def _discover_iptables(self): rules = list() _logger.debug('{0}: adding DHCP Client Rules.'.format(self.get_name())) rules.append(create_iptables_udp_egress_ingress_rule(None, 67, self._slot, transport=ipt.TRANSPORT_IPV4)) rules.append(create_iptables_udp_egress_ingress_rule(None, 67, self._slot, transport=ipt.TRANSPORT_IPV6)) return rules
def _discover_iptables(self): rules = list() _logger.debug('{0}: adding DHCP Client Rules.'.format(self.get_name())) rules.append(create_iptables_udp_egress_ingress_rule(None, 67, self._slot, transport=ipt.TRANSPORT_IPV4)) rules.append(create_iptables_udp_egress_ingress_rule(None, 67, self._slot, transport=ipt.TRANSPORT_IPV6)) return rules
def _discover_iptables(self): rules = list() ntpq = which(u'ntpq') if not ntpq: _logger.debug('Failed to find program path for "{0}"'.format('ntpq')) return rules # Check to see if ntpd is running if not is_service_running('ntpd'): _logger.debug('ntpd is not running.') return rules p = subprocess.Popen(shlex.split('ntpq -p -n'), stdout=subprocess.PIPE) stdoutdata, stderrdata = p.communicate() result = p.wait() if stderrdata is None: data = stdoutdata.decode('utf-8') for line in data.split('\n'): item = line.split(' ', 1) if item[0][:1] == '+' or item[0][:1] == '-' or item[0][:1] == '*' or item[0][:1] == 'x' or \ item[0][:1] == '.' or item[0][:1] == '#' or item[0][:1] == 'o': ipaddr = item[0][1:] _logger.debug('{0}: adding NTP Client Rules for {1}'.format(self.get_name(), ipaddr)) rules.append(create_iptables_udp_egress_ingress_rule( ipaddr, 123, self._slot, transport=ipt.TRANSPORT_AUTO)) return rules
def _discover_iptables(self): """ Look at /etc/resolv.conf file to get external DNS servers and set outbound rule(s) to allow access. """ if not os.path.exists('/etc/resolv.conf'): _logger.error('{0}: resolv.conf not found.'.format(self.get_name())) return None rules = list() ipaddrs = list() # Get all nameserver ip address values with open('/etc/resolv.conf') as handle: for line in handle: if 'nameserver' in line.lower() and not line.strip().startswith('#'): ipaddrs.append(line.split()[1]) if len(ipaddrs) == 0: _logger.error('{0}: no name server values found in resolv.conf'.format(self.get_name())) return None for ipaddr in ipaddrs: try: _logger.debug('{0}: adding DNS IP address {1}'.format(self.get_name(), ipaddr)) rules.append(create_iptables_tcp_egress_ingress_rule(ipaddr, 53, self._slot)) rules.append(create_iptables_udp_egress_ingress_rule(ipaddr, 53, self._slot)) except ValueError: _logger.error('{0}: Unable to validate DNS ip address {1}.'.format(self.get_name(), ipaddr)) return rules
def _discover_iptables(self): rules = list() ntpq = which(u'ntpq') if not ntpq: _logger.debug('Failed to find program path for "{0}"'.format('ntpq')) return rules # Check to see if ntpd is running if not is_service_running('ntpd'): _logger.debug('ntpd is not running.') return rules p = subprocess.Popen(shlex.split('ntpq -p -n'), stdout=subprocess.PIPE) stdoutdata, stderrdata = p.communicate() result = p.wait() if stderrdata is None: data = stdoutdata.decode('utf-8') for line in data.split('\n'): item = line.split(' ', 1) if item[0][:1] == '+' or item[0][:1] == '-' or item[0][:1] == '*' or item[0][:1] == 'x' or \ item[0][:1] == '.' or item[0][:1] == '#' or item[0][:1] == 'o': ipaddr = item[0][1:] _logger.debug('{0}: adding NTP Client Rules for {1}'.format(self.get_name(), ipaddr)) rules.append(create_iptables_udp_egress_ingress_rule( ipaddr, 123, self._slot, transport=ipt.TRANSPORT_AUTO)) return rules
def _discover_iptables(self): """ Look at /etc/resolv.conf file to get external DNS servers and set outbound rule(s) to allow access. """ if not os.path.exists('/etc/resolv.conf'): _logger.error('{0}: resolv.conf not found.'.format( self.get_name())) return None rules = list() ipaddrs = list() # Get all nameserver ip address values with open('/etc/resolv.conf') as handle: for line in handle: if 'nameserver' in line.lower( ) and not line.strip().startswith('#'): ipaddrs.append(line.split()[1]) if len(ipaddrs) == 0: _logger.error( '{0}: no name server values found in resolv.conf'.format( self.get_name())) return None for ipaddr in ipaddrs: try: _logger.debug('{0}: adding DNS IP address {1}'.format( self.get_name(), ipaddr)) rules.append( create_iptables_tcp_egress_ingress_rule( ipaddr, 53, self._slot)) rules.append( create_iptables_udp_egress_ingress_rule( ipaddr, 53, self._slot)) except ValueError: _logger.error( '{0}: Unable to validate DNS ip address {1}.'.format( self.get_name(), ipaddr)) return rules