def main(): """Main controller""" init_logging(nav.buildconf.localstatedir + "/log/arnold/t1000.log") LOGGER.info("Starting t1000") # Fetch all mac-addresses that we have detained, check if they are # active somewhere else. As NAV collects arp and cam data periodically, # we need to give one hour slack to ensure data is correct. identities = Identity.objects.filter( last_changed__lte=datetime.now() - timedelta(hours=1), status__in=['disabled', 'quarantined']) if len(identities) <= 0: LOGGER.info("No detained ports in database where lastchanged > 1 " "hour.") sys.exit(0) for identity in identities: LOGGER.info("%s is %s, checking for activity" % (identity.mac, identity.status)) try: candidate = find_computer_info(identity.mac) except NoDatabaseInformationError, error: LOGGER.info(error) continue # If this mac-address is active behind another port, block it. if candidate.endtime > datetime.now(): if candidate.interface == identity.interface: LOGGER.info('Active on detained interface, will not pursue') else: pursue(identity, candidate) else: LOGGER.info("%s is not active." % candidate.mac)
def detain(address, profile, comment=''): """Detain address with the given profile""" _logger.debug("Trying to detain %s", address) username = getpass.getuser() candidate = find_computer_info(address) if profile.active_on_vlans and not is_inside_vlans( candidate.ip, profile.active_on_vlans): _logger.error( "%s is not inside defined vlanrange for this predefined " "detention", address, ) return duration = find_duration(candidate, profile) if profile.detention_type == 'disable': disable(candidate, profile.justification, username, comment, duration) else: quarantine( candidate, profile.quarantine_vlan, profile.justification, username, comment, duration, ) return address
def detain(address, profile, comment=''): """Detain address with the given profile""" LOGGER.debug("Trying to detain %s" % address) username = getpass.getuser() candidate = find_computer_info(address) if profile.active_on_vlans and not is_inside_vlans( candidate.ip, profile.active_on_vlans): LOGGER.error( "%s is not inside defined vlanrange for this predefined " "detention" % address) return duration = find_duration(candidate, profile) if profile.detention_type == 'disable': disable(candidate, profile.justification, username, comment, duration) else: quarantine(candidate, profile.quarantine_vlan, profile.justification, username, comment, duration) return address