def validForIp(self, ipStr: str) -> bool: """ Checks if this transport is valid for the specified IP. Args: ip: Numeric ip address to check validity for. (xxx.xxx.xxx.xxx). Returns: True if the ip can access this Transport. False if the ip can't access this Transport. The ip check is done this way: * If The associated network is empty, the result is always True * If the associated network is not empty, and nets_positive (field) is True, the result will be True if the ip is contained in any subnet associated with this transport. * If the associated network is empty, and nets_positive (field) is False, the result will be True if the ip is NOT contained in ANY subnet associated with this transport. Raises: :note: Ip addresses has been only tested with IPv4 addresses """ if self.networks.count() == 0: return True ip = net.ipToLong(ipStr) if self.nets_positive: return self.networks.filter(net_start__lte=ip, net_end__gte=ip).count() > 0 return self.networks.filter(net_start__lte=ip, net_end__gte=ip).count() == 0
def validForIp(self, ip): ''' Checks if this transport is valid for the specified IP. Args: ip: Numeric ip address to check validity for. (xxx.xxx.xxx.xxx). Returns: True if the ip can access this Transport. False if the ip can't access this Transport. The ip check is done this way: * If The associated network is empty, the result is always True * If the associated network is not empty, and nets_positive (field) is True, the result will be True if the ip is contained in any subnet associated with this transport. * If the associated network is empty, and nets_positive (field) is False, the result will be True if the ip is NOT contained in ANY subnet associated with this transport. Raises: :note: Ip addresses has been only tested with IPv4 addresses ''' if self.networks.count() == 0: return True ip = net.ipToLong(ip) if self.nets_positive: return self.networks.filter(net_start__lte=ip, net_end__gte=ip).count() > 0 else: return self.networks.filter(net_start__lte=ip, net_end__gte=ip).count() == 0
def getIp(self) -> str: # If single machine, ip is IP~counter, # If multiple and has a ';' on IP, the values is IP;MAC ip = self._ip.split('~')[0].split(';')[0] # If ip is in fact a hostname... if not net.ipToLong(ip): # Try to resolve name... try: res = dns.resolver.resolve(ip) ip = res[0].address except Exception: self.service().parent().doLog( log.WARN, f'User service could not resolve Name {ip}.') return ip
def wolURL(self, ip: str, mac: str) -> str: """Tries to get WOL server for indicated IP Args: ip (str): ip of target machine Returns: str: URL of WOL server or empty ('') if no server for the ip is found """ if not self.config.value or not ip or not mac: return '' # If ip is in fact a hostname... if not net.ipToLong(ip): # Try to resolve name... try: res = dns.resolver.resolve(ip) ip = res[0].address except Exception: self.doLog(log.WARN, f'Name {ip} could not be resolved') logger.warning('Name %s could not be resolved', ip) return '' url = '' try: config = configparser.ConfigParser() config.read_string(self.config.value) for key in config['wol']: if net.ipInNetwork(ip, key): return (config['wol'][key].replace('{MAC}', mac).replace( '{IP}', ip)) except Exception as e: logger.error('Error parsing advanced configuration: %s', e) return ''
def networksFor(ip): """ Returns the networks that are valid for specified ip in dotted quad (xxx.xxx.xxx.xxx) """ ip = net.ipToLong(ip) return Network.objects.filter(net_start__lte=ip, net_end__gte=ip)
def networksFor(ip: str) -> typing.Iterable['Network']: """ Returns the networks that are valid for specified ip in dotted quad (xxx.xxx.xxx.xxx) """ ipInt = net.ipToLong(ip) return Network.objects.filter(net_start__lte=ipInt, net_end__gte=ipInt)
def networksFor(ip): ''' Returns the networks that are valid for specified ip in dotted quad (xxx.xxx.xxx.xxx) ''' ip = net.ipToLong(ip) return Network.objects.filter(net_start__lte=ip, net_end__gte=ip)
def get(self) -> typing.MutableMapping[str, typing.Any]: """ Processes get requests, currently none """ logger.debug( 'Tunnel parameters for GET: %s (%s) from %s', self._args, self._params, self._request.ip ) if ( not isTrustedSource(self._request.ip) or len(self._args) != 2 or len(self._args[0]) != 48 ): # Invalid requests raise AccessDenied() # Try to get ticket from DB try: user, userService, host, port, extra = models.TicketStore.get_for_tunnel( self._args[0] ) data = {} if self._args[1][:4] == 'stop': sent, recv = self._params['sent'], self._params['recv'] # Ensures extra exists... extra = extra or {} now = models.getSqlDatetimeAsUnix() totalTime = now - extra.get('b', now-1) msg = f'User {user.name} stopped tunnel {extra.get("t", "")[:8]}... to {host}:{port}: u:{sent}/d:{recv}/t:{totalTime}.' log.doLog(user.manager, log.INFO, msg) log.doLog(userService, log.INFO, msg) else: if net.ipToLong(self._args[1][:32]) == 0: raise Exception('Invalid from IP') events.addEvent( userService.deployed_service, events.ET_TUNNEL_ACCESS, username=user.pretty_name, srcip=self._args[1], dstip=host, uniqueid=userService.unique_id, ) msg = f'User {user.name} started tunnel {self._args[0][:8]}... to {host}:{port} from {self._args[1]}.' log.doLog(user.manager, log.INFO, msg) log.doLog(userService, log.INFO, msg) # Generate new, notify only, ticket rstr = managers.cryptoManager().randomString(length=8) notifyTicket = models.TicketStore.create_for_tunnel( userService=userService, port=port, host=host, extra={'t': self._args[0], 'b': models.getSqlDatetimeAsUnix()}, validity=MAX_SESSION_LENGTH) data = { 'host': host, 'port': port, 'notify': notifyTicket } return data except Exception as e: logger.info('Ticket ignored: %s', e) raise AccessDenied()