def uninstall_keepalived(args=""):
"""
Remove Keepalived from the server.
"""
app.print_verbose("Uninstall Keepalived")
os.chdir("/")
_chkconfig("keepalived", "off")
_service("keepalived", "stop")
x("yum -y remove keepalived")
x("rm -rf {0}*".format(KA_CONF_DIR))
del_iptables_chain()
iptables.save()
def uninstall_keepalived(args=""):
"""
Remove Keepalived from the server.
"""
app.print_verbose("Uninstall Keepalived")
os.chdir("/")
_chkconfig("keepalived","off")
_service("keepalived","stop")
x("yum -y remove keepalived")
x("rm -rf {0}*".format(KA_CONF_DIR))
del_iptables_chain()
iptables.save()
def remove_all_ips(self):
if not self.require("real_id"):
return errors.throw(errors.BACKEND_INVALID_INPUT)
# vps IP addresses
ac = api.api_call("vm_ips", {
'vps_id': self.vps_id
})
ret = ac.execute()
if ret != errors.ERR_SUCCESS: return ret
# remove IPs from iptables
try:
ips = ac.output()[0]['ip']
# loop through IPs and remove
for ip in ips:
iptables.delete_rule(
"PANENTHE_BW", "-d %s" % ip, self.do_execute
)
iptables.delete_rule(
"PANENTHE_BW", "-s %s" % ip, self.do_execute
)
except (IndexError, KeyError): pass
# save rules
srv = self.get_server()
error = iptables.save(srv.do_execute, srv.get_remote_distro())
if error != errors.ERR_SUCCESS:
return error
def add_ip(self): if not self.require(["real_id", "ip", "netmask", "gateway"]): return errors.throw(errors.BACKEND_INVALID_INPUT) # incoming traffic (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-d %s" % self.ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # outgoing traffic (exit_code,_,_) = iptables.add_rule( "PANENTHE_BW", "-s %s" % self.ip, self.do_execute ) if exit_code != 0: return errors.throw(errors.SERVER_IPTABLES) # save rules srv = self.get_server() error = iptables.save(srv.do_execute, srv.get_remote_distro()) if error != errors.ERR_SUCCESS: return error
def cleanup_bw(self):
self.require_remote()
# delete rules
iptables.delete_rule("FORWARD", "-j PANENTHE_BW", self.do_execute)
# delete chains
iptables.delete_chain("PANENTHE_BW", self.do_execute)
# delete cron
self.do_execute("sed -r \"/# panenthe_bw$/d\" -i \"%s\"" %
glob.config.get("paths", "crontab")
)
# save iptables rules
error = iptables.save(self.do_execute, self.get_remote_distro())
return error
def remove_ip(self): if not self.require(["real_id", "ip"]): return errors.throw(errors.BACKEND_INVALID_INPUT) # incoming traffic iptables.delete_rule( "PANENTHE_BW", "-d %s" % self.ip, self.do_execute ) # outgoing traffic iptables.delete_rule( "PANENTHE_BW", "-s %s" % self.ip, self.do_execute ) # save rules srv = self.get_server() error = iptables.save(srv.do_execute, srv.get_remote_distro()) if error != errors.ERR_SUCCESS: return error
def initialize_bw(self):
self.require_remote()
# sanity (of which I have none)
self.cleanup_bw()
# create chains
(exit_code,_,_) = iptables.add_chain("PANENTHE_BW", self.do_execute)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# create rule for INPUT table
(exit_code,_,_) = iptables.insert_rule(
"INPUT", "-j PANENTHE_BW", self.do_execute
)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# create rule for FORWARD table
(exit_code,_,_) = iptables.insert_rule(
"FORWARD", "-j PANENTHE_BW", self.do_execute
)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# create rule for OUTPUT table
(exit_code,_,_) = iptables.insert_rule(
"OUTPUT", "-j PANENTHE_BW", self.do_execute
)
if exit_code != 0:
return errors.throw(errors.SERVER_IPTABLES)
# server IP addresses
ac = api.api_call("server_ips", {
'server_id': self.get_server_id()
})
ret = ac.execute()
if ret != errors.ERR_SUCCESS: return ret
result = ac.output()
# use IPs
try:
result[0]
result[0]['ip']
ips = result[0]['ip']
# loop through IPs
for ip in ips:
iptables.add_rule("PANENTHE_BW", "-d %s" % ip, self.do_execute)
iptables.add_rule("PANENTHE_BW", "-s %s" % ip, self.do_execute)
# there might not be any IPs yet
except (IndexError, KeyError): pass
# save iptables rules
error = iptables.save(self.do_execute, self.get_remote_distro())
return error
def unsuspend_ip(self):
if not self.require("ip"):
return errors.throw(errors.BACKEND_INVALID_INPUT)
# FORWARD table incoming
iptables.delete_rule(
"FORWARD", "-d %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# FORWARD table outgoing
iptables.delete_rule(
"FORWARD", "-s %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# INPUT table incoming
iptables.delete_rule(
"INPUT", "-d %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# INPUT table outgoing
iptables.delete_rule(
"INPUT", "-s %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# OUTPUT table incoming
iptables.delete_rule(
"OUTPUT", "-d %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# OUTPUT table outgoing
iptables.delete_rule(
"OUTPUT", "-s %s -m comment --comment panenthe_suspend -j %s" % (
executer.escape(self.ip),
glob.config.get("server", "suspend_mode")
),
self.do_execute
)
# save rules
srv = self.get_server()
error = iptables.save(srv.do_execute, srv.get_remote_distro())
if error != errors.ERR_SUCCESS:
return error
