def pacemaker_host_check():
utils.safe_run(_pacemaker_host_check)
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import argparse
import os
import sys
try:
import utils
except ImportError:
from oschecks import utils
def check_amqp():
parser = argparse.ArgumentParser(description="Check amqp connection of an OpenStack service.")
parser.add_argument("-n", dest="process_name", help="Process name")
options = parser.parse_args()
if options.process_name:
process_name = options.process_name
else:
process_name = os.path.basename(sys.argv[0])
process_name = process_name.replace("check_amqp_", "")
process_name = process_name.replace(".py", "")
utils.check_process_exists_and_amqp_connected(process_name)
if __name__ == "__main__":
utils.safe_run(check_amqp)
def _start_thread(self):
while True:
time.sleep(3)
if len(self._host_state.get_ip_mac_dict_copy()) > 0:
utils.safe_run(self._run_netdisco)
def process_packet(self, pkt):
utils.safe_run(self._process_packet_helper, args=[pkt])
def _arp_spoof_loop(self):
prev_ip_mac_dict = None
while True:
if not self._host_state.is_inspecting():
time.sleep(2)
continue
time.sleep(1)
with self._lock:
if not self._active:
return
with self._host_state.lock:
if not self._host_state.has_consent:
utils.log('[ARP Spoof] No consent; no spoofing.')
continue
# Get ARP cache
ip_mac_dict = self._host_state.get_ip_mac_dict_copy()
gateway_ip = self._host_state.gateway_ip
if str(ip_mac_dict) != str(prev_ip_mac_dict):
prev_ip_mac_dict = ip_mac_dict
utils.log('[ARP Spoof] Cache:', ip_mac_dict)
utils.log('[ARP Spoof] Whitelist:',
self._host_state.device_whitelist)
# Get gateway MAC addr
try:
gateway_mac = ip_mac_dict[gateway_ip]
except KeyError:
continue
whitelist_ip_mac = []
# Add gateway
whitelist_ip_mac.append((gateway_ip, gateway_mac))
# Build device-to-device whitelist
for ip, mac in ip_mac_dict.items():
device_id = utils.get_device_id(mac, self._host_state)
if device_id not in self._host_state.device_whitelist:
utils.log('[ARP Spoof] Ignore:', ip, mac)
continue
whitelist_ip_mac.append((ip, mac))
# Spoof individual devices on the network.
for (victim_ip, victim_mac) in ip_mac_dict.items():
if victim_ip == gateway_ip:
continue
# Check against whitelist.
victim_device_id = \
utils.get_device_id(victim_mac, self._host_state)
if victim_device_id not in self._host_state.device_whitelist:
utils.log('[ARP Spoof] Ignore:', victim_ip, victim_mac)
continue
if utils.TEST_OUI_LIST:
victim_mac_oui = utils.get_oui(victim_mac)
if victim_mac_oui not in utils.TEST_OUI_LIST:
continue
utils.safe_run(self._arp_spoof,
args=(victim_device_id, victim_mac, victim_ip,
whitelist_ip_mac))
with self._lock:
if not self._active:
return
time.sleep(max(MIN_ARP_SPOOF_INTERVAL, 2.0 / len(ip_mac_dict)))
