def __init__(self, *args, **kwargs):
super(JailsConfiguration, self).__init__(*args, **kwargs)
iface = notifier().guess_default_interface()
if not iface:
return
st = sipcalc_type(iface=iface)
if not st:
return
if not st.is_ipv4():
return
if not self.jc_ipv4_network:
self.jc_ipv4_network = "%s/%d" % (st.network_address,
st.network_mask_bits)
ha = sipcalc_type(st.host_address) + 1
if not self.jc_ipv4_network_start:
self.jc_ipv4_network_start = ha.host_address
else:
parts = self.jc_ipv4_network_start.split('/')
self.jc_ipv4_network_start = parts[0]
if not self.jc_ipv4_network_end:
self.jc_ipv4_network_end = st.usable_range[1]
else:
parts = self.jc_ipv4_network_end.split('/')
self.jc_ipv4_network_end = parts[0]
def __init__(self, *args, **kwargs):
super(JailsConfiguration, self).__init__(*args, **kwargs)
iface = notifier().guess_default_interface()
if not iface:
return
st = sipcalc_type(iface=iface)
if not st:
return
if not st.is_ipv4():
return
if not self.jc_ipv4_network:
self.jc_ipv4_network = "%s/%d" % (
st.network_address, st.network_mask_bits)
ha = sipcalc_type(st.host_address) + 1
if not self.jc_ipv4_network_start:
self.jc_ipv4_network_start = ha.host_address
else:
parts = self.jc_ipv4_network_start.split('/')
self.jc_ipv4_network_start = parts[0]
if not self.jc_ipv4_network_end:
self.jc_ipv4_network_end = st.usable_range[1]
else:
parts = self.jc_ipv4_network_end.split('/')
self.jc_ipv4_network_end = parts[0]
def guess_ipv6_address():
ipv4_addr = None
st_ipv6_network = get_jail_ipv6_network()
if st_ipv6_network:
st_ipv6_network_start = get_jail_ipv6_network_start()
if not st_ipv6_network_start:
st_ipv6_network_start = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length
))
st_ipv6_network_end = get_jail_ipv6_network_end()
if not st_ipv6_network_end:
st_ipv6_network_end = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[1],
st_ipv6_network.prefix_length
))
#ipv6_addr = get_available_ipv6(st_ipv6_network_start,
# st_ipv6_network_end,
# get_ipv6_exclude_dict()
#)
return ipv4_addr
def guess_ipv4_address():
ipv4_addr = None
st_ipv4_network = get_jail_ipv4_network()
if st_ipv4_network:
st_ipv4_network_start = get_jail_ipv4_network_start()
if not st_ipv4_network_start:
st_ipv4_network_start = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits
))
st_ipv4_network_end = get_jail_ipv4_network_end()
if not st_ipv4_network_end:
st_ipv4_network_end = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[1],
st_ipv4_network.network_mask_bits
))
ipv4_addr = get_available_ipv4(st_ipv4_network_start,
st_ipv4_network_end,
get_ipv4_exclude_dict()
)
return ipv4_addr
def guess_addresses():
addresses = {
'high_ipv4': None,
'high_ipv6': None,
'bridge_ipv4': None,
'bridge_ipv6': None
}
ipv4_addr = guess_ipv4_address()
#ipv4_host_network = get_host_ipv4_network()
ipv4_jail_network = get_jail_ipv4_network()
if ipv4_addr:
addresses['high_ipv4'] = ipv4_addr
if (ipv4_jail_network and ipv4_addr) and (not ipv4_jail_network.in_network(ipv4_addr)):
addresses['bridge_ipv4'] = sipcalc_type("%s/%d" % (
ipv4_jail_network.usable_range[0],
ipv4_jail_network.network_mask_bits,
))
ipv6_addr = guess_ipv6_address()
#ipv6_host_network = get_host_ipv6_network()
ipv6_jail_network = get_jail_ipv6_network()
if ipv6_addr:
addresses['high_ipv6'] = ipv6_addr
if (ipv6_jail_network and ipv6_addr) and (not ipv6_jail_network.in_network(ipv6_addr)):
addresses['bridge_ipv6'] = sipcalc_type("%s/%d" % (
ipv6_jail_network.network_range[0],
ipv6_jail_network.prefix_length,
))
return addresses
def get_ipv4_address():
ipv4_addr = None
st_ipv4_network = get_jail_ipv4_network()
if st_ipv4_network:
st_ipv4_network_start = get_jail_ipv4_network_start()
if not st_ipv4_network_start:
st_ipv4_network_start = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits
))
st_ipv4_network_end = get_jail_ipv4_network_end()
if not st_ipv4_network_end:
st_ipv4_network_end = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[1],
st_ipv4_network.network_mask_bits
))
ipv4_addr = get_available_ipv4(st_ipv4_network_start,
st_ipv4_network_end,
get_ipv4_exclude_dict()
)
return ipv4_addr
def get_ipv6_address():
ipv6_addr = None
st_ipv6_network = get_jail_ipv6_network()
if st_ipv6_network:
st_ipv6_network_start = get_jail_ipv6_network_start()
if not st_ipv6_network_start:
st_ipv6_network_start = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length
))
st_ipv6_network_end = get_jail_ipv6_network_end()
if not st_ipv6_network_end:
st_ipv6_network_end = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[1],
st_ipv6_network.prefix_length
))
ipv6_addr = get_available_ipv6(st_ipv6_network_start,
st_ipv6_network_end,
get_ipv6_exclude_dict()
)
return ipv6_addr
def get_ipv4_exclude_dict():
ipv4_exclude_dict = {}
w = warden.Warden()
jails = w.cached_list()
if not jails:
return ipv4_exclude_dict
for j in jails:
mask = 24
if j['ipv4']:
parts = j['ipv4'].split('/')
if len(parts) == 2:
mask = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
mask
))
ipv4_exclude_dict[str(sc)] = sc
if j['bridge_ipv4']:
parts = j['bridge_ipv4'].split('/')
if len(parts) == 2:
try:
mask = int(parts[1])
except ValueError:
pass
sc = sipcalc_type("%s/%d" % (
parts[0],
mask
))
ipv4_exclude_dict[str(sc)] = sc
if j['alias_ipv4']:
amask = mask
aliases = j['alias_ipv4'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
amask = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
amask
))
ipv4_exclude_dict[str(sc)] = sc
if j['alias_bridge_ipv4']:
amask = mask
aliases = j['alias_bridge_ipv4'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
amask = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
amask
))
ipv4_exclude_dict[str(sc)] = sc
return ipv4_exclude_dict
def jailsconfiguration_network_info(request):
data = {
"jc_ipv4_network": None,
"jc_ipv4_network_start": None,
"jc_ipv4_network_end": None,
"jc_ipv6_network": None,
"jc_ipv6_network_start": None,
"jc_ipv6_network_end": None,
}
ipv4_iface = notifier().get_default_ipv4_interface()
if ipv4_iface:
ipv4_st = sipcalc_type(iface=ipv4_iface)
if ipv4_st.is_ipv4():
data["jc_ipv4_network"] = "%s/%d" % (ipv4_st.network_address, ipv4_st.network_mask_bits)
data["jc_ipv4_network_start"] = str(ipv4_st.usable_range[0]).split("/")[0]
data["jc_ipv4_network_end"] = str(ipv4_st.usable_range[1]).split("/")[0]
ipv6_iface = notifier().get_default_ipv6_interface()
try:
iface_info = notifier().get_interface_info(ipv6_iface)
if iface_info["ipv6"] is None:
raise Exception
ipv6_addr = iface_info["ipv6"][0]["inet6"]
if ipv6_addr is None:
raise Exception
ipv6_prefix = iface_info["ipv6"][0]["prefixlen"]
if ipv6_prefix is None:
raise Exception
ipv6_st = sipcalc_type("%s/%s" % (ipv6_addr, ipv6_prefix))
if not ipv6_st:
raise Exception
if not ipv6_st.is_ipv6():
raise Exception
ipv6_st2 = sipcalc_type(ipv6_st.subnet_prefix_masked)
if not ipv6_st:
raise Exception
if not ipv6_st.is_ipv6():
raise Exception
data["jc_ipv6_network"] = "%s/%d" % (ipv6_st2.compressed_address, ipv6_st.prefix_length)
ipv6_st2 = sipcalc_type(ipv6_st.network_range[0])
data["jc_ipv6_network_start"] = str(ipv6_st2.compressed_address).split("/")[0]
ipv6_st2 = sipcalc_type(ipv6_st.network_range[1])
data["jc_ipv6_network_end"] = str(ipv6_st2.compressed_address).split("/")[0]
except:
pass
content = json.dumps(data)
return HttpResponse(content, content_type="application/json")
def clean(self):
cdata = self.cleaned_data
st_ipv4_network = None
network = cdata.get('jc_ipv4_network', None)
if network:
st_ipv4_network = sipcalc_type(network)
st_ipv6_network = None
network = cdata.get('jc_ipv6_network', None)
if network:
st_ipv6_network = sipcalc_type(network)
ipv4_start = cdata.get('jc_ipv4_network_start', None)
if ipv4_start:
parts = ipv4_start.split('/')
ipv4_start = parts[0]
if st_ipv4_network:
ipv4_start = "%s/%d" % (
ipv4_start,
st_ipv4_network.network_mask_bits
)
if st_ipv4_network.in_network(ipv4_start):
cdata['jc_ipv4_network_start'] = ipv4_start
ipv4_end = cdata.get('jc_ipv4_network_end', None)
if ipv4_end:
parts = ipv4_end.split('/')
ipv4_end = parts[0]
if st_ipv4_network:
ipv4_end = "%s/%d" % (
ipv4_end,
st_ipv4_network.network_mask_bits
)
if st_ipv4_network.in_network(ipv4_end):
cdata['jc_ipv4_network_end'] = ipv4_end
ipv6_start = cdata.get('jc_ipv6_network_start', None)
if ipv6_start:
parts = ipv6_start.split('/')
ipv6_start = parts[0]
if st_ipv6_network:
ipv6_start = "%s/%d" % (
ipv6_start,
st_ipv6_network.prefix_length,
)
if st_ipv6_network.in_network(ipv6_start):
cdata['jc_ipv6_network_start'] = ipv6_start
ipv6_end = cdata.get('jc_ipv6_network_end', None)
if ipv6_end:
parts = ipv6_end.split('/')
ipv6_end = parts[0]
if st_ipv6_network:
ipv6_end = "%s/%d" % (ipv6_end, st_ipv6_network.prefix_length)
if st_ipv6_network.in_network(ipv6_end):
cdata['jc_ipv6_network_end'] = ipv6_end
return cdata
def clean(self):
cdata = self.cleaned_data
st_ipv4_network = None
network = cdata.get('jc_ipv4_network', None)
if network:
st_ipv4_network = sipcalc_type(network)
st_ipv6_network = None
network = cdata.get('jc_ipv6_network', None)
if network:
st_ipv6_network = sipcalc_type(network)
ipv4_start = cdata.get('jc_ipv4_network_start', None)
if ipv4_start:
parts = ipv4_start.split('/')
ipv4_start = parts[0]
if st_ipv4_network:
ipv4_start = "%s/%d" % (
ipv4_start,
st_ipv4_network.network_mask_bits
)
if st_ipv4_network.in_network(ipv4_start):
cdata['jc_ipv4_network_start'] = ipv4_start
ipv4_end = cdata.get('jc_ipv4_network_end', None)
if ipv4_end:
parts = ipv4_end.split('/')
ipv4_end = parts[0]
if st_ipv4_network:
ipv4_end = "%s/%d" % (
ipv4_end,
st_ipv4_network.network_mask_bits
)
if st_ipv4_network.in_network(ipv4_end):
cdata['jc_ipv4_network_end'] = ipv4_end
ipv6_start = cdata.get('jc_ipv6_network_start', None)
if ipv6_start:
parts = ipv6_start.split('/')
ipv6_start = parts[0]
if st_ipv6_network:
ipv6_start = "%s/%d" % (
ipv6_start,
st_ipv6_network.prefix_length,
)
if st_ipv6_network.in_network(ipv6_start):
cdata['jc_ipv6_network_start'] = ipv6_start
ipv6_end = cdata.get('jc_ipv6_network_end', None)
if ipv6_end:
parts = ipv6_end.split('/')
ipv6_end = parts[0]
if st_ipv6_network:
ipv6_end = "%s/%d" % (ipv6_end, st_ipv6_network.prefix_length)
if st_ipv6_network.in_network(ipv6_end):
cdata['jc_ipv6_network_end'] = ipv6_end
return cdata
def get_ipv6_exclude_dict():
ipv6_exclude_dict = {}
w = warden.Warden()
jails = w.cached_list()
if not jails:
return ipv6_exclude_dict
for j in jails:
prefix = 24
if j['ipv6']:
parts = j['ipv6'].split('/')
if len(parts) == 2:
prefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
prefix
))
ipv6_exclude_dict[str(sc)] = sc
if j['bridge_ipv6']:
parts = j['ipv6'].split('/')
if len(parts) == 2:
prefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
prefix
))
ipv6_exclude_dict[str(sc)] = sc
if j['alias_ipv6']:
aprefix = prefix
aliases = j['alias_ipv6'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
aprefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
aprefix
))
ipv6_exclude_dict[str(sc)] = sc
if j['alias_bridge_ipv6']:
aprefix = prefix
aliases = j['alias_bridge_ipv6'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
aprefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
aprefix
))
ipv6_exclude_dict[str(sc)] = sc
return ipv6_exclude_dict
def get_ipv6_exclude_dict():
ipv6_exclude_dict = {}
w = warden.Warden()
jails = w.list()
if not jails:
return ipv6_exclude_dict
for j in jails:
prefix = 24
if j['ipv6']:
parts = j['ipv6'].split('/')
if len(parts) == 2:
prefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
prefix
))
ipv6_exclude_dict[str(sc)] = sc
if j['bridge_ipv6']:
parts = j['ipv6'].split('/')
if len(parts) == 2:
prefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
prefix
))
ipv6_exclude_dict[str(sc)] = sc
if j['alias_ipv6']:
aprefix = prefix
aliases = j['alias_ipv6'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
aprefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
aprefix
))
ipv6_exclude_dict[str(sc)] = sc
if j['alias_bridge_ipv6']:
aprefix = prefix
aliases = j['alias_bridge_ipv6'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
aprefix = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
aprefix
))
ipv6_exclude_dict[str(sc)] = sc
return ipv6_exclude_dict
def get_ipv4_exclude_dict():
ipv4_exclude_dict = {}
w = warden.Warden()
jails = w.cached_list()
if not jails:
return ipv4_exclude_dict
for j in jails:
mask = 24
if j['ipv4']:
parts = j['ipv4'].split('/')
if len(parts) == 2:
mask = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
mask
))
ipv4_exclude_dict[str(sc)] = sc
if j['bridge_ipv4']:
parts = j['ipv4'].split('/')
if len(parts) == 2:
mask = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
mask
))
ipv4_exclude_dict[str(sc)] = sc
if j['alias_ipv4']:
amask = mask
aliases = j['alias_ipv4'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
amask = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
amask
))
ipv4_exclude_dict[str(sc)] = sc
if j['alias_bridge_ipv4']:
amask = mask
aliases = j['alias_bridge_ipv4'].split(',')
for a in aliases:
parts = a.split('/')
if len(parts) == 2:
amask = int(parts[1])
sc = sipcalc_type("%s/%d" % (
parts[0],
amask
))
ipv4_exclude_dict[str(sc)] = sc
return ipv4_exclude_dict
def get_host_ipv4_network():
st_host_ipv4_network = None
try:
iface = notifier().guess_default_interface()
st_ha = sipcalc_type(iface=iface)
if not st_ha.is_ipv4():
st_host_ipv4_network = None
else:
st_host_ipv4_network = sipcalc_type("%s/%d" % (st_ha.network_address, st_ha.network_mask_bits))
except Exception as e:
log.debug("Exception caught: %s", e)
return st_host_ipv4_network
def get_host_ipv6_network():
st_host_ipv6_network = None
try:
iface = notifier().guess_default_interface()
st_ha = sipcalc_type(iface=iface)
if not st_ha.is_ipv6():
st_host_ipv6_network = None
else:
st_host_ipv6_network = sipcalc_type("%s/%d" % (st_ha.network_range[0], st_ha.prefix_length))
except Exception as e:
log.debug("Exception caught: %s", e)
return st_host_ipv6_network
def __configure_ipv6_network(self):
ipv6_iface = notifier().get_default_ipv6_interface()
if ipv6_iface == None:
return
iface_info = notifier().get_interface_info(ipv6_iface)
if iface_info['ipv6'] == None:
return
ipv6_addr = iface_info['ipv6'][0]['inet6']
if ipv6_addr == None:
return
ipv6_prefix = iface_info['ipv6'][0]['prefixlen']
if ipv6_prefix == None:
return
st = sipcalc_type("%s/%s" % (ipv6_addr, ipv6_prefix))
if not st:
return
if not st.is_ipv6():
return
st2 = sipcalc_type(st.subnet_prefix_masked)
if not st:
return
if not st.is_ipv6():
return
if not self.jc_ipv6_network:
self.jc_ipv6_network = "%s/%d" % (st2.compressed_address,
st.prefix_length)
if not self.jc_ipv6_network_start:
st2 = sipcalc_type(st.network_range[0])
self.jc_ipv6_network_start = str(
st2.compressed_address).split('/')[0]
else:
self.jc_ipv6_network_start = self.jc_ipv6_network_start.split(
'/')[0]
if not self.jc_ipv6_network_end:
st2 = sipcalc_type(st.network_range[1])
self.jc_ipv6_network_end = str(
st2.compressed_address).split('/')[0]
else:
self.jc_ipv6_network_end = self.jc_ipv6_network_end.split('/')[0]
def get_host_ipv4_network():
st_host_ipv4_network = None
try:
iface = notifier().get_default_ipv4_interface()
st_ha = sipcalc_type(iface=iface)
if not st_ha.is_ipv4():
st_host_ipv4_network = None
else:
st_host_ipv4_network = sipcalc_type(
"%s/%d" % (st_ha.network_address, st_ha.network_mask_bits))
except Exception as e:
log.debug("Exception caught: %s", e)
return st_host_ipv4_network
def __configure_ipv6_network(self):
ipv6_iface = notifier().get_default_ipv6_interface()
if ipv6_iface == None:
return
iface_info = notifier().get_interface_info(ipv6_iface)
if iface_info['ipv6'] == None:
return
ipv6_addr = iface_info['ipv6'][0]['inet6']
if ipv6_addr == None:
return
ipv6_prefix = iface_info['ipv6'][0]['prefixlen']
if ipv6_prefix == None:
return
st = sipcalc_type("%s/%s" % (ipv6_addr, ipv6_prefix))
if not st:
return
if not st.is_ipv6():
return
st2 = sipcalc_type(st.subnet_prefix_masked)
if not st:
return
if not st.is_ipv6():
return
if not self.jc_ipv6_network:
self.jc_ipv6_network = "%s/%d" % (
st2.compressed_address, st.prefix_length
)
if not self.jc_ipv6_network_start:
st2 = sipcalc_type(st.network_range[0])
self.jc_ipv6_network_start = str(st2.compressed_address).split('/')[0]
else:
self.jc_ipv6_network_start = self.jc_ipv6_network_start.split('/')[0]
if not self.jc_ipv6_network_end:
st2 = sipcalc_type(st.network_range[1])
self.jc_ipv6_network_end = str(st2.compressed_address).split('/')[0]
else:
self.jc_ipv6_network_end = self.jc_ipv6_network_end.split('/')[0]
def __configure_ipv4_network(self):
ipv4_iface = notifier().get_default_ipv4_interface()
if ipv4_iface == None:
return
st = sipcalc_type(iface=ipv4_iface)
if not st:
return
if not st.is_ipv4():
return
if not self.jc_ipv4_network:
self.jc_ipv4_network = "%s/%d" % (
st.network_address, st.network_mask_bits
)
if not self.jc_ipv4_network_start:
self.jc_ipv4_network_start = str(st.usable_range[0]).split('/')[0]
else:
self.jc_ipv4_network_start = self.jc_ipv4_network_start.split('/')[0]
if not self.jc_ipv4_network_end:
self.jc_ipv4_network_end = str(st.usable_range[1]).split('/')[0]
else:
self.jc_ipv4_network_end = self.jc_ipv4_network_end.split('/')[0]
def get_host_ipv6_network():
st_host_ipv6_network = None
try:
iface = notifier().get_default_ipv6_interface()
st_ha = sipcalc_type(iface=iface)
if not st_ha.is_ipv6():
st_host_ipv6_network = None
else:
st_host_ipv6_network = sipcalc_type("%s/%d" % (
st_ha.network_range[0],
st_ha.prefix_length,
))
except Exception as e:
log.debug("Exception caught: %s", e)
return st_host_ipv6_network
def guess_addresses():
addresses = {
'high_ipv4': None,
'high_ipv6': None,
'bridge_ipv4': None,
'bridge_ipv6': None
}
ipv4_addr = guess_ipv4_address()
ipv4_jail_network = get_jail_ipv4_network()
if ipv4_addr:
addresses['high_ipv4'] = ipv4_addr
if (ipv4_jail_network
and ipv4_addr) and (not ipv4_jail_network.in_network(ipv4_addr)):
try:
addresses['bridge_ipv4'] = sipcalc_type("%s/%d" % (
ipv4_jail_network.usable_range[0],
ipv4_jail_network.network_mask_bits,
))
except Exception as e:
log.debug("guess_addresses: %s", e)
return addresses
ipv6_addr = guess_ipv6_address()
ipv6_jail_network = get_jail_ipv6_network()
if ipv6_addr:
addresses['high_ipv6'] = ipv6_addr
if (ipv6_jail_network
and ipv6_addr) and (not ipv6_jail_network.in_network(ipv6_addr)):
try:
addresses['bridge_ipv6'] = sipcalc_type("%s/%d" % (
ipv6_jail_network.network_range[0],
ipv6_jail_network.prefix_length,
))
except Exception as e:
log.debug("guess_addresses: %s", e)
return addresses
return addresses
def get_ipv4_exclude_dict():
ipv4_exclude_dict = {}
w = warden.Warden()
jails = w.list()
for j in jails:
mask = 24
if j["ipv4"]:
parts = j["ipv4"].split("/")
if len(parts) == 2:
mask = int(parts[1])
sc = sipcalc_type("%s/%d" % (parts[0], mask))
ipv4_exclude_dict[str(sc)] = sc
if j["bridge_ipv4"]:
parts = j["ipv4"].split("/")
if len(parts) == 2:
mask = int(parts[1])
sc = sipcalc_type("%s/%d" % (parts[0], mask))
ipv4_exclude_dict[str(sc)] = sc
if j["alias_ipv4"]:
amask = mask
aliases = j["alias_ipv4"].split(",")
for a in aliases:
parts = a.split("/")
if len(parts) == 2:
amask = int(parts[1])
sc = sipcalc_type("%s/%d" % (parts[0], amask))
ipv4_exclude_dict[str(sc)] = sc
if j["alias_bridge_ipv4"]:
amask = mask
aliases = j["alias_bridge_ipv4"].split(",")
for a in aliases:
parts = a.split("/")
if len(parts) == 2:
amask = int(parts[1])
sc = sipcalc_type("%s/%d" % (parts[0], amask))
ipv4_exclude_dict[str(sc)] = sc
return ipv4_exclude_dict
def get_jail_ipv6_network():
jail_ipv6_network = None
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
jail_ipv6_network = sipcalc_type(jc.jc_ipv6_network)
except:
jail_ipv6_network = None
return jail_ipv6_network
def get_jail_ipv6_network():
jail_ipv6_network = None
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
jail_ipv6_network = sipcalc_type(jc.jc_ipv6_network)
except:
jail_ipv6_network = None
return jail_ipv6_network
def guess_addresses():
addresses = {
'high_ipv4': None,
'high_ipv6': None,
'bridge_ipv4': None,
'bridge_ipv6': None
}
ipv4_addr = guess_ipv4_address()
ipv4_jail_network = get_jail_ipv4_network()
if ipv4_addr:
addresses['high_ipv4'] = ipv4_addr
if (ipv4_jail_network and ipv4_addr) and (not ipv4_jail_network.in_network(ipv4_addr)):
try:
addresses['bridge_ipv4'] = sipcalc_type("%s/%d" % (
ipv4_jail_network.usable_range[0],
ipv4_jail_network.network_mask_bits,
))
except Exception as e:
log.debug("guess_addresses: %s", e)
return addresses
ipv6_addr = guess_ipv6_address()
ipv6_jail_network = get_jail_ipv6_network()
if ipv6_addr:
addresses['high_ipv6'] = ipv6_addr
if (ipv6_jail_network and ipv6_addr) and (not ipv6_jail_network.in_network(ipv6_addr)):
try:
addresses['bridge_ipv6'] = sipcalc_type("%s/%d" % (
ipv6_jail_network.network_range[0],
ipv6_jail_network.prefix_length,
))
except Exception as e:
log.debug("guess_addresses: %s", e)
return addresses
return addresses
def guess_ipv6_address():
ipv4_addr = None
st_ipv6_network = get_jail_ipv6_network()
if st_ipv6_network:
st_ipv6_network_start = get_jail_ipv6_network_start()
if not st_ipv6_network_start:
st_ipv6_network_start = sipcalc_type(
"%s/%d" % (st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length))
st_ipv6_network_end = get_jail_ipv6_network_end()
if not st_ipv6_network_end:
st_ipv6_network_end = sipcalc_type(
"%s/%d" % (st_ipv6_network.network_range[1],
st_ipv6_network.prefix_length))
ipv6_addr = get_available_ipv6(st_ipv6_network_start,
st_ipv6_network_end)
addresses['high_ipv6'] = ipv6_addr
return ipv4_addr
def guess_ipv6_address():
ipv4_addr = None
st_ipv6_network = get_jail_ipv6_network()
if st_ipv6_network:
st_ipv6_network_start = get_jail_ipv6_network_start()
if not st_ipv6_network_start:
st_ipv6_network_start = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length
))
st_ipv6_network_end = get_jail_ipv6_network_end()
if not st_ipv6_network_end:
st_ipv6_network_end = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[1],
st_ipv6_network.prefix_length
))
ipv6_addr = get_available_ipv6(st_ipv6_network_start, st_ipv6_network_end)
addresses['high_ipv6'] = ipv6_addr
return ipv4_addr
def get_jail_ipv6_network_end():
jail_ipv6_network_end = None
jail_ipv6_network = get_jail_ipv6_network()
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
jail_ipv6_network_end = sipcalc_type(
"%s/%d" % (jc.jc_ipv6_network_end.split('/')[0],
jail_ipv6_network.prefix_length))
except:
jail_ipv6_network_end = None
return jail_ipv6_network_end
def get_jail_ipv4_network_start():
jail_ipv4_network_start = None
jail_ipv4_network = get_jail_ipv4_network()
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
jail_ipv4_network_start = sipcalc_type(
"%s/%d" % (jc.jc_ipv4_network_start.split("/")[0], jail_ipv4_network.network_mask_bits)
)
except:
jail_ipv4_network_start = None
return jail_ipv4_network_start
def get_jail_ipv4_network_start():
jail_ipv4_network_start = None
jail_ipv4_network = get_jail_ipv4_network()
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
jail_ipv4_network_start = sipcalc_type(
"%s/%d" % (jc.jc_ipv4_network_start.split('/')[0],
jail_ipv4_network.network_mask_bits))
except:
jail_ipv4_network_start = None
return jail_ipv4_network_start
def get_jail_ipv6_network_end():
jail_ipv6_network_end = None
jail_ipv6_network = get_jail_ipv6_network()
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
jail_ipv6_network_end = sipcalc_type(
"%s/%d" % (jc.jc_ipv6_network_end.split("/")[0], jail_ipv6_network.prefix_length)
)
except:
jail_ipv6_network_end = None
return jail_ipv6_network_end
def guess_addresses():
addresses = {
'high_ipv4': None,
'high_ipv6': None,
'bridge_ipv4': None,
'bridge_ipv6': None
}
ipv4_addr = guess_ipv4_address()
ipv4_host_network = get_host_ipv4_network()
ipv4_jail_network = get_jail_ipv4_network()
if ipv4_addr:
addresses['high_ipv4'] = ipv4_addr
if (ipv4_jail_network
and ipv4_addr) and (not ipv4_jail_network.in_network(ipv4_addr)):
addresses['bridge_ipv4'] = sipcalc_type("%s/%d" % (
ipv4_jail_network.usable_range[0],
ipv4_jail_network.network_mask_bits,
))
ipv6_addr = guess_ipv6_address()
ipv6_host_network = get_host_ipv6_network()
ipv6_jail_network = get_jail_ipv6_network()
if ipv6_addr:
addresses['high_ipv6'] = ipv6_addr
if (ipv6_jail_network
and ipv6_addr) and (not ipv6_jail_network.in_network(ipv6_addr)):
addresses['bridge_ipv6'] = sipcalc_type("%s/%d" % (
ipv6_jail_network.network_range[0],
ipv6_jail_network.prefix_length,
))
return addresses
def __init__(self, *args, **kwargs):
super(JailCreateForm, self).__init__(*args, **kwargs)
self.fields['jail_type'].choices = (
(WARDEN_TYPE_PLUGINJAIL, WARDEN_TYPE_PLUGINJAIL),
(WARDEN_TYPE_STANDARD, WARDEN_TYPE_STANDARD),
(WARDEN_TYPE_PORTJAIL, WARDEN_TYPE_PORTJAIL),
# (WARDEN_TYPE_LINUXJAIL, WARDEN_TYPE_LINUXJAIL)
)
high_ipv4 = None
high_ipv6 = None
st_ipv4_network = None
st_ipv6_network = None
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
st_ipv4_network = sipcalc_type(jc.jc_ipv4_network)
st_ipv6_network = sipcalc_type(jc.jc_ipv6_network)
except:
pass
#
# Reserve the first 25 addresses
#
if st_ipv4_network is not None:
high_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits))
high_ipv4 += 25
if st_ipv6_network is not None:
high_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network .network_range[0],
st_ipv6_network.prefix_length))
high_ipv6 += 25
wlist = Warden().list()
for wj in wlist:
wo = WardenJail(**wj)
st_ipv4 = None
st_ipv6 = None
if wo.ipv4:
st_ipv4 = sipcalc_type(wo.ipv4)
if wo.ipv6:
st_ipv6 = sipcalc_type(wo.ipv6)
if st_ipv4 and st_ipv4_network is not None:
if st_ipv4_network.in_network(st_ipv4):
if st_ipv4 > high_ipv4:
high_ipv4 = st_ipv4
if st_ipv6 and st_ipv6_network is not None:
if st_ipv6_network.in_network(st_ipv6):
if st_ipv6 > high_ipv6:
high_ipv6 = st_ipv6
if high_ipv4 is None and st_ipv4_network is not None:
high_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits))
elif high_ipv4 is not None and st_ipv4_network is not None:
high_ipv4 += 1
if not st_ipv4_network.in_network(high_ipv4):
high_ipv4 = None
if high_ipv6 is None and st_ipv6_network is not None:
high_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length))
elif high_ipv6 is not None and st_ipv6_network is not None:
high_ipv6 += 1
if not st_ipv6_network.in_network(high_ipv6):
high_ipv6 = None
if high_ipv6 is not None:
self.fields['jail_ipv6'].initial = high_ipv6
elif high_ipv4 is not None:
self.fields['jail_ipv4'].initial = high_ipv4
if st_ipv4_network is not None:
bridge_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits))
self.fields['jail_bridge_ipv4'].initial = bridge_ipv4
if st_ipv6_network is not None:
bridge_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length))
self.fields['jail_bridge_ipv6'].initial = bridge_ipv6
def guess_adresses():
high_ipv4 = None
high_ipv6 = None
st_ipv4_network = None
st_ipv6_network = None
jc = None
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
st_ipv4_network = sipcalc_type(jc.jc_ipv4_network)
st_ipv6_network = sipcalc_type(jc.jc_ipv6_network)
except Exception as e:
log.debug("Exception caught: %s", e)
#
# If a jails configuration exists (as it should),
# create sipcalc objects
#
if st_ipv4_network:
high_ipv4 = sipcalc_type("%s/%d" % (jc.jc_ipv4_network_start, st_ipv4_network.network_mask_bits))
if st_ipv6_network:
high_ipv6 = sipcalc_type("%s/%d" % (jc.jc_ipv6_network_start, st_ipv6_network.prefix_length))
#
# Attempt to determine the primary interface network.
# This is done so that we don't set a bridge address
# (we leave it blank, in which case the Warden will
# figure out the default gateway and set that up inside
# the jail if on the same network as the host).
#
st_host_ipv4_network = None
try:
iface = notifier().guess_default_interface()
st_ha = sipcalc_type(iface=iface)
if not st_ha.is_ipv4():
st_host_ipv4_network = None
else:
st_host_ipv4_network = sipcalc_type("%s/%d" % (st_ha.network_address, st_ha.network_mask_bits))
except Exception as e:
log.debug("Exception caught: %s", e)
#
# Be extra careful, if no start and end addresses
# are configured, take the first network address
# and add 25 to it.
#
if not high_ipv4 and st_ipv4_network:
high_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0], st_ipv4_network.network_mask_bits))
high_ipv4 += 25
if not high_ipv6 and st_ipv6_network:
high_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network.network_range[0], st_ipv6_network.prefix_length))
high_ipv6 += 25
try:
wlist = warden.Warden().list()
except:
wlist = []
for wj in wlist:
wo = warden.WardenJail(**wj)
st_ipv4 = None
st_ipv6 = None
#
# This figures out the highest IP address currently in use
#
if wo.ipv4:
st_ipv4 = sipcalc_type(wo.ipv4)
if wo.ipv6:
st_ipv6 = sipcalc_type(wo.ipv6)
if st_ipv4 and st_ipv4_network is not None:
if st_ipv4_network.in_network(st_ipv4):
if st_ipv4 > high_ipv4:
high_ipv4 = st_ipv4
if st_ipv6 and st_ipv6_network is not None:
if st_ipv6_network.in_network(st_ipv6):
if st_ipv6 > high_ipv6:
high_ipv6 = st_ipv6
if high_ipv4 is None and st_ipv4_network is not None:
high_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0], st_ipv4_network.network_mask_bits))
elif high_ipv4 is not None and st_ipv4_network is not None:
high_ipv4 += 1
if not st_ipv4_network.in_network(high_ipv4):
high_ipv4 = None
if high_ipv6 is None and st_ipv6_network is not None:
high_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network.network_range[0], st_ipv6_network.prefix_length))
elif high_ipv6 is not None and st_ipv6_network is not None:
high_ipv6 += 1
if not st_ipv6_network.in_network(high_ipv6):
high_ipv6 = None
#
# If a network is configured for jails, and it is NOT on
# the same network as the host, setup a bridge address.
# (This will be the default gateway of the jail).
#
bridge_ipv4 = None
if st_ipv4_network is not None and not st_host_ipv4_network:
bridge_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0], st_ipv4_network.network_mask_bits))
bridge_ipv6 = None
if st_ipv6_network is not None:
bridge_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network.network_range[0], st_ipv6_network.prefix_length))
return {"high_ipv4": high_ipv4, "high_ipv6": high_ipv6, "bridge_ipv4": bridge_ipv4, "bridge_ipv6": bridge_ipv6}
def __init__(self, *args, **kwargs):
super(JailCreateForm, self).__init__(*args, **kwargs)
self.fields['jail_type'].choices = (
(WARDEN_TYPE_PLUGINJAIL, WARDEN_TYPE_PLUGINJAIL),
(WARDEN_TYPE_STANDARD, WARDEN_TYPE_STANDARD),
(WARDEN_TYPE_PORTJAIL, WARDEN_TYPE_PORTJAIL),
# (WARDEN_TYPE_LINUXJAIL, WARDEN_TYPE_LINUXJAIL)
)
self.fields['jail_type'].widget.attrs['onChange'] = "jail_type_toggle();"
self.fields['jail_32bit'].widget.attrs['onChange'] = "jail_32bit_toggle();"
self.fields['jail_vnet'].widget.attrs['onChange'] = "jail_vnet_toggle();"
high_ipv4 = None
high_ipv6 = None
st_ipv4_network = None
st_ipv6_network = None
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
st_ipv4_network = sipcalc_type(jc.jc_ipv4_network)
st_ipv6_network = sipcalc_type(jc.jc_ipv6_network)
except:
pass
logfile = "%s/warden.log" % jc.jc_path
if os.path.exists(logfile):
os.unlink(logfile)
#
# Reserve the first 25 addresses
#
if st_ipv4_network is not None:
high_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits))
high_ipv4 += 25
if st_ipv6_network is not None:
high_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network .network_range[0],
st_ipv6_network.prefix_length))
high_ipv6 += 25
try:
wlist = Warden().list()
except:
wlist = []
for wj in wlist:
wo = WardenJail(**wj)
st_ipv4 = None
st_ipv6 = None
if wo.ipv4:
st_ipv4 = sipcalc_type(wo.ipv4)
if wo.ipv6:
st_ipv6 = sipcalc_type(wo.ipv6)
if st_ipv4 and st_ipv4_network is not None:
if st_ipv4_network.in_network(st_ipv4):
if st_ipv4 > high_ipv4:
high_ipv4 = st_ipv4
if st_ipv6 and st_ipv6_network is not None:
if st_ipv6_network.in_network(st_ipv6):
if st_ipv6 > high_ipv6:
high_ipv6 = st_ipv6
if high_ipv4 is None and st_ipv4_network is not None:
high_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits))
elif high_ipv4 is not None and st_ipv4_network is not None:
high_ipv4 += 1
if not st_ipv4_network.in_network(high_ipv4):
high_ipv4 = None
if high_ipv6 is None and st_ipv6_network is not None:
high_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length))
elif high_ipv6 is not None and st_ipv6_network is not None:
high_ipv6 += 1
if not st_ipv6_network.in_network(high_ipv6):
high_ipv6 = None
if high_ipv6 is not None:
self.fields['jail_ipv6'].initial = high_ipv6
elif high_ipv4 is not None:
self.fields['jail_ipv4'].initial = high_ipv4
if st_ipv4_network is not None:
bridge_ipv4 = sipcalc_type("%s/%d" % (st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits))
self.fields['jail_bridge_ipv4'].initial = bridge_ipv4
if st_ipv6_network is not None:
bridge_ipv6 = sipcalc_type("%s/%d" % (st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length))
self.fields['jail_bridge_ipv6'].initial = bridge_ipv6
def __init__(self, *args, **kwargs):
super(JailsConfiguration, self).__init__(*args, **kwargs)
ipv4_iface = notifier().get_default_ipv4_interface()
if not ipv4_iface:
return
st = sipcalc_type(iface=ipv4_iface)
if not st:
return
if not st.is_ipv4():
return
if not self.jc_ipv4_network:
self.jc_ipv4_network = "%s/%d" % (
st.network_address, st.network_mask_bits
)
if not self.jc_ipv4_network_start:
self.jc_ipv4_network_start = str(st.usable_range[0]).split('/')[0]
else:
self.jc_ipv4_network_start = self.jc_ipv4_network_start.split('/')[0]
if not self.jc_ipv4_network_end:
self.jc_ipv4_network_end = str(st.usable_range[1]).split('/')[0]
else:
self.jc_ipv4_network_end = self.jc_ipv4_network_end.split('/')[0]
ipv6_iface = notifier().get_default_ipv6_interface()
if ipv6_iface == None:
return
iface_info = notifier().get_interface_info(ipv6_iface)
if iface_info['ipv6'] == None:
return
ipv6_addr = iface_info['ipv6'][0]['inet6']
if ipv6_addr == None:
return
ipv6_prefix = iface_info['ipv6'][0]['prefixlen']
if ipv6_prefix == None:
return
st = sipcalc_type("%s/%s" % (ipv6_addr, ipv6_prefix))
if not st:
return
if not st.is_ipv6():
return
st2 = sipcalc_type(st.subnet_prefix_masked)
if not st:
return
if not st.is_ipv6():
return
if not self.jc_ipv6_network:
self.jc_ipv6_network = "%s/%d" % (
st2.compressed_address, st.prefix_length
)
if not self.jc_ipv6_network_start:
st2 = sipcalc_type(st.network_range[0])
self.jc_ipv6_network_start = str(st2.compressed_address).split('/')[0]
else:
self.jc_ipv6_network_start = self.jc_ipv6_network_start.split('/')[0]
if not self.jc_ipv6_network_end:
st2 = sipcalc_type(st.network_range[1])
self.jc_ipv6_network_end = str(st2.compressed_address).split('/')[0]
else:
self.jc_ipv6_network_end = self.jc_ipv6_network_end.split('/')[0]
def __init__(self, *args, **kwargs):
super(JailCreateForm, self).__init__(*args, **kwargs)
self.fields['jail_type'].choices = (
(WARDEN_TYPE_PLUGINJAIL, WARDEN_TYPE_PLUGINJAIL),
(WARDEN_TYPE_STANDARD, WARDEN_TYPE_STANDARD),
(WARDEN_TYPE_PORTJAIL, WARDEN_TYPE_PORTJAIL),
# (WARDEN_TYPE_LINUXJAIL, WARDEN_TYPE_LINUXJAIL)
)
self.fields['jail_type'].widget.attrs['onChange'] = (
"jail_type_toggle();"
)
self.fields['jail_32bit'].widget.attrs['onChange'] = (
"jail_32bit_toggle();"
)
self.fields['jail_vnet'].widget.attrs['onChange'] = (
"jail_vnet_toggle();"
)
self.fields['jail_nat'].widget.attrs['onChange'] = (
"jail_nat_toggle();"
)
high_ipv4 = None
high_ipv6 = None
st_ipv4_network = None
st_ipv6_network = None
jc = None
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
st_ipv4_network = sipcalc_type(jc.jc_ipv4_network)
st_ipv6_network = sipcalc_type(jc.jc_ipv6_network)
except Exception as e:
log.debug("Exception caught: %s", e)
pass
#
# If a jails configuration exists (as it should),
# create sipcalc objects
#
if st_ipv4_network:
high_ipv4 = sipcalc_type("%s/%d" % (
jc.jc_ipv4_network_start,
st_ipv4_network.network_mask_bits
))
if st_ipv6_network:
high_ipv6 = sipcalc_type("%s/%d" % (
jc.jc_ipv6_network_start,
st_ipv6_network.prefix_length
))
#
# Attempt to determine the primary interface network.
# This is done so that we don't set a bridge address
# (we leave it blank, in which case the Warden will
# figure out the default gateway and set that up inside
# the jail if on the same network as the host).
#
st_host_ipv4_network = None
try:
iface = notifier().guess_default_interface()
st_ha = sipcalc_type(iface=iface)
if not st_ha.is_ipv4():
st_host_ipv4_network = None
else:
st_host_ipv4_network = sipcalc_type("%s/%d" % (
st_ha.network_address, st_ha.network_mask_bits
))
except Exception as e:
log.debug("Exception caught: %s", e)
pass
if jc and jc.jc_path:
logfile = "%s/warden.log" % jc.jc_path
if os.path.exists(logfile):
os.unlink(logfile)
#
# Be extra careful, if no start and end addresses
# are configured, take the first network address
# and add 25 to it.
#
if not high_ipv4 and st_ipv4_network:
high_ipv4 = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits,
))
high_ipv4 += 25
if not high_ipv6 and st_ipv6_network:
high_ipv6 = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length,
))
high_ipv6 += 25
try:
wlist = Warden().list()
except:
wlist = []
for wj in wlist:
wo = WardenJail(**wj)
st_ipv4 = None
st_ipv6 = None
#
# This figures out the highest IP address currently in use
#
if wo.ipv4:
st_ipv4 = sipcalc_type(wo.ipv4)
if wo.ipv6:
st_ipv6 = sipcalc_type(wo.ipv6)
if st_ipv4 and st_ipv4_network is not None:
if st_ipv4_network.in_network(st_ipv4):
if st_ipv4 > high_ipv4:
high_ipv4 = st_ipv4
if st_ipv6 and st_ipv6_network is not None:
if st_ipv6_network.in_network(st_ipv6):
if st_ipv6 > high_ipv6:
high_ipv6 = st_ipv6
if high_ipv4 is None and st_ipv4_network is not None:
high_ipv4 = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits,
))
elif high_ipv4 is not None and st_ipv4_network is not None:
high_ipv4 += 1
if not st_ipv4_network.in_network(high_ipv4):
high_ipv4 = None
if high_ipv6 is None and st_ipv6_network is not None:
high_ipv6 = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length,
))
elif high_ipv6 is not None and st_ipv6_network is not None:
high_ipv6 += 1
if not st_ipv6_network.in_network(high_ipv6):
high_ipv6 = None
if high_ipv6 is not None:
self.fields['jail_ipv6'].initial = high_ipv6
elif high_ipv4 is not None:
self.fields['jail_ipv4'].initial = high_ipv4
#
# If a network is configured for jails, and it is NOT on
# the same network as the host, setup a bridge address.
# (This will be the default gateway of the jail).
#
if st_ipv4_network is not None and not st_host_ipv4_network:
bridge_ipv4 = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits,
))
self.fields['jail_bridge_ipv4'].initial = bridge_ipv4
if st_ipv6_network is not None:
bridge_ipv6 = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length,
))
self.fields['jail_bridge_ipv6'].initial = bridge_ipv6
def jailsconfiguration_network_info(request):
data = {
'jc_ipv4_network': None,
'jc_ipv4_network_start': None,
'jc_ipv4_network_end': None,
'jc_ipv6_network': None,
'jc_ipv6_network_start': None,
'jc_ipv6_network_end': None,
}
ipv4_iface = notifier().get_default_ipv4_interface()
if ipv4_iface:
ipv4_st = sipcalc_type(iface=ipv4_iface)
if ipv4_st.is_ipv4():
data['jc_ipv4_network'] = "%s/%d" % (ipv4_st.network_address,
ipv4_st.network_mask_bits)
data['jc_ipv4_network_start'] = str(
ipv4_st.usable_range[0]).split('/')[0]
data['jc_ipv4_network_end'] = str(
ipv4_st.usable_range[1]).split('/')[0]
ipv6_iface = notifier().get_default_ipv6_interface()
try:
iface_info = notifier().get_interface_info(ipv6_iface)
if iface_info['ipv6'] is None:
raise Exception
ipv6_addr = iface_info['ipv6'][0]['inet6']
if ipv6_addr is None:
raise Exception
ipv6_prefix = iface_info['ipv6'][0]['prefixlen']
if ipv6_prefix is None:
raise Exception
ipv6_st = sipcalc_type("%s/%s" % (ipv6_addr, ipv6_prefix))
if not ipv6_st:
raise Exception
if not ipv6_st.is_ipv6():
raise Exception
ipv6_st2 = sipcalc_type(ipv6_st.subnet_prefix_masked)
if not ipv6_st:
raise Exception
if not ipv6_st.is_ipv6():
raise Exception
data['jc_ipv6_network'] = "%s/%d" % (ipv6_st2.compressed_address,
ipv6_st.prefix_length)
ipv6_st2 = sipcalc_type(ipv6_st.network_range[0])
data['jc_ipv6_network_start'] = str(
ipv6_st2.compressed_address).split('/')[0]
ipv6_st2 = sipcalc_type(ipv6_st.network_range[1])
data['jc_ipv6_network_end'] = str(
ipv6_st2.compressed_address).split('/')[0]
except:
pass
content = json.dumps(data)
return HttpResponse(content, content_type='application/json')
def guess_adresses():
high_ipv4 = None
high_ipv6 = None
st_ipv4_network = None
st_ipv6_network = None
jc = None
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
st_ipv4_network = sipcalc_type(jc.jc_ipv4_network)
st_ipv6_network = sipcalc_type(jc.jc_ipv6_network)
except Exception as e:
log.debug("Exception caught: %s", e)
#
# If a jails configuration exists (as it should),
# create sipcalc objects
#
if st_ipv4_network:
high_ipv4 = sipcalc_type(
"%s/%d" %
(jc.jc_ipv4_network_start, st_ipv4_network.network_mask_bits))
if st_ipv6_network:
high_ipv6 = sipcalc_type(
"%s/%d" %
(jc.jc_ipv6_network_start, st_ipv6_network.prefix_length))
#
# Attempt to determine the primary interface network.
# This is done so that we don't set a bridge address
# (we leave it blank, in which case the Warden will
# figure out the default gateway and set that up inside
# the jail if on the same network as the host).
#
st_host_ipv4_network = None
try:
iface = notifier().guess_default_interface()
st_ha = sipcalc_type(iface=iface)
if not st_ha.is_ipv4():
st_host_ipv4_network = None
else:
st_host_ipv4_network = sipcalc_type(
"%s/%d" % (st_ha.network_address, st_ha.network_mask_bits))
except Exception as e:
log.debug("Exception caught: %s", e)
#
# Be extra careful, if no start and end addresses
# are configured, take the first network address
# and add 25 to it.
#
if not high_ipv4 and st_ipv4_network:
high_ipv4 = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits,
))
high_ipv4 += 25
if not high_ipv6 and st_ipv6_network:
high_ipv6 = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length,
))
high_ipv6 += 25
try:
wlist = warden.Warden().list()
except:
wlist = []
for wj in wlist:
wo = warden.WardenJail(**wj)
st_ipv4 = None
st_ipv6 = None
#
# This figures out the highest IP address currently in use
#
if wo.ipv4:
st_ipv4 = sipcalc_type(wo.ipv4)
if wo.ipv6:
st_ipv6 = sipcalc_type(wo.ipv6)
if st_ipv4 and st_ipv4_network is not None:
if st_ipv4_network.in_network(st_ipv4):
if st_ipv4 > high_ipv4:
high_ipv4 = st_ipv4
if st_ipv6 and st_ipv6_network is not None:
if st_ipv6_network.in_network(st_ipv6):
if st_ipv6 > high_ipv6:
high_ipv6 = st_ipv6
if high_ipv4 is None and st_ipv4_network is not None:
high_ipv4 = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits,
))
elif high_ipv4 is not None and st_ipv4_network is not None:
high_ipv4 += 1
if not st_ipv4_network.in_network(high_ipv4):
high_ipv4 = None
if high_ipv6 is None and st_ipv6_network is not None:
high_ipv6 = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length,
))
elif high_ipv6 is not None and st_ipv6_network is not None:
high_ipv6 += 1
if not st_ipv6_network.in_network(high_ipv6):
high_ipv6 = None
#
# If a network is configured for jails, and it is NOT on
# the same network as the host, setup a bridge address.
# (This will be the default gateway of the jail).
#
bridge_ipv4 = None
if st_ipv4_network is not None and not st_host_ipv4_network:
bridge_ipv4 = sipcalc_type("%s/%d" % (
st_ipv4_network.usable_range[0],
st_ipv4_network.network_mask_bits,
))
bridge_ipv6 = None
if st_ipv6_network is not None:
bridge_ipv6 = sipcalc_type("%s/%d" % (
st_ipv6_network.network_range[0],
st_ipv6_network.prefix_length,
))
return {
'high_ipv4': high_ipv4,
'high_ipv6': high_ipv6,
'bridge_ipv4': bridge_ipv4,
'bridge_ipv6': bridge_ipv6,
}
