def submitVlan(self, ctx, form, data):
ifaces = self.sysconf.EthernetDevices
if '/' in data['ip']:
ip = data['ip']
network = Utils.getNetwork(ip)
else:
if "." in data['netmask']:
cidr = Utils.netmask2cidr(data['netmask'])
ip = "%s/%s" % (data['ip'], cidr)
network = Utils.getNetwork(ip)
else:
ip = "%s/%s" % (data['ip'], data['netmask'])
network = Utils.getNetwork(ip)
defn = {
'ip': ip.encode(),
'network': network.encode(),
'interface': data['interface'].encode(),
'dhcpserver': data['dhcpserver']
}
ifaces['vlan%s' % data['vlan']] = defn
self.sysconf.EthernetDevices = ifaces
if os.path.exists('/etc/debian_version'):
WebUtils.system('/usr/local/tcs/tums/configurator --debnet')
else:
WebUtils.system('/usr/local/tcs/tums/configurator --net')
return url.root.child('Network')
def submitVlan(self, ctx, form, data):
ifaces = self.sysconf.EthernetDevices
if '/' in data['ip']:
ip = data['ip']
network = Utils.getNetwork(ip)
else:
if "." in data['netmask']:
cidr = Utils.netmask2cidr(data['netmask'])
ip = "%s/%s" % (data['ip'], cidr)
network = Utils.getNetwork(ip)
else:
ip = "%s/%s" % (data['ip'], data['netmask'])
network = Utils.getNetwork(ip)
defn = {
'ip': ip.encode("ascii", "replace"),
'network': network.encode("ascii", "replace"),
'interface': data['interface'].encode("ascii", "replace"),
'dhcpserver': data['dhcpserver']
}
ifaces['vlan%s' % data['vlan']] = defn
self.sysconf.EthernetDevices = ifaces
WebUtils.restartNetworking(data['dhcpserver'])
return url.root.child('Network')
def submitForm(self, ctx, form, data):
ifaces = self.sysconf.EthernetDevices
iface = data['interface'].encode("ascii", "replace")
if '/' in data['ip']:
ip = data['ip']
network = Utils.getNetwork(ip)
else:
if "." in data['netmask']:
cidr = Utils.netmask2cidr(data['netmask'])
ip = "%s/%s" % (data['ip'], cidr)
network = Utils.getNetwork(ip)
else:
ip = "%s/%s" % (data['ip'], data['netmask'])
network = Utils.getNetwork(ip)
defn = {
'ip': ip,
'network': network,
'type': 'static',
'dhcpserver': data['dhcpserver']
}
if (data['mtu'] > 1200) and (data['mtu'] < 1501):
defn['mtu'] = data['mtu']
if data['dhcpserver']:
d = self.sysconf.DHCP
if not d.get(iface):
d[iface] = {}
self.sysconf.DHCP = d
if data.get('ipv6', False):
defn['ipv6'] = data['ipv6'].encode("ascii", "replace")
defn['ipv6adv'] = data['ipv6adv']
if data['dhcp']:
defn['type'] = 'dhcp'
else:
defn['type'] = 'static'
ifaces[iface] = defn
self.sysconf.EthernetDevices = ifaces
WebUtils.restartNetworking(data['dhcpserver'])
return url.root.child('Network')
def submitWiz3(self, c, f, data):
for k, v in data.items():
self.config[k] = v
if not '/' in data['lanip']:
self.config['lanip'] = "%s/24" % data['lanip']
if not data['lannetwork']:
self.config['lannetwork'] = Utils.getNetwork(self.config['lanip'])
return url.root.child('Wizard').child(str(self.id + 1))
def submitForm(self, ctx, form, data):
ifaces = self.sysconf.EthernetDevices
if '/' in data['ip']:
ip = data['ip']
network = Utils.getNetwork(ip)
else:
if "." in data['netmask']:
cidr = Utils.netmask2cidr(data['netmask'])
ip = "%s/%s" % (data['ip'], cidr)
network = Utils.getNetwork(ip)
else:
ip = "%s/%s" % (data['ip'], data['netmask'])
network = Utils.getNetwork(ip)
defn = {
'ip': ip,
'network': network,
'type': 'static',
'dhcpserver': data['dhcpserver']
}
if data.get('ipv6', False):
defn['ipv6'] = data['ipv6'].encode()
defn['ipv6adv'] = data['ipv6adv']
if data['dhcp']:
defn['type'] = 'dhcp'
else:
defn['type'] = 'static'
ifaces[data['interface']] = defn
self.sysconf.EthernetDevices = ifaces
if os.path.exists('/etc/debian_version'):
WebUtils.system('/usr/local/tcs/tums/configurator --debnet')
else:
WebUtils.system('/usr/local/tcs/tums/configurator --net')
return url.root.child('Network')
if not setup['EthernetDevices'].get('eth1', None):
setup['EthernetDevices']['eth1'] = {
'ip': '196.211.1.2/29',
'type': 'static',
'network':'',
'gateway':'196.211.1.1'
}
getOption('ip', 'WAN IP Address in CIDR format', setup['EthernetDevices']['eth1'])
getOption('gateway', 'WAN Gateway', setup['EthernetDevices']['eth1'])
gateway = setup['EthernetDevices']['eth1']['gateway']
setup['EthernetDevices']['eth1']['routes'] = [('default', gateway)]
setup['EthernetDevices']['eth1']['network'] = Utils.getNetwork(setup['EthernetDevices']['eth1']['ip'])
setup['WANPrimary'] = 'eth1'
setup['Shorewall']['masq'] = {'eth1':['eth0']}
setup['Shorewall']['zones']['net']['interfaces'] = ['eth1 detect']
if lanType == 'Static':
getOption('ip', 'LAN IP Address in CIDR format', setup['EthernetDevices']['eth0'])
setup['EthernetDevices']['eth0']['network'] = Utils.getNetwork(setup['EthernetDevices']['eth0']['ip'])
else:
setup['EthernetDevices']['eth0'] = {
'type':'dhcp',
'network': '192.168.0.0/24',
'dhcpserver': False
}
getOption('network', 'Network address to which this server is attached',
setup['EthernetDevices']['eth0'])
def submitWiz9(self, c, f, data):
self.config['bigname'] = self.config['bigname'].upper()
self.config['smallname'] = self.config['bigname'].lower()
head = """CompanyName = '%(company)s'
ExternalName = '%(external)s'
Hostname = '%(hostname)s'
Domain = '%(domain)s'
SambaDomain = '%(windom)s'
LDAPBase = '%(bigname)s'
LDAPPassword = '******'\n""" % self.config
if self.config['lanppp']:
network = """EthernetDevices = {
'%(laninterface)s': {
'ip': '%(lanip)s',
'type': 'static',
'network': '%(lannetwork)s',
'aliases': []
},
}
LANPrimary = '%(laninterface)s'\n""" % self.config
self.config['waninterface'] = 'ppp0'
wan = """WANDevices = {
'ppp0': {
'pppd': [
'defaultroute'
],
'username': '******',
'password': '******',
'link': '%(adslinterface)s',
'plugins': 'pppoe'
},
}\nWANPrimary = 'ppp0'\n""" % self.config
elif self.config['lanwan']:
wanip = self.config['wanip']
self.config['wannet'] = Utils.getNetwork(wanip)
wan = ""
network = """EthernetDevices = {
'%(laninterface)s': {
'ip': '%(lanip)s',
'type': 'static',
'network': '%(lannetwork)s',
'aliases': []
},
'%(waninterface)s':{
'ip': '%(wanip)s',
'type': 'static',
'network': '%(wannet)s',
'aliases': []
},
}
WANDevices = {}
LANPrimary = '%(laninterface)s'
WANPrimary = '%(waninterface)s'
""" % self.config
ds = self.config['dnsserv']
self.config['dnsserv'] = [i.strip() for i in ds.split(',')]
dns = """
ForwardingNameservers = %(dnsserv)s
TCSAliases = ['www','cache','mail','smtp','pop3','imap','router','ns','ntp','server','gateway']
NTP = '%(ntpserv)s'
SMTPRelay = '%(smrelay)s'
LocalDomains = ['%(domain)s']
GentooMirrors = [
'http://siza.thusa.net/gentoo',
'ftp://ftp.is.co.za/linux/distributions/gentoo',
'http://ftp.up.ac.za/mirrors/gentoo.org/gentoo'
]
GentooRsync = ''
OverlayRsync = 'rsync://portage.thusa.net/thusa-portage' """ % self.config
self.config['transparent'] = (self.config['transproxy'] and 1) or 0
firewall = """
Shorewall = {
'rules': [
[1,'Ping/ACCEPT all all'],
[1,'AllowICMPs all all'],
[%(transparent)s,'REDIRECT loc 8080 tcp 80 - !%(lannetwork)s'],
[1,'REDIRECT loc 25 tcp 25 - !%(lannetwork)s'],
[1,'ACCEPT net:196.211.242.160/29 all'],
[1,'ACCEPT net all tcp 80'],
[1,'ACCEPT net all tcp 443'],
[1,'ACCEPT net all tcp 25'],
[1,'ACCEPT all all udp 1194'],
],
'zones': {
'loc': {
'policy': 'ACCEPT',
'interfaces': ['%(laninterface)s detect dhcp'],
'log': ''
},
'net': {
'policy': 'DROP',
'interfaces': ['%(waninterface)s'],
'log': ''
},
},
'masq': {'%(waninterface)s': ['%(laninterface)s']}
}
ShorewallBalance = []
ShorewallSourceRoutes = []\n""" % self.config
sambaproxy = """SambaConfig = {
'domain logons': '%(sambapdc)s',
'smb ports': '139',
'logon path': '\\\\\\\\%%L\\\\Profiles\\\\%%U',
'logon drive': 'H:',
'os level': '33',
'local master': 'yes',
'time server': 'yes',
'wins support': 'yes',
'preferred master': 'yes',
';logon script': 'STARTUP.BAT',
'domain master': 'no',
'logon home': '\\\\\\\\%%L\\\\%%U'
}
SambaShares = {
'homes': {
'writable': 'yes',
'browseable': 'no',
'directory mode': '700',
'create mode': '600',
'comment': 'Home Directories'
},
'Public': {
'comment': 'Public Stuff',
'writeable': 'yes',
'printable': 'no',
'create mode': '664',
'path': '/var/lib/samba/data/public',
'directory mode': '775',
'public': 'yes'
}
}
ProxyConfig = {
'type': 'closed',
'adauth': False,
'addom': '',
'adserver': ''
}
ProxyAllowedHosts = ['127.0.0.1', '%(lannetwork)s']
ProxyAllowedDestinations = ['89.202.157.0/24']
ProxyAllowedDomains = ['.windowsupdate.com','.eset.com','.sophos.com','.microsoft.com','.adobe.com','.symantecliveupdate.com','.symantec.com','.veritas.com']
ThusaDNSUsername = ''
ThusaDNSPassword = ''
ThusaDNSAddress = ''
Shaping = {}
ShaperRules = []""" % self.config
if self.config['exchangewash']:
mail = """\nMail = {
'hubbed': [['%(domain)s', '%(exchangeserv)s']],
'mailsize': '100M',
'local': [],
'relay': ['%(domain)s'],
'blockedfiles': ['pif', 'lnk', 'com'],
}\n""" % self.config
else:
mail = """\nMail = {
'hubbed': [],
'mailsize': '',
'local': ['%(domain)s'],
'relay': [],
'blockedfiles': ['pif', 'lnk', 'com']
}\n""" % self.config
bigString = head + network + wan + dns + firewall + sambaproxy + mail
lf = open('/usr/local/tcs/tums/config.py', 'wt')
lf.write(bigString)
lf.close()
os.system('rm /usr/local/tcs/tums/initial')
return url.root.child('auth')
def writeConfig(self, *a):
lans = Utils.getLanNetworks(config)
extramain = config.DHCP.get('main','')
ips = Utils.getLanIPs(config)
myIp = ips[0]
rev = '.'.join([i for i in reversed(myIp.split('.')[:3])])
ifaces = []
dhcpconf = """# DHCPD config generated by TUMS Configurator
ddns-update-style interim;
default-lease-time 21600;
max-lease-time 21600;
allow booting;
allow bootp;
authoritative;
log-facility local7;
zone %(domain)s. {
primary 127.0.0.1;
}
zone %(rev)s.in-addr.arpa. {
primary 127.0.0.1;
}
option local-pac-server code 252 = text;
%(extramain)s
""" % {
'extramain': extramain,
'domain': config.Domain,
'rev': rev
}
n = 0
for k,v in lans.items():
myNet = v
myIp = config.EthernetDevices[k].get('ip', '/').split('/')[0]
dhcpConf = config.DHCP.get(k, {})
if not myIp:
# No IP set for this interface (is DHCP itself)
continue
if not config.EthernetDevices[k].get('dhcpserver'):
# Not set to do DHCP
continue
ifaces.append(k)
statics = ""
for ip, hostmac in config.DHCP.get('leases',{}).items():
if Utils.matchIP(myNet, ip):
# make sure the IP is in this network
host, mac = hostmac
statics += """ host %s {
fixed-address %s;
hardware ethernet %s;
}\n""" % (host, ip, mac)
myNetmask = Utils.cidr2netmask(myNet.split('/')[1])
rangeStart = dhcpConf.get('rangeStart', "100")
rangeEnd = dhcpConf.get('rangeEnd', "240")
netmask = dhcpConf.get('netmask', myNetmask)
netbios = dhcpConf.get('netbios', myIp)
nameserver = dhcpConf.get('nameserver', myIp)
router = dhcpConf.get('gateway', myIp)
myNet = dhcpConf.get('network', Utils.getNetwork(config.EthernetDevices[k]['ip']))
domain = dhcpConf.get('domain', config.Domain)
if not '/' in myNet:
# AAAAAAAAAAAARGH GOD DAMN DIE IN HELL PAUL VIXIE
cdr = Utils.netmask2cidr(netmask)
myNet = "%s/%s" % (myNet, cdr)
bcast = Utils.getBroadcast(myNet)
else:
bcast = Utils.getBroadcast(myNet)
# allow custom configuration options
custom = dhcpConf.get('custom', '')
netL = '.'.join(myNet.split('.')[:3])
if not ("." in rangeStart):
rangeStart = "%s.%s" % (netL, rangeStart)
rangeEnd = "%s.%s" % (netL, rangeEnd)
defn = {
'netname': 'DHCP%s' % k.upper(),
'myIp': myIp,
'pacIp': myIp.replace('.', '-'),
'domain': domain,
'network': netL,
'networkF': myNet.split('/')[0],
'static': statics,
'custom': custom,
'netmask': netmask,
'rangeStart': rangeStart,
'rangeEnd': rangeEnd,
'myNetbios': netbios,
'myDns': nameserver,
'myRouter': router,
'extramain': extramain,
'bcast': bcast
}
dhcpnet = """
shared-network %(netname)s {
use-host-decl-names on;
option domain-name "%(domain)s";
option domain-name-servers %(myDns)s;
option netbios-name-servers %(myNetbios)s;
option netbios-node-type 8;
option local-pac-server "http://%(myIp)s/wpad-%(pacIp)s.pac";
option ntp-servers %(myIp)s;
option time-servers %(myIp)s;
option log-servers %(myIp)s;
option font-servers %(myIp)s;
option pop-server %(myIp)s;
option smtp-server %(myIp)s;
option x-display-manager %(myIp)s;
subnet %(networkF)s netmask %(netmask)s {
range dynamic-bootp %(rangeStart)s %(rangeEnd)s;
option subnet-mask %(netmask)s;
option broadcast-address %(bcast)s;
option routers %(myRouter)s;
}
%(static)s
%(custom)s
}\n""" % defn
dhcpconf += dhcpnet
# Check for debianism (goes in /etc/dhcp3)
f = open('/etc/dhcp3/dhcpd.conf', 'wt')
f.write(dhcpconf)
f.close()
f = open('/etc/default/dhcp3-server', 'wt')
f.write('# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?\n')
f.write('# Separate multiple interfaces with spaces, e.g. "eth0 eth1".\n')
f.write('INTERFACES="%s"\n' % ' '.join(ifaces))
f.close()