def processService(self, cpc, dc, context, block):
util.log_debug('ObjectGroupServiceVariableDecoder: processNetwork')
compare = ['eq', 'lt', 'gt', 'range']
ip_protocol_list = [
'ahp', 'eigrp', 'esp', 'gre', 'icmp', 'igmp', 'ip', 'ipinip',
'nos', 'ospf', 'pcp', 'pim'
]
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
lines = block.toString().split("\n")
lines = [line.strip(' ') for line in lines]
util.log_info('BLOCK for obj service:', block)
for line in lines:
words = line.split(' ')
if words[0].isdigit():
decoderhandler.addTokenValue("name", words[0])
decoderhandler.addTokenValue("ip-protocol", words[0])
return
elif words[0] in ip_protocol_list:
decoderhandler.addTokenValue("name", words[0])
decoderhandler.addTokenValue("protocol", words[0])
return
elif words[0] == 'group-object':
util.log_debug('ObjectGroup')
else:
if InetAddressUtils.isIPv4Address(
words[0]) or words[0] == 'host':
return
decoderhandler.addTokenValue("protocol", words[0])
if len(words) - 1 >= 1:
if words[1] == 'source':
decoderhandler.addTokenValue("operation", words[1])
if words[2] in compare:
decoderhandler.addTokenValue("compare", words[2])
decoderhandler.addTokenValue("port", words[3])
if words[2] == 'range':
decoderhandler.addTokenValue("end-port", words[4])
decoderhandler.addTokenValue(
"name",
Joiner.on(" ").join(block.getTokens()))
elif words[1] in compare:
decoderhandler.addTokenValue("compare", words[1])
decoderhandler.addTokenValue("port", words[2])
if words[1] == 'range':
decoderhandler.addTokenValue("end-port", words[3])
decoderhandler.addTokenValue(
"name",
Joiner.on(" ").join(block.getTokens()))
else:
if words[0] == 'group-object':
decoderhandler.addTokenValue("group-object", words[1])
else:
decoderhandler.addTokenValue("port", words[1])
decoderhandler.addTokenValue(
"name",
Joiner.on(" ").join(block.getTokens()))
def decodeVariables(self,cpc,dc,context):
try:
util.log_info('RouterOspfRedistVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
block = decoderhandler.getCurrentBlock()
tokens = Joiner.on(" ").join(block.getTokens())
tokens = tokens.split(" ")
print tokens
if "redistribute" not in tokens[0]:
util.log_debug('Does not look like a valid redistribute. redistribute = %s' % (tokens))
return
decoderhandler.addTokenValue("protocol", tokens[1])
if tokens[1] == 'ospf':
decoderhandler.addTokenValue("process-id-entry", tokens[2])
elif tokens[1] == 'eigrp':
decoderhandler.addTokenValue("eigrp-as-number", tokens[2])
elif tokens[1] == 'bgp':
decoderhandler.addTokenValue("bgp-as-number", tokens[2])
for i in range(1,len(tokens)):
i+=1
if tokens[i] == "metric":
decoderhandler.addTokenValue("value1", tokens[i+1])
if tokens[i] == "metric-type":
decoderhandler.addTokenValue("value2", tokens[i+1])
if tokens[i] == 'route-map':
decoderhandler.addTokenValue("route-map", tokens[i+1])
if tokens[i] == 'subnets':
decoderhandler.addTokenValue("subnet", "true")
if tokens[i] == 'tag':
decoderhandler.addTokenValue("tag", tokens[i+1])
except Exception:
traceback.print_exc()
def parseName(self, dc, cursor):
util.log_debug(
'VtyVariableDecoder: parseName will parse the value for Name, minvty and maxvty'
)
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
if not cursor.hasNext():
return
if "line" == cursor.getNextToken():
decoderhandler.addTokenValue(
"name",
Joiner.on(" ").join(
decoderhandler.getCurrentBlock().getTokens()))
cursor.advance()
cursor.advance()
else:
return
if not cursor.hasNext():
return
else:
decoderhandler.addTokenValue("min-vty", cursor.getNextToken())
cursor.advance()
if not cursor.hasNext():
return
else:
decoderhandler.addTokenValue("max-vty", cursor.getNextToken())
cursor.advance()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info(
'RouterEigrpRedistVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
block = decoderhandler.getCurrentBlock()
tokens = Joiner.on(" ").join(block.getTokens())
tokens = tokens.split(" ")
print tokens
if "redistribute" not in tokens[0]:
util.log_debug(
'Does not look like a valid redistribute. redistribute = %s'
% (tokens))
return
decoderhandler.addTokenValue("protocol", tokens[1])
if tokens[1] == 'ospf':
decoderhandler.addTokenValue("ospf-id", tokens[2])
elif tokens[1] == 'eigrp' or tokens[1] == 'bgp':
decoderhandler.addTokenValue("as-number", tokens[2])
for i in range(1, len(tokens)):
i += 1
if tokens[i] == 'route-map':
decoderhandler.addTokenValue("route-map", tokens[i + 1])
if tokens[i] == 'metric':
decoderhandler.addTokenValue("bandwidth-metric",
tokens[i + 1])
decoderhandler.addTokenValue("delay-metric", tokens[i + 2])
decoderhandler.addTokenValue("reliability-metric",
tokens[i + 3])
decoderhandler.addTokenValue("load-metric", tokens[i + 4])
decoderhandler.addTokenValue("mtu", tokens[i + 5])
except Exception:
traceback.print_exc()
def processNetwork(self, cpc, dc, context, block):
util.log_debug('ObjectGroupVariableDecoder: processNetwork')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(block.getTokens(), 0, None)
host = cursor.getNextToken()
cursor.advance()
ip = cursor.getNextToken()
cursor.advance()
if "host" == host:
decoderhandler.addTokenValue("host", ip)
decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens()))
return
if InetAddressUtils.isIPv4Address(host):
decoderhandler.addTokenValue("ip-address", host)
decoderhandler.addTokenValue("netmask", ip)
decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens()))
return
if "group-object" == host:
decoderhandler.addTokenValue("group-object", ip)
decoderhandler.addTokenValue("name", Joiner.on(" ").join(block.getTokens()))
return
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('NewRouteVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2,
None)
self.parseNetwork(dc, cursor)
self.parseInterfaceName(dc, cursor)
self.parseNextHop(dc, cursor)
self.parseName(dc, cursor)
decoderhandler.addTokenValue(
"id",
Joiner.on(" ").join(
decoderhandler.getCurrentBlock().getTokens()))
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('NewRouteVariableDecoder: Decoding variable')
ROUTE_VRF = ["ip", "route", "vrf"]
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
if AnutaStringUtils.startsWith(
decoderhandler.getCurrentBlockTokens(), ROUTE_VRF):
return
cursor = util.TokenCursor(decoderhandler.getSearchTokens(), 2,
None)
self.parseNetwork(dc, cursor)
self.parseInterfaceName(dc, cursor)
self.parseNextHop(dc, cursor)
self.parseName(dc, cursor)
decoderhandler.addTokenValue(
"options/id",
Joiner.on(" ").join(
decoderhandler.getCurrentBlock().getTokens()))
except Exception:
traceback.print_exc()
def parseIpHttp(self, dc, cursor):
util.log_info('IpHttpTokenDecoder: parseIpHttp')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
if not cursor.hasNext():
return
command = Joiner.on(" ").join(decoderhandler.getCurrentBlock().getTokens())
util.log_info('IpHttpTokenDecoder(parseIpHttp): command is %s' % (command))
if command == "no ip http secure-server":
util.log_info("Making no-ip-http-secure-server as 'true'")
decoderhandler.addTokenValue("no-ip-http-secure-server", 'true')
if command == "no ip http server":
util.log_info("Making no-ip-http-server as 'true'")
decoderhandler.addTokenValue("no-ip-http-server", 'true')
if command == "ip http secure-server":
util.log_info("Making no-ip-http-secure-server as 'false'")
decoderhandler.addTokenValue("no-ip-http-secure-server", 'false')
if command == "ip http server":
util.log_info("Making no-ip-http-server as 'false'")
decoderhandler.addTokenValue("no-ip-http-server", 'false')
util.log_info("IpHttpTokenDecoder(parseIpHttp):Exiting")
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('RouterOspfDefAlwaysVariableDecoder decode token')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
block = decoderhandler.getCurrentBlock()
util.log_info('OSPF value = %s' % (block))
tokens = Joiner.on(" ").join(block.getTokens())
tokens = tokens.split(" ")
if 'always' in str(block):
decoderhandler.addTokenValue("always", "true")
else:
decoderhandler.addTokenValue("always", "false")
for i in range(1, len(tokens)):
i += 1
if tokens[i] == "metric":
decoderhandler.addTokenValue("metric", tokens[i + 1])
if tokens[i] == "metric-type":
decoderhandler.addTokenValue("metric-type", tokens[i + 1])
if tokens[i] == 'route-map':
decoderhandler.addTokenValue("route-map", tokens[i + 1])
except Exception:
traceback.print_exc()
def decodeVariables(self, cpc, dc, context):
try:
util.log_info('RouterBgpRedistVariableDecoder: Decoding variable')
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
block = decoderhandler.getCurrentBlock()
tokens = Joiner.on(" ").join(block.getTokens())
tokens = tokens.split(" ")
print tokens
if "redistribute" not in tokens[0]:
util.log_debug(
'Does not look like a valid redistribute. redistribute = %s'
% (tokens))
return
decoderhandler.addTokenValue("protocol", tokens[1])
if tokens[1] == 'ospf':
decoderhandler.addTokenValue("ospf-process-id", tokens[2])
elif tokens[1] == 'eigrp':
decoderhandler.addTokenValue("eigrp-process-id", tokens[2])
for i in range(1, len(tokens)):
i += 1
if tokens[i] == "metric":
decoderhandler.addTokenValue("metric", tokens[i + 1])
if tokens[i] == "internal":
decoderhandler.addTokenValue("ospf-internal", "true")
if tokens[i] == "external":
if tokens[i + 1] == "1":
decoderhandler.addTokenValue("ospf-external1", "1")
elif tokens[i + 1] == "2":
decoderhandler.addTokenValue("ospf-external2", "2")
if tokens[i + 2] == "2":
decoderhandler.addTokenValue("ospf-external2", "2")
if tokens[i] == 'route-map':
decoderhandler.addTokenValue("route-map", tokens[i + 1])
except Exception:
traceback.print_exc()
def authenticate(self, configurationAttributes, requestParameters, step):
print "TwilioSMS. Authenticate for Step %s" % str(step)
identity = CdiUtil.bean(Identity)
authenticationService = CdiUtil.bean(AuthenticationService)
user = authenticationService.getAuthenticatedUser()
if step == 1:
if user == None:
credentials = identity.getCredentials()
user_name = credentials.getUsername()
user_password = credentials.getPassword()
if StringHelper.isNotEmptyString(user_name) and StringHelper.isNotEmptyString(user_password):
authenticationService.authenticate(user_name, user_password)
user = authenticationService.getAuthenticatedUser()
if user == None:
return False
#Attempt to send message now if user has only one mobile number
mobiles = user.getAttributeValues("mobile")
if mobiles == None:
return False
else:
code = random.randint(100000, 999999)
identity.setWorkingParameter("randCode", code)
sid = configurationAttributes.get("twilio_sid").getValue2()
token = configurationAttributes.get("twilio_token").getValue2()
self.from_no = configurationAttributes.get("from_number").getValue2()
Twilio.init(sid, token)
if mobiles.size() == 1:
self.sendMessage(code, mobiles.get(0))
else:
chopped = ""
for numb in mobiles:
l = len(numb)
chopped += "," + numb[max(0, l-4) : l]
#converting to comma-separated list (identity does not remember lists in 3.1.3)
identity.setWorkingParameter("numbers", Joiner.on(",").join(mobiles.toArray()))
identity.setWorkingParameter("choppedNos", chopped[1:])
return True
else:
if user == None:
return False
session_attributes = identity.getSessionId().getSessionAttributes()
code = session_attributes.get("randCode")
numbers = session_attributes.get("numbers")
if step == 2 and numbers != None:
#Means the selection number page was used
idx = ServerUtil.getFirstValue(requestParameters, "TwilioSmsloginForm:indexOfNumber")
if idx != None and code != None:
sendToNumber = numbers.split(",")[int(idx)]
self.sendMessage(code, sendToNumber)
return True
else:
return False
success = False
form_passcode = ServerUtil.getFirstValue(requestParameters, "passcode")
if form_passcode != None and code == form_passcode:
print "TwilioSMS. authenticate. 6-digit code matches with code sent via SMS"
success = True
else:
facesMessages = CdiUtil.bean(FacesMessages)
facesMessages.setKeepMessages()
facesMessages.clear()
facesMessages.add(FacesMessage.SEVERITY_ERROR, "Wrong code entered")
return success
def processAclRule(self, cpc, dc, context, block):
util.log_info('AclRuleVariableDecoder: processAclRule')
acl_dict = [
'linenumber,INT', 'action,ACTION', 'layer4protocol,PROTOCOL',
'service_obj_name,STRING',
'source_condition_type,SOURCE_CONDITION', 'source_ip,CIDR',
'source_mask,IP', 'source_obj_name,STRING',
'source_port_operator,PORT_OPERATORS', 'source_port,STRING',
'dest_condition_type,DEST_CONDITION', 'dest_ip,CIDR',
'dest_mask,IP', 'dest_obj_name,STRING',
'dest_port_operator,PORT_OPERATORS', 'dest_port,STRING',
'match_packets,MATCH_PKTS', 'precedence,STRING',
'extra_options,EXTRA_OPTIONS'
]
ACTION = ["permit", "deny"]
SOURCE_CONDITION = ["any", "host", "object-group", "addrgroup"]
DEST_CONDITION = ["any", "host", "object-group", "addrgroup"]
PORT_OPERATORS = ["eq", "gt", "lt", "neq", "range"]
MATCH_PKTS = [
"dscp", "fragments", "log-input", "option", "precedence",
"time-range", "tos", "ttl", "echo", "echo-reply", "tracked",
"ttl-exceeded", "port-unreachable", "established"
]
PROTOCOL = [
"object-group", "ahp", "eigrp", "esp", "gre", "icmp", "igmp", "ip",
"ipinip", "nos", "ospf", "pcp", "pim", "tcp", "tcp-udp", "udp"
]
EXTRA_OPTIONS = ["log"]
PORT = [
"bgp", "chargen", "cmd", "daytime", "discard", "domain", "drip",
"echo", "exec", "finger", "ftp", "ftp-data", "gopher", "hostname",
"ident", "irc", "klogin", "kshell", "login", "lpd", "nntp",
"onep-plain", "onep-tls", "pim-auto-rp", "pop2", "pop3", "smtp",
"sunrpc", "tacacs", "talk", "telnet", "time", "uucp", "whois",
"www", "msrpc", "biff", "bootpc", "bootps", "dnsix", "isakmp",
"msrpc", "mobile-ip", "nameserver", "netbios-dgm", "netbios-ns",
"netbios-ss", "non500-isakmp", "ntp", "rip", "snmp", "snmptrap",
"syslog", "tftp", "who", "xdmcp"
]
try:
decoderhandler = tokendecoderhandler.TokenDecoderHandler(dc)
cursor = util.TokenCursor(block.getTokens(), 0, None)
tokens = block.getTokens()
tokens = Joiner.on(" ").join(block.getTokens())
tokens = tokens.split(" ")
print tokens
found = False
for token in tokens:
for acl_action in ACTION:
if token == acl_action:
found = True
if not found:
util.log_debug(
'Does not look like a valid acl rule. rule = %s' %
(tokens))
return
i = 1
for j in range(i, len(tokens)):
if j > 0 and j == len(tokens) - 1:
if tokens[j -
1] in ACTION and InetAddressUtils.isIPv4Address(
tokens[j]):
tokens.insert(j, 'host')
break
else:
if tokens[j -
1] in ACTION and InetAddressUtils.isIPv4Address(
tokens[j]
) and not InetAddressUtils.isIPv4Address(
tokens[j + 1]):
tokens.insert(j, 'host')
break
util.log_info(tokens)
decoderhandler.addTokenValue("$name", Joiner.on(" ").join(tokens))
i = 0
cidr_pattern = '^(\d{1,3}\.){3}\d{1,3}(/\d\d)$'
host = False
host_dest = False
len_token = 0
for token in range(len_token, len(tokens)):
if len_token == token:
len_token += 1
for j in range(i, len(acl_dict)):
options = acl_dict[j].split(',')
yang_entity = options[0].replace('_', '-')
i += 1
if options[1] == 'INT':
if decoderhandler.isValidInteger(tokens[token]):
util.log_info("1" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'ACTION':
if tokens[token] in ACTION:
util.log_info("2" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'PROTOCOL':
if tokens[token] in PROTOCOL:
util.log_info("3" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
if tokens[token] != 'object-group':
i += 1
break
elif options[1] == 'STRING':
if not InetAddressUtils.isIPv4Address(
tokens[token]
) and tokens[token] not in SOURCE_CONDITION and tokens[
token] not in PORT_OPERATORS and tokens[
token] not in MATCH_PKTS and tokens[
token] not in PROTOCOL and tokens[
token] not in EXTRA_OPTIONS and re.search(
cidr_pattern,
tokens[token]) is None:
util.log_info("4" + yang_entity + ":" +
tokens[token])
if tokens[token].isdigit(
) or tokens[token] in PORT:
all_ports = tokens[token]
for custom_port in range(
len_token, len(tokens)):
if tokens[custom_port].isdigit(
) or tokens[custom_port] in PORT:
all_ports += ' ' + tokens[
custom_port]
len_token += 1
else:
break
util.log_info("4_1" + yang_entity + ":" +
all_ports)
decoderhandler.addTokenValue(
yang_entity, all_ports)
else:
util.log_info("4_2" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'SOURCE_CONDITION':
if tokens[token] in SOURCE_CONDITION:
util.log_info("5" + yang_entity + ":" +
tokens[token])
if tokens[token] == 'any':
i += 2
elif tokens[token] == 'host':
host = True
elif tokens[token] == 'object-group':
tokens[token] = 'objectgroup'
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'CIDR':
if InetAddressUtils.isIPv4Address(tokens[token]):
util.log_info("13" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif re.search(cidr_pattern,
tokens[token]) is not None:
util.log_info("14" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
i += 1
break
elif options[1] == 'IP':
prev_yang_entity = acl_dict[j - 1].split(
',')[0].replace('_', '-')
if InetAddressUtils.isIPv4Address(
tokens[token]
) and not host and prev_yang_entity == 'source-ip':
util.log_info("6" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
if yang_entity == 'source-mask':
util.log_info("7" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
'source-condition-type', 'cidr')
break
elif InetAddressUtils.isIPv4Address(
tokens[token]
) and not host_dest and prev_yang_entity == 'dest-ip':
util.log_info("6_1" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
if yang_entity == 'dest-mask':
util.log_info("8" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
'dest-condition-type', 'cidr')
break
elif options[1] == 'PORT_OPERATORS':
if tokens[token] in PORT_OPERATORS:
util.log_info("9" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'DEST_CONDITION':
if tokens[token] in DEST_CONDITION:
util.log_info("10" + yang_entity + ":" +
tokens[token])
if tokens[token] == 'any':
i += 2
elif tokens[token] == 'host':
host_dest = True
elif tokens[token] == 'object-group':
tokens[token] = 'objectgroup'
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'MATCH_PKTS':
if tokens[token] in MATCH_PKTS:
util.log_info("11" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
elif options[1] == 'EXTRA_OPTIONS':
if tokens[token] in EXTRA_OPTIONS:
util.log_info("12" + yang_entity + ":" +
tokens[token])
decoderhandler.addTokenValue(
yang_entity, tokens[token])
break
except Exception:
traceback.print_exc()