def create_rules_from_netstat():
ns = netstat.netstat()
#print ns.keys()
rules={}
for k in ns.keys():
v = filter(lambda x: not netstat.is_localhost(x[1]) and not netstat.is_localhost(x[3]), ns[k])
if v :#and driver.is_logged(k):
#r.set("%s.proc"%k,json.dumps(v))
for stream in v:
pid = k
src = stream[1]
dst = stream[3]
sport = stream[2]
dport = stream[4]
#print 'iptables -I OUTPUT -j ACCEPT -m owner --socket-exists --source %s --destination %s -p tcp --sport %s --dport %s' % (src,dst,sport,dport)
#print "rule is gonna be created %s" % [src,dst,sport,dport]
# rule = iptables.create_rule_output_accept(dport, src, dst, sport)
# '''check if the rule does not exists'''
# if not any([iptables.compare_accept_rules(rule, existing_rule) for existing_rule in iptables.get_output_accept_rules()]):
# rule = iptables.set_output_accept_rule(src,dst,sport,dport)
# try:sta
# rules[pid].append(rule)
# except KeyError:
# rules[pid] = [rule]
# except Exception, e:
# #print e
# #logger.log_error(e)
# pass
return rules
def eddieguts(Config, eddieHistory):
# instantiate a process list
log.log( "<eddie>eddieguts(), creating process object", 8 )
directive.plist = proc.procList()
# instantiate a disk usage list
log.log( "<eddie>eddieguts(), creating df object", 8 )
directive.dlist = df.dfList()
# instantiate a netstat list
log.log( "<eddie>eddieguts(), creating netstat object", 8 )
directive.nlist = netstat.netstat()
# instantiate a system object
log.log( "<eddie>eddieguts(), creating system object", 8 )
directive.system = system.system()
if module_iostat:
# instantiate an iostat object
log.log( "<eddie>eddieguts(), creating iostat object", 8 )
directive.iostat = iostat.iostat()
# Now do all the checking
log.log( "<eddie>eddieguts(), beginning checks", 7 )
check(Config)
# Save history (debug.. FS only for now...)
eddieHistory.save('FS',directive.dlist)
def do_GET(self):
if self.path == '/':
self.path = '/index.html'
request = self.path[1:].split('.')[0]
ext = self.path.split('.')[-1]
self.send_response(200)
try:
self.send_header('Content-type', self.ext_to_content_type[ext])
self.end_headers()
if ext == 'json':
if request == 'hardware':
response = hardware.get_results()
elif request == 'hosts':
response = {
'up': [host.info for host in netmapper.threads
if host.info['isUp']],
'down': [host.info for host in netmapper.threads
if not host.info['isUp']],
}
elif request == 'connections':
response = {
'TCP': netstat('tcp'),
'UDP': netstat('udp'),
'TCP (IPv6)': netstat('tcp6'),
'UDP (IPv6)': netstat('udp6'),
}
self.write(dumps(response))
else:
self.write(self.request_to_response[request])
except KeyError as e:
print(e)
self.send_error(404)
def get_pid(self):
pid = None
for conn in netstat.netstat(with_pid=True,
search_local_port=self.port):
if conn[2] == '0.0.0.0' and conn[6] == 'LISTEN':
pid = conn[7]
if pid is None:
raise Exception(
'Found the connection, but could not determine pid: %s'
% conn)
break
return pid
def fetch_process_network_counters(pid):
res = []
ns = netstat.netstat()
v = filter(lambda x: not netstat.is_localhost(x[1]) and not netstat.is_localhost(x[3]), ns[pid] if pid in ns.keys() else [] )
if v and driver.is_logged(pid):
for stream in v:
src = stream[1]+"/255.255.255.255"
dst = stream[3]+"/255.255.255.255"
sport = stream[2]
dport = stream[4]
for rule in iptables.get_output_accept_rules():
if rule.src == src and rule.dst == dst:
tcp_match =[match for match in rule.matches if match.name == 'tcp']
if len(tcp_match) > 0:
match = tcp_match[0]
if match.parameters['sport'] == sport and match.parameters['dport'] == dport:
#print "%s:%s -> %s:%s"%(src,sport,dst,dport),"%s packets, %s bytes" % rule.get_counters()
res.append(rule.get_counters())
return res
else:
return "%s not logged in"%pid
def getPIDElements(port=6653):
pl = subprocess.Popen(['ps', '-ax', '-o', 'pid,cmd'],
stdout=subprocess.PIPE).communicate()[0]
lines = pl.split('\n')
mininet_lines = []
for l in lines:
if "mininet" in l:
mininet_lines.append(l)
# print mininet_lines
dicProcesos = {}
for p in mininet_lines:
l = p.split()
if ("h" in l[-1]) or ("s" in l[-1]):
# Agregando hosts y el swith
node = l[-1]
dicProcesos[node[node.find(':') + 1:]] = int(l[0])
# Agregando el controlador
for conn in netstat():
# print conn
if str(port) in conn[2] and ('0.0.0.0' in conn[2]):
dicProcesos['c0'] = int(conn[5])
return dicProcesos
def get_tcp_port_usage(port):
res = netstat.netstat(with_pid=True, search_local_port=port)
if not res:
return None
return res[0][7]
def get_nic_details():
'''This function populates the "devices" dictionary. The keys used are
the pci addresses (domain:bus:slot.func). The values are themselves
dictionaries - one for each NIC.'''
global devices
global dpdk_drivers
if devices:
return
# first loop through and read details for all devices
# request machine readable format, with numeric IDs
dev_lines = run_lspci('-Dvmmn')
dev = {}
for dev_line in dev_lines:
if (len(dev_line) == 0):
if dev["Class"] == ETHERNET_CLASS or is_napatech(dev):
#convert device and vendor ids to numbers, then add to global
dev["Vendor"] = int(dev["Vendor"], 16)
dev["Device"] = int(dev["Device"], 16)
devices[dev["Slot"]] = dict(
dev) # use dict to make copy of dev
else:
name, value = dev_line.split("\t", 1)
dev[name.rstrip(":")] = value
# check active interfaces with established connections
established_ip = set()
for line_arr in netstat.netstat(
with_pid=False
): # [tcp_id, user, local ip, local port, remote ip, remote port, 'LISTEN', ...]
if line_arr[6] == 'ESTABLISHED':
established_ip.add(line_arr[2])
active_if = []
for line in check_output([
"ip", "-o", "addr"
], universal_newlines=True).splitlines(
): # 6: eth4 inet 10.56.216.133/24 brd 10.56.216.255 scope global eth4\ valid_lft forever preferred_lft forever
line_arr = line.split()
if len(line_arr) > 6 and line_arr[2] == 'inet':
if line_arr[3].rsplit('/', 1)[0] in established_ip:
active_if.append(line_arr[1])
# based on the basic info, get extended text details
for d in devices.keys():
# get additional info and add it to existing data
devices[d] = dict(
list(devices[d].items()) + list(get_pci_device_details(d).items()))
for _if in active_if:
if _if in devices[d]["Interface"].split(","):
devices[d]["Active"] = "*Active*"
break
# add igb_uio to list of supporting modules if needed
if "Module_str" in devices[d]:
for driver in dpdk_drivers:
if driver not in devices[d]["Module_str"]:
devices[d]["Module_str"] = devices[d][
"Module_str"] + ",%s" % driver
else:
devices[d]["Module_str"] = ",".join(dpdk_drivers)
# make sure the driver and module strings do not have any duplicates
if has_driver(d):
modules = devices[d]["Module_str"].split(",")
if devices[d]["Driver_str"] in modules:
modules.remove(devices[d]["Driver_str"])
devices[d]["Module_str"] = ",".join(modules)
# get MAC from Linux if available
if devices[d]['net_path']:
mac_file = '%s/%s/address' % (devices[d]['net_path'],
devices[d]['Interface'])
if os.path.exists(mac_file):
with open(mac_file) as f:
devices[d]['MAC'] = f.read().strip()
if is_napatech(devices[d]):
devices[d]['MAC'] = get_nt_mac_address(devices[d]['Slot'])
# get NUMA from Linux if available
numa_node_file = '/sys/bus/pci/devices/%s/numa_node' % devices[d][
'Slot']
if os.path.exists(numa_node_file):
with open(numa_node_file) as f:
devices[d]['NUMA'] = int(f.read().strip())
else:
# should we warn the user?
devices[d]['NUMA'] = -1
import networkx as nx
import matplotlib.pyplot as plt
import netstat
import re
# note: this will graph origin/destination incorrectly if the listening port is no longer listening on the local address
conns = netstat.netstat()
ip = re.compile(r"[^:]*")
G = nx.DiGraph()
lports = []
for i in netstat.only_listening():
source = re.findall(ip, i[3])
try:
if not (source[0] == '127.0.0.1' or source[0] == '127.0.1.1'):
lports.append(source[2])
except:
pass
for i in conns:
if i[5] == 'ESTABLISHED':
src = re.findall(ip, i[3])
dst = re.findall(ip, i[4])
if not (src[0] == '127.0.0.1' or dst[0] == '127.0.0.1'):
if src[2] in lports:
G.add_edge(dst[0], src[0])
else:
G.add_edge(src[0], dst[0])
pl = subprocess.Popen(['ps', '-ax', '-o', 'pid,cmd'],
stdout=subprocess.PIPE).communicate()[0]
lines = pl.split('\n')
mininet_lines = []
for l in lines:
if "mininet" in l:
mininet_lines.append(l)
print mininet_lines
dicProcesos = {}
for p in mininet_lines:
l = p.split()
if ("h" in l[-1]) or ("s" in l[-1]):
# Agregando hosts y el swith
node = l[-1]
dicProcesos[node[node.find(':') + 1:]] = int(l[0])
# Agregando el controlador
port = 6653
for conn in netstat():
# print conn
if str(6653) in conn[2] and ('0.0.0.0' in conn[2]):
dicProcesos['c0'] = int(conn[5])
procesos = []
for k in dicProcesos:
p = psutil.Process(dicProcesos[k])
dic_attr = p.as_dict(attrs=['pid', 'name', 'cpu_percent'])
print(k, dic_attr['pid'], dic_attr['cpu_percent'])
def is_running(self):
for conn in netstat.netstat(with_pid=False,
search_local_port=self.port):
if conn[2] == '0.0.0.0' and conn[6] == 'LISTEN':
return True
return False
def __init__(self, *args, **kwargs):
super(NetworkCollector, self).__init__(*args, **kwargs)
self.net_lines = netstat.netstat()
import networkx as nx
import matplotlib.pyplot as plt
import netstat
import re
# note: this will graph origin/destination incorrectly if the listening port is no longer listening on the local address
conns = netstat.netstat()
ip = re.compile(r"[^:]*")
G = nx.DiGraph()
lports = []
for i in netstat.only_listening():
source = re.findall(ip, i[3])
try:
if not (source[0] == '127.0.0.1' or source[0] == '127.0.1.1'):
lports.append(source[2])
except:
pass
for i in conns:
if i[5] == 'ESTABLISHED':
src = re.findall(ip, i[3])
dst = re.findall(ip, i[4])
if not (src[0] == '127.0.0.1' or dst[0] == '127.0.0.1'):
if src[2] in lports:
G.add_edge(dst[0], src[0])
else:
G.add_edge(src[0], dst[0])
nx.draw(G, with_labels=True)
