def _set_time_info(data={}):
client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
resp = json.loads(client.get_device_time())
if resp["responseCode"] != 200:
return ""
else:
update_info = resp["device_time_info"]
for key in data.keys():
if key == "date":
time_info = str(update_info["time"])
items = time_info.split()
new_time_info = data.get(key) + " " + items[1]
update_info["time"] = new_time_info
elif key == "time":
time_info = str(update_info["time"])
items = time_info.split()
new_time_info = items[0] + " " + data.get(key)
update_info["time"] = new_time_info
elif key == "tz":
update_info["timezone"] = data.get(key)
config = {"device_time_info": update_info}
res = client.set_config(config)
res_json = json.loads(res)
if res_json["responseCode"] != 200:
return ""
else:
return u"更新成功"
def _set_hostname(new_name):
client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
config = {"device_base_info": {"hostname": new_name}}
res = client.set_config(config)
res_json = json.loads(res)
if res_json["responseCode"] != 200:
return ""
else:
return u"更新成功"
def _restore_hostname(hostname_backup_file):
f = open(hostname_backup_file)
hostname_backup = f.readline().replace("\n", "")
if hostname_backup is not None and hostname_backup != "":
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
config = {"device_base_info": {"hostname": hostname_backup}}
res = agent_client.set_config(config)
res_json = json.loads(res)
if res_json["responseCode"] != 200:
utils.app_logger("Restore hostname encounter error", "error")
else:
utils.app_logger("Restore hostname successfully")
def _restore_appliance(app_filename):
tmp_folder = tempfile.mkdtemp(prefix="backup.", dir="/tmp")
(ret, output) = utils.app_command("tar xfvz %s -C %s" %
(app_filename, tmp_folder))
current_path = os.getcwd()
os.chdir(tmp_folder)
app_filename = os.path.basename(app_filename)
device_type = utils.get_device_type()
# copy networking files to some place, _post_restore will use them
cur_dir = os.getcwd()
if os.path.exists(cur_dir + "/interfaces"):
shutil.rmtree(temp_dir_networking, ignore_errors=True)
os.makedirs(temp_dir_networking)
utils.app_command_quiet("cp interfaces " + temp_dir_networking)
utils.app_command_quiet("cp resolv.conf " + temp_dir_networking)
utils.app_command_quiet("cp hostname.backup " + temp_dir_networking)
if device_type == 2 or device_type == 6 or device_type == 13:
utils.app_command_quiet("cp pbr-* " + temp_dir_networking)
# restore hostname
if os.path.exists(cur_dir + "/hostname.backup"):
utils.app_command_quiet("cp hostname.backup " +
temp_dir_networking)
_restore_hostname(temp_dir_networking + "/hostname.backup")
#restore pcap config file
if device_type == 2:
has_file = False
for bro_cfg in bro_backup_filelist:
if os.path.isfile(os.path.basename(bro_cfg)):
has_file = True
shutil.copy(os.path.basename(bro_cfg), bro_cfg)
common_bro_rep_str = 'redef snaplen = 32768;\\nconst store_disk_length = 4096 \\&redef;\\nconst ftp_capture_max_file_size =100000000 \\&redef;\\nconst smb_capture_max_file_size =100000000 \\&redef;\\nconst http_capture_max_file_size =100000000 \\&redef;\\nconst smtp_capture_max_file_size =100000000 \\&redef;\\nconst imap_capture_max_file_size =100000000 \\&redef;\\nconst pop3_capture_max_file_size =100000000 \\&redef;'
os.system(
"sed -i ':a;N;$!ba;s/\\(.*\\)redef snaplen = 32768;\\(.*\\)/\\1%s\\2/' /usr/local/bro/share/bro/policy/protocols/spe-common/common.bro"
% (common_bro_rep_str))
if has_file == True:
device_mode = utils.get_device_work_mode()
current_mode = utils.get_monitor_mode()
restore_mode = utils.get_monitor_mode()
if device_mode == 1 and not current_mode == restore_mode:
utils.logger("Restore monitor mode to %s" % restore_mode)
utils.app_command(
"/opt/skyguard/www/app/device_work_mode.py switch force")
if device_type == 2 or device_type == 4 or device_type == 6 or device_type == 8:
#Restore iptables, ebtables first - in case device work doesn't change which will not refresh these tables
for bk_file in app_backup_filelist:
if (device_type == 4
or device_type == 8) and "ebtables" in bk_file:
continue
if os.path.isfile(os.path.basename(bk_file)):
shutil.copy(os.path.basename(bk_file), bk_file)
device_mode = utils.get_device_work_mode()
# Flush ebtables
if device_type == 2 or device_type == 6 and device_mode != 4: # device mode is not proxy mode
utils.app_command_quiet("/sbin/ebtables -t broute -F")
utils.app_command_quiet(
"/bin/sh /opt/skyguard/www/app/ebtables-rules-%d" %
int(device_mode))
utils.app_command_quiet(
"/sbin/iptables-restore < /opt/skyguard/www/app/iptables-rules-%d"
% int(device_mode))
app_restore = app_filename.replace(".tar.gz", ".conf")
with open(app_restore) as config_data:
config = json.load(config_data)
monitor_mode = utils.get_monitor_mode()
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
# restore device work mode
if config.has_key("device_work_mode"):
device_work_mode = config["device_work_mode"]
device_type = utils.get_device_type()
if device_type == 2 or device_type == 6:
res = agent_client.set_information(
{"device_work_mode": device_work_mode})
res_json = json.loads(res)
if res_json["responseCode"] != 200:
utils.app_logger("Restore device_work_mode encounter error",
"error")
return False
if device_work_mode == 1:
utils.app_command(
"sudo /opt/skyguard/www/app/device_work_mode.py switch %s"
% monitor_mode)
# restore protocol settings
device_work_mode = utils.get_device_work_mode()
if config.has_key("protocol"):
utils.app_conf_write({"protocol": config["protocol"]})
if device_work_mode == 1 and monitor_mode == "pcap" and config[
"protocol"].has_key("netObject"):
try:
res = agent_client.set_protocol_settings(
"netObject", config["protocol"]["netObject"])
except httplib.HTTPException:
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
res = agent_client.set_protocol_settings(
"netObject", config["protocol"]["netObject"])
#restore pcap file in swg
if device_type == 6:
for bro_cfg in bro_backup_filelist_swg:
if os.path.isfile(os.path.basename(bro_cfg)):
shutil.copy(os.path.basename(bro_cfg), bro_cfg)
# if bro run ,restart
ret = os.system(
"ps -ef |grep /usr/local/bro/bin/bro |grep -v grep > /dev/null 2>&1"
)
if ret == 0:
os.system("/usr/local/bro/bin/broctl deploy > /dev/null 2>&1")
import time
time.sleep(1)
# restore global bypass
if config.has_key("globalbypass"):
res = utils.app_conf_write({"globalbypass": config["globalbypass"]})
#restore exception list
if config.has_key("exception"):
res = utils.app_conf_write({"exception": config["exception"]})
# restore backup settings
if config.has_key("backup_settings"):
backup_settings = config["backup_settings"]
try:
res = agent_client.set_backup_settings(backup_settings)
except httplib.HTTPException:
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
res = agent_client.set_backup_settings(backup_settings)
res_json = json.loads(res)
if res_json["responseCode"] != 200:
utils.app_logger("Restore backup_settings encounter error",
"error")
return False
# restore snmp settings
if config.has_key("snmp_settings"):
snmp_settings = config["snmp_settings"]
try:
res = agent_client.set_information(
{"snmp_settings": snmp_settings})
except httplib.HTTPException:
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
res = agent_client.set_information(
{"snmp_settings": snmp_settings})
res_json = json.loads(res)
if res_json["responseCode"] != 200:
utils.app_logger("Restore snmp_settings encounter error", "error")
return False
# restore device time info
if config.has_key("device_time_info"):
device_time_info = config["device_time_info"]
if device_time_info.has_key("ntp") and device_time_info["ntp"]:
new_time_info = json.loads(
agent_client.get_device_time())["device_time_info"]
new_time_info["ntp"] = device_time_info["ntp"]
new_time_info["ntpserver"] = device_time_info["ntpserver"]
config = {}
config["device_time_info"] = new_time_info
try:
res = agent_client.set_config(config)
except httplib.HTTPException:
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
res = agent_client.set_config(config)
res_json = json.loads(res)
if res_json["responseCode"] != 200:
utils.app_logger("Restore device_time_info encounter error",
"error")
return False
# restore proxy settings
if config.has_key("proxy_settings"):
proxy_settings = config["proxy_settings"]
try:
res = agent_client.set_proxy_settings(proxy_settings)
except httplib.HTTPException:
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
res = agent_client.set_proxy_settings(proxy_settings)
res_json = json.loads(res)
if res_json["responseCode"] != 200:
utils.app_logger("Restore proxy_settings encounter error", "error")
return False
# restore block pages settings
if config.has_key("block_page_settings"):
utils.app_logger("begim to restore block_page_settings")
block_page_settings = config["block_page_settings"]
bps = BlockPageSettings()
# first restore the backup block pages
bps.delete_backup_zip()
shutil.copy(os.path.basename(blockpage_backup_customized_zip),
blockpage_backup_customized_zip)
shutil.copy(os.path.basename(blockpage_backup_uploaded_zip),
blockpage_backup_uploaded_zip)
bps.restore_blockpage_dir()
# then update the setting
ret = bps.set_settings(block_page_settings)
utils.app_command_quiet(
"chown -R www-data:www-data /opt/skyguard/download/")
if ret["responseCode"] == 0 or ret["responseCode"] == 1:
utils.app_logger("Succeed to restore block_page_settings")
else:
utils.app_logger("Restore block_page_settings encounter error",
"error")
return False
# restore device base info
if config.has_key("device_base_info"):
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
agent_client.set_information(
{"device_base_info": config["device_base_info"]})
#(ret, output) = utils.app_command("sudo /opt/skyguard/www/app/device_base_info.py set %s" % "'"+json.dumps(config["device_base_info"])+"'")
#if ret != 0:
# utils.app_logger(str(output))
# restore forensics storage
if config.has_key("forensics_storage"):
forensics_storage.set_forensics_capacity(
config["forensics_storage"]["capacity"])
#restore forensic file
if device_type != 1:
if os.path.exists("forensics"):
filelist = os.listdir("forensics")
if filelist != []:
if not os.path.exists(forensics_dir):
os.makedirs(forensics_dir)
FileUtil.copyFilesToDir("forensics", forensics_dir)
#for f in filelist:
# shutil.copy("forensics/"+f,forensics_dir)
#restore collect log dir
if os.path.exists("collect_log"):
filelist = os.listdir("collect_log")
if filelist != []:
if not os.path.exists(collect_log_dir):
os.makedirs(collect_log_dir)
FileUtil.copyFilesToDir("collect_log/", collect_log_dir)
# Restore hybrid.conf if exist
if os.path.isfile("hybrid.conf"):
shutil.copy("hybrid.conf", "/opt/skyguard/www/app/hybrid.conf")
# Resotre hybrid settings
if (device_type == 4
or device_type == 8) and os.path.isfile("gre_info.conf"):
shutil.copy("gre_info.conf", "/opt/skyguard/www/app/gre_info.conf")
'''
with open("hybrid_settings.conf", "r") as hybrid_conf:
hybrid_settings = json.load(hybrid_conf)
agent_client = AGENT_CLIENT(AGENT_ADDR, AGENT_PORT)
agent_client.set_hybrid_config(hybrid_settings)
'''
#restore synctime task setting
if config.has_key("synctime_schedule_task"):
redis_client = RedisClient()
if redis_client.exist_key("synctime_schedule_task"):
redis_client.delete_key("synctime_schedule_task")
redis_client.hmset("synctime_schedule_task",
config["synctime_schedule_task"])
#restore backup task setting
if config.has_key("backup_schedule_task"):
redis_client = RedisClient()
if redis_client.exist_key("backup_schedule_task"):
redis_client.delete_key("backup_schedule_task")
redis_client.hmset("backup_schedule_task",
config["backup_schedule_task"])
set_backup_schedule(config["backup_schedule_task"])
#restore ts setting
#if config.has_key("ts_account_info"):
#redis_client = RedisClient()
#if redis_client.exist_key("ts"):
# redis_client.delete_key("ts")
#redis_client.set("ts",config["ts_account_info"])
# restore network setting
bk_interface_file = temp_dir_networking + "/interfaces"
if os.path.exists(bk_interface_file):
import time
time.sleep(5)
utils.app_logger("Restore network setting...")
#utils.app_command_quiet("/etc/init.d/networking stop")
for nic in [
"eth0", "eth1", "eth2", "eth3", "bond0", "bond1", "bond2",
"bond3", "br0"
]:
_remove_old_pbr(nic)
utils.app_logger("Restore /etc/network/interfaces...")
shutil.copy(bk_interface_file, "/etc/network/interfaces")
bk_resolv_file = temp_dir_networking + "/resolv.conf"
utils.app_logger("Restore /etc/resolv.conf...")
shutil.copy(bk_resolv_file, "/etc/resolv.conf")
if device_type == 2 or device_type == 6 or device_type == 13:
utils.app_logger("Restore /opt/skyguard/www/app/pbr-*...")
for f in listdir(temp_dir_networking):
if f.find("pbr-") != -1:
shutil.copy(join(temp_dir_networking, f),
"/opt/skyguard/www/app/")
shutil.rmtree(temp_dir_networking, ignore_errors=True)
#utils.app_command_quiet("/etc/init.d/networking start")
utils.app_logger("Finish to restore network setting.")
# notify mta to update mta ip
if device_type == 2 or device_type == 6:
if utils.get_bonding_status("bond1") == True:
mta_ip = utils.get_ip_address("bond1")
else:
mta_ip = utils.get_ip_address("eth1")
mtaclient = MTA_CLIENT(MTA_ADDR, MTA_PORT)
mtaclient.set_mta_nics("eth1", mta_ip)
os.chdir(current_path)
shutil.rmtree(tmp_folder)
print "Finished restore"
return True