def addclientconf(): """新增服务配置项""" s = request.environ.get('beaker.session') authtype = request.forms.get("authtype") idata=dict() if authtype == '0' : idata['cainfo'] = request.forms.get("cainfo").replace('\r\n','\n').strip() idata['certinfo'] = request.forms.get("certinfo").replace('\r\n','\n').strip() elif authtype == '1' : idata['vpnuser'] = request.forms.get("vpnuser") idata['vpnpass'] = request.forms.get("vpnpass") elif authtype == '2' : idata['service'] = 'off' else : msg = {'color':'green','message':u'验证类型错误,保存失败'} return template('addvpncltconfig',session=s,msg=msg,info={}) idata['authtype'] = request.forms.get("authtype") idata['ipaddr'] = request.forms.get("ipaddr") idata['servport'] = request.forms.get("servport") idata['tunid'] = 'tun1000' idata['chkconn'] = request.forms.get("chkconn") sql = " update sysattr set value=%s where attr='vpnclient' " iidata=json.dumps(idata) result = writeDb(sql,(iidata,)) if result == True : msg = {'color':'green','message':u'配置保存成功'} writeVPNconf(action='uptcltconf') cmds.servboot('vpnconn') writeUTMconf(action='uptconf') return template('addvpncltconfig',session=s,msg=msg,info=idata)
def do_editdnsserv(): s = request.environ.get('beaker.session') dnsrelay = request.forms.get("dnsrelay") dnsproxy = request.forms.get("dnsproxy") dnsrule = request.forms.get("dnsrule") dnslist = request.forms.get("dnslist").replace('\r\n', '\n').strip() idata = dict() idata['dnsrelay'] = dnsrelay idata['dnsproxy'] = dnsproxy idata['dnsrule'] = dnsrule idata['dnslist'] = dnslist idata['dnsport'] = 53 dnsstatus = cmds.servchk(idata.get('dnsport')) idata['dnsstatus'] = dnsstatus sql = " update sysattr set value=%s where attr='dnsconf' " iidata = json.dumps(idata) result = writeDb(sql, (iidata, )) if result == True: writeDNSconf(action='uptconf') writeROUTEconf(action='uptconf') writeUTMconf(action='uptconf') msg = {'color': 'green', 'message': '配置保存成功'} return (template('editdnsserv', session=s, msg=msg, info=idata)) else: msg = {'color': 'red', 'message': '配置保存失败'} sql = " select value from sysattr where attr='dnsconf' " idata = readDb(sql, ) return (template('editdnsserv', session=s, msg=msg, info=idata))
def do_editdnsserv(): s = request.environ.get('beaker.session') dnsrelay = request.forms.get("dnsrelay") dnsproxy = request.forms.get("dnsproxy") dnsrule = request.forms.get("dnsrule") dnslist = request.forms.get("dnslist").replace('\r\n','\n').strip() idata = dict() idata['dnsrelay']=dnsrelay idata['dnsproxy']=dnsproxy idata['dnsrule']=dnsrule idata['dnslist']=dnslist idata['dnsport']=53 dnsstatus=cmds.servchk(idata.get('dnsport')) idata['dnsstatus']=dnsstatus sql = " update sysattr set value=%s where attr='dnsconf' " iidata=json.dumps(idata) result = writeDb(sql,(iidata,)) if result == True : writeDNSconf(action='uptconf') writeROUTEconf(action='uptconf') writeUTMconf(action='uptconf') msg = {'color':'green','message':'配置保存成功'} return(template('editdnsserv',session=s,msg=msg,info=idata)) else : msg = {'color':'red','message':'配置保存失败'} sql = " select value from sysattr where attr='dnsconf' " idata = readDb(sql,) return(template('editdnsserv',session=s,msg=msg,info=idata))
def do_addroute(): s = request.environ.get('beaker.session') rttype = request.forms.get("rttype") destaddr = request.forms.get("ipaddr") netmask = request.forms.get("netmask") gateway = request.forms.get("gateway") gwiface = request.forms.get("gwiface") # 格式判断 if netmod.checkip(destaddr) == False or netmod.checkmask(netmask) == False or netmod.checkip(gateway) == False : msg = {'color':'red','message':u'地址不合法,添加失败'} return(template('staticroute',msg=msg,session=s)) # 系统判断 if gwiface == 'auto': resultA = cmds.getdictrst('route add -net %s netmask %s gw %s' % (destaddr,netmask,gateway)) else : resultA = cmds.getdictrst('route add -net %s netmask %s gw %s dev %s' % (destaddr,netmask,gateway,gwiface)) if resultA.get('status') != 0 : msg = {'color':'red','message':u'目标不可达或其他错误,添加失败'} return(template('staticroute',msg=msg,session=s)) sql = "INSERT INTO sysroute(type,dest,netmask,gateway,iface,fromtype) VALUES(%s,%s,%s,%s,%s,%s)" data = ('net',destaddr,netmask,gateway,gwiface,1) result = writeDb(sql,data) if result == True: writeROUTEconf(action='uptconf') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'添加成功'} else: msg = {'color':'red','message':u'添加失败'} return(template('staticroute',msg=msg,session=s))
def do_addutmrule(): """UTM配置 添加页""" s = request.environ.get('beaker.session') rulename = request.forms.get("rulename") dstmatch = request.forms.get("dstmatch") srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip() dstaddr = request.forms.get("dstaddr").replace('\r\n','\n').strip() runaction = request.forms.get("runaction") runobject = request.forms.get("runobject") if runaction == 'SNAT': runobject = request.forms.get("runobject") if netmod.checkip(runobject) == False: msg = {'color':'red','message':u'源地址转换不能填写非IP类型,添加失败'} return template('natruleconf',session=s,msg=msg,info={}) else : runobject = request.forms.get("runobject2") sql = "insert into ruleconfnat(rulename,srcaddr,dstmatch,dstaddr,runaction,runobject) VALUES(%s,%s,%s,%s,%s,%s)" data = (rulename,srcaddr,dstmatch,dstaddr,runaction,runobject) alladdr=srcaddr.split('\n')+dstaddr.split('\n') for ipmask in alladdr : if netmod.checkipmask(ipmask) == False and ipmask != '': msg = {'color':'red','message':u'源地址或目标地址格式错误,添加失败'} return(template('natruleconf',msg=msg,session=s)) result = writeDb(sql,data) if result == True: msg = {'color':'green','message':u'添加成功'} writeUTMconf(action='addconf') return template('natruleconf',session=s,msg=msg,info={})
def do_addservconf(): """新增服务配置项""" s = request.environ.get('beaker.session') authtype = request.forms.get("authtype") ipaddr = request.forms.get("ipaddr") servport = request.forms.get("servport") virip = request.forms.get("virip") virmask = request.forms.get("virmask") maxclient = request.forms.get("maxclient") maxuser = request.forms.get("maxuser") authtimeout = request.forms.get("authtimeout") authnum = request.forms.get("authnum") locktime = request.forms.get("locktime") comp = request.forms.get("comp") cisco = request.forms.get("cisco") if netmod.checkip(virip) == False or netmod.checkmask(virmask) == False : msg = {'color':'red','message':u'虚拟地址填写不合法,保存失败'} return template('vpnservconf',session=s,msg=msg,info={}) sql = " INSERT INTO vpnservconf(servmode,authtype,ipaddr,servport,virip,virmask,maxclient,maxuser,authtimeout,authnum,locktime,comp,cisco) values ('server',%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)" data = (authtype,ipaddr,servport,virip,virmask,maxclient,maxuser,authtimeout,authnum,locktime,comp,cisco) result = writeDb(sql,data) if result == True : writeVPNconf(action='addconf') cmds.servboot('ocserv') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'配置保存成功'} return template('vpnservconf',session=s,msg=msg,info={})
def editpolicy(id): """修改策略""" s = request.environ.get('beaker.session') name = request.forms.get("name") pushdns = request.forms.get("pushdns").replace('\r\n','\n').strip() pushroute = request.forms.get("pushroute").replace('\r\n','\n').strip() pushnoroute = request.forms.get("pushnoroute").replace('\r\n','\n').strip() allipmask = pushroute.split('\n')+pushnoroute.split('\n') # 内容检测 for ip in pushdns.split('\n') : if netmod.checkip(ip) == False and ip != '': msg = {'color':'red','message':u'DNS内容检测错误,更新失败'} return(template('policyconf',session=s,msg=msg,info={})) for ipmask in allipmask : if netmod.checkipmask(ipmask) == False and ipmask != '' : msg = {'color':'red','message':u'路由内容检测错误,更新失败'} return(template('policyconf',session=s,msg=msg,info={})) sql = "UPDATE vpnpolicy set name=%s,pushdns=%s,pushroute=%s,pushnoroute=%s where id=%s" data=(name,pushdns,pushroute,pushnoroute,id) result = writeDb(sql,data) if result == True: writeVPNconf(action='uptgroup') writeUTMconf(action='addconf') msg = {'color':'green','message':u'更新成功'} return(template('policyconf',session=s,msg=msg,info={})) else: msg = {'color':'red','message':u'更新失败'} return(template('policyconf',session=s,msg=msg,info={}))
def deliface(id): s = request.environ.get('beaker.session') sql = " DELETE FROM netiface WHERE id=%s " sql2 = " select ifacename FROM netiface WHERE id=%s " ifacename = readDb(sql2, (id, )) result = writeDb(sql, (id, )) if result == True: writeNIconf(action='uptconf') cmds.servboot('networks', action='uptconf') writeUTMconf(action='uptconf') msg = {'color': 'green', 'message': u'删除成功'} cmds.gettuplerst('ip addr flush dev %s' % ifacename[0].get('ifacename')) #如果是PPP类型接口,停用ADSL cmds.gettuplerst('ip link set %s down' % ifacename[0].get('ifacename')) cmds.gettuplerst( 'ps aux|grep -e \'xdsl.*%s\'|grep -v grep|awk \'{print $2}\' |xargs -i kill -9 {}' % id) #恢复绑定 sql2 = "update sysattr set status='1' where attr=%s" writeDb(sql2, (ifacename[0].get('ifacename'), )) return template('networkconf', session=s, msg=msg) else: msg = {'color': 'red', 'message': u'删除失败'} return template('networkconf', session=s, msg=msg)
def do_addpolicy(): """POST""" s = request.environ.get('beaker.session') name = request.forms.get("name") pushdns = request.forms.get("pushdns").replace('\r\n','\n').strip() pushroute = request.forms.get("pushroute").replace('\r\n','\n').strip() pushnoroute = request.forms.get("pushnoroute").replace('\r\n','\n').strip() allipmask = pushroute.split('\n')+pushnoroute.split('\n') for ip in pushdns.split('\n') : if netmod.checkip(ip) == False and ip != '': msg = {'color':'red','message':u'DNS内容检测错误,更新失败'} return(template('policyconf',session=s,msg=msg,info={})) for ipmask in allipmask : if netmod.checkipmask(ipmask) == False and ipmask != '': msg = {'color':'red','message':u'路由内容检测错误,更新失败'} return(template('policyconf',session=s,msg=msg,info={})) sql = "INSERT INTO vpnpolicy(name,pushdns,pushroute,pushnoroute) VALUES(%s,%s,%s,%s)" data=(name,pushdns,pushroute,pushnoroute) result = writeDb(sql,data) if result == True: writeVPNconf(action='uptgroup') writeUTMconf(action='addconf') msg = {'color':'green','message':u'添加成功'} return(template('policyconf',session=s,msg=msg,info={})) else: msg = {'color':'red','message':u'添加失败'} return(template('policyconf',session=s,msg=msg,info={}))
def do_editutmrule(id): """UTM配置 更新页""" s = request.environ.get('beaker.session') rulename = request.forms.get("rulename") dstmatch = request.forms.get("dstmatch") srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip() dstaddr = request.forms.get("dstaddr").replace('\r\n','\n').strip() runaction = request.forms.get("runaction") runobject = request.forms.get("runobject") if runaction == 'SNAT': runobject = request.forms.get("runobject") if netmod.checkip(runobject) == False: msg = {'color':'red','message':u'源地址转换不能填写非IP类型,添加失败'} return template('natruleconf',session=s,msg=msg,info={}) else : runobject = request.forms.get("runobject2") sql = "update ruleconfnat set rulename=%s,srcaddr=%s,dstmatch=%s,dstaddr=%s,runaction=%s,runobject=%s where id=%s" data = (rulename,srcaddr,dstmatch,dstaddr,runaction,runobject,id) alladdr=srcaddr.split('\n')+dstaddr.split('\n') for ipmask in alladdr : if netmod.checkipmask(ipmask) == False and ipmask != '': msg = {'color':'red','message':u'源地址或目标地址格式错误,添加失败'} return(template('natruleconf',msg=msg,session=s)) result = writeDb(sql,data) if result == True: writeUTMconf(action='uptconf') msg = {'color':'green','message':u'更新成功'} return template('natruleconf',session=s,msg=msg,info={})
def do_editadvroute(id): s = request.environ.get('beaker.session') rulename = request.forms.get("rulename") srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip() destaddr = request.forms.get("destaddr").replace('\r\n','\n').strip() pronum = request.forms.get("pronum") outdev = request.forms.get("ifacename") alladdr=srcaddr.split('\n')+destaddr.split('\n') #提交判断 if outdev == '' or rulename == '': msg = {'color':'red','message':u'描述或出口未填写,添加失败'} return(template('advroute',msg=msg,session=s)) if int(pronum) <0 or int(pronum) >32765 : msg = {'color':'red','message':u'优先级值填写错误,添加失败'} return(template('advroute',msg=msg,session=s)) for ipmask in alladdr : if netmod.checkipmask(ipmask) == False and ipmask != '': msg = {'color':'red','message':u'地址格式错误(%s),添加失败' % ipmask} return(template('advroute',msg=msg,session=s)) cmdDict=cmds.getdictrst('ip rule add prio %s fwmark 1000%s dev %s' % (pronum,id,outdev)) if cmdDict.get('status') == 0: sql = """ UPDATE sysrouteadv SET rulename=%s,srcaddr=%s,destaddr=%s,pronum=%s,iface=%s WHERE id=%s """ data = (rulename,srcaddr,destaddr,int(pronum),outdev,id) result = writeDb(sql,data) if result : writeROUTEconf(action='uptconf') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'更新成功'} else : msg = {'color':'red','message':u'更新失败'} else: msg = {'color':'red','message':u'系统规则生成异常,添加失败'} return(template('advroute',msg=msg,session=s))
def do_additem(): s = request.environ.get('beaker.session') ifacename = request.forms.get("ifacename") ifacetype = request.forms.get("ifacetype") ipaddr = request.forms.get("ipaddr") netmask = request.forms.get("netmask") gateway = request.forms.get("gateway") defaultgw = request.forms.get("defaultgw") extip = request.forms.get("extip").replace('\r\n','\n') # 判断填写网关和没有填写网关的情况 if ipaddr == '' or netmask == '' : msg = {'color':'red','message':u'地址不合法,添加失败'} return(template('networkconf',session=s,msg=msg)) if gateway != '' : if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False or netmod.checkip(gateway) == False or netmod.checknet(gateway,ipaddr,netmask) == False : msg = {'color':'red','message':u'地址不合法,添加失败'} return(template('networkconf',session=s,msg=msg)) else : if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False : msg = {'color':'red','message':u'地址不合法,添加失败'} return(template('networkconf',session=s,msg=msg)) for extlist in extip.split('\n'): if len(extlist.split('/')) == 3: extsip=extlist.split('/')[0] extmask=extlist.split('/')[1] extgw=extlist.split('/')[2] if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False or netmod.checkip(extgw) == False or netmod.checknet(extgw,extsip,extmask) == False : msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'} return(template('networkconf',session=s,msg=msg)) elif len(extlist.split('/')) == 2: extsip=extlist.split('/')[0] extmask=extlist.split('/')[1] if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False : msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'} return(template('networkconf',session=s,msg=msg)) elif extlist == u'': True else : msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'} return(template('networkconf',session=s,msg=msg)) if ifacename == u'' : msg = {'color':'red','message':u'物理接口未选择,添加失败'} return(template('networkconf',session=s,msg=msg)) sql = "INSERT INTO netiface (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip) VALUES (%s,%s,%s,%s,%s,%s,%s)" data = (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip) result = writeDb(sql,data) if result == True: writeNIconf(action='uptconf') cmds.servboot('networks',action='uptconf') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'添加成功'} #已绑定的网卡禁止再次绑定 sql2 = """ update sysattr set status="0" where attr=%s """ writeDb(sql2,(ifacename,)) return template('networkconf',session=s,msg=msg)
def do_editiface(id): s = request.environ.get('beaker.session') ifacename = request.forms.get("ifacename") ifacetype = request.forms.get("ifacetype") ipaddr = request.forms.get("ipaddr") netmask = request.forms.get("netmask") gateway = request.forms.get("gateway") defaultgw = request.forms.get("defaultgw") extip = request.forms.get("extip").replace('\r\n', '\n') # 判断提交异常 if ipaddr == '' or netmask == '' : msg = {'color':'red','message':u'地址不合法,添加失败1'} return(template('networkconf',session=s,msg=msg)) if gateway != '' : if netmod.checkipmask('%s/%s' % (ipaddr,netmask)) == False or netmod.checknet(gateway,ipaddr,netmask) == False : msg = {'color':'red','message':u'地址不合法,添加失败%s,%s,%s' % (gateway,ipaddr,netmask)} return(template('networkconf',session=s,msg=msg)) else : if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False : msg = {'color':'red','message':u'地址不合法,添加失败3'} return(template('networkconf',session=s,msg=msg)) for extlist in extip.split('\n'): if len(extlist.split('/')) == 3: extsip=extlist.split('/')[0] extmask=extlist.split('/')[1] extgw=extlist.split('/')[2] if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False or netmod.checkip(extgw) == False or netmod.checknet(extgw,extsip,extmask) == False : msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'} return(template('networkconf',session=s,msg=msg)) elif len(extlist.split('/')) == 2: extsip=extlist.split('/')[0] extmask=extlist.split('/')[1] if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False : msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'} return(template('networkconf',session=s,msg=msg)) elif extlist == u'': True else : msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'} return(template('networkconf',session=s,msg=msg)) if ifacename == u'' : msg = {'color':'red','message':u'物理接口未选择,更新失败'} return(template('addinterface',session=s,msg=msg)) sql = "UPDATE netiface SET ifacename=%s,ifacetype=%s,ipaddr=%s,netmask=%s,gateway=%s,defaultgw=%s,extip=%s WHERE id=%s" data = (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip,id) result = writeDb(sql,data) if result == True: writeNIconf(action='uptconf') cmds.servboot('networks',action='uptconf') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'更新成功'} return template('networkconf',session=s,msg=msg)
def delvpnservconf(id): s = request.environ.get('beaker.session') sql = " DELETE FROM ruleconfnat WHERE id=%s " result = writeDb(sql,(id,)) if result == True : writeUTMconf(action='uptconf') msg = {'color':'green','message':u'删除成功'} return template('natruleconf',session=s,msg=msg) else: msg = {'color':'red','message':u'删除失败'} return template('natruleconf',session=s,msg=msg)
def delvpnservconf(id): s = request.environ.get('beaker.session') sql = " DELETE FROM vpnservconf WHERE id=%s " result = writeDb(sql,(id,)) if result == True : msg = {'color':'green','message':u'删除成功'} cmds.gettuplerst('/bin/rm -rf %s/ocserv/ocserv_*_%s.conf' % (gl.get_value('plgdir'),id)) cmds.servboot('ocserv') writeUTMconf(action='uptconf') return template('vpnservconf',session=s,msg=msg) else: msg = {'color':'red','message':u'删除失败'} return template('vpnservconf',session=s,msg=msg)
def delpolicy(id): """删除策略""" s = request.environ.get('beaker.session') sql = "select username from user where policy=%s " chkdata = readDb(sql,(id,)) if len(chkdata) > 0 : msg = {'color':'red','message':u'删除失败,该策略已被关联无法删除'} return(template('policyconf',session=s,msg=msg,info={})) sql = "delete from vpnpolicy where id in (%s) " result = writeDb(sql,(id,)) if result: writeVPNconf(action='uptgroup') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'删除成功'} return(template('policyconf',session=s,msg=msg,info={})) else: msg = {'color':'red','message':u'删除失败'} return(template('policyconf',session=s,msg=msg,info={}))
def deliface(stype,id): s = request.environ.get('beaker.session') if stype == 'sys' or stype == 'static' : sqlquery = " select dest,netmask,gateway FROM sysroute WHERE id=%s " sql = " DELETE FROM sysroute WHERE id=%s " else: sqlquery = " select srcaddr,destaddr,pronum,iface as outdev FROM sysrouteadv WHERE id=%s " sql = " DELETE FROM sysrouteadv WHERE id=%s " resultA = readDb(sqlquery,(id,)) # 判断删除入口并返回到指定界面 if stype == 'sys': tpl = 'routeconf' elif stype == 'static': tpl = 'staticroute' elif stype == 'adv': tpl = 'advroute' # 判断提交的指令 result = writeDb(sql,(id,)) if result == True: if stype == 'adv': try: if resultA[0].get('srcaddr') == '' and resultA[0].get('destaddr') != '': cmds.getdictrst('ip rule del prio %s to %s' % (resultA[0].get('pronum'),resultA[0].get('destaddr'))) elif resultA[0].get('destaddr') == '' and resultA[0].get('srcaddr') != '': cmds.getdictrst('ip rule del prio %s from %s dev %s' % (resultA[0].get('pronum'),resultA[0].get('srcaddr'))) elif resultA[0].get('destaddr') == '' and resultA[0].get('srcaddr') == '': cmds.getdictrst('ip rule del prio %s dev %s' % (resultA[0].get('pronum'),resultA[0].get('outdev'))) else: cmds.getdictrst('ip rule del prio %s from %s to %s' % (resultA[0].get('pronum'),resultA[0].get('srcaddr'),resultA[0].get('destaddr'))) msg = {'color':'green','message':u'删除成功'} return template(tpl,session=s,msg=msg) except: msg = {'color':'green','message':u'删除成功'} return template(tpl,session=s,msg=msg) else: cmds.getdictrst('route del -net %s netmask %s gw %s' % (resultA[0].get('dest'),resultA[0].get('netmask'),resultA[0].get('gateway'))) writeROUTEconf(action='uptconf') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'删除成功'} return template(tpl,session=s,msg=msg) else: msg = {'color':'red','message':u'删除失败'} return template(tpl,session=s,msg=msg)
def deliface(id): s = request.environ.get('beaker.session') sql = " DELETE FROM netiface WHERE id=%s " sql2 = " select ifacename FROM netiface WHERE id=%s " ifacename = readDb(sql2,(id,)) result = writeDb(sql,(id,)) if result == True : writeNIconf(action='uptconf') cmds.servboot('networks',action='uptconf') writeUTMconf(action='uptconf') msg = {'color':'green','message':u'删除成功'} cmds.gettuplerst('ip addr flush dev %s' % ifacename[0].get('ifacename')) #恢复绑定 sql2 = "update sysattr set status='1' where attr=%s" writeDb(sql2,(ifacename[0].get('ifacename'),)) return template('networkconf',session=s,msg=msg) else: msg = {'color':'red','message':u'删除失败'} return template('networkconf',session=s,msg=msg)
def do_editutmrule(id): """UTM配置 更新页""" s = request.environ.get('beaker.session') rulename = request.forms.get("rulename") pronum = request.forms.get("pronum") actzone = request.forms.get("actzone") srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip() dstaddr = request.forms.get("dstaddr").replace('\r\n','\n').strip() sproto = request.forms.get("sproto") sport = request.forms.get("sport") dproto = request.forms.get("dproto") dport = request.forms.get("dport") runaction = request.forms.get("runaction") sql = "update ruleconfutm set rulename=%s,pronum=%s,actzone=%s,srcaddr=%s,dstaddr=%s,sproto=%s,sport=%s,dproto=%s,dport=%s,runaction=%s where id=%s" data = (rulename,pronum,actzone,srcaddr,dstaddr,sproto,sport,dproto,dport,runaction,id) if not (rulename and pronum): msg = {'color':'red','message':u'规则名称或优先级未填写,添加失败'} return template('utmruleconf',session=s,msg=msg,info={}) alladdr=srcaddr.split('\n')+dstaddr.split('\n') for ipmask in alladdr : if netmod.checkipmask(ipmask) == False and ipmask != '': msg = {'color':'red','message':u'源地址或目标地址格式错误,添加失败'} return(template('utmruleconf',msg=msg,session=s)) if len(sport.split(',')) > 10 or len(dport.split(',')) > 10 : msg = {'color':'red','message':u'端口组总数量超过最大值10,添加失败'} return(template('utmruleconf',msg=msg,session=s)) allport = sport.split(',')+dport.split(',') for port in allport : if ':' in port: if len(port.split(':')) != 2 or port.split(':')[0] >= port.split(':')[1]: msg = {'color':'red','message':u'连续端口格式错误,添加失败'} return(template('utmruleconf',msg=msg,session=s)) else : if netmod.is_port(port) == False and port != '' : msg = {'color':'red','message':u'源端口或目标端口格式错误,添加失败'} return(template('utmruleconf',msg=msg,session=s)) result = writeDb(sql,data) if result == True: msg = {'color':'green','message':u'更新成功'} writeUTMconf(action='addconf') return template('utmruleconf',session=s,msg=msg,info={})
def do_editvpnservconf(id): """修改提交服务配置项""" s = request.environ.get('beaker.session') authtype = request.forms.get("authtype") ipaddr = request.forms.get("ipaddr") servport = request.forms.get("servport") virip = request.forms.get("virip") virmask = request.forms.get("virmask") maxclient = request.forms.get("maxclient") maxuser = request.forms.get("maxuser") authtimeout = request.forms.get("authtimeout") authnum = request.forms.get("authnum") locktime = request.forms.get("locktime") comp = request.forms.get("comp") cisco = request.forms.get("cisco") if netmod.checkip(virip) == False or netmod.checkmask(virmask) == False : msg = {'color':'red','message':u'虚拟地址填写不合法,保存失败'} return template('vpnservconf',session=s,msg=msg,info={}) if servport.isdigit() == False or maxclient.isdigit() == False or maxuser.isdigit() == False or authtimeout.isdigit() == False or authnum.isdigit() == False or locktime.isdigit() == False: msg = {'color':'red','message':u'填写不合法,保存失败'} return template('vpnservconf',session=s,msg=msg,info={}) if int(servport) < 0 or int(servport) > 65535 : msg = {'color':'red','message':u'端口配置错误,保存失败'} return template('vpnservconf',session=s,msg=msg,info={}) if netmod.checkip(ipaddr) == True or ipaddr == '*' : True else: msg = {'color':'red','message':u'监听信息填写错误,保存失败'} return template('vpnservconf',session=s,msg=msg,info={}) sql = " UPDATE vpnservconf set authtype=%s,ipaddr=%s,servport=%s,virip=%s,virmask=%s,maxclient=%s,maxuser=%s,authtimeout=%s,authnum=%s,locktime=%s,comp=%s,cisco=%s WHERE id=%s" data = (authtype,ipaddr,servport,virip,virmask,maxclient,maxuser,authtimeout,authnum,locktime,comp,cisco,id) result = writeDb(sql,data) if result == True : writeVPNconf(action='uptconf') cmds.servboot('ocserv') writeUTMconf(action='uptconf') return template('vpnservconf',session=s,info={},msg={})