def getKeys(sort="name", order="asc"): remotePath = comLib.getSupportFilePath("RemoteKeys") localPath = comLib.getSupportFilePath("LocalKeys") remoteKeys = getKeyFileNames(remotePath) localKeys = getKeyFileNames(localPath) keys = [] for r in remoteKeys: keys.append({ "name": r, 'type': "remote", "mtime": comLib.timestampToPrettyDate( os.stat("{}/{}".format(remotePath, r))[8]) }) for l in localKeys: keys.append({ "name": l, 'type': "local", "mtime": comLib.timestampToPrettyDate( os.stat("{}/{}".format(localPath, l))[8]) }) return comLib.sortOrder(keys, sort, order)
def createRrdSymLink(): try: if not os.path.exists(comLib.getSupportFilePath("RrdServ")): comLib.cmd("ln -s {}/{}/ {}".format( comLib.getSupportFilePath("RrdLib"), sysLib.getHostname(), comLib.getSupportFilePath("RrdServ"))) except Exception as e: print("Error Creating rrd symlink: {}".format(e))
def deleteFile(keyType, filename): ret = verifyDeleteOk(keyType, filename) os.remove("{}/{}".format( comLib.getSupportFilePath("{}Keys".format(keyType.capitalize())), filename)) return ret
def saveFile(keyType, theFile): msg = verifySaveOk(keyType, theFile.filename) if len(msg) == 0: theFile.save("{}/{}".format( comLib.getSupportFilePath("{}Keys".format(keyType.capitalize())), theFile.filename)) return "<br/>".join(msg)
def getKeyContent(filename, keyType): filePath = "{}/{}".format(comLib.getSupportFilePath("RemoteKeys"), filename) if keyType.lower() == "local": filePath = "{}/{}".format(comLib.getSupportFilePath("LocalKeys"), filename) if os.path.exists(filePath): f = open(filePath, 'r') try: return f.read() except IOError as e: return '' except UnicodeDecodeError as e: return '' return ''
def verifyDeleteOk(keyType, filename): thePath = comLib.getSupportFilePath("{}Keys".format(keyType.capitalize())) theFiles = getKeyFileNames(thePath) ret = "" if len(theFiles) == 1: ret = "Warning: Deleting the last {0} key prevents encrypted communication from working correctly. Please upload a {0} public key to enable encrypted communiation".format( keyType) return ret
def updateTypesDb(): tPath = comLib.getSupportFilePath("CollectdTypes") appendFile = False with open(tPath, 'r') as typesFile: typesLines = [x.rstrip() for x in typesFile.readlines()] if not re.search("func_latency", typesLines[-1]): appendFile = True if appendFile: with open(tPath, 'a') as typesFile: typesFile.write("func_latency\t\tlatency:GAUGE:0:U")
def writeConfig(config, theType): #aConf = Template(open(comLib.getSupportFilePath("ArmoreConfigTemplate"), 'r').read()) confFileTemp = None confFileToWrite = None if theType == "armore": confFileTemp = comLib.getSupportFilePath("ArmoreConfigTemplate") confFileToWrite = ARMORE_CFG_FILE elif config.get("operationMode") == "Proxy": confFileTemp = comLib.getSupportFilePath("ProxyConfigTemplate") confFileToWrite = PROXY_CFG_FILE elif config.get("operationMode") == "Passive": confFileTemp = comLib.getSupportFilePath("PassiveConfigTemplate") confFileToWrite = PASSIVE_CFG_FILE elif config.get("operationMode") == "Transparent": confFileTemp = comLib.getSupportFilePath("TransparentConfigTemplate") confFileToWrite = TRANSPARENT_CFG_FILE else: print("# Unable to write config for '{}' mode".format( config.get("operationMode"))) if confFileTemp: writeTemplate(config, confFileTemp, confFileToWrite)
def verifySaveOk(keyType, filename): thePath = comLib.getSupportFilePath("{}Keys".format(keyType.capitalize())) theFiles = getKeyFileNames(thePath) ret = [] print(keyType, theFiles, filename) if keyType == "local" and len(theFiles) == 1: ret.append( "ERROR: Local key already exists. Please delete existing local key before adding a new one" ) if filename in theFiles: ret.append("ERROR: Key '{}' already exists in {} keys".format( filename, keyType)) return ret
def enablePythonRrd(): cPath = comLib.getSupportFilePath("CollectdConf") startIndex = -1 stopIndex = -1 lastBlankSpace = -1 cLines = [x.rstrip() for x in open(cPath, 'r').readlines()] for x in range(len(cLines)): if re.match('^# ARMORE', cLines[x]) and startIndex == -1: startIndex = x elif re.match('^# ARMORE', cLines[x]) and startIndex != -1: stopIndex = x elif re.match('^$', cLines[x]) and startIndex == -1: lastBlankSpace = x newTxt = '''# ARMORE <LoadPlugin python> Globals true Interval 900 </LoadPlugin> <Plugin python> ModulePath "/var/webServer/domains/support" LogTraces true Interactive false import rrdDataParser <Module rrdDataParser> </Module> </Plugin> # ARMORE'''.split('\n') if startIndex == -1: cLines.extend(newTxt) else: cLines[startIndex:stopIndex + 1] = newTxt with open(cPath, 'w') as cFile: cFile.write("\n".join(cLines)) comLib.cmd("/etc/init.d/collectd restart")
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE SOFTWARE. # # # # # # import domains.support.lib.common as comLib import domains.support.lib.ipfw as ipfw from domains.support.models import * import re import os import os.path import datetime as dt from string import Template from uuid import uuid4 LINETEMPLATE = "$ruleNum\t$name\tsrc=$src,dest=$dest\t$proto\t$func\t$time\t$severity\t$filtering\n" POLICYCONFIGFILE = comLib.getSupportFilePath("PolicyConfig") POLICYLOGFILE = comLib.getSupportFilePath("PolicyLog") def verifyPolicyFileExists(): writeFile = False if not os.path.isfile(POLICYCONFIGFILE): writeFile = True elif len(open(POLICYCONFIGFILE, 'r').readlines()) == 0: writeFile = True if writeFile: with open(POLICYCONFIGFILE, 'w') as f: f.write( "#fields\truleNum\tname\tip\tproto\tfunc\ttimePer\tseverity\tfiltering\n" )
def createArmoreModeConfigFiles( supportFilePath="/var/webServer/supportFiles.txt"): configs = [ "ArmoreConfig", "ProxyConfig", "TransparentConfig", "PassiveConfig" ] print("# Creating Config Files") backendConfig = getArmoreConfigBackend() intIpsDict = netLib.getInterfaceIps() for c in configs: cPath = comLib.getSupportFilePath(c, supportFilePath) ctPath = comLib.getSupportFilePath("{}Template".format(c), supportFilePath) if not os.path.exists(cPath): theDict = {} currConfig = getArmoreConfig() if c == "ArmoreConfig": theDict["managementIp"] = backendConfig.get("ManagementIp") theDict["managementMask"] = backendConfig.get("ManagementMask") theDict["managementInterface"] = backendConfig.get( "ManagementInt") intsUsed = [backendConfig.get("ManagementInt")] intToUse = "" for i in intIpsDict: if i not in intsUsed: intToUse = i intsUsed.append(i) break theDict["internalIp"] = intIpsDict[intToUse] theDict["internalMask"] = netLib.getNetmaskFromInt(intToUse) theDict["internalInterface"] = intToUse for i in intIpsDict: if i not in intsUsed: intToUse = i intsUsed.append(i) break theDict["externalIp"] = intIpsDict[intToUse] theDict["externalMask"] = netLib.getNetmaskFromInt(intToUse) theDict["externalInterface"] = intToUse theDict["operation"] = getOperationMode() elif c == "ProxyConfig": if backendConfig.get("Operation") == "Proxy": theDict["roleType"] = backendConfig.get("Roletype") theDict["port"] = backendConfig.get("Port") theDict["bind"] = backendConfig.get("Bind") theDict["capture"] = backendConfig.get("Capture") theDict["encryption"] = backendConfig.get("Encryption") theDict["firewall"] = backendConfig.get("Firewall") theDict["interface"] = backendConfig.get("Interface") else: theDict["roleType"] = "Server" theDict["port"] = "5555" theDict["bind"] = "127.0.0.2" theDict["capture"] = "NetMap" theDict["encryption"] = "Enabled" theDict["firewall"] = "Disabled" theDict["interface"] = "eth1" elif c == "TransparentConfig": theDict["netmask"] = "255.255.255.0" theDict["broadcastIp"] = "127.0.0.2" theDict["bridgeIp"] = "127.0.0.3" theDict["interface1"] = "eth1" theDict["interface2"] = "eth2" theDict["gateway"] = "127.0.0.1" theDict["route"] = "127.0.0.1/8" elif c == "PassiveConfig": theDict["monitored_interface"] = "eth1" writeTemplate(theDict, ctPath, cPath) '''
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE CONTRIBUTORS # OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, # WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE SOFTWARE. # # # # # # import domains.support.lib.common as comLib import domains.support.network as netLib import re import os.path import threading from string import Template # These get called a lot, get them once when read in to prevent lots of file reads ARMORE_CFG_FILE = comLib.getSupportFilePath("ArmoreConfig") PROXY_CFG_FILE_BACKEND = comLib.getSupportFilePath("ProxyConfigBackend") PROXY_CFG_FILE = comLib.getSupportFilePath("ProxyConfig") TRANSPARENT_CFG_FILE = comLib.getSupportFilePath("TransparentConfig") PASSIVE_CFG_FILE = comLib.getSupportFilePath("PassiveConfig") PROXY_NETWORK_FILE = comLib.getSupportFilePath("ProxyNetworkTemplate") PASSIVE_NETWORK_FILE = comLib.getSupportFilePath("PassiveNetworkTemplate") TRANSPARENT_NETWORK_FILE = comLib.getSupportFilePath( "TransparentNetworkTemplate") PROXY_CFG_BACKEND_TEMPLATE = comLib.getSupportFilePath( "ProxyConfigBackendTemplate") PASSIVE_CFG_BACKEND_TEMPLATE = comLib.getSupportFilePath( "PassiveConfigBackendTemplate") TRANSPARENT_CFG_BACKEND_TEMPLATE = comLib.getSupportFilePath(
def createArmoreDb(): try: comLib.cmd("sh {}".format(comLib.getSupportFilePath("ArmoreDBInit"))) except Exception as e: print("Error Creating armore.db: {}".format(e))