def _set_hardware(data, hw):
ret = True
emsg = []
for pos in const.ALL_POS:
newmac = hw[pos]["mac"]
if data[pos]["ethernet"]["clone-mac"] != "":
newmac = data[pos]["ethernet"]["clone-mac"]
e = xt_func.sudo(["ip link set dev", pos, "address", newmac])
if not e[0]:
ret = False
emsg.append(e[1])
newmtu = hw[pos]["mtu"]
if data[pos]["ethernet"]["mtu"] != -1:
newmtu = data[pos]["ethernet"]["mtu"]
e = xt_func.sudo(["ip link set dev", pos, "mtu", str(newmtu)])
if not e[0]:
ret = False
emsg.append(e[1])
newstatus = "on"
if data[pos]["ethernet"]["speed-duplex"] != "auto":
tok = data[pos]["ethernet"]["speed-duplex"].split("/")
newstatus = "off speed {} duplex {}".format(
tok[0], tok[1].lower())
e = xt_func.sudo(["ethtool -s", pos, "autoneg", newstatus]);
if not e[0]:
ret = False
emsg.append(e[1])
return (ret, emsg)
def importing(imported_file, user):
ret = True
emsg = []
f = open(imported_file, "r")
lines = f.readlines()
f.close()
xt_func.sudo(["rm -rf",imported_file])
e = jcfg.parse_syntax(lines)
if not e[0]:
return e
data = e[1]
if "xteralink" not in data:
return (False, N_("invalid configuration"))
data = data["xteralink"]
for i in const.MOD_LIST:
page = __import__(i)
if page.TAG not in data:
print "skip", page.TAG
continue
print "importing", page.TAG
e = jcfg.validate_jcfg(page.HELPER, {page.TAG: data[page.TAG]})
if not e[0]:
ret = False
emsg.append(e[1])
continue
e = page.set(e[1][page.TAG], user)
if not e[0]:
ret = False
emsg.append(e[1])
return (ret, emsg)
def _set_dmzlan_ifup_address_and_route(data, pos): ret = True emsg = [] # Always ifups dmz e = xt_func.sudo(["ip link set dev", pos, "up"]) if not e[0]: ret = False emsg.append(e[1]) for i in data["basic-subnet"]: ip_range = xt_func.iprange2list(i["ip"]) inet = xt_func.block2cidr(ip_range[0]+ "/"+ i["mask"]) for ip in ip_range: e = xt_func.sudo(["ip addr add", ip+ "/"+ i["mask"], "brd + dev", pos]) if not e[0]: ret = False emsg.append(e[1]) e = xt_func.sudo(["ip route add", inet, "dev", pos, "src", ip_range[0], "table", const.RTAB[pos]]) for i in data["static-route"]: e = xt_func.sudo(["ip route add", i["subnet"], "via", i["gateway"], "dev", pos, "table", const.RTAB[pos]]) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _set(data):
ret = True
emsg = []
xt_func.sudo(["killall snmpd"])
if data["enable"] == 1:
print "RUN"
f = open(DCONF_TMP, "w")
f.write("com2sec Area default "+ data["community"]+ "\n");
f.write("group Reader v1 Area\n");
f.write("group Reader v2c Area\n");
f.write("sysdescr "+ const.PRODUCT_NAME+ "\n");
f.write("syslocation "+ data["system-location"]+ "\n");
f.write("sysname "+ data["system-name"]+ "\n");
f.write("syscontact "+ data["system-contact"]+ "\n");
for l in FIXED:
f.write(l + "\n");
f.close()
e = xt_func.sudo(["mv", DCONF_TMP, DCONF])
if not e[0]:
ret = False
emsg.append(e[1])
e = xt_func.sudo(["snmpd -c", DCONF])
if not e[0]:
ret = False
emsg.append(e[1])
return (ret, emsg)
def check_acc(): for dirPath, dirNames, fileNames in os.walk(controller.acc_online_dir): for f in fileNames: now_time = time.time() acc_time = os.path.getmtime(controller.acc_online_dir + f) # check account have expired over 60 seconds if (int(now_time) - int(acc_time) > 60): xt_func.sudo(["rm -rf", controller.acc_online_dir + f])
def start_traceroute(pos, target):
dum = const.DUM_IP[pos]
xt_func.sudo(["rm -f", TRACERT_DONE_FILE, TRACERT_RST_FILE])
f = open(TRACERT_SH_FILE, "w")
f.write("#!/bin/sh\n")
f.write("sudo traceroute -ns "+ dum+ " "+ target+ " >"+ TRACERT_RST_FILE+ " 2>&1\n")
f.write("touch "+ TRACERT_DONE_FILE + "\n")
f.close()
e = xt_func.sh(["sh", TRACERT_SH_FILE], block=False)
return e
def start_ping(pos, target):
dum = const.DUM_IP[pos]
xt_func.sudo(["rm -f", PING_DONE_FILE, PING_RST_FILE])
f = open(PING_SH_FILE, "w")
f.write("#!/bin/sh\n")
f.write("ping -W 3 -c 50 -I "+ dum+ " "+ target+ " >"+ PING_RST_FILE+ " 2>&1\n")
f.write("touch "+ PING_DONE_FILE + "\n")
f.close()
e = xt_func.sh(["sh", PING_SH_FILE], block=False)
return e
def set_datetime(data, user):
ret = (True, None)
xtd_logd.add_log(user + " apply " + TAG)
timestr = ".".join(data[0:3]) + "-" + ":".join(data[3:6])
e = xt_func.sudo(["date -s", timestr])
if not e[0]:
ret = (False, N_("See failure.log"))
e = xt_func.sudo(["hwclock -w"])
if not e[0]:
ret = (False, N_("See failure.log"))
return ret
def firmware_update(updatekey, fwupfile):
ret = True
emsg = []
e = xt_func.sudo(["apply_update ",fwupfile," ",updatekey])
xt_func.sudo(["rm -rf",fwupfile])
# firmeare update failed return error message
if not e[0]:
ret = False
emsg.append(e[1])
return (ret, emsg)
#reboot command
xt_func.reboot("reboot after firmware update")
return (ret, emsg)
def firmware_downgrade(fwdownfile):
ret = True
emsg = []
e = xt_func.sudo(["apply_downgrade ",fwdownfile])
xt_func.sudo(["rm -rf",fwdownfile])
# firmeare downgrade failed return error message
if not e[0]:
ret = False
emsg.append(e[1])
return (ret, emsg)
#reboot command
xt_func.reboot("reboot after firmware downgrade")
return (ret, emsg)
def get(fname=TAG+".txt", fdir=const.CFG_DIR):
import xte_network
version_j = xt_func.load_json(const.CFG_DIR+"version.json")[1]
license_j = xt_func.load_json(const.CFG_DIR+"license.json")[1]
traffic = _get_summary_traffic()
detection = _get_summary_detection()
txt = xt_func.sh(["cat", "/proc/uptime"])[1]
up_secs = int(txt.split(".")[0]) #Tuncate to integer
network_c = xte_network.get()[1]
data = {
"version": version_j["version"],
"sn": license_j["sn"],
"uptime": _calc_uptime(up_secs),
"connections":xt_func.sudo(["cat", "/proc/sys/net/netfilter/nf_conntrack_count"])[1],
"cpu":_get_cpu_usage(),
}
for pos in const.ALL_POS:
data[pos] = _get_pos_summary(pos)
data[pos]["ip"] = _get_wan_address(pos)
data[pos]["detection"] = detection[pos]
data[pos]["rx"] = traffic[pos]["rx"]
data[pos]["tx"] = traffic[pos]["tx"]
if pos == "lan" or pos == "dmz":
data[pos]["label"] = "N/A"
else:
data[pos]["label"] = network_c[pos]["label"]
return (True, data)
def _set_ifup_address_and_route(data): ret = True emsg = [] #set WLHD:good for default arg = "" for pos in const.ALL_WANS: if data[pos]["type"] == "static" and data[pos]["enable"] == 1: arg += "1" else: arg += "0" e = xt_func.sudo(["xtctl autoroute stat", arg]) if not e[0]: ret = False emsg.append(e[1]) #Make sure DMZ is before WANs for pos in const.ALL_POS: if pos == "dmz" or pos == "lan": e = _set_dmzlan_ifup_address_and_route(data[pos], pos) elif data[pos]["type"] == "static": e = _set_static_wan_ifup_address_and_route(data[pos], pos) else: #pppoe or dhcp e = _set_dynamic_wan_ifup_address_and_route(data[pos], pos) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _set(data):
ret = True
emsg = []
tzcode = tz.TZ[data["time-zone"]]
e = xt_func.sh(["echo '"+ tzcode+ "'", "| sudo tee /etc/TZ"])
if not e[0]:
ret = False
emsg.append(e[1])
f = open(const.CRON_SH["ntpd"], "w")
f.write("#!/bin/sh\n")
if data["time-server"] != "":
f.write("sleep 30\n")
f.write("ntpd -qnNp "+ data["time-server"]+ "\n")
f.write("hwclock -w\n")
f.close()
e = xt_func.sudo([const.CRON_SH["ntpd"]], block=False)
if not e[0]:
ret = False
emsg.append(e[1])
d = datetime.datetime.today()
run_at = str(d.second) + " * * * *"
e = xt_func.crontab_replace(const.CRON_SH["ntpd"], run_at)
if not e[0]:
ret = False
emsg.append(e[1])
return (ret, emsg)
def factory_default(targets="*", do_reboot=True):
e = xt_func.sudo(["cp -r", const.MIDWARE_DIR+"factory_default/"+targets, const.CFG_DIR])
if not e[0]:
return e
if do_reboot:
xt_func.reboot("Reboot now")
return (True, [N_("Reboot now")])
return (True, [])
def _set_public_ip_passthrough(data): """proxyarpd reads data from netpos, call this after netpos is done""" ret = True emsg = [] for pos in const.ALL_WANS: if len(data[pos]["public-ip-passthrough"]["ip"]) == 0: continue e = xt_func.sudo(["proxyarpd -d -i", pos]) if not e[0]: ret = False emsg.append(e[1]) e = xt_func.sudo(["proxyarpd -d -i dmz"]) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def kill_cmd(cmd):
e = xt_func.sh(["ps | grep '"+ cmd+ "' | grep -v grep"])
if not e[0]:
return (False, [N_("nothing to kill")])
tok = e[1].strip().split()
e = xt_func.sudo(["kill", tok[0]])
if not e[0]:
return e
return (True, [N_("kill"), tok[0]])
def _get_summary_detection():
data = {}
raw = xt_func.sudo(["xtctl", "autoroute", "stat"])[1]
for i in range(0,4):
pos = "wan" + str(i+1)
if raw[i] == "0":
data[pos] = "bad"
else:
data[pos] = "good"
data["dmz"] = "N/A"
data["lan"] = "N/A"
return data
def cli_show():
for pos in const.ALL_POS:
print "[{}]".format(pos)
e = xt_func.sudo(["xtctl netpos", pos])
if not e[0]:
print "No such device"
continue
lines = e[1].split("\n")
if pos == "lan" or pos == "dmz":
data = {"l": [], "s": []}
for l in lines:
l = l.strip()
if l == "LOCALHOST":
flag = "l"
continue
elif l == "PROXYARP":
flag = "p"
continue
elif l == "SUBNET":
flag = "s"
continue
elif l == "ROUTE":
break
if flag == "l" or flag == "s":
data[flag].append(l)
for i in range(0, len(data["l"])):
print "ip:{}, subnet:{}".format(data["l"][i], data["s"][i])
else:
data = []
subnet = None
for l in lines:
l = l.strip()
if l == "LOCALHOST":
flag = "l"
continue
elif l == "PROXYARP":
flag = "p"
continue
elif l == "SUBNET":
flag = "s"
continue
elif l == "ROUTE":
break
if flag == "l":
data.append(l)
elif flag == "s":
subnet = l
for i in data:
print "ip:{},".format(i)
if subnet is not None:
print "subnet:{}".format(subnet)
def run(blocking=True,cfg={}):
config_web(cfg)
"""
if cherrypy.config.get('environment',None) == 'production' :
cherrypy.config.update({'error_page.default': "%s/index.html" % (xtera.paths['static'])
,'error_page.401': "%s/errors/401.html" % (xtera.paths['static'])
,'error_page.403': "%s/errors/403.html" % (xtera.paths['static'])
,'error_page.404': "%s/errors/404.html" % (xtera.paths['static'])
,'error_page.500': "%s/errors/500.html" % (xtera.paths['static'])
}
)
"""
# remove session and account online dir
xt_func.sudo(["rm -rf", '/tmp/session-*'])
xt_func.sudo(["rm -rf", controller.acc_online_dir])
xt_func.sudo(["rm -rf", controller.acc_session_dir])
os.makedirs(controller.acc_online_dir)
os.makedirs(controller.acc_session_dir)
def check_acc():
for dirPath, dirNames, fileNames in os.walk(controller.acc_online_dir):
for f in fileNames:
now_time = time.time()
acc_time = os.path.getmtime(controller.acc_online_dir + f)
# check account have expired over 60 seconds
if (int(now_time) - int(acc_time) > 60):
xt_func.sudo(["rm -rf", controller.acc_online_dir + f])
# also delete account seesion dir: may has bug, so mark it
#for dirPath_1, dirNames_1, fileNames_1 in os.walk(controller.acc_session_dir):
# for f_1 in fileNames_1:
# xt_func.sudo(["rm -rf", controller.acc_session_dir + f_1])
# every 30 seconds to check account status
t = RepeatableTimer(30, check_acc)
t.start()
#bind log controll with cherrypy
def _setlog(k,v):
setattr(cherrypy.log, k, )
cherrypy.config.namespaces['log'] = _setlog
engine = cherrypy.engine
"""Setup the signal handler to stop the application while running"""
if hasattr(engine, "signal_handler"):
engine.signal_handler.subscribe()
if hasattr(engine, "console_control_handler"):
engine.console_control_handler.subscribe()
cherrypy.engine.start()
if blocking:
# this routine that starts this as a windows service will not want us to block here.
cherrypy.engine.block()
if __name__ == '__main__':
run(blocking=True)
def _set(data):
f = open("/tmp/hostname", "w")
f.write(data["hostname"])
f.close()
f = open("/tmp/resolv.conf", "w")
f.write("#"+ str(datetime.datetime.now()) + "\n")
if data["domain-name"] != "":
f.write("search " + data["domain-name"] + "\n")
if data["dns-server-1"] != "":
f.write("nameserver " + data["dns-server-1"]+ "\n")
if data["dns-server-2"] != "":
f.write("nameserver " + data["dns-server-2"]+ "\n")
f.close()
ret = True
e = xt_func.sudo(["hostname", str(data["hostname"])])
if not e[0]: ret = False
e = xt_func.sudo(["mv /tmp/hostname /etc/"])
if not e[0]: ret = False
e = xt_func.sudo(["mv /tmp/resolv.conf /etc/"])
if not e[0]: ret = False
return (ret, None)
def _set_bandwidth_limit(data): ret = True emsg = [] json = [] for pos in const.ALL_WANS: json.append( [pos, data[pos]["downstream"], data[pos]["upstream"]]) xt_func.save_json(BMSTATD_CONF, json) e = xt_func.sudo(["bmstatd -d -f", BMSTATD_CONF]) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def do_arpenforce(data=None): if data is None: data = get()[1] rst = [] for pos in const.ALL_WANS: _make_arpenforced_conf_for_wan(data, pos, rst) _make_arpenforced_conf_for_lan(data, rst) _make_arpenforced_conf_for_dmz(data, rst) f = open(ARPENFORCED_CONF, "w") for l in rst: f.write(l + "\n") f.close() return xt_func.sudo(["arpenforced", ARPENFORCED_CONF])
def _set_dynamic_wan_ifup_address_and_route(data, pos):
if data["enable"] != 1: return (True, [pos, "disabled"])
cmd = ["dy_monitor -d -i", pos, "-t"]
cmd.append(data["type"])
if data["type"] == "pppoe":
cmd.append("-u "+ data["pppoe-mode"]["username"])
cmd.append("-p "+ data["pppoe-mode"]["password"])
if data["pppoe-mode"]["service-name"] != "":
cmd.append("-s "+ data["pppoe-mode"]["service-name"])
if data["pppoe-mode"]["daily-redial"] != "":
cmd.append("-r "+ data["pppoe-mode"]["daily-redial"])
if data["pppoe-mode"]["ip"] != "":
cmd.append("-a "+ data["pppoe-mode"]["ip"])
if data["public-ip-passthrough"]["mask"] != "":
cmd.append("-m "+ xt_func.ipv4mask2prefix(data["public-ip-passthrough"]["mask"]))
return xt_func.sudo(cmd)
def reconnect_dynamic_wan(pos): e = get() if e[0] is False: return e data = e[1] if data[pos]["enable"] != 1: return (False, [pos, "is disabled"]) if data[pos]["type"] != "dhcp" and data[pos]["type"] != "pppoe": return (False, [pos, "is not dynamic"]) f = open(DYM_PID_PREFIX + pos, "r") oldpid = f.readline().strip() f.close() e = xt_func.sudo(["kill", oldpid]) if not e[0]: return e return _set_dynamic_wan_ifup_address_and_route(data[pos], pos)
def _set_netpos(data):
ret = True
emsg = []
for pos in const.ALL_POS:
fname = const.XTCFG_DIR+ "netpos-"+ pos+ ".txt"
xcfg = {
"LOCALHOST": [], "PROXYARP": [],
"SUBNET": [], "ROUTE": [], "GATEWAY": []
}
if pos == "lan" or pos == "dmz":
for i in data[pos]['basic-subnet']:
xcfg["LOCALHOST"].append(i["ip"])
ip1 = i["ip"].split("-")[0]
cidr = xt_func.block2cidr(ip1 + "/" + i["mask"])
xcfg["SUBNET"].append(cidr)
xcfg["ROUTE"] = [xt_func.block2cidr(i["subnet"]) for i in data[pos]['static-route']]
xcfg["GATEWAY"] = [i["gateway"] for i in data[pos]['static-route']]
elif data[pos]["enable"] == 1:
if data[pos]["type"] == "static":
# dy_monitord charges PPPoE and DHCP types
for i in data[pos]["static-mode"]["ip"]:
xcfg["LOCALHOST"].append(i)
ip1 = data[pos]["static-mode"]["ip"][0].split("-")[0]
cidr = xt_func.block2cidr(ip1 + "/" + data[pos]["static-mode"]["mask"])
xcfg["SUBNET"].append(cidr)
xcfg["PROXYARP"] = [i for i in data[pos]['public-ip-passthrough']["ip"]]
f = open(fname, "w")
for i in ["LOCALHOST", "PROXYARP", "SUBNET", "ROUTE", "GATEWAY"]:
f.write(i + "\n");
for j in xcfg[i]:
f.write(j + "\n");
f.close()
e = xt_func.sudo(["xtctl netpos", pos, fname]);
if not e[0]:
ret = False
emsg.append(e[1])
return (ret, emsg)
def _do_arping_detect(pos):
clist = []
addrs = xt_func.get_netpos_addresses(pos)
proxys = xt_func.get_netpos_proxyarp(pos)
for ip in proxys:
addrs.append(ip)
for ip in addrs:
e = xt_func.sudo(["arping -D -w 1 -I", pos, ip, "| grep Unicast"])
if e[0]:
tok = e[1].split()
mac = tok[4][1:-2].split(":")
mac_s = []
for i in mac:
if len(i) == 1:
mac_s.append("0" + i)
else:
mac_s.append(i)
mac = ":".join(mac_s)
clist.append((ip, pos, mac))
return clist
def _set_static_wan_ifup_address_and_route(data, pos):
ret = True
emsg = []
if data["enable"] != 1: return (ret, [pos, "disabled"])
e = xt_func.sudo(["ip link set dev", pos, "up"])
if not e[0]:
ret = False
emsg.append(e[1])
# static supports only one subnet
fst_ip = data["static-mode"]["ip"][0].split("-")[0]
inet = xt_func.block2cidr(fst_ip + "/" + data["static-mode"]["mask"])
for i in data["static-mode"]["ip"]:
ip_range = xt_func.iprange2list(i)
for ip in ip_range:
e = xt_func.sudo(["ip addr add", ip+ "/"+ data["static-mode"]["mask"], "brd + dev", pos])
if not e[0]:
ret = False
emsg.append(e[1])
e = xt_func.sudo(["ip route add default via", data["static-mode"]["gateway"], "dev", pos, "table", const.RTAB[pos]])
e = xt_func.sudo(["ip route append default via", data["static-mode"]["gateway"], "dev", pos])
if len(data["public-ip-passthrough"]["ip"]) > 0:
#Copy addresses to DMZ for public-ip-passthrough
for ip in ip_range:
e = xt_func.sudo(["ip addr add", ip+ "/"+ data["static-mode"]["mask"], "brd + dev dmz"])
if not e[0]:
ret = False
emsg.append(e[1])
#Don't forget route tables
e = xt_func.sudo(["ip route del", inet, "dev dmz"])
e = xt_func.sudo(["ip route add", inet, "src", fst_ip, "dev dmz table", const.RTAB["dmz"]])
return (ret, emsg)
def _delete_account_in_system(name, group): e = xt_func.sudo(["delgroup", name, group]) if not e[0]: return e return xt_func.sudo(["deluser", name])
def _set(data): hw = xt_func.load_json(const.HW_INFO)[1] ret = True emsg = [] xt_func.sudo(["killall bmstatd"]) xt_func.sudo(["killall proxyarpd"]) xt_func.sudo(["killall dy_monitor"]) time.sleep(4) # dy_monitor needs 3 sec to end itself for (dev, pos, rtab, dum) in const.IFMAP: xt_func.sudo(["ip link set dev", pos, "down"]) xt_func.sudo(["ip addr flush dev", pos]) xt_func.sudo(["ip route flush table", rtab]) xt_func.sudo(["ip route flush cache"]) e = _set_hardware(data, hw) if not e[0]: ret = False emsg.append(e[1]) e = _set_ifup_address_and_route(data) if not e[0]: ret = False emsg.append(e[1]) e = _set_netpos(data) if not e[0]: ret = False emsg.append(e[1]) e = _set_public_ip_passthrough(data) if not e[0]: ret = False emsg.append(e[1]) e = _set_bandwidth_limit(data) if not e[0]: ret = False emsg.append(e[1]) e = do_arpenforce(data) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _add_account_to_system(name, param): e = xt_func.sudo(["adduser -DG", param["g"], "-s /swlb/middleware/cli.py", name]) if not e[0]: return e return _change_password_in_system(name, param["p"])
