class Drop:
"""
Does magic stuff.
"""
def __init__(self):
pass
self.log = Log(conf.files.droplog)
def ip4(self,ip):
"""
Drops IPv4 address from iptables and database
"""
checkip = re.compile(conf.filter.ipv4_exact)
if checkip.match(ip) == None:
print "Invalid IP:\n"+ip
exit(conf.exit_status.input_error)
firewall = Firewall()
data = Data()
self.log.info("DROPPED: "+ip)
firewall.drop_ip4(ip)
data.DbActiveIp4(ip,0)
def drop_ip6(self,ip):
print "IPv6 not yet implemented."
def ip4(self,username, password, ip):
log = Log(conf.files.loginlog)
indata = self.check_input(username, password, ip)
dhcp = Dhcp()
auth = Auth(indata['username'],indata['password'])
firewall = Firewall()
# dhcp = DHCP(None) ## Uses default leasefile given in conf.py
# lease = 1 #dhcp.get_ipv4_lease(indata['ip_addr']);
mac = dhcp.find_mac(indata['ip_addr'])
data = Data()
if mac == False:
# ip/mac pair does not exist in leasefile
print "FEIL Mac/IP combo"
exit(conf.exit_status.ip_mac_mismatch_error)
elif auth.login() != True:
print "Login failed."
log.info("LOGIN FAILED: "+indata['username']+" at "+ indata['ip_addr'])
exit(conf.exit_status.login_error)
else:
firewall.accept_ip4(indata['ip_addr'])
## DATABASE GOES HERE
log.info("LOGIN OK: "+indata['username']+" at "+ indata['ip_addr'])
data.DbAddRow(indata['username'],mac,indata['ip_addr'],"IPv6")
# print lease[1]+" "+lease[0]
### WRITE SOMETHING TO A LOGFILE? (this goes to stdout)
print "Login successful, {0} at ip {1}".format(indata['username'], indata['ip_addr'])
return
class Statistics:
"""
Shows statistics based on ip_address
"""
def __init__(self):
self.log = Log()
def get_conntrack(self, ip):
"""
Returns list of ip_conntrack entries of self.ip
"""
ipct = open(conf.files.ip_conntrack).read().split("\n")
return [line for line in ipct if line.find(ip) > 0] #add lines with self.ip to my-list.
def get_active_connections(self, ip):
"""
Returns number of active connections to self.ip
"""
return len(self.get_conntrack(ip))
def get_iptables_io(self, ip):
"""
Executes call to iptables and filters out info about ip
Returns dictionary with following info:
pkt_sent = Packages sent from self.ip (int)
pkt_received = Packages recieved to self.ip (int)
bytes_sent = Bytes sent from self.ip (int)
bytes_received = Bytes received to self.ip (int)
"""
ipcmd = ['iptables', '-nvxL']
ipres = sp.Popen(ipcmd, stdout=sp.PIPE).communicate()[0].split("\n")
res = [line for line in ipres if line.find(ip) > 0]
if res:
tx_pkts = int(res[0].split(*'')[0])
rx_pkts = int(res[1].split(*'')[0])
tx_bytes = int(res[0].split(*'')[1])
rx_bytes = int(res[1].split(*'')[1])
return {'pkt_sent':tx_pkts, 'pkt_received':rx_pkts, 'bytes_sent':tx_bytes, 'bytes_received':rx_bytes}
else:
self.log.error("df_user_stats.py: Something wrong with iptables-lookup...: "+ip)
def __init__(self):
self.log = Log()
def __init__(self):
pass
self.log = Log(conf.files.droplog)