def get_ip(self, text): if common.match_ipv4_address(text) is not None: return common.match_ipv4_address(text) else: if common.match_ipv6_address(text) is not None: return common.match_ipv6_address(text) return None
def get_ip(text): if common.match_ipv4_address(text) != None: return common.match_ipv4_address(text) else: if common.match_ipv6_address(text) != None: return common.match_ipv6_address(text) return None
def update_all_user(self, dt_transfer): import cymysql update_transfer = {} query_head = 'UPDATE user' query_sub_when = '' query_sub_when2 = '' query_sub_in = None alive_user_count = 0 bandwidth_thistime = 0 if get_config().MYSQL_SSL_ENABLE == 1: conn = cymysql.connect(host=get_config().MYSQL_HOST, port=get_config().MYSQL_PORT, user=get_config().MYSQL_USER, passwd=get_config().MYSQL_PASS, db=get_config().MYSQL_DB, charset='utf8',ssl={'ca':get_config().MYSQL_SSL_CA,'cert':get_config().MYSQL_SSL_CERT,'key':get_config().MYSQL_SSL_KEY}) else: conn = cymysql.connect(host=get_config().MYSQL_HOST, port=get_config().MYSQL_PORT, user=get_config().MYSQL_USER, passwd=get_config().MYSQL_PASS, db=get_config().MYSQL_DB, charset='utf8') conn.autocommit(True) for id in dt_transfer.keys(): if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0: continue query_sub_when += ' WHEN %s THEN u+%s' % (id, dt_transfer[id][0] * self.traffic_rate) query_sub_when2 += ' WHEN %s THEN d+%s' % (id, dt_transfer[id][1] * self.traffic_rate) update_transfer[id] = dt_transfer[id] alive_user_count = alive_user_count + 1 cur = conn.cursor() cur.execute("INSERT INTO `user_traffic_log` (`id`, `user_id`, `u`, `d`, `Node_ID`, `rate`, `traffic`, `log_time`) VALUES (NULL, '" + str(self.port_uid_table[id]) + "', '" + str(dt_transfer[id][0]) +"', '" + str(dt_transfer[id][1]) + "', '" + str(get_config().NODE_ID) + "', '" + str(self.traffic_rate) + "', '" + self.trafficShow((dt_transfer[id][0]+dt_transfer[id][1]) * self.traffic_rate) + "', unix_timestamp()); ") cur.close() bandwidth_thistime = bandwidth_thistime + ((dt_transfer[id][0] + dt_transfer[id][1]) * self.traffic_rate) if query_sub_in is not None: query_sub_in += ',%s' % id else: query_sub_in = '%s' % id if query_sub_when != '': query_sql = query_head + ' SET u = CASE port' + query_sub_when + \ ' END, d = CASE port' + query_sub_when2 + \ ' END, t = unix_timestamp() ' + \ ' WHERE port IN (%s)' % query_sub_in cur = conn.cursor() cur.execute(query_sql) cur.close() cur = conn.cursor() cur.execute("UPDATE `ss_node` SET `node_heartbeat`=unix_timestamp(),`node_bandwidth`=`node_bandwidth`+'" + str(bandwidth_thistime) + "' WHERE `id` = " + str(get_config().NODE_ID) + " ; ") cur.close() cur = conn.cursor() cur.execute("INSERT INTO `ss_node_online_log` (`id`, `node_id`, `online_user`, `log_time`) VALUES (NULL, '" + str(get_config().NODE_ID) + "', '" + str(alive_user_count) + "', unix_timestamp()); ") cur.close() cur = conn.cursor() cur.execute("INSERT INTO `ss_node_info` (`id`, `node_id`, `uptime`, `load`, `log_time`) VALUES (NULL, '" + str(get_config().NODE_ID) + "', '" + str(self.uptime()) + "', '" + str(self.load()) + "', unix_timestamp()); ") cur.close() online_iplist = ServerPool.get_instance().get_servers_iplist() for id in online_iplist.keys(): for ip in online_iplist[id]: cur = conn.cursor() cur.execute("INSERT INTO `alive_ip` (`id`, `nodeid`,`userid`, `ip`, `datetime`) VALUES (NULL, '" + str(get_config().NODE_ID) + "','" + str(self.port_uid_table[id]) + "', '" + str(ip) + "', unix_timestamp())") cur.close() detect_log_list = ServerPool.get_instance().get_servers_detect_log() for port in detect_log_list.keys(): for rule_id in detect_log_list[port]: cur = conn.cursor() cur.execute("INSERT INTO `detect_log` (`id`, `user_id`, `list_id`, `datetime`, `node_id`) VALUES (NULL, '" + str(self.port_uid_table[port]) + "', '" + str(rule_id) + "', UNIX_TIMESTAMP(), '" + str(get_config().NODE_ID) + "')") cur.close() deny_str = "" if platform.system() == 'Linux' and get_config().ANTISSATTACK == 1 : wrong_iplist = ServerPool.get_instance().get_servers_wrong() server_ip = socket.gethostbyname(get_config().MYSQL_HOST) for id in wrong_iplist.keys(): for ip in wrong_iplist[id]: realip = "" is_ipv6 = False if common.is_ip(ip) != False: if(common.is_ip(ip) == socket.AF_INET): realip = ip else: if common.match_ipv4_address(ip) != None: realip = common.match_ipv4_address(ip) else: is_ipv6 = True realip = ip else: continue if str(realip) == str(server_ip): continue cur = conn.cursor() cur.execute("SELECT * FROM `blockip` where `ip` = '" + str(realip) + "'") rows = cur.fetchone() cur.close() if rows != None: continue if get_config().CLOUDSAFE == 1: cur = conn.cursor() cur.execute("INSERT INTO `blockip` (`id`, `nodeid`, `ip`, `datetime`) VALUES (NULL, '" + str(get_config().NODE_ID) + "', '" + str(realip) + "', unix_timestamp())") cur.close() else: if is_ipv6 == False: os.system('route add -host %s gw 127.0.0.1' % str(realip)) deny_str = deny_str + "\nALL: " + str(realip) else: os.system('ip -6 route add ::1/128 via %s/128' % str(realip)) deny_str = deny_str + "\nALL: [" + str(realip) +"]/128" logging.info("Local Block ip:" + str(realip)) if get_config().CLOUDSAFE == 0: deny_file=open('/etc/hosts.deny','a') fcntl.flock(deny_file.fileno(),fcntl.LOCK_EX) deny_file.write(deny_str + "\n") deny_file.close() conn.close() return update_transfer
def update_all_user(self, dt_transfer): global webapi update_transfer = {} alive_user_count = 0 bandwidth_thistime = 0 data = [] for id in dt_transfer.keys(): if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0: continue data.append({ 'u': dt_transfer[id][0], 'd': dt_transfer[id][1], 'user_id': self.port_uid_table[id] }) update_transfer[id] = dt_transfer[id] webapi.postApi('users/traffic', {'node_id': get_config().NODE_ID}, {'data': data}) webapi.postApi('nodes/%d/info' % (get_config().NODE_ID), {'node_id': get_config().NODE_ID}, { 'uptime': str(self.uptime()), 'load': str(self.load()) }) online_iplist = ServerPool.get_instance().get_servers_iplist() data = [] for port in online_iplist.keys(): for ip in online_iplist[port]: data.append({'ip': ip, 'user_id': self.port_uid_table[port]}) webapi.postApi('users/aliveip', {'node_id': get_config().NODE_ID}, {'data': data}) detect_log_list = ServerPool.get_instance().get_servers_detect_log() data = [] for port in detect_log_list.keys(): for rule_id in detect_log_list[port]: data.append({ 'list_id': rule_id, 'user_id': self.port_uid_table[port] }) webapi.postApi('users/detectlog', {'node_id': get_config().NODE_ID}, {'data': data}) deny_str = "" data = [] if platform.system() == 'Linux' and get_config().ANTISSATTACK == 1: wrong_iplist = ServerPool.get_instance().get_servers_wrong() server_ip = socket.gethostbyname(get_config().MYSQL_HOST) for id in wrong_iplist.keys(): for ip in wrong_iplist[id]: realip = "" is_ipv6 = False if common.is_ip(ip): if (common.is_ip(ip) == socket.AF_INET): realip = ip else: if common.match_ipv4_address(ip) is not None: realip = common.match_ipv4_address(ip) else: is_ipv6 = True realip = ip else: continue if str(realip).find(str(server_ip)) != -1: continue has_match_node = False for node_ip in self.node_ip_list: if str(realip).find(node_ip) != -1: has_match_node = True continue if has_match_node: continue if get_config().CLOUDSAFE == 1: data.append({'ip': realip}) else: if not is_ipv6: os.system('route add -host %s gw 127.0.0.1' % str(realip)) deny_str = deny_str + "\nALL: " + str(realip) else: os.system('ip -6 route add ::1/128 via %s/128' % str(realip)) deny_str = deny_str + \ "\nALL: [" + str(realip) + "]/128" logging.info("Local Block ip:" + str(realip)) if get_config().CLOUDSAFE == 0: deny_file = open('/etc/hosts.deny', 'a') fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX) deny_file.write(deny_str) deny_file.close() webapi.postApi('func/block_ip', {'node_id': get_config().NODE_ID}, {'data': data}) return update_transfer
def update_all_user(self, dt_transfer): global webapi update_transfer = {} alive_user_count = 0 bandwidth_thistime = 0 data = [] for id in dt_transfer.keys(): if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0: continue data.append({ "u": dt_transfer[id][0], "d": dt_transfer[id][1], "user_id": self.port_uid_table[id], }) update_transfer[id] = dt_transfer[id] webapi.postApi("traffic", {"node_id": get_config().NODE_ID}, {"data": data}) webapi.postApi("uptimeinfo", {"node_id": get_config().NODE_ID}, {"node_id": get_config().NODE_ID}) online_iplist = ServerPool.get_instance().get_servers_iplist() data = [] for port in online_iplist.keys(): for ip in online_iplist[port]: data.append({"ip": ip, "user_id": self.port_uid_table[port]}) webapi.postApi("aliveip", {"node_id": get_config().NODE_ID}, {"data": data}) detect_log_list = ServerPool.get_instance().get_servers_detect_log() data = [] for port in detect_log_list.keys(): for rule_id in detect_log_list[port]: data.append({ "list_id": rule_id, "user_id": self.port_uid_table[port] }) webapi.postApi( "detectlog", {"node_id": get_config().NODE_ID}, {"data": data}, ) deny_str = "" data = [] if platform.system() == "Linux" and get_config().ANTISSATTACK == 1: wrong_iplist = ServerPool.get_instance().get_servers_wrong() server_ip = socket.gethostbyname(get_config().MYSQL_HOST) for id in wrong_iplist.keys(): for ip in wrong_iplist[id]: realip = "" is_ipv6 = False if common.is_ip(ip): if common.is_ip(ip) == socket.AF_INET: realip = ip else: if common.match_ipv4_address(ip) is not None: realip = common.match_ipv4_address(ip) else: is_ipv6 = True realip = ip else: continue if str(realip).find(str(server_ip)) != -1: continue has_match_node = False for node_ip in self.node_ip_list: if str(realip).find(node_ip) != -1: has_match_node = True continue if has_match_node: continue if get_config().CLOUDSAFE == 1: data.append({"ip": realip}) else: if not is_ipv6: os.system("route add -host %s gw 127.0.0.1" % str(realip)) deny_str = deny_str + "\nALL: " + str(realip) else: os.system("ip -6 route add ::1/128 via %s/128" % str(realip)) deny_str = deny_str + "\nALL: [" + str( realip) + "]/128" logging.info("Local Block ip:" + str(realip)) if get_config().CLOUDSAFE == 0: deny_file = open("/etc/hosts.deny", "a") fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX) deny_file.write(deny_str) deny_file.close() webapi.postApi( "block_ip", {"node_id": get_config().NODE_ID}, {"data": data}, ) return update_transfer
def update_all_user(self, dt_transfer): update_transfer = {} query_head = "UPDATE user" query_sub_when = "" query_sub_when2 = "" query_sub_in = None alive_user_count = 0 bandwidth_thistime = 0 for offset_port in dt_transfer.keys(): port = self.get_real_port(offset_port) if dt_transfer[offset_port][0] == 0 and dt_transfer[offset_port][1] == 0: continue query_sub_when += " WHEN %s THEN u+%s" % (port, dt_transfer[offset_port][0] * self.traffic_rate) query_sub_when2 += " WHEN %s THEN d+%s" % (port, dt_transfer[offset_port][1] * self.traffic_rate) update_transfer[offset_port] = dt_transfer[offset_port] alive_user_count = alive_user_count + 1 self.append_traffic_log(offset_port, dt_transfer) bandwidth_thistime = bandwidth_thistime + (dt_transfer[offset_port][0] + dt_transfer[offset_port][1]) if query_sub_in is not None: query_sub_in += ",%s" % port else: query_sub_in = "%s" % port self.mass_insert_traffic() if query_sub_when != "": query_sql = ( query_head + " SET u = CASE port" + query_sub_when + " END, d = CASE port" + query_sub_when2 + " END, t = unix_timestamp() " + " WHERE port IN (%s)" % query_sub_in ) self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE) query_sql = ( "UPDATE `ss_node` SET `node_heartbeat`=unix_timestamp(),`node_bandwidth`=`node_bandwidth`+'" + str(bandwidth_thistime) + "' WHERE `id` = " + str(self.api_config.NODE_ID) + " ; " ) self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE) query_sql = ( "INSERT INTO `ss_node_online_log` (`id`, `node_id`, `online_user`, `log_time`) VALUES (NULL, '" + str(self.api_config.NODE_ID) + "', '" + str(alive_user_count) + "', unix_timestamp()); " ) self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE) query_sql = ( "INSERT INTO `ss_node_info` (`id`, `node_id`, `uptime`, `load`, `log_time`) VALUES (NULL, '" + str(self.api_config.NODE_ID) + "', '" + str(self.uptime()) + "', '" + str(self.load()) + "', unix_timestamp()); " ) self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE) online_iplist = sp_instance().get_servers_iplist() for port in online_iplist.keys(): for ip in online_iplist[port]: self.append_alive_ip(port, ip) self.mass_insert_alive_ip() detect_log_list = sp_instance().get_servers_detect_log() for port in detect_log_list.keys(): for rule_id in detect_log_list[port]: query_sql = ( "INSERT INTO `detect_log` (`id`, `user_id`, `list_id`, `datetime`, `node_id`) VALUES (NULL, '" + str(self.port_uid_table[port]) + "', '" + str(rule_id) + "', UNIX_TIMESTAMP(), '" + str(self.api_config.NODE_ID) + "')" ) self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE) deny_str = "" if platform.system() == "Linux" and self.api_config.ANTISSATTACK == 1: wrong_iplist = sp_instance().get_servers_wrong() server_ip = socket.gethostbyname(self.api_config.MYSQL_HOST) for id in wrong_iplist.keys(): for ip in wrong_iplist[id]: is_ipv6 = False if common.is_ip(ip): if common.is_ip(ip) == socket.AF_INET: realip = ip else: if common.match_ipv4_address(ip) is not None: realip = common.match_ipv4_address(ip) else: is_ipv6 = True realip = ip else: continue if str(realip).find(str(server_ip)) != -1: continue has_match_node = False for node_ip in self.node_ip_list: if str(realip).find(node_ip) != -1: has_match_node = True continue if has_match_node: continue query_sql = "SELECT * FROM `blockip` where `ip` = '" + str(realip) + "'" rows = self.get_mysql_cur(query_sql, fetch_type=FETCH_ONE) if rows is not None: continue if self.api_config.CLOUDSAFE == 1: query_sql = ( "INSERT INTO `blockip` (`id`, `nodeid`, `ip`, `datetime`) VALUES (NULL, '" + str(self.api_config.NODE_ID) + "', '" + str(realip) + "', unix_timestamp())" ) self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE) else: if not is_ipv6: os.system("route add -host %s gw 127.0.0.1" % str(realip)) deny_str = deny_str + "\nALL: " + str(realip) else: os.system("ip -6 route add ::1/128 via %s/128" % str(realip)) deny_str = deny_str + "\nALL: [" + str(realip) + "]/128" logging.info("Local Block ip: %s", str(realip)) if self.api_config.CLOUDSAFE == 0: deny_file = open("/etc/hosts.deny", "a") fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX) deny_file.write(deny_str) deny_file.close() return update_transfer
def update_all_user(self, dt_transfer): import cymysql update_transfer = {} query_head = 'UPDATE user' query_sub_when = '' query_sub_when2 = '' query_sub_in = None alive_user_count = 0 bandwidth_thistime = 0 for id in dt_transfer.keys(): if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0: continue query_sub_when += ' WHEN %s THEN u+%s' % (id, dt_transfer[id][0] * self.traffic_rate) query_sub_when2 += ' WHEN %s THEN d+%s' % (id, dt_transfer[id][1] * self.traffic_rate) update_transfer[id] = dt_transfer[id] alive_user_count = alive_user_count + 1 self.append_traffic_log(id, dt_transfer) bandwidth_thistime = bandwidth_thistime + \ (dt_transfer[id][0] + dt_transfer[id][1]) if query_sub_in is not None: query_sub_in += ',%s' % id else: query_sub_in = '%s' % id self.mass_insert_traffic() if query_sub_when != '': query_sql = query_head + ' SET u = CASE port' + query_sub_when + \ ' END, d = CASE port' + query_sub_when2 + \ ' END, t = unix_timestamp() ' + \ ' WHERE port IN (%s)' % query_sub_in self.getMysqlCur(query_sql, no_result=True) query_sql = "UPDATE `ss_node` SET `node_heartbeat`=unix_timestamp(),`node_bandwidth`=`node_bandwidth`+'" + \ str(bandwidth_thistime) + \ "' WHERE `id` = " + str(self.NODE_ID) + " ; " self.getMysqlCur(query_sql, no_result=True) query_sql = "INSERT INTO `ss_node_online_log` (`id`, `node_id`, `online_user`, `log_time`) VALUES (NULL, '" + \ str(self.NODE_ID) + "', '" + str(alive_user_count) + "', unix_timestamp()); " self.getMysqlCur(query_sql, no_result=True) query_sql = "INSERT INTO `ss_node_info` (`id`, `node_id`, `uptime`, `load`, `log_time`) VALUES (NULL, '" + \ str(get_config().NODE_ID) + "', '" + str(self.uptime()) + "', '" + str(self.load()) + "', unix_timestamp()); " self.getMysqlCur(query_sql, no_result=True) online_iplist = ServerPool.get_instance().get_servers_iplist() for id in online_iplist.keys(): for ip in online_iplist[id]: self.append_alive_ip(id, ip) self.mass_insert_alive_ip() detect_log_list = ServerPool.get_instance().get_servers_detect_log() for port in detect_log_list.keys(): for rule_id in detect_log_list[port]: query_sql = "INSERT INTO `detect_log` (`id`, `user_id`, `list_id`, `datetime`, `node_id`) VALUES (NULL, '" + \ str(self.port_uid_table[port]) + "', '" + str(rule_id) + "', UNIX_TIMESTAMP(), '" + str(self.NODE_ID) + "')" self.getMysqlCur(query_sql, no_result=True) deny_str = "" if platform.system() == 'Linux' and get_config().ANTISSATTACK == 1: wrong_iplist = ServerPool.get_instance().get_servers_wrong() server_ip = socket.gethostbyname(get_config().MYSQL_HOST) for id in wrong_iplist.keys(): for ip in wrong_iplist[id]: realip = "" is_ipv6 = False if common.is_ip(ip): if (common.is_ip(ip) == socket.AF_INET): realip = ip else: if common.match_ipv4_address(ip) is not None: realip = common.match_ipv4_address(ip) else: is_ipv6 = True realip = ip else: continue if str(realip).find(str(server_ip)) != -1: continue has_match_node = False for node_ip in self.node_ip_list: if str(realip).find(node_ip) != -1: has_match_node = True continue if has_match_node: continue query_sql = "SELECT * FROM `blockip` where `ip` = '" + str( realip) + "'" rows = self.getMysqlCur(query_sql, fetchone=True) if rows is not None: continue if get_config().CLOUDSAFE == 1: query_sql = "INSERT INTO `blockip` (`id`, `nodeid`, `ip`, `datetime`) VALUES (NULL, '" + \ str(self.NODE_ID) + "', '" + str(realip) + "', unix_timestamp())" self.getMysqlCur(query_sql, no_result=True) else: if not is_ipv6: os.system('route add -host %s gw 127.0.0.1' % str(realip)) deny_str = deny_str + "\nALL: " + str(realip) else: os.system('ip -6 route add ::1/128 via %s/128' % str(realip)) deny_str = deny_str + \ "\nALL: [" + str(realip) + "]/128" logging.info("Local Block ip:" + str(realip)) if get_config().CLOUDSAFE == 0: deny_file = open('/etc/hosts.deny', 'a') fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX) deny_file.write(deny_str) deny_file.close() return update_transfer