def deliface(id):
s = request.environ.get('beaker.session')
sql = " DELETE FROM netiface WHERE id=%s "
sql2 = " select ifacename FROM netiface WHERE id=%s "
ifacename = readDb(sql2, (id, ))
result = writeDb(sql, (id, ))
if result == True:
writeNIconf(action='uptconf')
cmds.servboot('networks', action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color': 'green', 'message': u'删除成功'}
cmds.gettuplerst('ip addr flush dev %s' %
ifacename[0].get('ifacename'))
#如果是PPP类型接口,停用ADSL
cmds.gettuplerst('ip link set %s down' % ifacename[0].get('ifacename'))
cmds.gettuplerst(
'ps aux|grep -e \'xdsl.*%s\'|grep -v grep|awk \'{print $2}\' |xargs -i kill -9 {}'
% id)
#恢复绑定
sql2 = "update sysattr set status='1' where attr=%s"
writeDb(sql2, (ifacename[0].get('ifacename'), ))
return template('networkconf', session=s, msg=msg)
else:
msg = {'color': 'red', 'message': u'删除失败'}
return template('networkconf', session=s, msg=msg)
def addinterface():
s = request.environ.get('beaker.session')
# 初始化网卡添加状态,已经被配置的网卡,无法再次配置
sqla = " select attr from sysattr where status='1' and servattr='netiface' and attr not in (select ifacename from netiface) "
erriface = readDb(sqla, )
if len(erriface) > 0:
for x in erriface:
sqlb = "update sysattr set status='1' where attr=%s and servattr='netiface'"
writeDb(sqlb, (x.get('attr'), ))
sqlc = " select attr from sysattr where status='1' and servattr='netiface' and attr in (select ifacename from netiface) "
erriface2 = readDb(sqlc, )
if len(erriface2) > 0:
for y in erriface2:
sqld = "update sysattr set status='0' where attr=%s and servattr='netiface'"
writeDb(sqld, (y.get('attr'), ))
# 判断接口是否被锁定或已配置
sqld = " SELECT attr as ifacename,concat(attr,'|',value) as value FROM sysattr where servattr='netiface' and status='1' order by attr desc"
ifacelist_result = readDb(sqld, )
if len(ifacelist_result) == 0:
msg = {'color': 'red', 'message': u'无可用物理接口,添加失败'}
return (template('networkconf', session=s, msg=msg))
return template('addinterface',
session=s,
info={},
ifacelist_result=ifacelist_result)
def networkconf():
s = request.environ.get('beaker.session')
#清理所有网卡信息,重新获取最新的系统网卡信息
sql = "delete from sysattr where servattr='netiface'"
writeDb(sql, )
netmod.InitNIinfo()
netmod.getifaceData('getni')
return template('networkconf', session=s, msg={})
def networkconf():
s = request.environ.get('beaker.session')
#清理所有网卡信息,重新获取最新的系统网卡信息
sql = "delete from sysattr where servattr='netiface'"
writeDb(sql,)
netmod.InitNIinfo()
netmod.getifaceData('getni')
return template('networkconf',session=s,msg={})
def do_additem():
s = request.environ.get('beaker.session')
ifacename = request.forms.get("ifacename")
ifacetype = request.forms.get("ifacetype")
ipaddr = request.forms.get("ipaddr")
netmask = request.forms.get("netmask")
gateway = request.forms.get("gateway")
defaultgw = request.forms.get("defaultgw")
extip = request.forms.get("extip").replace('\r\n','\n')
# 判断填写网关和没有填写网关的情况
if ipaddr == '' or netmask == '' :
msg = {'color':'red','message':u'地址不合法,添加失败'}
return(template('networkconf',session=s,msg=msg))
if gateway != '' :
if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False or netmod.checkip(gateway) == False or netmod.checknet(gateway,ipaddr,netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败'}
return(template('networkconf',session=s,msg=msg))
else :
if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败'}
return(template('networkconf',session=s,msg=msg))
for extlist in extip.split('\n'):
if len(extlist.split('/')) == 3:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
extgw=extlist.split('/')[2]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False or netmod.checkip(extgw) == False or netmod.checknet(extgw,extsip,extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif len(extlist.split('/')) == 2:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif extlist == u'':
True
else :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
if ifacename == u'' :
msg = {'color':'red','message':u'物理接口未选择,添加失败'}
return(template('networkconf',session=s,msg=msg))
sql = "INSERT INTO netiface (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip) VALUES (%s,%s,%s,%s,%s,%s,%s)"
data = (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip)
result = writeDb(sql,data)
if result == True:
writeNIconf(action='uptconf')
cmds.servboot('networks',action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'添加成功'}
#已绑定的网卡禁止再次绑定
sql2 = """ update sysattr set status="0" where attr=%s """
writeDb(sql2,(ifacename,))
return template('networkconf',session=s,msg=msg)
def do_additem():
s = request.environ.get('beaker.session')
ifacename = request.forms.get("ifacename")
ifacetype = request.forms.get("ifacetype")
ipaddr = request.forms.get("ipaddr")
netmask = request.forms.get("netmask")
gateway = request.forms.get("gateway")
defaultgw = request.forms.get("defaultgw")
extip = request.forms.get("extip").replace('\r\n','\n')
# 判断填写网关和没有填写网关的情况
if ipaddr == '' or netmask == '' :
msg = {'color':'red','message':u'地址不合法,添加失败'}
return(template('networkconf',session=s,msg=msg))
if gateway != '' :
if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False or netmod.checkip(gateway) == False or netmod.checknet(gateway,ipaddr,netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败'}
return(template('networkconf',session=s,msg=msg))
else :
if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败'}
return(template('networkconf',session=s,msg=msg))
for extlist in extip.split('\n'):
if len(extlist.split('/')) == 3:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
extgw=extlist.split('/')[2]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False or netmod.checkip(extgw) == False or netmod.checknet(extgw,extsip,extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif len(extlist.split('/')) == 2:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif extlist == u'':
True
else :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
if ifacename == u'' :
msg = {'color':'red','message':u'物理接口未选择,添加失败'}
return(template('networkconf',session=s,msg=msg))
sql = "INSERT INTO netiface (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip) VALUES (%s,%s,%s,%s,%s,%s,%s)"
data = (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip)
result = writeDb(sql,data)
if result == True:
writeNIconf(action='uptconf')
cmds.servboot('networks',action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'添加成功'}
#已绑定的网卡禁止再次绑定
sql2 = """ update sysattr set status="0" where attr=%s """
writeDb(sql2,(ifacename,))
return template('networkconf',session=s,msg=msg)
def do_deldomain(domain):
s = request.environ.get('beaker.session')
sql_1 = """ delete from dns_domain where domain=%s """
sql_2 = """ delete from dns_records where zone=%s """
result = writeDb(sql_1,(domain,))
if result == True:
writeDb(sql_2,(domain,))
msg = {'color':'green','message':u'删除成功'}
return template('domainlist',session=s,msg=msg)
else :
msg = {'color':'red','message':u'删除失败'}
return template('domainlist',session=s,msg=msg)
def servconf():
"""VPN服务配置项"""
s = request.environ.get('beaker.session')
sql = " select id,servport from vpnservconf "
result = readDb(sql,)
for data in result :
if cmds.servchk(data.get('servport')) == 0 :
sql = "update vpnservconf set workstatus='1' where id=%s"
writeDb(sql,(data.get('id'),))
else :
sql = "update vpnservconf set workstatus='0' where id=%s"
writeDb(sql,(data.get('id'),))
return template('vpnservconf',session=s,msg={})
def getfileshareinfo():
import chardet
s = request.environ.get('beaker.session')
username = s['username']
sql = " SELECT concat(D.vdir,'/',U.vdir) as vdir FROM user as U LEFT OUTER JOIN ftpserv as D ON D.id='1' WHERE U.username=%s "
ownftpdir = readDb(sql, (username, ))[0].get('vdir')
info = []
status, result = cmds.gettuplerst(
'find %s -name \'*.*\' -exec basename {} \;|sort -u' % ownftpdir)
for i in result.split():
if str(i) != "":
infos = {}
charstr = chardet.detect(str(i)).get('encoding')
if str(charstr).lower() != "utf-8":
#print str(charstr).lower()
try:
infos['filename'] = i.decode(str(charstr)).encode('utf-8')
except:
continue
ownftpdir = ownftpdir.encode(str(charstr)).encode('utf-8')
filepath = '%s/%s' % (ownftpdir.encode(charstr), i)
nfilepath = filepath.decode(charstr).encode('utf-8')
else:
infos['filename'] = i
filepath = '%s/%s' % (ownftpdir, i)
nfilepath = filepath
#if chardet.detect(i).get('encoding')=="GB2312":
# infos['filename']=i.decode('GB2312')
# ownftpdir = ownftpdir.encode('GB2312')
# filepath = '%s/%s' % (ownftpdir.encode('GB2312'),i)
# nfilepath = filepath.decode('gb2312').encode('utf-8')
#else:
# infos['filename']=i
# filepath = '%s/%s' % (ownftpdir,i)
# nfilepath = filepath
if os.path.isfile(filepath) == False:
continue
infos['filesize'] = os.path.getsize(filepath)
cctime = os.path.getctime(filepath)
infos['filetime'] = time.strftime('%Y%m%d%H%M%S',
time.localtime(cctime))
infos['signdata'] = GetFileMd5(filepath)
sql = " INSERT INTO fileshare (filepath, signdata) VALUES (%s , %s) ON DUPLICATE KEY UPDATE filepath=%s,signdata=%s "
data = (nfilepath, infos['signdata'], nfilepath, infos['signdata'])
try:
writeDb(sql, data)
except:
True
info.append(infos)
return json.dumps(info)
def editpolicy(id):
"""修改策略"""
s = request.environ.get('beaker.session')
name = request.forms.get("name")
pushdns = request.forms.get("pushdns").replace('\r\n','\n').strip()
pushroute = request.forms.get("pushroute").replace('\r\n','\n').strip()
pushnoroute = request.forms.get("pushnoroute").replace('\r\n','\n').strip()
allipmask = pushroute.split('\n')+pushnoroute.split('\n')
# 内容检测
for ip in pushdns.split('\n') :
if netmod.checkip(ip) == False and ip != '':
msg = {'color':'red','message':u'DNS内容检测错误,更新失败'}
return(template('policyconf',session=s,msg=msg,info={}))
for ipmask in allipmask :
if netmod.checkipmask(ipmask) == False and ipmask != '' :
msg = {'color':'red','message':u'路由内容检测错误,更新失败'}
return(template('policyconf',session=s,msg=msg,info={}))
sql = "UPDATE vpnpolicy set name=%s,pushdns=%s,pushroute=%s,pushnoroute=%s where id=%s"
data=(name,pushdns,pushroute,pushnoroute,id)
result = writeDb(sql,data)
if result == True:
writeVPNconf(action='uptgroup')
writeUTMconf(action='addconf')
msg = {'color':'green','message':u'更新成功'}
return(template('policyconf',session=s,msg=msg,info={}))
else:
msg = {'color':'red','message':u'更新失败'}
return(template('policyconf',session=s,msg=msg,info={}))
def addclientconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
authtype = request.forms.get("authtype")
idata=dict()
if authtype == '0' :
idata['cainfo'] = request.forms.get("cainfo").replace('\r\n','\n').strip()
idata['certinfo'] = request.forms.get("certinfo").replace('\r\n','\n').strip()
elif authtype == '1' :
idata['vpnuser'] = request.forms.get("vpnuser")
idata['vpnpass'] = request.forms.get("vpnpass")
elif authtype == '2' :
idata['service'] = 'off'
else :
msg = {'color':'green','message':u'验证类型错误,保存失败'}
return template('addvpncltconfig',session=s,msg=msg,info={})
idata['authtype'] = request.forms.get("authtype")
idata['ipaddr'] = request.forms.get("ipaddr")
idata['servport'] = request.forms.get("servport")
idata['tunid'] = 'tun1000'
idata['chkconn'] = request.forms.get("chkconn")
sql = " update sysattr set value=%s where attr='vpnclient' "
iidata=json.dumps(idata)
result = writeDb(sql,(iidata,))
if result == True :
msg = {'color':'green','message':u'配置保存成功'}
writeVPNconf(action='uptcltconf')
cmds.servboot('vpnconn')
writeUTMconf(action='uptconf')
return template('addvpncltconfig',session=s,msg=msg,info=idata)
def do_addservconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
authtype = request.forms.get("authtype")
ipaddr = request.forms.get("ipaddr")
servport = request.forms.get("servport")
virip = request.forms.get("virip")
virmask = request.forms.get("virmask")
maxclient = request.forms.get("maxclient")
maxuser = request.forms.get("maxuser")
authtimeout = request.forms.get("authtimeout")
authnum = request.forms.get("authnum")
locktime = request.forms.get("locktime")
comp = request.forms.get("comp")
cisco = request.forms.get("cisco")
if netmod.checkip(virip) == False or netmod.checkmask(virmask) == False :
msg = {'color':'red','message':u'虚拟地址填写不合法,保存失败'}
return template('vpnservconf',session=s,msg=msg,info={})
sql = " INSERT INTO vpnservconf(servmode,authtype,ipaddr,servport,virip,virmask,maxclient,maxuser,authtimeout,authnum,locktime,comp,cisco) values ('server',%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)"
data = (authtype,ipaddr,servport,virip,virmask,maxclient,maxuser,authtimeout,authnum,locktime,comp,cisco)
result = writeDb(sql,data)
if result == True :
writeVPNconf(action='addconf')
cmds.servboot('ocserv')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'配置保存成功'}
return template('vpnservconf',session=s,msg=msg,info={})
def do_addrecord():
s = request.environ.get('beaker.session')
zone = request.forms.get("zone")
host = request.forms.get("host")
rtype = request.forms.get("rtype")
view = request.forms.get("view")
data = request.forms.get("data").strip('.')
ttl = request.forms.get("ttl")
autoupdate = request.forms.get("autoupdate")
comment = request.forms.get("comment")
serial = time.strftime('%s',time.localtime(time.time()))
if rtype == 'MX' :
mx_priority = request.forms.get("mx_priority")
else :
mx_priority = ''
if rtype == 'MX' and netmod.is_domain(data) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return '-1'
if rtype == 'CNAME' and netmod.is_domain(data) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return '-1'
if rtype == 'A' and netmod.checkip(data) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return '-1'
#获取全局设置值
sql = "insert into dns_records (zone,host,type,mx_priority,view,data,ttl,autoupdate,comment,serial) VALUE (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)"
data = (zone,host,rtype,mx_priority,view,Formatdata(data),ttl,autoupdate,comment,serial)
result = writeDb(sql,data)
if result == True:
return '0'
else:
return '-1'
def do_addpolicy():
"""POST"""
s = request.environ.get('beaker.session')
name = request.forms.get("name")
pushdns = request.forms.get("pushdns").replace('\r\n','\n').strip()
pushroute = request.forms.get("pushroute").replace('\r\n','\n').strip()
pushnoroute = request.forms.get("pushnoroute").replace('\r\n','\n').strip()
allipmask = pushroute.split('\n')+pushnoroute.split('\n')
for ip in pushdns.split('\n') :
if netmod.checkip(ip) == False and ip != '':
msg = {'color':'red','message':u'DNS内容检测错误,更新失败'}
return(template('policyconf',session=s,msg=msg,info={}))
for ipmask in allipmask :
if netmod.checkipmask(ipmask) == False and ipmask != '':
msg = {'color':'red','message':u'路由内容检测错误,更新失败'}
return(template('policyconf',session=s,msg=msg,info={}))
sql = "INSERT INTO vpnpolicy(name,pushdns,pushroute,pushnoroute) VALUES(%s,%s,%s,%s)"
data=(name,pushdns,pushroute,pushnoroute)
result = writeDb(sql,data)
if result == True:
writeVPNconf(action='uptgroup')
writeUTMconf(action='addconf')
msg = {'color':'green','message':u'添加成功'}
return(template('policyconf',session=s,msg=msg,info={}))
else:
msg = {'color':'red','message':u'添加失败'}
return(template('policyconf',session=s,msg=msg,info={}))
def do_editutmrule(id):
"""UTM配置 更新页"""
s = request.environ.get('beaker.session')
rulename = request.forms.get("rulename")
dstmatch = request.forms.get("dstmatch")
srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip()
dstaddr = request.forms.get("dstaddr").replace('\r\n','\n').strip()
runaction = request.forms.get("runaction")
runobject = request.forms.get("runobject")
if runaction == 'SNAT':
runobject = request.forms.get("runobject")
if netmod.checkip(runobject) == False:
msg = {'color':'red','message':u'源地址转换不能填写非IP类型,添加失败'}
return template('natruleconf',session=s,msg=msg,info={})
else :
runobject = request.forms.get("runobject2")
sql = "update ruleconfnat set rulename=%s,srcaddr=%s,dstmatch=%s,dstaddr=%s,runaction=%s,runobject=%s where id=%s"
data = (rulename,srcaddr,dstmatch,dstaddr,runaction,runobject,id)
alladdr=srcaddr.split('\n')+dstaddr.split('\n')
for ipmask in alladdr :
if netmod.checkipmask(ipmask) == False and ipmask != '':
msg = {'color':'red','message':u'源地址或目标地址格式错误,添加失败'}
return(template('natruleconf',msg=msg,session=s))
result = writeDb(sql,data)
if result == True:
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'更新成功'}
return template('natruleconf',session=s,msg=msg,info={})
def do_addutmrule():
"""UTM配置 添加页"""
s = request.environ.get('beaker.session')
rulename = request.forms.get("rulename")
dstmatch = request.forms.get("dstmatch")
srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip()
dstaddr = request.forms.get("dstaddr").replace('\r\n','\n').strip()
runaction = request.forms.get("runaction")
runobject = request.forms.get("runobject")
if runaction == 'SNAT':
runobject = request.forms.get("runobject")
if netmod.checkip(runobject) == False:
msg = {'color':'red','message':u'源地址转换不能填写非IP类型,添加失败'}
return template('natruleconf',session=s,msg=msg,info={})
else :
runobject = request.forms.get("runobject2")
sql = "insert into ruleconfnat(rulename,srcaddr,dstmatch,dstaddr,runaction,runobject) VALUES(%s,%s,%s,%s,%s,%s)"
data = (rulename,srcaddr,dstmatch,dstaddr,runaction,runobject)
alladdr=srcaddr.split('\n')+dstaddr.split('\n')
for ipmask in alladdr :
if netmod.checkipmask(ipmask) == False and ipmask != '':
msg = {'color':'red','message':u'源地址或目标地址格式错误,添加失败'}
return(template('natruleconf',msg=msg,session=s))
result = writeDb(sql,data)
if result == True:
msg = {'color':'green','message':u'添加成功'}
writeUTMconf(action='addconf')
return template('natruleconf',session=s,msg=msg,info={})
def do_editdnsserv():
s = request.environ.get('beaker.session')
dnsrelay = request.forms.get("dnsrelay")
dnsproxy = request.forms.get("dnsproxy")
dnsrule = request.forms.get("dnsrule")
dnslist = request.forms.get("dnslist").replace('\r\n', '\n').strip()
idata = dict()
idata['dnsrelay'] = dnsrelay
idata['dnsproxy'] = dnsproxy
idata['dnsrule'] = dnsrule
idata['dnslist'] = dnslist
idata['dnsport'] = 53
dnsstatus = cmds.servchk(idata.get('dnsport'))
idata['dnsstatus'] = dnsstatus
sql = " update sysattr set value=%s where attr='dnsconf' "
iidata = json.dumps(idata)
result = writeDb(sql, (iidata, ))
if result == True:
writeDNSconf(action='uptconf')
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color': 'green', 'message': '配置保存成功'}
return (template('editdnsserv', session=s, msg=msg, info=idata))
else:
msg = {'color': 'red', 'message': '配置保存失败'}
sql = " select value from sysattr where attr='dnsconf' "
idata = readDb(sql, )
return (template('editdnsserv', session=s, msg=msg, info=idata))
def do_servtools():
s = request.environ.get('beaker.session')
ResState = request.forms.get("ResState")
ResSaveDay = request.forms.get("ResSaveDay")
ResInv = request.forms.get("ResInv")
visitDay = request.forms.get("visitDay")
try:
int(ResSaveDay)
int(visitDay)
int(ResInv)
except:
msg = {'color':'red','message':'配置保存失败,参数不符合要求'}
return redirect('/resconfig')
if int(ResSaveDay) < 1 or int(visitDay) < 1 or int(ResInv) < 60 :
msg = {'color':'red','message':'配置保存失败,参数不符合要求'}
return redirect('/resconfig')
idata = dict()
idata['ResState'] = ResState
idata['ResSaveDay'] = ResSaveDay
idata['ResInv'] = ResInv
idata['visitDay'] = visitDay
sql = " update sysattr set value=%s where attr='resData' "
iidata=json.dumps(idata)
result = writeDb(sql,(iidata,))
if result == True :
msg = {'color':'green','message':'配置保存成功'}
else:
msg = {'color':'red','message':'配置保存失败'}
return(template('resconfig',msg=msg,session=s,info=idata))
def do_addroute():
s = request.environ.get('beaker.session')
dnstype = request.forms.get("dnstype")
domain = request.forms.get("domain")
record = request.forms.get("record")
pronum = request.forms.get("pronum")
data = (dnstype,domain,record,pronum)
if dnstype == 'NULL' :
msg = {'color':'red','message':'请选择记录类型'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if netmod.is_domain(domain) == False :
msg = {'color':'red','message':'域名名称格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'MX' and netmod.is_domain(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'CNAME' and netmod.is_domain(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'A' and netmod.checkip(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
sql = "insert into dnsrecord (dnstype,domain,data,pronum) VALUE (%s,%s,%s,%s)"
result = writeDb(sql,data)
if result == True:
writeDNSconf(action='uptconf')
msg = {'color':'green','message':'提交成功'}
return(template('dnsservconf',session=s,msg=msg,info={}))
else :
msg = {'color':'red','message':'保存失败'}
return(template('dnsservconf',session=s,msg=msg,info={}))
def do_addroute():
s = request.environ.get('beaker.session')
rttype = request.forms.get("rttype")
destaddr = request.forms.get("ipaddr")
netmask = request.forms.get("netmask")
gateway = request.forms.get("gateway")
gwiface = request.forms.get("gwiface")
# 格式判断
if netmod.checkip(destaddr) == False or netmod.checkmask(netmask) == False or netmod.checkip(gateway) == False :
msg = {'color':'red','message':u'地址不合法,添加失败'}
return(template('staticroute',msg=msg,session=s))
# 系统判断
if gwiface == 'auto':
resultA = cmds.getdictrst('route add -net %s netmask %s gw %s' % (destaddr,netmask,gateway))
else :
resultA = cmds.getdictrst('route add -net %s netmask %s gw %s dev %s' % (destaddr,netmask,gateway,gwiface))
if resultA.get('status') != 0 :
msg = {'color':'red','message':u'目标不可达或其他错误,添加失败'}
return(template('staticroute',msg=msg,session=s))
sql = "INSERT INTO sysroute(type,dest,netmask,gateway,iface,fromtype) VALUES(%s,%s,%s,%s,%s,%s)"
data = ('net',destaddr,netmask,gateway,gwiface,1)
result = writeDb(sql,data)
if result == True:
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'添加成功'}
else:
msg = {'color':'red','message':u'添加失败'}
return(template('staticroute',msg=msg,session=s))
def do_editrecord(id):
s = request.environ.get('beaker.session')
dnstype = request.forms.get("dnstype")
domain = request.forms.get("domain")
record = request.forms.get("record")
pronum = request.forms.get("pronum")
data = (dnstype, domain, record, pronum)
if dnstype == 'NULL':
msg = {'color': 'red', 'message': '请选择记录类型'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if netmod.is_domain(domain) == False:
msg = {'color': 'red', 'message': '域名名称格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'MX' and netmod.is_domain(record) == False:
msg = {'color': 'red', 'message': '记录数据格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'CNAME' and netmod.is_domain(record) == False:
msg = {'color': 'red', 'message': '记录数据格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'A' and netmod.checkip(record) == False:
msg = {'color': 'red', 'message': '记录数据格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
sql = "update dnsrecord set dnstype=%s,domain=%s,data=%s,pronum=%s where id=%s"
data = (dnstype, domain, record, pronum, id)
result = writeDb(sql, data)
if result == True:
writeDNSconf(action='uptconf')
msg = {'color': 'green', 'message': '更新成功'}
return (template('dnsservconf', session=s, msg=msg, info={}))
else:
msg = {'color': 'red', 'message': '更新失败'}
return (template('dnsservconf', session=s, msg=msg, info={}))
def do_editrecord(id):
s = request.environ.get('beaker.session')
zone = request.forms.get("zone")
host = request.forms.get("host")
rtype = request.forms.get("rtype")
view = request.forms.get("view")
data = request.forms.get("data").strip('.')
ttl = request.forms.get("ttl")
autoupdate = request.forms.get("autoupdate")
comment = request.forms.get("comment")
if rtype == 'MX' :
mx_priority = request.forms.get("mx_priority")
else :
mx_priority = ''
if rtype == 'MX' and netmod.is_domain(data) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return '-1'
if rtype == 'CNAME' and netmod.is_domain(data) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return '-1'
if rtype == 'A' and netmod.checkip(data) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return '-1'
if rtype == 'PTR' and netmod.checkip(data) == False :
msg = {'color':'red','message':'数据格式错误'}
return '-1'
sql = "update dns_records set zone=%s,host=%s,type=%s,mx_priority=%s,view=%s,data=%s,ttl=%s,autoupdate=%s,comment=%s where id=%s"
data = (zone,host,rtype,mx_priority,view,Formatdata(data),ttl,autoupdate,comment,id)
result = writeDb(sql,data)
if result == True:
return '0'
else:
return '-1'
def do_servtools():
s = request.environ.get('beaker.session')
ResState = request.forms.get("ResState")
ResSaveDay = request.forms.get("ResSaveDay")
ResInv = request.forms.get("ResInv")
visitDay = request.forms.get("visitDay")
try:
int(ResSaveDay)
int(visitDay)
int(ResInv)
except:
msg = {'color':'red','message':'配置保存失败,参数不符合要求'}
return redirect('/resconfig')
if int(ResSaveDay) < 1 or int(visitDay) < 1 or int(ResInv) < 60 :
msg = {'color':'red','message':'配置保存失败,参数不符合要求'}
return redirect('/resconfig')
idata = dict()
idata['ResState'] = ResState
idata['ResSaveDay'] = ResSaveDay
idata['ResInv'] = ResInv
idata['visitDay'] = visitDay
sql = " update sysattr set value=%s where attr='resData' "
iidata=json.dumps(idata)
result = writeDb(sql,(iidata,))
if result == True :
msg = {'color':'green','message':'配置保存成功'}
else:
msg = {'color':'red','message':'配置保存失败'}
return(template('resconfig',msg=msg,session=s,info=idata))
def adduser():
s = request.environ.get('beaker.session')
username = request.forms.get("username")
passwd = request.forms.get("passwd")
policy = request.forms.get("policy")
access = request.forms.get("access")
comment = request.forms.get("comment")
#把密码进行md5加密码处理后再保存到数据库中
m_encrypt = LoginCls().encode(keys,passwd)
#检查表单长度
if len(username) < 4 or (len(passwd) > 0 and len(passwd) < 8) :
message = "用户名或密码长度不符要求!"
return '-2'
#检测表单各项值,如果出现为空的表单,则返回提示
if not (username and policy and access):
message = "表单不允许为空!"
return '-2'
sql = """
INSERT INTO
user(username,passwd,policy,access,comment)
VALUES(%s,%s,%s,%s,%s)
"""
data = (username,m_encrypt,policy,access,comment)
result = writeDb(sql,data)
if result:
wrtlog('User','新增用户成功:%s' % username,s['username'],s.get('clientip'))
return '0'
else:
wrtlog('User','新增用户失败:%s' % username,s['username'],s.get('clientip'))
return '-1'
def do_addroute():
s = request.environ.get('beaker.session')
dnstype = request.forms.get("dnstype")
domain = request.forms.get("domain")
record = request.forms.get("record")
pronum = request.forms.get("pronum")
data = (dnstype,domain,record,pronum)
if dnstype == 'NULL' :
msg = {'color':'red','message':'请选择记录类型'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if netmod.is_domain(domain) == False :
msg = {'color':'red','message':'域名名称格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'MX' and netmod.is_domain(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'CNAME' and netmod.is_domain(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'A' and netmod.checkip(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
sql = "insert into dnsrecord (dnstype,domain,data,pronum) VALUE (%s,%s,%s,%s)"
result = writeDb(sql,data)
if result == True:
writeDNSconf(action='uptconf')
msg = {'color':'green','message':'提交成功'}
return(template('dnsservconf',session=s,msg=msg,info={}))
else :
msg = {'color':'red','message':'保存失败'}
return(template('dnsservconf',session=s,msg=msg,info={}))
def do_editadvroute(id):
s = request.environ.get('beaker.session')
rulename = request.forms.get("rulename")
srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip()
destaddr = request.forms.get("destaddr").replace('\r\n','\n').strip()
pronum = request.forms.get("pronum")
outdev = request.forms.get("ifacename")
alladdr=srcaddr.split('\n')+destaddr.split('\n')
#提交判断
if outdev == '' or rulename == '':
msg = {'color':'red','message':u'描述或出口未填写,添加失败'}
return(template('advroute',msg=msg,session=s))
if int(pronum) <0 or int(pronum) >32765 :
msg = {'color':'red','message':u'优先级值填写错误,添加失败'}
return(template('advroute',msg=msg,session=s))
for ipmask in alladdr :
if netmod.checkipmask(ipmask) == False and ipmask != '':
msg = {'color':'red','message':u'地址格式错误(%s),添加失败' % ipmask}
return(template('advroute',msg=msg,session=s))
cmdDict=cmds.getdictrst('ip rule add prio %s fwmark 1000%s dev %s' % (pronum,id,outdev))
if cmdDict.get('status') == 0:
sql = """ UPDATE sysrouteadv SET rulename=%s,srcaddr=%s,destaddr=%s,pronum=%s,iface=%s WHERE id=%s """
data = (rulename,srcaddr,destaddr,int(pronum),outdev,id)
result = writeDb(sql,data)
if result :
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'更新成功'}
else :
msg = {'color':'red','message':u'更新失败'}
else:
msg = {'color':'red','message':u'系统规则生成异常,添加失败'}
return(template('advroute',msg=msg,session=s))
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
sql = " select passwd from user where username=%s "
result = readDb(sql,(username,))
if result[0].get('passwd') != LoginCls().encode(keys,oldpwd) :
msg = {'color':'red','message':u'旧密码验证失败,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
if newpwd != newpwds :
msg = {'color':'red','message':u'密码两次输入不一致,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
m_encrypt = LoginCls().encode(keys,newpwd)
sql2 = " update user set passwd=%s where username=%s "
result = writeDb(sql2,(m_encrypt,username))
if result == True :
wrtlog('User','更改密码成功',username,s.get('clientip'))
msg = {'color':'green','message':u'密码更新成功,后续请以新密码登录系统'}
return template('changepasswd',session=s,msg=msg,info={})
else:
wrtlog('User','更改密码失败',username,s.get('clientip'))
msg = {'color':'red','message':u'密码更新失败,请核对错误'}
return template('changepasswd',session=s,msg=msg,info={})
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
sql = " select passwd from user where username=%s "
result = readDb(sql, (username, ))
if result[0].get('passwd') != LoginCls().encode(keys, oldpwd):
msg = {'color': 'red', 'message': u'旧密码验证失败,请重新输入'}
return template('changepasswd', session=s, msg=msg, info={})
if newpwd != newpwds:
msg = {'color': 'red', 'message': u'密码两次输入不一致,请重新输入'}
return template('changepasswd', session=s, msg=msg, info={})
m_encrypt = LoginCls().encode(keys, newpwd)
sql2 = " update user set passwd=%s where username=%s "
result = writeDb(sql2, (m_encrypt, username))
if result == True:
wrtlog('User', '更改密码成功', username, s.get('clientip'))
msg = {'color': 'green', 'message': u'密码更新成功,后续请以新密码登录系统'}
return template('changepasswd', session=s, msg=msg, info={})
else:
wrtlog('User', '更改密码失败', username, s.get('clientip'))
msg = {'color': 'red', 'message': u'密码更新失败,请核对错误'}
return template('changepasswd', session=s, msg=msg, info={})
def adduser():
s = request.environ.get('beaker.session')
username = request.forms.get("username")
passwd = request.forms.get("passwd")
policy = request.forms.get("policy")
access = request.forms.get("access")
comment = request.forms.get("comment")
#把密码进行md5加密码处理后再保存到数据库中
m_encrypt = LoginCls().encode(keys, passwd)
#检查表单长度
if len(username) < 4 or (len(passwd) > 0 and len(passwd) < 8):
message = "用户名或密码长度不符要求!"
return '-2'
#检测表单各项值,如果出现为空的表单,则返回提示
if not (username and policy and access):
message = "表单不允许为空!"
return '-2'
sql = """
INSERT INTO
user(username,passwd,policy,access,comment)
VALUES(%s,%s,%s,%s,%s)
"""
data = (username, m_encrypt, policy, access, comment)
result = writeDb(sql, data)
if result:
wrtlog('User', '新增用户成功:%s' % username, s['username'],
s.get('clientip'))
return '0'
else:
wrtlog('User', '新增用户失败:%s' % username, s['username'],
s.get('clientip'))
return '-1'
def adduser():
s = request.environ.get('beaker.session')
username = request.forms.get("username")
password = request.forms.get("password")
ustatus = request.forms.get("ustatus")
comment = request.forms.get("comment")
access = request.forms.get("access")
#检查表单长度
if len(username) < 4 or (len(password) < 8 or len(password) > 16) :
message = "用户名或密码长度不符要求!"
return '-2'
else:
#把密码进行md5加密码处理后再保存到数据库中
m = hashlib.md5()
m.update(password)
md5password = m.hexdigest()
#检测表单各项值,如果出现为空的表单,则返回提示
if not (username and password ):
message = "表单不允许为空!"
return '-2'
sql = """
INSERT INTO
user(username,password,ustatus,comment,access)
VALUES(%s,%s,%s,%s,%s)
"""
data = (username,md5password,ustatus,comment,access)
result = writeDb(sql,data)
if result:
wrtlog('User','新增用户成功:%s' % username,s['username'],s.get('clientip'))
return '0'
else:
wrtlog('User','新增用户失败:%s' % username,s['username'],s.get('clientip'))
return '-1'
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
sql = " select password from user where username=%s "
result = readDb(sql,(username,))
#处理老密码
m = hashlib.md5()
m.update(oldpwd)
password = m.hexdigest()
if result[0].get('password') != password :
msg = {'color':'red','message':u'旧密码验证失败,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
if newpwd != newpwds :
msg = {'color':'red','message':u'密码两次输入不一致,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
#生成新密码md5
n = hashlib.md5()
n.update(newpwd)
password = n.hexdigest()
sql2 = " update user set password=%s where username=%s "
result = writeDb(sql2,(password,username))
if result == True :
wrtlog('User','更改密码成功',username,s.get('clientip'))
msg = {'color':'green','message':u'密码更新成功,后续请以新密码登录系统'}
return template('changepasswd',session=s,msg=msg,info={})
else:
wrtlog('User','更改密码失败',username,s.get('clientip'))
msg = {'color':'red','message':u'密码更新失败,请核对错误'}
return template('changepasswd',session=s,msg=msg,info={})
def wsapi():
import urlparse,urllib
s = request.environ.get('beaker.session')
odict = urlparse.parse_qs(urlparse.urlparse('wsapi?%s' % request.environ.get('QUERY_STRING')).query)
PassKey = AppServer().getConfValue('wsapi','token')
try:
if odict['token'][0] != PassKey :
msg = {'return':255,'message':'token id error...'}
return(template('wsapp.html',msg=msg,session=s))
except:
msg = {'return':256,'message':'token id error...'}
return(template('wsapp.html',msg=msg,session=s))
try:
if odict['otype'][0] == 'ddns':
sql = """ update dns_records set data=%s where zone=%s and host=%s and autoupdate='1' and status='1' """
result = writeDb(sql,(odict['data'][0],odict['zone'][0],odict['host'][0]))
if result == False:
msg = {'return':255,'message':'wsapi get error...'}
else:
msg = {'return':0,'message':result}
else:
msg = {'return':255,'message':'system not found otype .'}
except:
msg = {'return':0,'message':'system not found otype .'}
return(template('wsapp.html',msg=msg,session=s))
def do_editdnsserv():
s = request.environ.get('beaker.session')
dnsrelay = request.forms.get("dnsrelay")
dnsproxy = request.forms.get("dnsproxy")
dnsrule = request.forms.get("dnsrule")
dnslist = request.forms.get("dnslist").replace('\r\n','\n').strip()
idata = dict()
idata['dnsrelay']=dnsrelay
idata['dnsproxy']=dnsproxy
idata['dnsrule']=dnsrule
idata['dnslist']=dnslist
idata['dnsport']=53
dnsstatus=cmds.servchk(idata.get('dnsport'))
idata['dnsstatus']=dnsstatus
sql = " update sysattr set value=%s where attr='dnsconf' "
iidata=json.dumps(idata)
result = writeDb(sql,(iidata,))
if result == True :
writeDNSconf(action='uptconf')
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':'配置保存成功'}
return(template('editdnsserv',session=s,msg=msg,info=idata))
else :
msg = {'color':'red','message':'配置保存失败'}
sql = " select value from sysattr where attr='dnsconf' "
idata = readDb(sql,)
return(template('editdnsserv',session=s,msg=msg,info=idata))
def do_editrecord(id):
s = request.environ.get('beaker.session')
dnstype = request.forms.get("dnstype")
domain = request.forms.get("domain")
record = request.forms.get("record")
pronum = request.forms.get("pronum")
data = (dnstype,domain,record,pronum)
if dnstype == 'NULL' :
msg = {'color':'red','message':'请选择记录类型'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if netmod.is_domain(domain) == False :
msg = {'color':'red','message':'域名名称格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'MX' and netmod.is_domain(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'CNAME' and netmod.is_domain(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
if dnstype == 'A' and netmod.checkip(record) == False :
msg = {'color':'red','message':'记录数据格式错误'}
return(template('adddnsconf',session=s,msg=msg,info={}))
sql = "update dnsrecord set dnstype=%s,domain=%s,data=%s,pronum=%s where id=%s"
data = (dnstype,domain,record,pronum,id)
result = writeDb(sql,data)
if result == True:
writeDNSconf(action='uptconf')
msg = {'color':'green','message':'更新成功'}
return(template('dnsservconf',session=s,msg=msg,info={}))
else :
msg = {'color':'red','message':'更新失败'}
return(template('dnsservconf',session=s,msg=msg,info={}))
def adduser():
s = request.environ.get('beaker.session')
username = request.forms.get("username")
password = request.forms.get("password")
ipaccess = request.forms.get("ipaccess")
ulbandwidth = request.forms.get("ulbandwidth")
dlbandwidth = request.forms.get("dlbandwidth")
ustatus = request.forms.get("ustatus")
quotasize = request.forms.get("quotasize")
vdir = request.forms.get("vdir")
comment = request.forms.get("comment")
access = request.forms.get("access")
#检查表单长度
if len(username) < 4 or (len(password) < 8 or len(password) > 16):
message = "用户名或密码长度不符要求!"
return '-2'
else:
#把密码进行md5加密码处理后再保存到数据库中
m = hashlib.md5()
m.update(password)
md5password = m.hexdigest()
#处理默认值
if ulbandwidth == "":
ulbandwidth = 0
if dlbandwidth == "":
dlbandwidth = 0
if ipaccess == "":
ipaccess = '*'
if quotasize == "":
quotasize = 0
#处理vdir规范
if vdir.endswith('/') or vdir.startswith('/'):
vdir = re.sub('^/', '', vdir)
vdir = re.sub('/$', '', vdir)
logging.error(vdir)
#检测表单各项值,如果出现为空的表单,则返回提示
if not (username and password):
message = "表单不允许为空!"
return '-2'
sql = """
INSERT INTO
user(username,password,ustatus,ulbandwidth,dlbandwidth,ipaccess,quotasize,vdir,comment,access)
VALUES(%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)
"""
data = (username, md5password, ustatus, ulbandwidth, dlbandwidth, ipaccess,
quotasize, vdir, comment, access)
result = writeDb(sql, data)
if result:
wrtlog('User', '新增用户成功:%s' % username, s['username'],
s.get('clientip'))
return '0'
else:
wrtlog('User', '新增用户失败:%s' % username, s['username'],
s.get('clientip'))
return '-1'
def do_adddnsconf():
s = request.environ.get('beaker.session')
dnstype = request.forms.get("dnstype")
domain = request.forms.get("domainA")
record = request.forms.get("record")
pronum = request.forms.get("pronum")
if dnstype == 'NULL':
msg = {'color': 'red', 'message': '请选择记录类型'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'MX' and netmod.is_domain(record) == False:
msg = {'color': 'red', 'message': '记录数据格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'CNAME' and netmod.is_domain(record) == False:
msg = {'color': 'red', 'message': '记录数据格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'A' and netmod.checkip(record) == False:
msg = {'color': 'red', 'message': '记录数据格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'PTR' and netmod.checkip(domain) == False:
msg = {'color': 'red', 'message': '数据格式错误'}
return (template('adddnsconf', session=s, msg=msg, info={}))
if dnstype == 'SET':
domain = request.forms.get("domainB").replace('\r\n', '\n').strip()
if domain != "":
for domains in domain.split('\n'):
if netmod.is_domain(domains) == False:
msg = {'color': 'red', 'message': '记录数据格式错误'}
return (template('adddnsconf', session=s, msg=msg,
info={}))
sql = "insert into dnsrecord (dnstype,domain,data,pronum) VALUE (%s,%s,%s,%s)"
data = (dnstype, domain, record, pronum)
result = writeDb(sql, data)
if result == True:
#如果含SET记录,写入网络对象
if dnstype == 'SET':
sql = " insert into netobjgroup (objname,objtype,objattr) value (%s,%s,'0')"
data = (record, 'ipset')
writeDb(sql, data)
writeDNSconf(action='uptconf')
msg = {'color': 'green', 'message': '提交成功'}
return (template('dnsservconf', session=s, msg=msg, info={}))
else:
msg = {'color': 'red', 'message': '保存失败'}
return (template('dnsservconf', session=s, msg=msg, info={}))
def showservlog():
"""添加域名"""
s = request.environ.get('beaker.session')
domain = request.forms.get("domain")
domaintype = request.forms.get("domaintype")
comment = request.forms.get("comment")
etime = time.strftime('%Y-%m-%d',time.localtime(time.time()))
serial = time.strftime('%s',time.localtime(time.time()))
if netmod.is_domain(domain) == False:
msg = {'color':'red','message':u'域名格式错误,添加失败'}
return '255'
sql_1 = """ INSERT INTO dns_domain (domain,domaintype,comment,etime,status) VALUES (%s,%s,%s,%s,1)"""
result = writeDb(sql_1,(domain,domaintype,comment,etime))
if result == True:
sql_x = """ select dns_domain,primary_dns,second_dns from dns_conf """
result = readDb(sql_x,)
sql_2 = """ INSERT INTO dns_records (zone,host,type,view,data,serial) VALUE (%s,'@','SOA','any',%s,%s) """
sql_3 = """ INSERT INTO dns_records (zone,host,type,view,data,serial) VALUE (%s,'@','NS','any',%s,%s) """
writeDb(sql_2,(domain,result[0].get('dns_domain'),serial))
writeDb(sql_3,(domain,result[0].get('primary_dns'),serial))
writeDb(sql_3,(domain,result[0].get('second_dns'),serial))
msg = {'color':'green','message':u'添加成功'}
return '0'
else:
msg = {'color':'red','message':u'添加失败'}
return '255'
def do_editdhcpserv():
s = request.environ.get('beaker.session')
dhcpenable = request.forms.get("dhcpenable")
getgw = request.forms.get("getgw")
getdns1 = request.forms.get("getdns1")
getdns2 = request.forms.get("getdns2")
startip = request.forms.get("startip")
stopip = request.forms.get("stopip")
otime = request.forms.get("otime")
dhcplist = request.forms.get("dhcplist").replace('\r\n', '\n').strip()
idata = dict()
idata['dhcpenable'] = dhcpenable
idata['getgw'] = getgw
idata['getdns1'] = getdns1
idata['getdns2'] = getdns2
idata['startip'] = startip
idata['stopip'] = stopip
idata['otime'] = otime
if netmod.checkip(startip) == False or netmod.checkip(
stopip) == False or netmod.checkip(
getgw) == False or netmod.checkip(getdns1) == False:
msg = {'color': 'red', 'message': '参数配置异常,保存失败'}
return (template('editdhcpserv', session=s, msg=msg, info=idata))
#判断dhcp固定分配是否为空
if dhcplist != "":
for i in dhcplist.split('\n'):
try:
xmac = i.split(',')[0]
xip = i.split(',')[1]
if (netmod.is_ValidMac(xmac) == False
or netmod.checkip(xip) == False) and xmac != "":
msg = {'color': 'red', 'message': '配置保存失败,固定分配记录异常'}
return (template('editdhcpserv',
session=s,
msg=msg,
info=idata))
else:
idata['dhcplist'] = dhcplist
except:
msg = {'color': 'red', 'message': '配置保存失败,固定分配记录异常'}
return (template('editdhcpserv',
session=s,
msg=msg,
info=idata))
sql = " update sysattr set value=%s where attr='dhcpconf' "
iidata = json.dumps(idata)
result = writeDb(sql, (iidata, ))
if result == True:
writeDNSconf(action='uptconf')
msg = {'color': 'green', 'message': '配置保存成功'}
return (template('editdhcpserv', session=s, msg=msg, info=idata))
else:
msg = {'color': 'red', 'message': '配置保存失败'}
sql = " select value from sysattr where attr='dhcpconf' "
idata = readDb(sql, )
return (template('editdhcpserv', session=s, msg=msg, info=idata))
def deliface(id):
s = request.environ.get('beaker.session')
sql = " DELETE FROM netiface WHERE id=%s "
sql2 = " select ifacename FROM netiface WHERE id=%s "
ifacename = readDb(sql2,(id,))
result = writeDb(sql,(id,))
if result == True :
writeNIconf(action='uptconf')
cmds.servboot('networks',action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
cmds.gettuplerst('ip addr flush dev %s' % ifacename[0].get('ifacename'))
#恢复绑定
sql2 = "update sysattr set status='1' where attr=%s"
writeDb(sql2,(ifacename[0].get('ifacename'),))
return template('networkconf',session=s,msg=msg)
else:
msg = {'color':'red','message':u'删除失败'}
return template('networkconf',session=s,msg=msg)
def deliface(id):
s = request.environ.get('beaker.session')
sql = " DELETE FROM netiface WHERE id=%s "
sql2 = " select ifacename FROM netiface WHERE id=%s "
ifacename = readDb(sql2,(id,))
result = writeDb(sql,(id,))
if result == True :
writeNIconf(action='uptconf')
cmds.servboot('networks',action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
cmds.gettuplerst('ip addr flush dev %s' % ifacename[0].get('ifacename'))
#恢复绑定
sql2 = "update sysattr set status='1' where attr=%s"
writeDb(sql2,(ifacename[0].get('ifacename'),))
return template('networkconf',session=s,msg=msg)
else:
msg = {'color':'red','message':u'删除失败'}
return template('networkconf',session=s,msg=msg)
def do_changeuser(id):
s = request.environ.get('beaker.session')
username = request.forms.get("username")
password = request.forms.get("password")
ustatus = request.forms.get("ustatus")
ulbandwidth = request.forms.get("ulbandwidth")
dlbandwidth = request.forms.get("dlbandwidth")
ipaccess = request.forms.get("ipaccess")
quotasize = request.forms.get("quotasize")
vdir = request.forms.get("vdir")
comment = request.forms.get("comment")
access = request.forms.get("access")
#把密码进行加密处理后再保存到数据库中
if not password:
sql = "select password from user where id = %s"
password = readDb(sql, (id, ))[0].get('password')
else:
m = hashlib.md5()
m.update(password)
md5password = m.hexdigest()
#处理vdir规范
if vdir.endswith('/') or vdir.startswith('/'):
vdir = re.sub('^/', '', vdir)
vdir = re.sub('/$', '', vdir)
logging.error(vdir)
#检查表单长度
if len(username) < 4 or (len(password) < 8 or len(password) > 16):
msg = {'color': 'red', 'message': '用户名或密码长度错误,提交失败!'}
return '-2'
if not username:
msg = {'color': 'red', 'message': '必填字段为空,提交失败!'}
return '-2'
sql = """
UPDATE user SET
username=%s,password=%s,ustatus=%s,ulbandwidth=%s,dlbandwidth=%s,ipaccess=%s,quotasize=%s,vdir=%s,comment=%s,access=%s
WHERE id=%s
"""
data = (username, md5password, ustatus, ulbandwidth, dlbandwidth, ipaccess,
quotasize, vdir, comment, access, id)
result = writeDb(sql, data)
if result == True:
wrtlog('User', '更新用户成功:%s' % username, s['username'],
s.get('clientip'))
msg = {'color': 'green', 'message': '更新成功!'}
return '0'
else:
wrtlog('User', '更新用户失败:%s' % username, s['username'],
s.get('clientip'))
msg = {'color': 'red', 'message': '更新失败!'}
return '-1'
def do_adddnsservconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
dns_domain = request.forms.get("dns_domain").strip('.')
primary_dns = request.forms.get("primary_dns").strip('.')
second_dns = request.forms.get("second_dns").strip('.')
dns_ttl = request.forms.get("dns_ttl")
dns_min_ttl = request.forms.get("dns_min_ttl")
relay_dns = request.forms.get("relay_dns")
resp_person = request.forms.get("resp_person").strip('.')
retry = request.forms.get("retry")
refresh = request.forms.get("refresh")
expire = request.forms.get("expire")
minimum = request.forms.get("minimum")
dns_dis_nn = request.forms.get("dns_dis_nn")
force_domain_dns = request.forms.get("force_domain_dns").replace('\r\n','\n').strip()
query_sql = " select dns_domain,primary_dns,second_dns,dns_ttl,dns_min_ttl,relay_dns,resp_person,retry,refresh,expire,minimum,dns_dis_nn,force_domain_dns from dns_conf "
for ips in relay_dns.split(',') :
if netmod.checkip(ips) == False:
msg = {'color':'red','message':u'转发地址填写不合法,保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
if netmod.is_domain(dns_domain) == False or netmod.is_domain(primary_dns) == False or netmod.is_domain(second_dns) == False or netmod.is_domain(resp_person) == False :
msg = {'color':'red','message':u'地址填写不合法,保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
if force_domain_dns:
for obj in force_domain_dns.split('\n') :
if netmod.is_domain(obj.split('|')[0]) == False or netmod.checkip(obj.split('|')[1].split(',')[0]) == False :
msg = {'color':'red','message':u'域名指定DNS转发解析语法错误,保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
sql = " UPDATE dns_conf set dns_domain=%s,primary_dns=%s,second_dns=%s,dns_ttl=%s,dns_min_ttl=%s,relay_dns=%s,resp_person=%s,retry=%s,refresh=%s,expire=%s,minimum=%s,dns_dis_nn=%s,force_domain_dns=%s "
data = (Formatdata(dns_domain),Formatdata(primary_dns),Formatdata(second_dns),dns_ttl,dns_min_ttl,relay_dns,Formatdata(resp_person),retry,refresh,expire,minimum,dns_dis_nn,force_domain_dns)
result = writeDb(sql,data)
if result == True :
writeDNSconf(action='uptconf')
msg = {'color':'green','message':u'配置保存成功'}
result = readDb(query_sql,)
info=result[0]
time.sleep(1) #防止检测FTP服务状态时异常
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
else :
msg = {'color':'red','message':u'配置保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
def do_editiface(id):
s = request.environ.get('beaker.session')
ifacename = request.forms.get("ifacename")
ifacetype = request.forms.get("ifacetype")
ipaddr = request.forms.get("ipaddr")
netmask = request.forms.get("netmask")
gateway = request.forms.get("gateway")
defaultgw = request.forms.get("defaultgw")
extip = request.forms.get("extip").replace('\r\n', '\n')
# 判断提交异常
if ipaddr == '' or netmask == '' :
msg = {'color':'red','message':u'地址不合法,添加失败1'}
return(template('networkconf',session=s,msg=msg))
if gateway != '' :
if netmod.checkipmask('%s/%s' % (ipaddr,netmask)) == False or netmod.checknet(gateway,ipaddr,netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败%s,%s,%s' % (gateway,ipaddr,netmask)}
return(template('networkconf',session=s,msg=msg))
else :
if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败3'}
return(template('networkconf',session=s,msg=msg))
for extlist in extip.split('\n'):
if len(extlist.split('/')) == 3:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
extgw=extlist.split('/')[2]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False or netmod.checkip(extgw) == False or netmod.checknet(extgw,extsip,extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif len(extlist.split('/')) == 2:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif extlist == u'':
True
else :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
if ifacename == u'' :
msg = {'color':'red','message':u'物理接口未选择,更新失败'}
return(template('addinterface',session=s,msg=msg))
sql = "UPDATE netiface SET ifacename=%s,ifacetype=%s,ipaddr=%s,netmask=%s,gateway=%s,defaultgw=%s,extip=%s WHERE id=%s"
data = (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip,id)
result = writeDb(sql,data)
if result == True:
writeNIconf(action='uptconf')
cmds.servboot('networks',action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'更新成功'}
return template('networkconf',session=s,msg=msg)
def delvpnservconf(id):
s = request.environ.get('beaker.session')
sql = " DELETE FROM ruleconfnat WHERE id=%s "
result = writeDb(sql,(id,))
if result == True :
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
return template('natruleconf',session=s,msg=msg)
else:
msg = {'color':'red','message':u'删除失败'}
return template('natruleconf',session=s,msg=msg)
def delrecord(id):
s = request.environ.get('beaker.session')
sql = "delete from dnsrecord where id in (%s) "
result = writeDb(sql,(id,))
if result:
writeDNSconf(action='uptconf')
msg = {'color':'green','message':'删除成功'}
return(template('dnsservconf',session=s,msg=msg,info={}))
else:
msg = {'color':'red','message':'删除失败'}
return(template('dnsservconf',session=s,msg=msg,info={}))
def do_editiface(id):
s = request.environ.get('beaker.session')
ifacename = request.forms.get("ifacename")
ifacetype = request.forms.get("ifacetype")
ipaddr = request.forms.get("ipaddr")
netmask = request.forms.get("netmask")
gateway = request.forms.get("gateway")
defaultgw = request.forms.get("defaultgw")
extip = request.forms.get("extip").replace('\r\n', '\n')
# 判断提交异常
if ipaddr == '' or netmask == '' :
msg = {'color':'red','message':u'地址不合法,添加失败1'}
return(template('networkconf',session=s,msg=msg))
if gateway != '' :
if netmod.checkipmask('%s/%s' % (ipaddr,netmask)) == False or netmod.checknet(gateway,ipaddr,netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败%s,%s,%s' % (gateway,ipaddr,netmask)}
return(template('networkconf',session=s,msg=msg))
else :
if netmod.checkip(ipaddr) == False or netmod.checkmask(netmask) == False :
msg = {'color':'red','message':u'地址不合法,添加失败3'}
return(template('networkconf',session=s,msg=msg))
for extlist in extip.split('\n'):
if len(extlist.split('/')) == 3:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
extgw=extlist.split('/')[2]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False or netmod.checkip(extgw) == False or netmod.checknet(extgw,extsip,extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif len(extlist.split('/')) == 2:
extsip=extlist.split('/')[0]
extmask=extlist.split('/')[1]
if netmod.checkip(extsip) == False or netmod.checkmask(extmask) == False :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
elif extlist == u'':
True
else :
msg = {'color':'red','message':u'扩展IP地址不合法,更新失败'}
return(template('networkconf',session=s,msg=msg))
if ifacename == u'' :
msg = {'color':'red','message':u'物理接口未选择,更新失败'}
return(template('addinterface',session=s,msg=msg))
sql = "UPDATE netiface SET ifacename=%s,ifacetype=%s,ipaddr=%s,netmask=%s,gateway=%s,defaultgw=%s,extip=%s WHERE id=%s"
data = (ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip,id)
result = writeDb(sql,data)
if result == True:
writeNIconf(action='uptconf')
cmds.servboot('networks',action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'更新成功'}
return template('networkconf',session=s,msg=msg)
def delrecord(id):
s = request.environ.get('beaker.session')
sql = "delete from dnsrecord where id in (%s) "
result = writeDb(sql, (id, ))
if result:
writeDNSconf(action='uptconf')
msg = {'color': 'green', 'message': '删除成功'}
return (template('dnsservconf', session=s, msg=msg, info={}))
else:
msg = {'color': 'red', 'message': '删除失败'}
return (template('dnsservconf', session=s, msg=msg, info={}))
def do_delrecord(id):
s = request.environ.get('beaker.session')
surl = request.environ.get('HTTP_REFERER')
sql_1 = """ delete from dns_records where id=%s """
result = writeDb(sql_1,(id,))
if result == True:
msg = {'color':'green','message':u'删除成功'}
return redirect(surl)
#return template('domainlist',session=s,msg=msg)
else :
msg = {'color':'red','message':u'删除失败'}
return redirect(surl)
def delvpnservconf(id):
s = request.environ.get('beaker.session')
sql = " DELETE FROM vpnservconf WHERE id=%s "
result = writeDb(sql,(id,))
if result == True :
msg = {'color':'green','message':u'删除成功'}
cmds.gettuplerst('/bin/rm -rf %s/ocserv/ocserv_*_%s.conf' % (gl.get_value('plgdir'),id))
cmds.servboot('ocserv')
writeUTMconf(action='uptconf')
return template('vpnservconf',session=s,msg=msg)
else:
msg = {'color':'red','message':u'删除失败'}
return template('vpnservconf',session=s,msg=msg)
def addinterface():
s = request.environ.get('beaker.session')
# 初始化网卡添加状态,已经被配置的网卡,无法再次配置
sqla = " select attr from sysattr where status='1' and servattr='netiface' and attr not in (select ifacename from netiface) "
erriface = readDb(sqla,)
if len(erriface) > 0 :
for x in erriface:
sqlb = "update sysattr set status='1' where attr=%s and servattr='netiface'"
writeDb(sqlb,(x.get('attr'),))
sqlc = " select attr from sysattr where status='1' and servattr='netiface' and attr in (select ifacename from netiface) "
erriface2 = readDb(sqlc,)
if len(erriface2) > 0 :
for y in erriface2:
sqld = "update sysattr set status='0' where attr=%s and servattr='netiface'"
writeDb(sqld,(y.get('attr'),))
# 判断接口是否被锁定或已配置
sqld = " SELECT attr as ifacename,concat(attr,'|',value) as value FROM sysattr where servattr='netiface' and status='1' order by attr desc"
ifacelist_result = readDb(sqld,)
if len(ifacelist_result) == 0 :
msg = {'color':'red','message':u'无可用物理接口,添加失败'}
return(template('networkconf',session=s,msg=msg))
return template('addinterface',session=s,info={},ifacelist_result=ifacelist_result)
def delcert():
id = request.forms.get('str').rstrip(',')
if not id:
return '-1'
sql2 = " select commonname from certmgr where id=%s "
result = readDb(sql2,(id,))
if result[0].get('commonname') == 'CA' or result[0].get('commonname') == 'Server':
cmds.gettuplerst('rm -rf %s/*.crt %s/*.pem %s/*.txt %s/*.p12' % (gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir')))
writeDb('TRUNCATE TABLE certmgr')
else:
commonname = result[0].get('commonname')
# 吊销证书
cmds.gettuplerst('cat %s/%s.crt >> %s/revoke.pem' % (gl.get_value('certdir'),commonname,gl.get_value('certdir')))
cmds.gettuplerst('certtool --generate-crl --load-ca-privkey %s/ca-key.pem --load-ca-certificate %s/ca.crt --load-certificate %s/revoke.pem --template %s/crl.txt --outfile %s/crl.pem' % (gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir')))
# 删除用户证书文件
cmds.gettuplerst('/bin/rm -rf %s/%s.crt %s/%s.pem %s/%s.p12' % (gl.get_value('certdir'),commonname,gl.get_value('certdir'),commonname,gl.get_value('certdir'),commonname))
sql = "delete from certmgr where id in (%s)"
result = writeDb(sql % id)
if result:
return '0'
else:
return '-1'
def addprofile():
s = request.environ.get('beaker.session')
xmltext = request.forms.get("xmltext")
if xmltext == '' :
msg = {'color':'red','message':u'信息为空,保存失败'}
return(template('addprofile',session=s,msg=msg,info={}))
sql = " update sysattr set value=%s where attr='vpnprofile' "
result = writeDb(sql,(xmltext,))
if result == True:
writeVPNconf(action='uptprofile')
msg = {'color':'green','message':u'Profile.xml保存成功'}
sql = " select value from sysattr where attr='vpnprofile' "
result = readDb(sql,)
return(template('addprofile',session=s,msg=msg,info=result[0]))
def do_delaidns(id):
s = request.environ.get('beaker.session')
sql = """ select count(*) as count from dns_records where view=(select setname from dns_ipset where id=%s) """
resultx = readDb(sql,(id,))
if resultx[0].get('count') > 0 :
msg = {'color':'red','message':u'无法删除,该地址库已被关联使用'}
return template('aidns',session=s,msg=msg)
sql_1 = """ delete from dns_ipset where id=%s """
result = writeDb(sql_1,(id,))
if result == True:
writeDNSconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
return template('aidns',session=s,msg=msg)
else :
msg = {'color':'red','message':u'删除失败'}
return template('aidns',session=s,msg=msg)
def do_editdhcpserv():
s = request.environ.get('beaker.session')
dhcpenable = request.forms.get("dhcpenable")
getgw = request.forms.get("getgw")
getdns1 = request.forms.get("getdns1")
getdns2 = request.forms.get("getdns2")
startip = request.forms.get("startip")
stopip = request.forms.get("stopip")
otime = request.forms.get("otime")
dhcplist = request.forms.get("dhcplist").replace('\r\n','\n').strip()
idata = dict()
idata['dhcpenable']=dhcpenable
idata['getgw']=getgw
idata['getdns1']=getdns1
idata['getdns2']=getdns2
idata['startip']=startip
idata['stopip']=stopip
idata['otime']=otime
if netmod.checkip(startip) == False or netmod.checkip(stopip) == False or netmod.checkip(getgw) == False or netmod.checkip(getdns1) == False:
msg = {'color':'red','message':'参数配置异常,保存失败'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
#判断dhcp固定分配是否为空
if dhcplist != "":
for i in dhcplist.split('\n'):
try:
xmac = i.split(',')[0]
xip = i.split(',')[1]
if (netmod.is_ValidMac(xmac) == False or netmod.checkip(xip) == False) and xmac != "":
msg = {'color':'red','message':'配置保存失败,固定分配记录异常'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
else:
idata['dhcplist']=dhcplist
except:
msg = {'color':'red','message':'配置保存失败,固定分配记录异常'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
sql = " update sysattr set value=%s where attr='dhcpconf' "
iidata=json.dumps(idata)
result = writeDb(sql,(iidata,))
if result == True :
writeDNSconf(action='uptconf')
msg = {'color':'green','message':'配置保存成功'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
else :
msg = {'color':'red','message':'配置保存失败'}
sql = " select value from sysattr where attr='dhcpconf' "
idata = readDb(sql,)
return(template('editdhcpserv',session=s,msg=msg,info=idata))
def changedomain(id):
"""添加域名"""
s = request.environ.get('beaker.session')
domain = request.forms.get("domain")
domaintype = request.forms.get("domaintype")
comment = request.forms.get("comment")
if netmod.is_domain(domain) == False:
msg = {'color':'red','message':u'域名格式错误,添加失败'}
return '255'
sql_1 = """ UPDATE dns_domain set domain=%s,domaintype=%s,comment=%s where id=%s"""
result = writeDb(sql_1,(domain,domaintype,comment,id))
if result == True:
msg = {'color':'green','message':u'更新成功'}
return '0'
else:
msg = {'color':'red','message':u'更新失败'}
return '255'
def delpolicy(id):
"""删除策略"""
s = request.environ.get('beaker.session')
sql = "select username from user where policy=%s "
chkdata = readDb(sql,(id,))
if len(chkdata) > 0 :
msg = {'color':'red','message':u'删除失败,该策略已被关联无法删除'}
return(template('policyconf',session=s,msg=msg,info={}))
sql = "delete from vpnpolicy where id in (%s) "
result = writeDb(sql,(id,))
if result:
writeVPNconf(action='uptgroup')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
return(template('policyconf',session=s,msg=msg,info={}))
else:
msg = {'color':'red','message':u'删除失败'}
return(template('policyconf',session=s,msg=msg,info={}))
def deluser():
s = request.environ.get('beaker.session')
id = request.forms.get('str').rstrip(',')
if not id:
return '-1'
# 禁止删除ADMIN账户
for i in id.split(','):
if id == '1':
return '-1'
# MySQL多次删除ID,一次性删除异常
sql = "delete from user where id in (%s) "
result = writeDb(sql,(i,))
if result:
wrtlog('User','删除用户成功',s['username'],s.get('clientip'))
return '0'
else:
wrtlog('User','删除用户失败',s['username'],s.get('clientip'))
return '-1'
def deliface(stype,id):
s = request.environ.get('beaker.session')
if stype == 'sys' or stype == 'static' :
sqlquery = " select dest,netmask,gateway FROM sysroute WHERE id=%s "
sql = " DELETE FROM sysroute WHERE id=%s "
else:
sqlquery = " select srcaddr,destaddr,pronum,iface as outdev FROM sysrouteadv WHERE id=%s "
sql = " DELETE FROM sysrouteadv WHERE id=%s "
resultA = readDb(sqlquery,(id,))
# 判断删除入口并返回到指定界面
if stype == 'sys':
tpl = 'routeconf'
elif stype == 'static':
tpl = 'staticroute'
elif stype == 'adv':
tpl = 'advroute'
# 判断提交的指令
result = writeDb(sql,(id,))
if result == True:
if stype == 'adv':
try:
if resultA[0].get('srcaddr') == '' and resultA[0].get('destaddr') != '':
cmds.getdictrst('ip rule del prio %s to %s' % (resultA[0].get('pronum'),resultA[0].get('destaddr')))
elif resultA[0].get('destaddr') == '' and resultA[0].get('srcaddr') != '':
cmds.getdictrst('ip rule del prio %s from %s dev %s' % (resultA[0].get('pronum'),resultA[0].get('srcaddr')))
elif resultA[0].get('destaddr') == '' and resultA[0].get('srcaddr') == '':
cmds.getdictrst('ip rule del prio %s dev %s' % (resultA[0].get('pronum'),resultA[0].get('outdev')))
else:
cmds.getdictrst('ip rule del prio %s from %s to %s' % (resultA[0].get('pronum'),resultA[0].get('srcaddr'),resultA[0].get('destaddr')))
msg = {'color':'green','message':u'删除成功'}
return template(tpl,session=s,msg=msg)
except:
msg = {'color':'green','message':u'删除成功'}
return template(tpl,session=s,msg=msg)
else:
cmds.getdictrst('route del -net %s netmask %s gw %s' % (resultA[0].get('dest'),resultA[0].get('netmask'),resultA[0].get('gateway')))
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
return template(tpl,session=s,msg=msg)
else:
msg = {'color':'red','message':u'删除失败'}
return template(tpl,session=s,msg=msg)
def deluser():
s = request.environ.get('beaker.session')
id = request.forms.get('str').rstrip(',')
if not id:
return '-1'
# 禁止删除ADMIN账户
if id == '1':
return '-1'
for i in id.split(','):
if i == '1':
return '-1'
sql = "delete from user where id in (%s) "
result = writeDb(sql,(i,))
if result:
wrtlog('User','删除用户成功',s['username'],s.get('clientip'))
return '0'
else:
wrtlog('User','删除用户失败',s['username'],s.get('clientip'))
return '-1'
def do_editutmrule(id):
"""UTM配置 更新页"""
s = request.environ.get('beaker.session')
rulename = request.forms.get("rulename")
pronum = request.forms.get("pronum")
actzone = request.forms.get("actzone")
srcaddr = request.forms.get("srcaddr").replace('\r\n','\n').strip()
dstaddr = request.forms.get("dstaddr").replace('\r\n','\n').strip()
sproto = request.forms.get("sproto")
sport = request.forms.get("sport")
dproto = request.forms.get("dproto")
dport = request.forms.get("dport")
runaction = request.forms.get("runaction")
sql = "update ruleconfutm set rulename=%s,pronum=%s,actzone=%s,srcaddr=%s,dstaddr=%s,sproto=%s,sport=%s,dproto=%s,dport=%s,runaction=%s where id=%s"
data = (rulename,pronum,actzone,srcaddr,dstaddr,sproto,sport,dproto,dport,runaction,id)
if not (rulename and pronum):
msg = {'color':'red','message':u'规则名称或优先级未填写,添加失败'}
return template('utmruleconf',session=s,msg=msg,info={})
alladdr=srcaddr.split('\n')+dstaddr.split('\n')
for ipmask in alladdr :
if netmod.checkipmask(ipmask) == False and ipmask != '':
msg = {'color':'red','message':u'源地址或目标地址格式错误,添加失败'}
return(template('utmruleconf',msg=msg,session=s))
if len(sport.split(',')) > 10 or len(dport.split(',')) > 10 :
msg = {'color':'red','message':u'端口组总数量超过最大值10,添加失败'}
return(template('utmruleconf',msg=msg,session=s))
allport = sport.split(',')+dport.split(',')
for port in allport :
if ':' in port:
if len(port.split(':')) != 2 or port.split(':')[0] >= port.split(':')[1]:
msg = {'color':'red','message':u'连续端口格式错误,添加失败'}
return(template('utmruleconf',msg=msg,session=s))
else :
if netmod.is_port(port) == False and port != '' :
msg = {'color':'red','message':u'源端口或目标端口格式错误,添加失败'}
return(template('utmruleconf',msg=msg,session=s))
result = writeDb(sql,data)
if result == True:
msg = {'color':'green','message':u'更新成功'}
writeUTMconf(action='addconf')
return template('utmruleconf',session=s,msg=msg,info={})
