Exemple #1
0
def make_script(dhcp):
    print("make_script")
    templ = [
            ('filter', "-A INPUT --src {0} -m mac --mac-source {1} -j {2}"),
            ('filter', "-A FORWARD --src {0} -m mac --mac-source {1} -j {2}"),
            ('mangle', "-A FORWARD --src {0} -j {2}"),
            ('mangle', "-A FORWARD --dst {0} -j {2}")
            ]

    iptb = {"mangle": [], "filter": []}
    i = 0
    for lease in dhcp:
        doc = user.find_one({"devices": {"mac": lease.mac}})

        jump = mac_status(doc)
#        print(lease.mac, jump, jump.name, jump.access)

        iptb['mangle'] += ["-A FORWARD --src {0} -j {2}".format(lease.ip, lease.mac, jump.name)]
        iptb['mangle'] += ["-A FORWARD --dst {0} -j {2}".format(lease.ip, lease.mac, jump.name)]
        iptb['filter'] += ["-A allow-inet --src {0} -m mac --mac-source {1} -j {2}".format(lease.ip, lease.mac, jump.access)]

    script = ''
    script += '*mangle\n'
    script += '-F FORWARD\n'
    script += '\n'.join(list(set(iptb['mangle'])))
    script += '\nCOMMIT\n'

    script += '*filter\n'
    script += ':allow-inet - [0:0]\n'
    script += '\n'.join(list(set(iptb['filter']))) + '\n'

    script += 'COMMIT\n'
#    print(script)
    return script
Exemple #2
0
    def from_dhcp(self):
        with open(self.dhcp_lease, "r") as fd:
            st = fd.read().split("\n")
        
        ends = ''
        starts = ''
        mac = ''

        macs = dict()
        jump = "ACCEPT"
        rules = []
        for line in st:
            if not line or line.startswith("#"):
                continue;

            if line == '}' and lease:
                now = datetime.datetime.utcnow()               

                if(ends > now or debug):
                    macs[lease] = mac
                    rules.append(IpTablesRule(lease, mac, mac_status(mac).access, self.chain_name, self.iface_name, starts, ends))

                lease = None
                continue

            m = re.search(r'lease\s*([0-9\.]+)\s*\{', line)
            if m:
                lease = m.groups()[0]
                continue

            m = re.search(r'\s+([a-z\s\-]+)\s+\"?(.+?)?\"?\;', line)
            if m:
                k, v = m.groups()
                if k == "hardware ethernet":
                    mac = v
                elif k == "ends":
                    ends = datetime.datetime.strptime(v, "%w %Y/%m/%d %H:%M:%S")
                elif k == "starts":
                    starts = datetime.datetime.strptime(v, "%w %Y/%m/%d %H:%M:%S")


        return rules