def GetLocalIp(self): # 取本地外网IP try: filename = '/www/server/panel/data/iplist.txt' ipaddress = public.readFile(filename) if not ipaddress: try: import urllib2 except: import urllib as urllib2 urllib2 = urllib2.request url = 'http://pv.sohu.com/cityjson?ie=utf-8' opener = urllib2.urlopen(url) m_str = opener.read() if isinstance(m_str, bytes): ipaddress = re.search('\d+.\d+.\d+.\d+', m_str.decode('utf-8')).group(0) else: ipaddress = re.search('\d+.\d+.\d+.\d+', m_str).group(0) public.WriteFile(filename, ipaddress) c_ip = public.check_ip(ipaddress) if not c_ip: a, e = public.ExecShell("curl ifconfig.me") return a return ipaddress except: try: url = public.GetConfigValue('home') + '/Api/getIpAddress' return public.HttpGet(url) except: return public.GetHost()
def AddDropAddress(self, get): import time import re ip_format = get.port.split('/')[0] if not public.check_ip(ip_format): return public.returnMsg(False, 'FIREWALL_IP_FORMAT') if ip_format in ['0.0.0.0', '127.0.0.0', "::1"]: return public.returnMsg(False, '请不要花样作死!') address = get.port if public.M('firewall').where("port=?", (address, )).count() > 0: return public.returnMsg(False, 'FIREWALL_IP_EXISTS') if self.__isUfw: public.ExecShell('ufw insert 1 deny from ' + address + ' to any') else: if self.__isFirewalld: #self.__Obj.AddDropAddress(address) if public.is_ipv6(ip_format): public.ExecShell( 'firewall-cmd --permanent --add-rich-rule=\'rule family=ipv6 source address="' + address + '" drop\'') else: public.ExecShell( 'firewall-cmd --permanent --add-rich-rule=\'rule family=ipv4 source address="' + address + '" drop\'') else: if public.is_ipv6(ip_format): return public.returnMsg(False, 'FIREWALL_IP_FORMAT') public.ExecShell('iptables -I INPUT -s ' + address + ' -j DROP') public.WriteLog("TYPE_FIREWALL", 'FIREWALL_DROP_IP', (address, )) addtime = time.strftime('%Y-%m-%d %X', time.localtime()) public.M('firewall').add('port,ps,addtime', (address, get.ps, addtime)) self.FirewallReload() return public.returnMsg(True, 'ADD_SUCCESS')
def AddDropAddress(self, get): import time import re rep = "^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(\/\d{1,2})?$" if not re.search(rep, get.port): return public.returnMsg(False, 'FIREWALL_IP_FORMAT') if not public.check_ip(get.port.split('/')[0]): return public.returnMsg(False, 'FIREWALL_IP_FORMAT') address = get.port if public.M('firewall').where("port=?", (address, )).count() > 0: return public.returnMsg(False, 'FIREWALL_IP_EXISTS') if self.__isUfw: public.ExecShell('ufw deny from ' + address + ' to any') else: if self.__isFirewalld: #self.__Obj.AddDropAddress(address) public.ExecShell( 'firewall-cmd --permanent --add-rich-rule=\'rule family=ipv4 source address="' + address + '" drop\'') else: public.ExecShell('iptables -I INPUT -s ' + address + ' -j DROP') public.WriteLog("TYPE_FIREWALL", 'FIREWALL_DROP_IP', (address, )) addtime = time.strftime('%Y-%m-%d %X', time.localtime()) public.M('firewall').add('port,ps,addtime', (address, get.ps, addtime)) self.FirewallReload() return public.returnMsg(True, 'ADD_SUCCESS')