def _set_hardware(data, hw): ret = True emsg = [] for pos in const.ALL_POS: newmac = hw[pos]["mac"] if data[pos]["ethernet"]["clone-mac"] != "": newmac = data[pos]["ethernet"]["clone-mac"] e = xt_func.sudo(["ip link set dev", pos, "address", newmac]) if not e[0]: ret = False emsg.append(e[1]) newmtu = hw[pos]["mtu"] if data[pos]["ethernet"]["mtu"] != -1: newmtu = data[pos]["ethernet"]["mtu"] e = xt_func.sudo(["ip link set dev", pos, "mtu", str(newmtu)]) if not e[0]: ret = False emsg.append(e[1]) newstatus = "on" if data[pos]["ethernet"]["speed-duplex"] != "auto": tok = data[pos]["ethernet"]["speed-duplex"].split("/") newstatus = "off speed {} duplex {}".format( tok[0], tok[1].lower()) e = xt_func.sudo(["ethtool -s", pos, "autoneg", newstatus]); if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def importing(imported_file, user): ret = True emsg = [] f = open(imported_file, "r") lines = f.readlines() f.close() xt_func.sudo(["rm -rf",imported_file]) e = jcfg.parse_syntax(lines) if not e[0]: return e data = e[1] if "xteralink" not in data: return (False, N_("invalid configuration")) data = data["xteralink"] for i in const.MOD_LIST: page = __import__(i) if page.TAG not in data: print "skip", page.TAG continue print "importing", page.TAG e = jcfg.validate_jcfg(page.HELPER, {page.TAG: data[page.TAG]}) if not e[0]: ret = False emsg.append(e[1]) continue e = page.set(e[1][page.TAG], user) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _set_dmzlan_ifup_address_and_route(data, pos): ret = True emsg = [] # Always ifups dmz e = xt_func.sudo(["ip link set dev", pos, "up"]) if not e[0]: ret = False emsg.append(e[1]) for i in data["basic-subnet"]: ip_range = xt_func.iprange2list(i["ip"]) inet = xt_func.block2cidr(ip_range[0]+ "/"+ i["mask"]) for ip in ip_range: e = xt_func.sudo(["ip addr add", ip+ "/"+ i["mask"], "brd + dev", pos]) if not e[0]: ret = False emsg.append(e[1]) e = xt_func.sudo(["ip route add", inet, "dev", pos, "src", ip_range[0], "table", const.RTAB[pos]]) for i in data["static-route"]: e = xt_func.sudo(["ip route add", i["subnet"], "via", i["gateway"], "dev", pos, "table", const.RTAB[pos]]) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _set(data): ret = True emsg = [] xt_func.sudo(["killall snmpd"]) if data["enable"] == 1: print "RUN" f = open(DCONF_TMP, "w") f.write("com2sec Area default "+ data["community"]+ "\n"); f.write("group Reader v1 Area\n"); f.write("group Reader v2c Area\n"); f.write("sysdescr "+ const.PRODUCT_NAME+ "\n"); f.write("syslocation "+ data["system-location"]+ "\n"); f.write("sysname "+ data["system-name"]+ "\n"); f.write("syscontact "+ data["system-contact"]+ "\n"); for l in FIXED: f.write(l + "\n"); f.close() e = xt_func.sudo(["mv", DCONF_TMP, DCONF]) if not e[0]: ret = False emsg.append(e[1]) e = xt_func.sudo(["snmpd -c", DCONF]) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def check_acc(): for dirPath, dirNames, fileNames in os.walk(controller.acc_online_dir): for f in fileNames: now_time = time.time() acc_time = os.path.getmtime(controller.acc_online_dir + f) # check account have expired over 60 seconds if (int(now_time) - int(acc_time) > 60): xt_func.sudo(["rm -rf", controller.acc_online_dir + f])
def start_traceroute(pos, target): dum = const.DUM_IP[pos] xt_func.sudo(["rm -f", TRACERT_DONE_FILE, TRACERT_RST_FILE]) f = open(TRACERT_SH_FILE, "w") f.write("#!/bin/sh\n") f.write("sudo traceroute -ns "+ dum+ " "+ target+ " >"+ TRACERT_RST_FILE+ " 2>&1\n") f.write("touch "+ TRACERT_DONE_FILE + "\n") f.close() e = xt_func.sh(["sh", TRACERT_SH_FILE], block=False) return e
def start_ping(pos, target): dum = const.DUM_IP[pos] xt_func.sudo(["rm -f", PING_DONE_FILE, PING_RST_FILE]) f = open(PING_SH_FILE, "w") f.write("#!/bin/sh\n") f.write("ping -W 3 -c 50 -I "+ dum+ " "+ target+ " >"+ PING_RST_FILE+ " 2>&1\n") f.write("touch "+ PING_DONE_FILE + "\n") f.close() e = xt_func.sh(["sh", PING_SH_FILE], block=False) return e
def set_datetime(data, user): ret = (True, None) xtd_logd.add_log(user + " apply " + TAG) timestr = ".".join(data[0:3]) + "-" + ":".join(data[3:6]) e = xt_func.sudo(["date -s", timestr]) if not e[0]: ret = (False, N_("See failure.log")) e = xt_func.sudo(["hwclock -w"]) if not e[0]: ret = (False, N_("See failure.log")) return ret
def firmware_update(updatekey, fwupfile): ret = True emsg = [] e = xt_func.sudo(["apply_update ",fwupfile," ",updatekey]) xt_func.sudo(["rm -rf",fwupfile]) # firmeare update failed return error message if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg) #reboot command xt_func.reboot("reboot after firmware update") return (ret, emsg)
def firmware_downgrade(fwdownfile): ret = True emsg = [] e = xt_func.sudo(["apply_downgrade ",fwdownfile]) xt_func.sudo(["rm -rf",fwdownfile]) # firmeare downgrade failed return error message if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg) #reboot command xt_func.reboot("reboot after firmware downgrade") return (ret, emsg)
def get(fname=TAG+".txt", fdir=const.CFG_DIR): import xte_network version_j = xt_func.load_json(const.CFG_DIR+"version.json")[1] license_j = xt_func.load_json(const.CFG_DIR+"license.json")[1] traffic = _get_summary_traffic() detection = _get_summary_detection() txt = xt_func.sh(["cat", "/proc/uptime"])[1] up_secs = int(txt.split(".")[0]) #Tuncate to integer network_c = xte_network.get()[1] data = { "version": version_j["version"], "sn": license_j["sn"], "uptime": _calc_uptime(up_secs), "connections":xt_func.sudo(["cat", "/proc/sys/net/netfilter/nf_conntrack_count"])[1], "cpu":_get_cpu_usage(), } for pos in const.ALL_POS: data[pos] = _get_pos_summary(pos) data[pos]["ip"] = _get_wan_address(pos) data[pos]["detection"] = detection[pos] data[pos]["rx"] = traffic[pos]["rx"] data[pos]["tx"] = traffic[pos]["tx"] if pos == "lan" or pos == "dmz": data[pos]["label"] = "N/A" else: data[pos]["label"] = network_c[pos]["label"] return (True, data)
def _set_ifup_address_and_route(data): ret = True emsg = [] #set WLHD:good for default arg = "" for pos in const.ALL_WANS: if data[pos]["type"] == "static" and data[pos]["enable"] == 1: arg += "1" else: arg += "0" e = xt_func.sudo(["xtctl autoroute stat", arg]) if not e[0]: ret = False emsg.append(e[1]) #Make sure DMZ is before WANs for pos in const.ALL_POS: if pos == "dmz" or pos == "lan": e = _set_dmzlan_ifup_address_and_route(data[pos], pos) elif data[pos]["type"] == "static": e = _set_static_wan_ifup_address_and_route(data[pos], pos) else: #pppoe or dhcp e = _set_dynamic_wan_ifup_address_and_route(data[pos], pos) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _set(data): ret = True emsg = [] tzcode = tz.TZ[data["time-zone"]] e = xt_func.sh(["echo '"+ tzcode+ "'", "| sudo tee /etc/TZ"]) if not e[0]: ret = False emsg.append(e[1]) f = open(const.CRON_SH["ntpd"], "w") f.write("#!/bin/sh\n") if data["time-server"] != "": f.write("sleep 30\n") f.write("ntpd -qnNp "+ data["time-server"]+ "\n") f.write("hwclock -w\n") f.close() e = xt_func.sudo([const.CRON_SH["ntpd"]], block=False) if not e[0]: ret = False emsg.append(e[1]) d = datetime.datetime.today() run_at = str(d.second) + " * * * *" e = xt_func.crontab_replace(const.CRON_SH["ntpd"], run_at) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def factory_default(targets="*", do_reboot=True): e = xt_func.sudo(["cp -r", const.MIDWARE_DIR+"factory_default/"+targets, const.CFG_DIR]) if not e[0]: return e if do_reboot: xt_func.reboot("Reboot now") return (True, [N_("Reboot now")]) return (True, [])
def _set_public_ip_passthrough(data): """proxyarpd reads data from netpos, call this after netpos is done""" ret = True emsg = [] for pos in const.ALL_WANS: if len(data[pos]["public-ip-passthrough"]["ip"]) == 0: continue e = xt_func.sudo(["proxyarpd -d -i", pos]) if not e[0]: ret = False emsg.append(e[1]) e = xt_func.sudo(["proxyarpd -d -i dmz"]) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def kill_cmd(cmd): e = xt_func.sh(["ps | grep '"+ cmd+ "' | grep -v grep"]) if not e[0]: return (False, [N_("nothing to kill")]) tok = e[1].strip().split() e = xt_func.sudo(["kill", tok[0]]) if not e[0]: return e return (True, [N_("kill"), tok[0]])
def _get_summary_detection(): data = {} raw = xt_func.sudo(["xtctl", "autoroute", "stat"])[1] for i in range(0,4): pos = "wan" + str(i+1) if raw[i] == "0": data[pos] = "bad" else: data[pos] = "good" data["dmz"] = "N/A" data["lan"] = "N/A" return data
def cli_show(): for pos in const.ALL_POS: print "[{}]".format(pos) e = xt_func.sudo(["xtctl netpos", pos]) if not e[0]: print "No such device" continue lines = e[1].split("\n") if pos == "lan" or pos == "dmz": data = {"l": [], "s": []} for l in lines: l = l.strip() if l == "LOCALHOST": flag = "l" continue elif l == "PROXYARP": flag = "p" continue elif l == "SUBNET": flag = "s" continue elif l == "ROUTE": break if flag == "l" or flag == "s": data[flag].append(l) for i in range(0, len(data["l"])): print "ip:{}, subnet:{}".format(data["l"][i], data["s"][i]) else: data = [] subnet = None for l in lines: l = l.strip() if l == "LOCALHOST": flag = "l" continue elif l == "PROXYARP": flag = "p" continue elif l == "SUBNET": flag = "s" continue elif l == "ROUTE": break if flag == "l": data.append(l) elif flag == "s": subnet = l for i in data: print "ip:{},".format(i) if subnet is not None: print "subnet:{}".format(subnet)
def run(blocking=True,cfg={}): config_web(cfg) """ if cherrypy.config.get('environment',None) == 'production' : cherrypy.config.update({'error_page.default': "%s/index.html" % (xtera.paths['static']) ,'error_page.401': "%s/errors/401.html" % (xtera.paths['static']) ,'error_page.403': "%s/errors/403.html" % (xtera.paths['static']) ,'error_page.404': "%s/errors/404.html" % (xtera.paths['static']) ,'error_page.500': "%s/errors/500.html" % (xtera.paths['static']) } ) """ # remove session and account online dir xt_func.sudo(["rm -rf", '/tmp/session-*']) xt_func.sudo(["rm -rf", controller.acc_online_dir]) xt_func.sudo(["rm -rf", controller.acc_session_dir]) os.makedirs(controller.acc_online_dir) os.makedirs(controller.acc_session_dir) def check_acc(): for dirPath, dirNames, fileNames in os.walk(controller.acc_online_dir): for f in fileNames: now_time = time.time() acc_time = os.path.getmtime(controller.acc_online_dir + f) # check account have expired over 60 seconds if (int(now_time) - int(acc_time) > 60): xt_func.sudo(["rm -rf", controller.acc_online_dir + f]) # also delete account seesion dir: may has bug, so mark it #for dirPath_1, dirNames_1, fileNames_1 in os.walk(controller.acc_session_dir): # for f_1 in fileNames_1: # xt_func.sudo(["rm -rf", controller.acc_session_dir + f_1]) # every 30 seconds to check account status t = RepeatableTimer(30, check_acc) t.start() #bind log controll with cherrypy def _setlog(k,v): setattr(cherrypy.log, k, ) cherrypy.config.namespaces['log'] = _setlog engine = cherrypy.engine """Setup the signal handler to stop the application while running""" if hasattr(engine, "signal_handler"): engine.signal_handler.subscribe() if hasattr(engine, "console_control_handler"): engine.console_control_handler.subscribe() cherrypy.engine.start() if blocking: # this routine that starts this as a windows service will not want us to block here. cherrypy.engine.block() if __name__ == '__main__': run(blocking=True)
def _set(data): f = open("/tmp/hostname", "w") f.write(data["hostname"]) f.close() f = open("/tmp/resolv.conf", "w") f.write("#"+ str(datetime.datetime.now()) + "\n") if data["domain-name"] != "": f.write("search " + data["domain-name"] + "\n") if data["dns-server-1"] != "": f.write("nameserver " + data["dns-server-1"]+ "\n") if data["dns-server-2"] != "": f.write("nameserver " + data["dns-server-2"]+ "\n") f.close() ret = True e = xt_func.sudo(["hostname", str(data["hostname"])]) if not e[0]: ret = False e = xt_func.sudo(["mv /tmp/hostname /etc/"]) if not e[0]: ret = False e = xt_func.sudo(["mv /tmp/resolv.conf /etc/"]) if not e[0]: ret = False return (ret, None)
def _set_bandwidth_limit(data): ret = True emsg = [] json = [] for pos in const.ALL_WANS: json.append( [pos, data[pos]["downstream"], data[pos]["upstream"]]) xt_func.save_json(BMSTATD_CONF, json) e = xt_func.sudo(["bmstatd -d -f", BMSTATD_CONF]) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def do_arpenforce(data=None): if data is None: data = get()[1] rst = [] for pos in const.ALL_WANS: _make_arpenforced_conf_for_wan(data, pos, rst) _make_arpenforced_conf_for_lan(data, rst) _make_arpenforced_conf_for_dmz(data, rst) f = open(ARPENFORCED_CONF, "w") for l in rst: f.write(l + "\n") f.close() return xt_func.sudo(["arpenforced", ARPENFORCED_CONF])
def _set_dynamic_wan_ifup_address_and_route(data, pos): if data["enable"] != 1: return (True, [pos, "disabled"]) cmd = ["dy_monitor -d -i", pos, "-t"] cmd.append(data["type"]) if data["type"] == "pppoe": cmd.append("-u "+ data["pppoe-mode"]["username"]) cmd.append("-p "+ data["pppoe-mode"]["password"]) if data["pppoe-mode"]["service-name"] != "": cmd.append("-s "+ data["pppoe-mode"]["service-name"]) if data["pppoe-mode"]["daily-redial"] != "": cmd.append("-r "+ data["pppoe-mode"]["daily-redial"]) if data["pppoe-mode"]["ip"] != "": cmd.append("-a "+ data["pppoe-mode"]["ip"]) if data["public-ip-passthrough"]["mask"] != "": cmd.append("-m "+ xt_func.ipv4mask2prefix(data["public-ip-passthrough"]["mask"])) return xt_func.sudo(cmd)
def reconnect_dynamic_wan(pos): e = get() if e[0] is False: return e data = e[1] if data[pos]["enable"] != 1: return (False, [pos, "is disabled"]) if data[pos]["type"] != "dhcp" and data[pos]["type"] != "pppoe": return (False, [pos, "is not dynamic"]) f = open(DYM_PID_PREFIX + pos, "r") oldpid = f.readline().strip() f.close() e = xt_func.sudo(["kill", oldpid]) if not e[0]: return e return _set_dynamic_wan_ifup_address_and_route(data[pos], pos)
def _set_netpos(data): ret = True emsg = [] for pos in const.ALL_POS: fname = const.XTCFG_DIR+ "netpos-"+ pos+ ".txt" xcfg = { "LOCALHOST": [], "PROXYARP": [], "SUBNET": [], "ROUTE": [], "GATEWAY": [] } if pos == "lan" or pos == "dmz": for i in data[pos]['basic-subnet']: xcfg["LOCALHOST"].append(i["ip"]) ip1 = i["ip"].split("-")[0] cidr = xt_func.block2cidr(ip1 + "/" + i["mask"]) xcfg["SUBNET"].append(cidr) xcfg["ROUTE"] = [xt_func.block2cidr(i["subnet"]) for i in data[pos]['static-route']] xcfg["GATEWAY"] = [i["gateway"] for i in data[pos]['static-route']] elif data[pos]["enable"] == 1: if data[pos]["type"] == "static": # dy_monitord charges PPPoE and DHCP types for i in data[pos]["static-mode"]["ip"]: xcfg["LOCALHOST"].append(i) ip1 = data[pos]["static-mode"]["ip"][0].split("-")[0] cidr = xt_func.block2cidr(ip1 + "/" + data[pos]["static-mode"]["mask"]) xcfg["SUBNET"].append(cidr) xcfg["PROXYARP"] = [i for i in data[pos]['public-ip-passthrough']["ip"]] f = open(fname, "w") for i in ["LOCALHOST", "PROXYARP", "SUBNET", "ROUTE", "GATEWAY"]: f.write(i + "\n"); for j in xcfg[i]: f.write(j + "\n"); f.close() e = xt_func.sudo(["xtctl netpos", pos, fname]); if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _do_arping_detect(pos): clist = [] addrs = xt_func.get_netpos_addresses(pos) proxys = xt_func.get_netpos_proxyarp(pos) for ip in proxys: addrs.append(ip) for ip in addrs: e = xt_func.sudo(["arping -D -w 1 -I", pos, ip, "| grep Unicast"]) if e[0]: tok = e[1].split() mac = tok[4][1:-2].split(":") mac_s = [] for i in mac: if len(i) == 1: mac_s.append("0" + i) else: mac_s.append(i) mac = ":".join(mac_s) clist.append((ip, pos, mac)) return clist
def _set_static_wan_ifup_address_and_route(data, pos): ret = True emsg = [] if data["enable"] != 1: return (ret, [pos, "disabled"]) e = xt_func.sudo(["ip link set dev", pos, "up"]) if not e[0]: ret = False emsg.append(e[1]) # static supports only one subnet fst_ip = data["static-mode"]["ip"][0].split("-")[0] inet = xt_func.block2cidr(fst_ip + "/" + data["static-mode"]["mask"]) for i in data["static-mode"]["ip"]: ip_range = xt_func.iprange2list(i) for ip in ip_range: e = xt_func.sudo(["ip addr add", ip+ "/"+ data["static-mode"]["mask"], "brd + dev", pos]) if not e[0]: ret = False emsg.append(e[1]) e = xt_func.sudo(["ip route add default via", data["static-mode"]["gateway"], "dev", pos, "table", const.RTAB[pos]]) e = xt_func.sudo(["ip route append default via", data["static-mode"]["gateway"], "dev", pos]) if len(data["public-ip-passthrough"]["ip"]) > 0: #Copy addresses to DMZ for public-ip-passthrough for ip in ip_range: e = xt_func.sudo(["ip addr add", ip+ "/"+ data["static-mode"]["mask"], "brd + dev dmz"]) if not e[0]: ret = False emsg.append(e[1]) #Don't forget route tables e = xt_func.sudo(["ip route del", inet, "dev dmz"]) e = xt_func.sudo(["ip route add", inet, "src", fst_ip, "dev dmz table", const.RTAB["dmz"]]) return (ret, emsg)
def _delete_account_in_system(name, group): e = xt_func.sudo(["delgroup", name, group]) if not e[0]: return e return xt_func.sudo(["deluser", name])
def _set(data): hw = xt_func.load_json(const.HW_INFO)[1] ret = True emsg = [] xt_func.sudo(["killall bmstatd"]) xt_func.sudo(["killall proxyarpd"]) xt_func.sudo(["killall dy_monitor"]) time.sleep(4) # dy_monitor needs 3 sec to end itself for (dev, pos, rtab, dum) in const.IFMAP: xt_func.sudo(["ip link set dev", pos, "down"]) xt_func.sudo(["ip addr flush dev", pos]) xt_func.sudo(["ip route flush table", rtab]) xt_func.sudo(["ip route flush cache"]) e = _set_hardware(data, hw) if not e[0]: ret = False emsg.append(e[1]) e = _set_ifup_address_and_route(data) if not e[0]: ret = False emsg.append(e[1]) e = _set_netpos(data) if not e[0]: ret = False emsg.append(e[1]) e = _set_public_ip_passthrough(data) if not e[0]: ret = False emsg.append(e[1]) e = _set_bandwidth_limit(data) if not e[0]: ret = False emsg.append(e[1]) e = do_arpenforce(data) if not e[0]: ret = False emsg.append(e[1]) return (ret, emsg)
def _add_account_to_system(name, param): e = xt_func.sudo(["adduser -DG", param["g"], "-s /swlb/middleware/cli.py", name]) if not e[0]: return e return _change_password_in_system(name, param["p"])