def _set_time_info(data={}): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_device_time()) if resp["responseCode"] != 200: return "" else: update_info = resp["device_time_info"] for key in data.keys(): if key == "date": time_info = str(update_info["time"]) items = time_info.split() new_time_info = data.get(key) + " " + items[1] update_info["time"] = new_time_info elif key == "time": time_info = str(update_info["time"]) items = time_info.split() new_time_info = items[0] + " " + data.get(key) update_info["time"] = new_time_info elif key == "tz": update_info["timezone"] = data.get(key) config = {"device_time_info": update_info} res = client.set_config(config) res_json = json.loads(res) if res_json["responseCode"] != 200: return "" else: return u"更新成功"
def _get_time_info(type=""): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_device_time()) if resp["responseCode"] != 200: return "" else: time_info = str(resp["device_time_info"]["time"]) tz_index = resp["device_time_info"]["timezone"] if type == "date": return time_info.split()[0] elif type == "time": return time_info.split()[1] elif type == "timezone": for tz in APP_TIMEZONE_TABLE: if tz['zone_index'] == tz_index: return tz["timezone"] return u"未找到任何时区信息" # elif type == "tzlist": # tz_list = [] # for tz in APP_TIMEZONE_TABLE: # del tz['zone_index'] # tz_list.append(tz) # return tz_list else: return ""
def _get_hostname(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_information(["device_base_info"])) if resp["responseCode"] != 200: return "" else: device_info = resp["device_base_info"] return device_info["hostname"]
def _set_hostname(new_name): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) config = {"device_base_info": {"hostname": new_name}} res = client.set_config(config) res_json = json.loads(res) if res_json["responseCode"] != 200: return "" else: return u"更新成功"
def _get_collectlog_history(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_collectlog_history()) if resp["responseCode"] != 200: print u"获取日志失败" else: print u"序号\t名字\t\t\t\t\t\t\t大小" for i, log_item in enumerate(resp["data"], start=1): print i, "\t", log_item["name"], "\t", log_item["size"]
def _start_collectlog(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) if utils.get_disk_stat()["available"] / 1024 / 1024 / 1024 < 1: print u"空间不足,无法收集" return print u"正在收集日志......" resp = json.loads(client.start_collectlog()) if resp["responseCode"] != 200: print u"收集日志失败" else: print u"收集完成:", resp["data"]["name"]
def do_synctime(self, paras): args = paras.strip().split() if len(args) > 0: print u"输入参数数目不合法, 请参考帮助文档" return client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.synctime_now()) if resp["responseCode"] == 200: print u"同步时间成功" else: print u"同步时间失败"
def _restore_hostname(hostname_backup_file): f = open(hostname_backup_file) hostname_backup = f.readline().replace("\n", "") if hostname_backup is not None and hostname_backup != "": agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) config = {"device_base_info": {"hostname": hostname_backup}} res = agent_client.set_config(config) res_json = json.loads(res) if res_json["responseCode"] != 200: utils.app_logger("Restore hostname encounter error", "error") else: utils.app_logger("Restore hostname successfully")
def _device_action(type): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) if type == "reboot": action = {"object": "device", "action": "restart"} elif type == "shutdown": action = {"object": "device", "action": "stop"} res = client.system_action(action) res_json = json.loads(res) if res_json["responseCode"] != 200: return "" else: return u"操作成功" pass
def _get_interface_info(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_information(["interfaces"])) if resp["responseCode"] != 200: return "" else: ret = "名称\tip地址\t\t状态\t模式\t速度\t双工模式\n" interfaces = resp["interfaces"] for interface in interfaces: eth = str(interface["device"]) if (utils.get_device_type() == 1 or utils.get_device_type() == 5 or utils.get_device_type() == 11) and eth != "eth0": continue if eth == "eth0": ret += "Mgmt\t" elif eth == "eth1": ret += "MTA\t" elif eth == "eth2": ret += "P1\t" elif eth == "eth3": ret += "P2\t" elif eth == "br0": ret += "BR0\t" else: ret += "Other\t" if str(interface["ip"]) == "": ret += "\t\t" else: ret += str(interface["ip"]) + "\t" status = str(interface["action"]) if status == "enable": ret += "已连接\t" else: ret += "未连接\t" mode = str(interface["role"]) if mode == "monitoring": ret += "监控\t" elif mode == "bridge": ret += "桥接\t" else: ret += "网络\t" if not "unknown" in interface["speed"].lower(): ret += str(interface["speed"]) + "\t" ret += str(interface["duplex"]) + "\n" else: ret += "\t\n" return ret
def _get_device_info(type): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_information(["device_base_info"])) if resp["responseCode"] != 200: return "" else: device_info = resp["device_base_info"] if type == "model": return device_models[device_info["deviceModel"] - 1] elif type == "hostname": return device_info["hostname"] elif type == "device-id": return device_info["serials"] else: return ""
def _get_ip_info(type): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_network_general()) if resp["responseCode"] != 200: return "" if type == "address": return utils.get_ip_address( str(resp["network_general"]["niccard_name"])) elif type == "gateway": return str(resp["network_general"]["defaultgw"]) elif type == "dns": ret = "" for dns in resp["network_general"]["dns"]: ret += str(dns) + "\n" return ret else: return ""
def _get_services_info(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_information(["service_status"])) if resp["responseCode"] != 200: return "" else: ret = "" status_info = resp["service_status"] for key in status_info.keys(): display = "-----" + key + "-----\n" mods = status_info.get(key) for mod in mods: display += str(mod["name"]) display += ":\t" status = "running" if mod["status"] == 0 else "stopped" display += status display += "\n" ret += display return ret
def _upload_collectlog(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_collectlog_history()) if resp["responseCode"] != 200: print u"获取日志失败" return else: print u"序号\t名字\t\t\t\t\t\t\t大小" for i, log_item in enumerate(resp["data"], start=1): print i, "\t", log_item["name"], "\t", log_item["size"] seq = my_prompt("请选择要上传的日志序号:", validate_func=_valid_prompt) if int(seq) > len(resp["data"]) or int(seq) <= 0: print u"请输入正确的日志序号" return log_id = resp["data"][int(seq) - 1]["id"] ip = my_prompt("请输入FTP的地址:") username = my_prompt("请输入用户名:") #password=my_prompt("请输入FTP的密码:") import getpass password = getpass.getpass("请输入密码:") client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) print u"正在上传......" resp = json.loads(client.upload_collectlog(log_id, ip, username, password)) if resp["resCode"] == 200: print u"上传成功" elif resp["resCode"] == 401: print u"ftp用户名或者密码错误" else: print u"文件没有找到"
def _get_route_info(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_information(["route_information"])) if resp["responseCode"] != 200: return "" else: ret = "目标网络\t子网掩码\t网关\t\t网卡\t类型\n" for route in resp["route_information"]["route"]: ret += str(route["destination"]) + "\t" ret += str(route["netmask"]) + "\t" ret += str(route["gateway"]) + "\t" if str(route["device"]) == "eth1": ret += "MTA\t" elif str(route["device"]) == "br0": ret += "Br0\t" else: ret += "Mgmt\t" if route["type"] == 1: ret += "静态路由" else: ret += "策略路由" ret += "\n" return ret
def _get_version_info(): ret = "" client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_information(["device_base_info"])) if resp["responseCode"] != 200: return "" else: device_info = resp["device_base_info"] ret += "天空卫士 " + device_models[device_info["deviceModel"] - 1] + " Release " + str( device_info["version"]) + " 版本\n" ret += "CPU:\t\t" + str(device_info["cpucore"]) + "核\n" ret += "Memory:\t\t" + str(device_info["memory"]) + "\n" ret += "启动时间:\t" + str(device_info["starttime"]) + "\n" ret += "当前时间:\t" + _get_current_time() + "\n" ret += "型号:\t\t" + device_models[device_info["deviceModel"] - 1] + "\n" try: license_id, products = _get_license_info() except: return ret ret += "License Key:\t" + str(license_id) + "\n" ret += "授权功能:\t" + ", ".join(products) + "\n" return ret
def _services_action(type): requests = [] if type == "start": action = {"object": "device", "action": "restart"} elif type == "stop": action = {"object": "device", "action": "stop"} elif type == "restart": pass try: client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res = client.system_action(requests) except Exception, e: client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res = client.system_action(requests)
def _set_route_info(route_type, action, **kwargs): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_information(["route_information"])) if resp["responseCode"] != 200: routes_str = "" else: routes_str = json.dumps(resp["route_information"]["route"]) if routes_str == "": return "" routes = json.loads(routes_str) route_info = {} route_info["type"] = 1 if route_type == "static" else 2 route_info["destination"] = kwargs["destination"] route_info["netmask"] = kwargs["netmask"] route_info["gateway"] = kwargs["gateway"] route_info["device"] = kwargs["device"] if action == "add": routes.append(route_info) elif action == "del": before = len(routes) for r in routes: if r["type"] == route_info["type"] \ and r["destination"] == route_info["destination"] \ and r["netmask"] == route_info["netmask"] \ and r["gateway"] == route_info["gateway"] \ and r["device"] == route_info["device"]: routes.remove(r) break after = len(routes) if before == after: return u"您要删除的路由并不存在" else: return "" # update routes of device client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) config = {"route_information": {"route": routes}} res = client.set_information(config) res_json = json.loads(res) if res_json["responseCode"] != 200: return "" else: return u"操作成功"
def _delete_collectlog(): client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) resp = json.loads(client.get_collectlog_history()) if resp["responseCode"] != 200: print u"获取日志失败" return else: print u"序号\t名字\t\t\t\t\t\t\t大小" for i, log_item in enumerate(resp["data"], start=1): print i, "\t", log_item["name"], "\t", log_item["size"] seq = my_prompt("请选择要删除的日志序号:", validate_func=_valid_prompt) if int(seq) > len(resp["data"]) or int(seq) <= 0: print u"请输入正确的日志序号" return log_id = resp["data"][int(seq) - 1]["id"] client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) print u"正在删除......" resp = json.loads(client.delete_collectlog(log_id)) if resp["responseCode"] != 200: print u"删除日志失败" else: print u"删除完成"
def _restore_appliance(app_filename): tmp_folder = tempfile.mkdtemp(prefix="backup.", dir="/tmp") (ret, output) = utils.app_command("tar xfvz %s -C %s" % (app_filename, tmp_folder)) current_path = os.getcwd() os.chdir(tmp_folder) app_filename = os.path.basename(app_filename) device_type = utils.get_device_type() # copy networking files to some place, _post_restore will use them cur_dir = os.getcwd() if os.path.exists(cur_dir + "/interfaces"): shutil.rmtree(temp_dir_networking, ignore_errors=True) os.makedirs(temp_dir_networking) utils.app_command_quiet("cp interfaces " + temp_dir_networking) utils.app_command_quiet("cp resolv.conf " + temp_dir_networking) utils.app_command_quiet("cp hostname.backup " + temp_dir_networking) if device_type == 2 or device_type == 6 or device_type == 13: utils.app_command_quiet("cp pbr-* " + temp_dir_networking) # restore hostname if os.path.exists(cur_dir + "/hostname.backup"): utils.app_command_quiet("cp hostname.backup " + temp_dir_networking) _restore_hostname(temp_dir_networking + "/hostname.backup") #restore pcap config file if device_type == 2: has_file = False for bro_cfg in bro_backup_filelist: if os.path.isfile(os.path.basename(bro_cfg)): has_file = True shutil.copy(os.path.basename(bro_cfg), bro_cfg) common_bro_rep_str = 'redef snaplen = 32768;\\nconst store_disk_length = 4096 \\&redef;\\nconst ftp_capture_max_file_size =100000000 \\&redef;\\nconst smb_capture_max_file_size =100000000 \\&redef;\\nconst http_capture_max_file_size =100000000 \\&redef;\\nconst smtp_capture_max_file_size =100000000 \\&redef;\\nconst imap_capture_max_file_size =100000000 \\&redef;\\nconst pop3_capture_max_file_size =100000000 \\&redef;' os.system( "sed -i ':a;N;$!ba;s/\\(.*\\)redef snaplen = 32768;\\(.*\\)/\\1%s\\2/' /usr/local/bro/share/bro/policy/protocols/spe-common/common.bro" % (common_bro_rep_str)) if has_file == True: device_mode = utils.get_device_work_mode() current_mode = utils.get_monitor_mode() restore_mode = utils.get_monitor_mode() if device_mode == 1 and not current_mode == restore_mode: utils.logger("Restore monitor mode to %s" % restore_mode) utils.app_command( "/opt/skyguard/www/app/device_work_mode.py switch force") if device_type == 2 or device_type == 4 or device_type == 6 or device_type == 8: #Restore iptables, ebtables first - in case device work doesn't change which will not refresh these tables for bk_file in app_backup_filelist: if (device_type == 4 or device_type == 8) and "ebtables" in bk_file: continue if os.path.isfile(os.path.basename(bk_file)): shutil.copy(os.path.basename(bk_file), bk_file) device_mode = utils.get_device_work_mode() # Flush ebtables if device_type == 2 or device_type == 6 and device_mode != 4: # device mode is not proxy mode utils.app_command_quiet("/sbin/ebtables -t broute -F") utils.app_command_quiet( "/bin/sh /opt/skyguard/www/app/ebtables-rules-%d" % int(device_mode)) utils.app_command_quiet( "/sbin/iptables-restore < /opt/skyguard/www/app/iptables-rules-%d" % int(device_mode)) app_restore = app_filename.replace(".tar.gz", ".conf") with open(app_restore) as config_data: config = json.load(config_data) monitor_mode = utils.get_monitor_mode() agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) # restore device work mode if config.has_key("device_work_mode"): device_work_mode = config["device_work_mode"] device_type = utils.get_device_type() if device_type == 2 or device_type == 6: res = agent_client.set_information( {"device_work_mode": device_work_mode}) res_json = json.loads(res) if res_json["responseCode"] != 200: utils.app_logger("Restore device_work_mode encounter error", "error") return False if device_work_mode == 1: utils.app_command( "sudo /opt/skyguard/www/app/device_work_mode.py switch %s" % monitor_mode) # restore protocol settings device_work_mode = utils.get_device_work_mode() if config.has_key("protocol"): utils.app_conf_write({"protocol": config["protocol"]}) if device_work_mode == 1 and monitor_mode == "pcap" and config[ "protocol"].has_key("netObject"): try: res = agent_client.set_protocol_settings( "netObject", config["protocol"]["netObject"]) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res = agent_client.set_protocol_settings( "netObject", config["protocol"]["netObject"]) #restore pcap file in swg if device_type == 6: for bro_cfg in bro_backup_filelist_swg: if os.path.isfile(os.path.basename(bro_cfg)): shutil.copy(os.path.basename(bro_cfg), bro_cfg) # if bro run ,restart ret = os.system( "ps -ef |grep /usr/local/bro/bin/bro |grep -v grep > /dev/null 2>&1" ) if ret == 0: os.system("/usr/local/bro/bin/broctl deploy > /dev/null 2>&1") import time time.sleep(1) # restore global bypass if config.has_key("globalbypass"): res = utils.app_conf_write({"globalbypass": config["globalbypass"]}) #restore exception list if config.has_key("exception"): res = utils.app_conf_write({"exception": config["exception"]}) # restore backup settings if config.has_key("backup_settings"): backup_settings = config["backup_settings"] try: res = agent_client.set_backup_settings(backup_settings) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res = agent_client.set_backup_settings(backup_settings) res_json = json.loads(res) if res_json["responseCode"] != 200: utils.app_logger("Restore backup_settings encounter error", "error") return False # restore snmp settings if config.has_key("snmp_settings"): snmp_settings = config["snmp_settings"] try: res = agent_client.set_information( {"snmp_settings": snmp_settings}) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res = agent_client.set_information( {"snmp_settings": snmp_settings}) res_json = json.loads(res) if res_json["responseCode"] != 200: utils.app_logger("Restore snmp_settings encounter error", "error") return False # restore device time info if config.has_key("device_time_info"): device_time_info = config["device_time_info"] if device_time_info.has_key("ntp") and device_time_info["ntp"]: new_time_info = json.loads( agent_client.get_device_time())["device_time_info"] new_time_info["ntp"] = device_time_info["ntp"] new_time_info["ntpserver"] = device_time_info["ntpserver"] config = {} config["device_time_info"] = new_time_info try: res = agent_client.set_config(config) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res = agent_client.set_config(config) res_json = json.loads(res) if res_json["responseCode"] != 200: utils.app_logger("Restore device_time_info encounter error", "error") return False # restore proxy settings if config.has_key("proxy_settings"): proxy_settings = config["proxy_settings"] try: res = agent_client.set_proxy_settings(proxy_settings) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res = agent_client.set_proxy_settings(proxy_settings) res_json = json.loads(res) if res_json["responseCode"] != 200: utils.app_logger("Restore proxy_settings encounter error", "error") return False # restore block pages settings if config.has_key("block_page_settings"): utils.app_logger("begim to restore block_page_settings") block_page_settings = config["block_page_settings"] bps = BlockPageSettings() # first restore the backup block pages bps.delete_backup_zip() shutil.copy(os.path.basename(blockpage_backup_customized_zip), blockpage_backup_customized_zip) shutil.copy(os.path.basename(blockpage_backup_uploaded_zip), blockpage_backup_uploaded_zip) bps.restore_blockpage_dir() # then update the setting ret = bps.set_settings(block_page_settings) utils.app_command_quiet( "chown -R www-data:www-data /opt/skyguard/download/") if ret["responseCode"] == 0 or ret["responseCode"] == 1: utils.app_logger("Succeed to restore block_page_settings") else: utils.app_logger("Restore block_page_settings encounter error", "error") return False # restore device base info if config.has_key("device_base_info"): agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) agent_client.set_information( {"device_base_info": config["device_base_info"]}) #(ret, output) = utils.app_command("sudo /opt/skyguard/www/app/device_base_info.py set %s" % "'"+json.dumps(config["device_base_info"])+"'") #if ret != 0: # utils.app_logger(str(output)) # restore forensics storage if config.has_key("forensics_storage"): forensics_storage.set_forensics_capacity( config["forensics_storage"]["capacity"]) #restore forensic file if device_type != 1: if os.path.exists("forensics"): filelist = os.listdir("forensics") if filelist != []: if not os.path.exists(forensics_dir): os.makedirs(forensics_dir) FileUtil.copyFilesToDir("forensics", forensics_dir) #for f in filelist: # shutil.copy("forensics/"+f,forensics_dir) #restore collect log dir if os.path.exists("collect_log"): filelist = os.listdir("collect_log") if filelist != []: if not os.path.exists(collect_log_dir): os.makedirs(collect_log_dir) FileUtil.copyFilesToDir("collect_log/", collect_log_dir) # Restore hybrid.conf if exist if os.path.isfile("hybrid.conf"): shutil.copy("hybrid.conf", "/opt/skyguard/www/app/hybrid.conf") # Resotre hybrid settings if (device_type == 4 or device_type == 8) and os.path.isfile("gre_info.conf"): shutil.copy("gre_info.conf", "/opt/skyguard/www/app/gre_info.conf") ''' with open("hybrid_settings.conf", "r") as hybrid_conf: hybrid_settings = json.load(hybrid_conf) agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) agent_client.set_hybrid_config(hybrid_settings) ''' #restore synctime task setting if config.has_key("synctime_schedule_task"): redis_client = RedisClient() if redis_client.exist_key("synctime_schedule_task"): redis_client.delete_key("synctime_schedule_task") redis_client.hmset("synctime_schedule_task", config["synctime_schedule_task"]) #restore backup task setting if config.has_key("backup_schedule_task"): redis_client = RedisClient() if redis_client.exist_key("backup_schedule_task"): redis_client.delete_key("backup_schedule_task") redis_client.hmset("backup_schedule_task", config["backup_schedule_task"]) set_backup_schedule(config["backup_schedule_task"]) #restore ts setting #if config.has_key("ts_account_info"): #redis_client = RedisClient() #if redis_client.exist_key("ts"): # redis_client.delete_key("ts") #redis_client.set("ts",config["ts_account_info"]) # restore network setting bk_interface_file = temp_dir_networking + "/interfaces" if os.path.exists(bk_interface_file): import time time.sleep(5) utils.app_logger("Restore network setting...") #utils.app_command_quiet("/etc/init.d/networking stop") for nic in [ "eth0", "eth1", "eth2", "eth3", "bond0", "bond1", "bond2", "bond3", "br0" ]: _remove_old_pbr(nic) utils.app_logger("Restore /etc/network/interfaces...") shutil.copy(bk_interface_file, "/etc/network/interfaces") bk_resolv_file = temp_dir_networking + "/resolv.conf" utils.app_logger("Restore /etc/resolv.conf...") shutil.copy(bk_resolv_file, "/etc/resolv.conf") if device_type == 2 or device_type == 6 or device_type == 13: utils.app_logger("Restore /opt/skyguard/www/app/pbr-*...") for f in listdir(temp_dir_networking): if f.find("pbr-") != -1: shutil.copy(join(temp_dir_networking, f), "/opt/skyguard/www/app/") shutil.rmtree(temp_dir_networking, ignore_errors=True) #utils.app_command_quiet("/etc/init.d/networking start") utils.app_logger("Finish to restore network setting.") # notify mta to update mta ip if device_type == 2 or device_type == 6: if utils.get_bonding_status("bond1") == True: mta_ip = utils.get_ip_address("bond1") else: mta_ip = utils.get_ip_address("eth1") mtaclient = MTA_CLIENT(MTA_ADDR, MTA_PORT) mtaclient.set_mta_nics("eth1", mta_ip) os.chdir(current_path) shutil.rmtree(tmp_folder) print "Finished restore" return True
def _backup_appliance(tmp_folder, whether_backup_network=False, whether_backup_forensics=False): version = utils.app_conf_get("device_base_info")["version"] # Get current time tnow = int(time.time()) tnowst = time.localtime(tnow) timestamp = time.strftime('%Y%m%d%H%M%S', tnowst) current_path = os.getcwd() os.chdir(tmp_folder) app_filename_prefix = "Appliance" + "-" + version + "-" + timestamp device_type = utils.get_device_type() backup_content = {} agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) if device_type == 2 or device_type == 4 or device_type == 6 or device_type == 8: if device_type == 2 or device_type == 6: # get device_work_mode info work_mode = utils.app_conf_get("device_work_mode") device_work_mode = {} backup_content["device_work_mode"] = work_mode if work_mode == 1: #backup netObject and globalbypass for pcap mode monitor_mode = utils.get_monitor_node() if monitor_mode == "pcap": global_bypass = utils.app_conf_get("globalbypass") if global_bypass != {}: backup_content["globalbypass"] = global_bypass # get protocol settings protocol_settings = utils.app_conf_get("protocol") if protocol_settings != {}: backup_content["protocol"] = protocol_settings # get block_pages setting block_page_settings = BlockPageSettings().get_settings() backup_content["block_page_settings"] = block_page_settings["data"] # get SNMP info try: res_json = json.loads(agent_client.get_SNMP_settings()) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res_json = json.loads(agent_client.get_SNMP_settings()) backup_content["snmp_settings"] = res_json["snmp_settings"] if device_type == 1: # get device_time_info try: res_json = json.loads(agent_client.get_device_time()) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res_json = json.loads(agent_client.get_device_time()) backup_content["device_time_info"] = res_json["device_time_info"] # get proxy_settings try: res_json = json.loads(agent_client.get_proxy_settings()) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res_json = json.loads(agent_client.get_proxy_settings()) if res_json.has_key("proxyserver"): del res_json["responseCode"] del res_json["message"] backup_content["proxy_settings"] = res_json # get backup_settings try: res_json = json.loads(agent_client.get_backup_settings()) except httplib.HTTPException: agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT) res_json = json.loads(agent_client.get_backup_settings()) if res_json.has_key("locationType"): del res_json["responseCode"] del res_json["message"] backup_content["backup_settings"] = res_json # get hostname and desc hostname = utils.app_conf_get("device_base_info")["hostname"] if utils.app_conf_get("device_base_info").has_key("desc"): desc = utils.app_conf_get("device_base_info")["desc"] else: desc = "" backup_content["device_base_info"] = {"hostname": hostname, "desc": desc} # get forensics storage backup_content["forensics_storage"] = { "capacity": forensics_storage.get_forensics_capacity() } #get exception list backup_content["exception"] = utils.app_conf_get("exception") #get synctime setting redis_client = RedisClient() if redis_client.exist_key("synctime_schedule_task"): synctime_schedule_task = redis_client.hgetall("synctime_schedule_task") if synctime_schedule_task is not None: backup_content["synctime_schedule_task"] = synctime_schedule_task #get backup schedule setting redis_client = RedisClient() if redis_client.exist_key("backup_schedule_task"): backup_schedule_task = redis_client.hgetall("backup_schedule_task") if backup_schedule_task is not None: backup_content["backup_schedule_task"] = backup_schedule_task #get ts setting redis_client = RedisClient() if redis_client.exist_key("ts"): ts_res = redis_client.get("ts") if ts_res is not None: backup_content["ts_account_info"] = ts_res with open(app_filename_prefix + ".conf", "w") as bk_file: json.dump(backup_content, bk_file, indent=4) bk_file.close() if device_type == 2 or device_type == 4 or device_type == 6 or device_type == 8: bk_file_list = "" for bk_file in app_backup_filelist: if (device_type == 4 or device_type == 8) and "ebtables" in bk_file: continue shutil.copy(bk_file, "./") bk_file_list += " %s" % os.path.basename(bk_file) # backup block pages blockpage_zip_files = BlockPageSettings().backup_blockpage_dir() for bk_file in blockpage_zip_files: shutil.copy(bk_file, "./") bk_file_list += " %s" % os.path.basename(bk_file) bk_file_list += " " + app_filename_prefix + ".conf" else: bk_file_list = app_filename_prefix + ".conf" # get networking files if whether_backup_network: networking_list = _get_backup_networking_files(tmp_folder) for bk_file in networking_list: bk_file_list += " %s" % os.path.basename(bk_file) # backup hybrid.conf if exist if os.path.isfile("/opt/skyguard/www/app/hybrid.conf"): shutil.copy("/opt/skyguard/www/app/hybrid.conf", "./") bk_file_list += " hybrid.conf" if device_type == 2: for bro_cfg in bro_backup_filelist: if os.path.isfile(bro_cfg): shutil.copy(bro_cfg, "./") bk_file_list += " %s" % os.path.basename(bro_cfg) # swg pacp mode if device_type == 6: if "2.2" in version: pass else: for bro_cfg in bro_backup_filelist_swg: if os.path.isfile(bro_cfg): shutil.copy(bro_cfg, "./") bk_file_list += " %s" % os.path.basename(bro_cfg) #backup collect log if os.path.exists(collect_log_dir): filelist = os.listdir(collect_log_dir) if filelist != []: if not os.path.exists("collect_log"): os.mkdir("collect_log") FileUtil.copyFilesToDir(collect_log_dir, "collect_log/") bk_file_list += " %s" % ("collect_log/") # Backup hybrid settings if device_type == 4 or device_type == 8: shutil.copy("/opt/skyguard/www/app/gre_info.conf", "./") bk_file_list += " gre_info.conf" ''' agent_client = AGENT_CLIENT(AGENT_ADDR,AGENT_PORT) network_settings = agent_client.get_hybrid_config() ucss_external_ip = utils.get_ucss_address() # get ucss internal ip from iptables (ret, output) = utils.app_command("iptables-save | grep %s" % ucss_external_ip) if ret == 0: kv = [word.split() for word in output[0].split()] if "-d" in kv: ucss_internal_ip = kv[kv.index("-d") + 1].split("/")[0] # get ucsg public ip public_ip = utils.get_ip_address("eth1") hybrid_settings = {"network_setting" : json.dumps(network_settings), "ucss_external_ip" : ucss_external_ip, "ucss_internal_ip" : ucss_internal_ip, "public_ip" : public_ip} with open("hybrid_settings.conf", "w") as hybrid_conf: json.dump(hybrid_settings, hybrid_conf, indent=4) ''' # Backup #backup forensics whether_backup_forensics = 0 if whether_backup_forensics: if device_type != 1: if os.path.exists(forensics_dir): filelist = os.listdir(forensics_dir) if filelist != []: os.mkdir("forensics") for f in filelist: shutil.copy(forensics_dir + f, "forensics/") # generate backup tgz utils.app_command_quiet("tar cfvz %s %s" % (app_filename_prefix + ".tar.gz", bk_file_list)) # remove tmp files os.unlink(app_filename_prefix + ".conf") if os.path.isfile("hybrid.conf"): os.unlink("hybrid.conf") if os.path.isfile("gre_info.conf"): os.unlink("gre_info.conf") if device_type == 2 or device_type == 4 or device_type == 6 or device_type == 8: for bk_file in app_backup_filelist: if (device_type == 4 or device_type == 8) and "ebtables" in bk_file: continue os.unlink(os.path.basename(bk_file)) BlockPageSettings().delete_backup_zip() for bk_file in blockpage_zip_files: os.unlink(os.path.basename(bk_file)) if device_type == 2: for bro_cfg in bro_backup_filelist: if os.path.isfile(os.path.basename(bro_cfg)): os.unlink(os.path.basename(bro_cfg)) if device_type == 6: for bro_cfg in bro_backup_filelist_swg: if os.path.isfile(os.path.basename(bro_cfg)): os.unlink(os.path.basename(bro_cfg)) if whether_backup_network: _remove_backup_networking_files(tmp_folder) os.chdir(current_path) return app_filename_prefix + ".tar.gz"