コード例 #1
0
ファイル: genTsigData_dm.py プロジェクト: dnsminer/coderepo
def gettsigid(thiskeyname):
    thisresultlist=[]
    selectlist=['tsig_id','tsig_keys','tsig_name',thiskeyname]
    thisresultlist = menudbselect_dm.dbRecordSelect(selectlist)
    #print "Length of array/list returned"
    #print len(thisresultlist)
    return thisresultlist
コード例 #2
0
def getviewid(thiskeyname):
    thisresultlist=[]
    selectlist=['view_id','bind_views','view_name',thiskeyname]
    thisresultlist = menudbselect_dm.dbRecordSelect(selectlist)
    #print "Length of array/list returned"
    #print len(thisresultlist)
    return thisresultlist
コード例 #3
0
ファイル: doMView_dm.py プロジェクト: dnsminer/coderepo
def doView(mwlist):
    #print "do menu view"
    #for val in mwlist:
    #    print val
    # create a dictionary to collect all the results to generate SQL inserts or update
    viewDict = dict()
    # insert org id into dictionary
    viewDict['org_id'] = mwlist[2]
    if mwlist[1] != 'update':
        # start the menu to gather view details
        viewmenuactive=True
        while viewmenuactive:
            getviewname = True
            print "\nYou are about to provide the data needed for a new Bind View and related zone files."
            print "\nThe view must be a unique name within the system,"
            print "it must also be a single word with no spaces, letters, dashes, underscores and digits ok"
            while getviewname:
                uvinput = raw_input("Enter view name: ")
                uvinput = uvinput.strip().lower()
                vresult = inputView(uvinput) # needed to get the status, using length of list to avoid global vars
                if not vresult[0]:
                    viewDict['view_name'] = vresult[1]
                    getviewname = False

            getmonip = True
            while getmonip:
                print "\nIdeally you want to direct suspicious traffic to a server you control, AKA, sinkhole"
                uvlinput = raw_input("What is the internal IP for the monitoring application? ( dotted quad): ")
                uvlinput = iptoint_dm.dotQuadtoInt(uvlinput)
                if uvlinput > 10:
                    viewDict['sh_ip'] = uvlinput
                    getmonip = False
                else:
                    print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again"

            print"\nProvide a short description of this sink hole, EG, .net app running in Calgary office"
            getmondesc = True
            while getmondesc:
                uvlinput = raw_input("Description: ")
                uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1')
                #print uvlinput
                if uvlinput == 'invalid_format':
                    continue
                else:
                    viewDict['sh_desc'] = uvlinput
                    getmondesc = False

            getviewip = True
            viewClientIPList=[]
            print "\nDefine the source IP(s)/ subnets for the recursive clients using this view( dotted quad or cidr): "
            while getviewip:
                addrtype= raw_input("Is this a single IP or subnet (ip|cidr)? ")
                addrtype = addrtype.strip().lower()
                if addrtype == 'ip':
                    uvsinput = raw_input("What is the source IP for the recursive clients?( dotted quad): ")
                    uvsinput = inputSani_dm.inputSanitizer(uvsinput,'ip')
                    if uvsinput == 'invalid_format':
                        print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again"
                        continue
                else:
                    uvsinput = raw_input("What is the source subnet for the recursive clients?( cidr notation): ")
                    uvsinput = inputSani_dm.inputSanitizer(uvsinput,'cidr')
                    if uvsinput == 'invalid_format':
                        print "hmm, looks like that wasn't cidr notation, EG 172.16.28.0/26, please enter again"
                        continue
                viewClientIPList.append(uvsinput)
                nextIP = raw_input("\nDo you need to add another IP address (yes|no)?")
                nextIP = nextIP.strip().lower()
                if nextIP == 'no':
                    getviewip = False
                    # build IPs and cidr into a CSV string to be used with views
                    rcsvclients  = ",".join(map(str,viewClientIPList))
                    viewDict['view_src_acl_ips'] = rcsvclients  # build into an ACL data structure later on

            getviewdesc = True
            print"\nProvide a short description of what's behind these IP addresses,  EG, Eastern office or Engineering dept"
            while getviewdesc:
                uvlinput = raw_input("Description: ")
                uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1')
                #print uvlinput
                if uvlinput == 'invalid_format':
                    continue
                else:
                    viewDict['view_desc'] = uvlinput
                    getviewdesc = False

            print "\n please standby, generating a view specific domain for RPZ usage."
            dompart = genRandomString_dm.genString(7)
            hostpart = genRandomString_dm.genString(6)
            shfqdn = hostpart + '.' + dompart + '.local'
            print "\n created this virtually unguessable FQDN just for this view: " + shfqdn
            viewDict['sh_fqdn'] = shfqdn
            # generate the list to be fed to db-insert_sinkholedata
            sinkholesql = insertsinkholedata_dm.parsemenudict(viewDict)
            #print sinkholesql
            shresult=menudbinsert_dm.dbinsert(sinkholesql)
            #print shresult
            if shresult == 1:
                print "sinkhole table entry created successfully"
                # grab teh sinkhole id to dump into the view table
                shselect = ['sinkhole_id','view_sinkholes','sh_fqdn',shfqdn]
                thisresultlist = menudbselect_dm.dbRecordSelect(shselect)
                if len(thisresultlist) == 1:
                    viewDict['def_sh_id'] = thisresultlist[0]
                else:
                    print "failed to retrieve sinkhole ID, you should probably exit and debug this"
            else:
                print "You may need to manually check the view_sinkholes table"

            #generate tsig_key meta data, ( this is static even if the keys are updated
            oid = viewDict['org_id']
            vname = viewDict['view_name']
            tsigid = genTsigData_dm.gentsigsql(oid,vname)
            newtsigid = tsigid[0]
            viewDict['tsig_id'] = newtsigid
            # debug dictionary contents
            #for key,val in viewDict.iteritems():
            #    print key, '-->', viewDict[key]
            # generate the list from dictinary values and push data
            viewsqlinsert=[viewDict['org_id'],viewDict['view_name'],viewDict['def_sh_id'],viewDict['view_src_acl_ips'],viewDict['view_desc'],viewDict['tsig_id']]
            # debug                 (org_id,view_name,def_sh_id,view_src_acl_ips,view_desc,tsig_id)
            #for val in viewsqlinsert:
            #    print val
            thisviewid = insertviewdata_dm.genviewgsql(viewsqlinsert)
            newviewid = thisviewid[0]
            if len(thisviewid) == 1:
                print "\nProgress report: \nCreation of view " + viewDict['view_name'] + " confirmed successful, please generate an view file for this organization now, menu/genorgview\n"

            # generate black and white list entries since there is a now a view for the org
            print "\nStand by, just making a few internal database updates"
            shid = viewDict['def_sh_id']
            wlcreate = genDefListData_dm.genbworgsql(oid,vname,shid)
            if wlcreate == 1:
                print "All black list and white list default records were successfully initialized"

            # exit do view menu
            viewmenuactive=False

    return