def unblock(self):
'''
'''
st, output = getstatusoutput("pfctl -a switchyard -Fr") # flush rules
log_debug("Flushing rules: {}".format(output))
st, output = getstatusoutput("pfctl -X {}".format(self._token))
log_info("Releasing pf: {}".format(output.replace('\n', '; ')))
def unblock(self):
'''
'''
st,output = getstatusoutput("pfctl -a switchyard -Fr") # flush rules
log_debug("Flushing rules: {}".format(output))
st,output = getstatusoutput("pfctl -X {}".format(self._token))
log_info("Releasing pf: {}".format(output.replace('\n', '; ')))
def unblock(self):
# clear switchyard tables, load up saved state
log_info("Restoring saved iptables state")
st,output = getstatusoutput("iptables -F")
st,output = getstatusoutput("iptables -t raw -F")
st,output = _sendcmd(["iptables-restore"], self._saved_iptables)
for intf in self._intf:
st,output = getstatusoutput('sysctl -w net.ipv4.conf.{}.arp_ignore={}'.format(intf, self._arpignore[intf]))
def unblock(self):
# clear switchyard tables, load up saved state
log_info("Restoring saved iptables state")
st, output = getstatusoutput("iptables -F")
st, output = getstatusoutput("iptables -t raw -F")
st, output = _sendcmd(["iptables-restore"], self._saved_iptables)
for intf in self._intf:
st, output = getstatusoutput(
'sysctl -w net.ipv4.conf.{}.arp_ignore={}'.format(
intf, self._arpignore[intf]))
def __init__(self, interfaces, rules):
super().__init__(interfaces, rules)
self._interfaces = interfaces
for r in rules:
cmds = self._parse_rule(r)
self._rules.extend(cmds)
st,output = getstatusoutput("pfctl -E")
mobj = re.search("Token\s*:\s*(\d+)", output, re.M)
if mobj is None:
raise RuntimeError("Couldn't get pfctl token. Are you running as root?")
self._token = mobj.groups()[0]
log_debug("Rules to install: {}".format(self._rules))
log_info("Enabling pf: {}".format(output.replace('\n', '; ')))
def __init__(self, interfaces, rules):
super().__init__(interfaces, rules)
self._interfaces = interfaces
for r in rules:
cmds = self._parse_rule(r)
self._rules.extend(cmds)
st, output = getstatusoutput("pfctl -E")
mobj = re.search("Token\s*:\s*(\d+)", output, re.M)
if mobj is None:
raise RuntimeError(
"Couldn't get pfctl token. Are you running as root?")
self._token = mobj.groups()[0]
log_debug("Rules to install: {}".format(self._rules))
log_info("Enabling pf: {}".format(output.replace('\n', '; ')))
def main_real(usercode, netobj, options):
'''
Entrypoint function for non-test ("real") mode. At this point
we assume that we are running as root and have pcap module.
'''
usercode_entry_point = import_or_die(usercode,
('main', 'srpy_main', 'switchy_main'))
if options.dryrun:
log_info("Imported your code successfully. Exiting dry run.")
netobj.shutdown()
return
try:
usercode_entry_point(netobj)
except Exception as e:
import traceback
log_failure("Exception while running your code: {}".format(e))
message = '''{0}
This is the Switchyard equivalent of the blue screen of death.
Here (repeating what's above) is the failure that occurred:
'''.format('*' * 60, textwrap.fill(str(e), 60))
with red():
print(message)
traceback.print_exc(1)
print('*' * 60)
if options.nohandle:
raise
if not options.nopdb:
print('''
I'm throwing you into the Python debugger (pdb) at the point of failure.
If you don't want pdb, use the --nopdb flag to avoid this fate.
''')
import pdb
pdb.post_mortem()
else:
netobj.shutdown()
def main_real(usercode, netobj, options):
'''
Entrypoint function for non-test ("real") mode. At this point
we assume that we are running as root and have pcap module.
'''
usercode_entry_point = import_or_die(usercode, ('main','srpy_main','switchy_main'))
if options.dryrun:
log_info("Imported your code successfully. Exiting dry run.")
netobj.shutdown()
return
try:
usercode_entry_point(netobj)
except Exception as e:
import traceback
log_failure("Exception while running your code: {}".format(e))
message = '''{0}
This is the Switchyard equivalent of the blue screen of death.
Here (repeating what's above) is the failure that occurred:
'''.format('*'*60, textwrap.fill(str(e), 60))
with red():
print(message)
traceback.print_exc(1)
print('*'*60)
if options.nohandle:
raise
if not options.nopdb:
print('''
I'm throwing you into the Python debugger (pdb) at the point of failure.
If you don't want pdb, use the --nopdb flag to avoid this fate.
''')
import pdb
pdb.post_mortem()
else:
netobj.shutdown()
def __init__(self, devlist, name=None):
LLNetBase.__init__(self)
signal.signal(signal.SIGINT, self._sig_handler)
signal.signal(signal.SIGTERM, self._sig_handler)
signal.signal(signal.SIGHUP, self._sig_handler)
signal.signal(signal.SIGUSR1, self._sig_handler)
signal.signal(signal.SIGUSR2, self._sig_handler)
self.devs = devlist # self.__initialize_devices(includelist, excludelist)
self.devinfo = self.__assemble_devinfo()
self.pcaps = {}
self.__make_pcaps()
log_info("Using network devices: {}".format(' '.join(self.devs)))
for devname, intf in self.devinfo.items():
log_debug("{}: {}".format(devname, str(intf)))
PyLLNet.running = True
self.__spawn_threads()
if name:
self.__name = name
else:
self.__name = gethostname()
def __init__(self, devlist, name=None):
LLNetBase.__init__(self)
signal.signal(signal.SIGINT, self._sig_handler)
signal.signal(signal.SIGTERM, self._sig_handler)
signal.signal(signal.SIGHUP, self._sig_handler)
signal.signal(signal.SIGUSR1, self._sig_handler)
signal.signal(signal.SIGUSR2, self._sig_handler)
self.devs = devlist # self.__initialize_devices(includelist, excludelist)
self.devinfo = self.__assemble_devinfo()
self.pcaps = {}
self.__make_pcaps()
log_info("Using network devices: {}".format(' '.join(self.devs)))
for devname, intf in self.devinfo.items():
log_debug("{}: {}".format(devname, str(intf)))
PyLLNet.running = True
self.__spawn_threads()
if name:
self.__name = name
else:
self.__name = gethostname()
def block(self):
log_info("Saving iptables state and installing switchyard rules")
for cmd in self._rulecmds:
st, output = getstatusoutput(cmd)
def block(self):
log_info("Saving iptables state and installing switchyard rules")
for cmd in self._rulecmds:
st,output = getstatusoutput(cmd)
