '-v', '-L', '-t', 'filter']):
print(path, end="")
print('-----------------------------------')
print('NEW NAT RULES:')
for path in execute(["iptables", '-v', '-L', '-t', 'nat']):
print(path, end="")
print('-----------------------------------')
def main(interface, hostname, ip, mac):
checkfile = 'include \"/etc/dhcpcd.d/static.leases.' + interface + '\";'
cow('/etc/dhcpcd.conf', checkfile)
static_leases = open('/etc/dhcpcd.d/static.leases.' + interface, 'a')
data = [ 'host ' + hostname + '{' \
,'hardware ethernet ' + mac + ';' \
, 'fixed-address ' + ip + ';' \
, '}\n' ]
static_leases.writelines('\n'.join(data))
# Restart the dhcp server
for path in execute(['/etc/init.d/isc-dhcp-server', 'restart']):
print(path, end='')
def main(interface, network, prefix, gateway, Pool_Range_Start,
Pool_Range_Stop, DNS_Server_1, DNS_Server_2, lease_time, Add_ARP):
# transitive variable
Pool_Range = []
Pool_Range.append(Pool_Range_Start)
Pool_Range.append(Pool_Range_Stop)
DNS_Server = []
DNS_Server.append(DNS_Server_1)
DNS_Server.append(DNS_Server_2)
networkprefix = network + '/' + prefix
# -------------------------- ip calculations -----------------------------
netmask = str(ipaddress.ip_network(networkprefix).netmask)
broadcast = str(ipaddress.ip_network(networkprefix).broadcast_address)
#------------------ writing on /etc/default/isc-dhcp-server -------------------------
cow('/etc/default/isc-dhcp-server', 'INTERFACESv4=\"' + interface + '\"')
# -------------------------- writing on /etc/dhcpcp.conf-----------------------------
cow('/etc/dhcpcd.conf',
'include \"/etc/dhcpcd.d/' + interface + '.conf\"' + ';')
# ------------- checking and overwriting /etc/dhcpcd.d/ínterface.conf ----------
dhcp_dir = os.listdir('/etc/dhcpcd.d/')
for files in dhcp_dir:
if files == interface + '.conf': # check if the file exist in the directory and erase it
print('/etc/dhcpcp.d/' + interface + '.conf exists')
os.remove('/etc/dhcpcd.d/' + interface + '.conf')
if files == interface + '.conf.disabled': # check if the file exist in the directory and erase it
print('/etc/dhcpcp.d/' + interface + '.conf.disabled exists')
os.remove('/etc/dhcpcd.d/' + interface + '.conf.disabled')
static_lease_dir = os.listdir('/etc/dhcpcd.d/')
for files in static_lease_dir:
if files == 'static.leases.' + interface:
os.remove('/etc/dhcpcd.d/static.leases.' + interface)
# ------------- writing the configuration file -------------
dhcpd = open('/etc/dhcpcd.d/' + interface + '.conf', 'a')
conf = [ 'subnet ' + network + ' netmask ' + netmask + ' ' + '{', \
#'interface ' + interface + ';', \
'authoritative;', \
'range ' + Pool_Range[0] + ' ' + Pool_Range[1] + ';', \
'option routers ' + gateway + ';', \
'option subnet-mask ' + netmask + ';', \
'option broadcast-address ' + broadcast + ';', \
'option domain-name-servers ' + DNS_Server[0] + ',' + DNS_Server[1] + ';', \
'max-lease-time ' + str(lease_time) + ';', \
'} ' ]
if Add_ARP == False:
conf.pop(2)
conf.insert(2, '#authoritative;')
dhcpd.writelines('\n'.join(conf))
dhcpd.close()
# Restart the dhcp server to apply the changes
for path in execute(["systemctl", "restart", "isc-dhcp-server"]):
print(path, end='')
def main(enable,conf_type,int_bridge,stp_mode,bridge_name,network,prefix,ip,gw):
if network=='':
print('manual/dhcp type')
else:
# -------------------------- ip calculations -----------------------------
networkprefix = network+'/'+prefix
netmask = str(ipaddress.ip_network(networkprefix).netmask)
broadcast = str(ipaddress.ip_network(networkprefix).broadcast_address)
file_dir = '/etc/network/bridge.d/'
file_int = '/etc/network/bridge.d/'+bridge_name
# ----------- removing white lines -------------
rwl('/etc/network/bridge.d/',bridge_name)
# ------------------------- configuration --------------------------------
if enable=='1': # Enable the bridge
if conf_type=='1': # conf_type == manual
# ---------------------------------------
data = [ 'auto ' + bridge_name, \
'iface ' + bridge_name + ' inet manual', \
'pre-up ifconfig $IFACE up', \
'post-down ifconfig $IFACE down', \
'bridge_ports '+ int_bridge, \
'bridge_stp ' + stp_mode ]
open(file_int, 'a').close()
for value in data:
cow(file_int,value)
if conf_type=='2': # conf_type == static
# ---------------------------------------
data = [ 'auto ' + bridge_name, \
'iface ' + bridge_name + ' inet static', \
'address ' + ip, \
'netmask ' + netmask, \
'gateway ' + gw, \
'bridge_ports '+ int_bridge, \
'bridge_stp ' + stp_mode ]
open(file_int, 'a').close()
for value in data:
cow(file_int,value)
if conf_type=='3': # conf_type == dhcp
# ---------------------------------------
data = [ 'auto ' + bridge_name, \
'iface ' + bridge_name + ' inet dhcp', \
'bridge_ports '+ int_bridge, \
'bridge_stp ' + stp_mode ]
open(file_int, 'a').close()
for value in data:
cow(file_int,value)
for path in execute(['ip','link','add','name',bridge_name, 'type', 'bridge']):
print(path,end=' ')
for path in execute(['ip','link','set',int_bridge, 'master',bridge_name]):
print(path,end=' ')
for path in execute(['ifquery','-a']):
print(path, end='')
for path in execute(['ip','link','set','dev',bridge_name,'down']):
print(path, end='')
for path in execute(['ip','link','set','dev',bridge_name,'up']):
print(path, end='')
else: # Disable the bridge
if conf_type=='1': # conf_type == manual
# ---------------------------------------
data = [ 'auto ' + bridge_name, \
'iface ' + bridge_name + ' inet manual', \
'pre-up ifconfig $IFACE up', \
'post-down ifconfig $IFACE down', \
'bridge_ports '+ int_bridge, \
'bridge_stp ' + stp_mode ]
open(file_int, 'a').close()
for value in data:
cor(file_int,value,'')
if conf_type=='2': # conf_type == static
# ---------------------------------------
data = [ 'auto ' + bridge_name, \
'iface ' + bridge_name + ' inet static', \
'address ' + ip, \
'netmask ' + netmask, \
'gateway ' + gw, \
'bridge_ports '+ int_bridge, \
'bridge_stp ' + stp_mode ]
open(file_int, 'a').close()
for value in data:
cor(file_int,value,'')
if conf_type=='3': # conf_type == dhcp
# ---------------------------------------
data = [ 'auto ' + bridge_name, \
'iface ' + bridge_name + ' inet dhcp', \
'bridge_ports '+ int_bridge, \
'bridge_stp ' + stp_mode ]
open(file_int, 'a').close()
for value in data:
cor(file_int,value,'')
for path in execute(['ip','link','delete',bridge_name,'type','bridge']):
print(path,end=' ')
for path in execute(['ifquery','-a']):
print(path, end='')
for interface in int_bridge.split(' '):
for path in execute(['ip','link','set','dev',interface,'down']):
print(path, end='')
for path in execute(['ip','link','set','dev',interface,'up']):
print(path, end='')
def main(enable,conf_type,vlan_raw_device,vlan_id,mtu,network,prefix,ip,gw):
file_dir = '/etc/network/vlan.d/'
file_int = '/etc/network/vlan.d/'+'vlan'+vlan_id
if network=='':
print('manual/dhcp type')
else:
# -------------------------- ip calculations -----------------------------
networkprefix = network+'/'+prefix
netmask = str(ipaddress.ip_network(networkprefix).netmask)
broadcast = str(ipaddress.ip_network(networkprefix).broadcast_address)
# ----------- removing white lines -------------
rwl('/etc/network/vlan.d/','vlan'+vlan_id)
# ------------------------- configuration --------------------------------
if enable=='1': # Enable the vlan
if conf_type=='1': # conf_type == manual
# ---------------------------------------
data = [ 'auto ' + vlan_raw_device+'.'+vlan_id, \
'iface ' + vlan_raw_device+'.'+vlan_id + ' inet manual', \
'pre-up ifconfig $IFACE up', \
'post-down ifconfig $IFACE down', \
'vlan-raw-device '+ vlan_raw_device, ]
open(file_int, 'a').close()
for value in data:
cow(file_int,value)
if conf_type=='2': # conf_type == static
# ---------------------------------------
data = [ 'auto ' + vlan_raw_device+'.'+vlan_id, \
'iface ' + vlan_raw_device+'.'+vlan_id + ' inet static', \
'address ' + ip, \
'netmask ' + netmask, \
'gateway ' + gw ]
open(file_int, 'a').close()
for value in data:
cow(file_int,value)
if conf_type=='3': # conf_type == dhcp
# ---------------------------------------
data = [ 'auto ' + vlan_raw_device+'.'+vlan_id, \
'iface ' + vlan_raw_device+'.'+vlan_id + ' inet dhcp' ]
open(file_int, 'a').close()
for value in data:
cow(file_int,value)
for path in execute(['ip','link','add','link',vlan_raw_device,'name',vlan_raw_device+'.'+vlan_id , 'type', 'vlan','id',vlan_id]):
print(path,end=' ')
for path in execute(['ifquery','-a']):
print(path, end='')
for path in execute(['ip','link','set','dev',vlan_raw_device+'.'+vlan_id,'down']):
print(path, end='')
for path in execute(['ip','link','set','dev',vlan_raw_device+'.'+vlan_id,'up']):
print(path, end='')
else: # Disable the vlan
if conf_type=='1': # conf_type == manual
# ---------------------------------------
data = [ 'auto ' + vlan_raw_device+'.'+vlan_id, \
'iface ' + vlan_raw_device+'.'+vlan_id + ' inet manual', \
'pre-up ifconfig $IFACE up', \
'post-down ifconfig $IFACE down', \
'vlan-raw-device '+ vlan_raw_device, ]
open(file_int, 'a').close()
for value in data:
cor(file_int,value,'')
if conf_type=='2': # conf_type == static
# ---------------------------------------
data = [ 'auto ' + vlan_raw_device+'.'+vlan_id, \
'iface ' + vlan_raw_device+'.'+vlan_id + ' inet static', \
'address ' + ip, \
'netmask ' + netmask, \
'gateway ' + gw ]
open(file_int, 'a').close()
for value in data:
cor(file_int,value,'')
if conf_type=='3': # conf_type == dhcp
# ---------------------------------------
data = [ 'auto ' + vlan_raw_device+'.'+vlan_id, \
'iface ' + vlan_raw_device+'.'+vlan_id + ' inet dhcp' ]
open(file_int, 'a').close()
for value in data:
cor(file_int,value,'')
for path in execute(['ip','link','delete',vlan_raw_device+'.'+vlan_id]):
print(path,end=' ')
for path in execute(['ifquery','-a']):
print(path, end='')
for path in execute(['ip','link','set','dev',vlan_raw_device,'down']):
print(path, end='')
for path in execute(['ip','link','set','dev',vlan_raw_device,'up']):
print(path, end='')
def main(bor, filename):
# BACKUP
secrouter_backup_dir = '/home/secrouter/backup' # backup root directory
backup_dir = '/home/secrouter/backup/' + filename # backup directory
backup_dir_dhcp = backup_dir + '/dhcp' # dhcp directory
backup_dir_ethroute = backup_dir + '/ethroute' # ethernet and routing directory
if bor == '0':
# 1. create the file name directory with the hierarchy
os.mkdir(backup_dir)
# dhcp directory creation
os.mkdir(backup_dir_dhcp)
os.mkdir(backup_dir_dhcp + '/dhcpcd.d')
# ethernet and routing directory
os.mkdir(backup_dir_ethroute)
os.mkdir(backup_dir_ethroute + '/interfaces.d')
os.mkdir(backup_dir_ethroute + '/vlan.d')
os.mkdir(backup_dir_ethroute + '/bridge.d')
os.mkdir(backup_dir_ethroute + '/arp.d')
# 2. Copy all the configurations files inside the file name directory.
# DHCP
if os.path.isfile('/etc/dhcpcd.conf'):
shutil.copy2('/etc/dhcpcd.conf', backup_dir_dhcp)
if os.path.isfile('/etc/default/isc-dhcp-server'):
shutil.copy2('/etc/default/isc-dhcp-server', backup_dir_dhcp)
dhcpcd_d = os.listdir('/etc/dhcpcd.d')
if dhcpcd_d != []:
for value in dhcpcd_d:
if os.path.isfile('/etc/dhcpcd.d/' + value):
shutil.copy2('/etc/dhcpcd.d/' + value,
backup_dir_dhcp + '/dhcpcd.d')
# Ethernet & Routing
if os.path.isfile('/etc/network/secrouter.conf'):
shutil.copy2('/etc/network/secrouter.conf', backup_dir_ethroute)
if os.path.isfile('/etc/bind/named.conf.options'):
shutil.copy2('/etc/bind/named.conf.options', backup_dir_ethroute)
eth_multi_files = ['/interfaces.d', \
'/vlan.d', \
'/bridge.d', \
'/arp.d' ]
for files in eth_multi_files:
this = os.listdir('/etc/network' + files)
if this != []:
for value in this:
shutil.copy2('/etc/network' + files + '/' + value,
backup_dir_ethroute + files)
# Firewall
if os.path.isfile('/etc/iptables.rules'):
shutil.copy2('/etc/iptables.rules', backup_dir)
# Compressing ../backup/filename
backup = secrouter_backup_dir + '/' + filename + '.tar.gz'
for path in execute(
['tar', '-czvf', backup, '-C', secrouter_backup_dir, filename]):
print(path, end='')
# Erasing transitive directory
shutil.rmtree('/home/secrouter/backup/' + filename)
# RESTORE
else:
# 1. Descompress the backup file from the backup directory
backup_compressed = secrouter_backup_dir + '/' + filename + '.tar.gz'
for path in execute([
'tar', '-xzvf', backup_compressed, '-C',
'/home/secrouter/backup'
]):
print(path, end='')
# 2. delete old configuration files
if os.path.isfile('/etc/dhcpcd.conf'):
os.remove('/etc/dhcpcd.conf')
if os.path.isfile('/etc/default/isc-dhcp-server'):
os.remove('/etc/default/isc-dhcp-server')
dhcpcd_d = os.listdir('/etc/dhcpcd.d')
if dhcpcd_d != []:
for value in dhcpcd_d:
os.remove('/etc/dhcpcd.d/' + value)
if os.path.isfile('/etc/network/secrouter.conf'):
os.remove('/etc/network/secrouter.conf')
if os.path.isfile('/etc/bind/named.conf.options'):
os.remove('/etc/bind/named.conf.options')
eth_multi_files = ['/interfaces.d', \
'/vlan.d', \
'/bridge.d', \
'/arp.d' ]
for files in eth_multi_files:
this = os.listdir('/etc/network' + files)
if this != []:
for value in this:
os.remove('/etc/network' + files + '/' + value)
if os.path.isfile('/etc/iptables.rules'):
os.remove('/etc/iptables.rules')
print('--- *** ---')
print('--- Deleted old configuration files ---')
# 3. Copy the backup files from the filename to the system
shutil.copy2(
'/home/secrouter/backup/' + filename + '/dhcp/dhcpcd.conf', '/etc')
shutil.copy2(
'/home/secrouter/backup/' + filename + '/dhcp/isc-dhcp-server',
'/etc/default')
dhcpcd_d = os.listdir('/home/secrouter/backup/' + filename +
'/dhcp/dhcpcd.d')
for value in dhcpcd_d:
if os.path.isfile(backup_dir_dhcp + '/dhcpcd.d/' + value):
shutil.copy2(backup_dir_dhcp + '/dhcpcd.d/' + value,
'/etc/dhcpcd.d')
# Ethernet & Routing
shutil.copy2(
'/home/secrouter/backup/' + filename + '/ethroute/secrouter.conf',
'/etc/network')
shutil.copy2(
'/home/secrouter/backup/' + filename +
'/ethroute/named.conf.options', '/etc/bind')
eth_multi_files = ['/interfaces.d', \
'/vlan.d', \
'/bridge.d', \
'/arp.d' ]
for files in eth_multi_files:
this = os.listdir('/home/secrouter/backup/' + filename +
'/ethroute/' + files)
if this != []:
for value in this:
shutil.copy2(
'/home/secrouter/backup/' + filename + '/ethroute/' +
files + '/' + value, '/etc/network' + files)
# Firewall
shutil.copy2('/home/secrouter/backup/' + filename + '/iptables.rules',
'/etc')
print('--- *** ---')
print('--- copied new configuration files ---')
# 4. delete the uncompressed files from the backup directory
shutil.rmtree('/home/secrouter/backup/' + filename)
# 5. Restart The services
# Restart Networking
# for path in execute(['systemctl','restart','networking']):
# print(path, end='')
# print('-----------------------------------')
# print('NEW ETHERNET & ROUTING CONFIGURATION:')
# for path in execute(['ifquery','-a']):
# print(path, end='')
# print('-----------------------------------')
# Restart Firewall
for path in execute(['sh', '/etc/network/if-pre-up.d/iptables']):
print(path, end="")
print('-----------------------------------')
print('NEW FILTER RULES:')
for path in execute(["iptables", '-v', '-L', '-t', 'filter']):
print(path, end="")
print('-----------------------------------')
print('NEW NAT RULES:')
for path in execute(["iptables", '-v', '-L', '-t', 'nat']):
print(path, end="")
print('-----------------------------------')
print('RESTARTING THE SYSTEM TO APPLY CHANGES')
# Restart DHCP
# print('-----------------------------------')
# print('RESTARTING DHCP SERVER:')
# for path in execute(["systemctl","restart","isc-dhcp-server"]):
# print(path , end = '')
# print('-----------------------------------')
for path in execute(['reboot']):
print(path, end="")
def main(enable, conf_type, interface, network, prefix, ip, gw):
file_dir = '/etc/network/interfaces.d/'
file_int = '/etc/network/interfaces.d/' + interface
if network == '':
print('manual/dhcp type')
else:
# -------------------------- ip calculations -----------------------------
networkprefix = network + '/' + prefix
netmask = str(ipaddress.ip_network(networkprefix).netmask)
broadcast = str(ipaddress.ip_network(networkprefix).broadcast_address)
# ----------- removing white lines -------------
rwl('/etc/network/interfaces.d/', interface)
# ------------------------- configuration --------------------------------
if enable == '1': # Enable the interface
if conf_type == '1': # conf_type == manual
# ---------------------------------------
data = [ 'auto ' + interface, \
'iface ' + interface + ' inet manual', \
'pre-up ifconfig $IFACE up', \
'post-down ifconfig $IFACE down' ]
open(file_int, 'a').close()
for value in data:
cow(file_int, value)
if conf_type == '2': # conf_type == static
# ---------------------------------------
data = [ 'auto ' + interface, \
'iface ' + interface + ' inet static', \
'address ' + ip, \
'netmask ' + netmask, \
'gateway ' + gw ]
open(file_int, 'a').close()
for value in data:
cow(file_int, value)
if conf_type == '3': # conf_type == dhcp
# ---------------------------------------
data = [ 'auto ' + interface, \
'allow-hotplug ' + interface, \
'iface ' + interface + ' inet dhcp', ]
open(file_int, 'a').close()
for value in data:
cow(file_int, value)
for path in execute(['ifquery', '-a']):
print(path, end='')
#for path in execute(['systemctl','restart','networking']):
# print(path, end='')
for path in execute(['ip', 'link', 'set', 'dev', interface, 'down']):
print(path, end='')
for path in execute(['ip', 'link', 'set', 'dev', interface, 'up']):
print(path, end='')
else: # Disable the interface
if conf_type == '1': # conf_type == manual
# ---------------------------------------
data = [ 'auto ' + interface, \
'iface ' + interface + ' inet manual', \
'pre-up ifconfig $IFACE up', \
'post-down ifconfig $IFACE down' ]
open(file_int, 'a').close()
for value in data:
cor(file_int, value, '')
if conf_type == '2': # conf_type == static
# ---------------------------------------
data = [ 'auto ' + interface, \
'iface ' + interface + ' inet static', \
'address ' + ip, \
'netmask ' + netmask, \
'gateway ' + gw ]
open(file_int, 'a').close()
for value in data:
cor(file_int, value, '')
if conf_type == '3': # conf_type == dhcp
# ---------------------------------------
data = [ 'auto ' + interface, \
'allow-hotplug ' + interface, \
'iface ' + interface + ' inet dhcp', ]
open(file_int, 'a').close()
for value in data:
cor(file_int, value, '')
for path in execute(['ifquery', '-a']):
print(path, end='')
def main(enable, conf_type, interface, dst_network, prefix, gw):
print(" ### Starting configuration ### ")
# -------------------------- ip calculations -----------------------------
networkprefix = dst_network + '/' + prefix
netmask = str(ipaddress.ip_network(networkprefix).netmask)
broadcast = str(ipaddress.ip_network(networkprefix).broadcast_address)
# ip route add [dst_network]+/+[prefix] via [gw] dev [interface]
# ----------- remove white lines -------------
rwl('/etc/network/interfaces.d/', interface)
# ------------------------- configuration --------------------------------
if enable == '1': # Enable the route
if conf_type == '1': # conf_type == phy
# ---------------------------------------
file_int = '/etc/network/interfaces.d/' + interface
# data = [ 'up route add -net '+ dst_network +' netmask ' + netmask +' gw ' + gw, \
# 'down route del -net ' + dst_network +' netmask '+ netmask + ' gw ' + gw ]
data = [ 'post-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface, \
'pre-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface ]
open(file_int, 'a').close()
for value in data:
cow(file_int, value)
if conf_type == '2': # conf_type == vlan
# ---------------------------------------
file_int = '/etc/network/vlan.d/' + interface
# data = [ 'up route add -net '+ dst_network +' netmask ' + netmask +' gw ' + gw, \
# 'down route del -net ' + dst_network +' netmask '+ netmask + ' gw ' + gw ]
data = [ 'post-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface, \
'pre-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface ]
open(file_int, 'a').close()
for value in data:
cow(file_int, value)
if conf_type == '3': # conf_type == bridge
# ---------------------------------------
file_int = '/etc/network/bridge.d/' + interface
# data = [ 'up route add -net '+ dst_network +' netmask ' + netmask +' gw ' + gw, \
# 'down route del -net ' + dst_network +' netmask '+ netmask + ' gw ' + gw ]
data = [ 'post-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface, \
'pre-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface ]
open(file_int, 'a').close()
for value in data:
cow(file_int, value)
print(" ### Actual configuration ### ")
for path in execute([
'ip', 'route', 'add', dst_network + '/' + prefix, 'via', gw,
'dev', interface
]):
print(path, end='')
for path in execute(['ifquery', '-a']):
print(path, end='')
else: # Disable the route
if conf_type == '1': # conf_type == phy
# ---------------------------------------
file_int = '/etc/network/interfaces.d/' + interface
data = [ 'post-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface, \
'pre-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface ]
open(file_int, 'a').close()
for value in data:
cor(file_int, value, '')
if conf_type == '2': # conf_type == vlan
# ---------------------------------------
file_int = '/etc/network/vlan.d/' + interface
data = [ 'post-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface, \
'pre-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface ]
open(file_int, 'a').close()
for value in data:
cor(file_int, value, '')
if conf_type == '3': # conf_type == bridge
# ---------------------------------------
file_int = '/etc/network/bridge.d/' + interface
data = [ 'post-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface, \
'pre-up ip route add '+ dst_network+'/'+prefix+ ' via ' + gw +' dev ' + interface ]
open(file_int, 'a').close()
for value in data:
cor(file_int, value, '')
print(" ### Actual configuration ### ")
for path in execute(
['ip', 'route', 'delete', dst_network + '/' + prefix]):
print(path, end='')
for path in execute(['ifquery', '-a']):
print(path, end='')