def query_filter_by(cls, id=None, username=None): if id: cmd = ['getent', 'passwd', str(id)] elif username: cmd = ['id', '-u', str(username)] else: return None try: r = exec_command(cmd) except: current_app.logger.error( '[Account System]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) return None if r['return_code'] != 0: current_app.logger.error( '[Account System]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return None if id: username = r['stdout'].split(':')[0] return cls(id, username) if username: id = int(r['stdout']) return cls(id, username)
def iptables_set_snat_rules(method, source, gateway, message=True): methods = {'add': '-A', 'del': '-D'} #: check rule exist while add rule rules = iptables_get_snat_rules() if isinstance(rules, bool) and not rules: return False if method == 'add' and (source, gateway) in rules: if message: message = u"该规则已经存在:%s ==> %s" % (source, gateway) flash(message, 'alert') return False #: add rule to iptables cmd = 'iptables -t nat %s POSTROUTING -s %s -j SNAT --to-source %s' % ( methods[method], source, gateway) save_rules = 'iptables-save -t nat' try: with open('/usr/local/flexgw/instance/snat-rules.iptables', 'w') as f: results = exec_command(cmd.split()), exec_command( save_rules.split(), stdout=f) except: current_app.logger.error('[SNAT]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) if message: flash(u'iptables 程序异常,无法调用,请排查操作系统相关设置!', 'alert') return False #: check result for r, c in zip(results, [cmd, save_rules]): if r['return_code'] == 0: continue elif message: message = u"设置规则失败:%s" % r['stderr'] flash(message, 'alert') current_app.logger.error('[SNAT]: exec_command return: %s:%s:%s', c, r['return_code'], r['stderr']) return False return True
def iptables_set_snat_rules(method, source, gateway, message=True): methods = {'add': '-A', 'del': '-D'} #: check rule exist while add rule rules = iptables_get_snat_rules() if isinstance(rules, bool) and not rules: return False if method == 'add' and (source, gateway) in rules: if message: message = u"该规则已经存在:%s ==> %s" % (source, gateway) flash(message, 'alert') return False #: add rule to iptables cmd = 'iptables -t nat %s POSTROUTING -s %s -j SNAT --to-source %s' % (methods[method], source, gateway) save_rules = 'iptables-save -t nat' try: with open('/usr/local/flexgw/instance/snat-rules.iptables', 'w') as f: results = exec_command(cmd.split()), exec_command(save_rules.split(), stdout=f) except: current_app.logger.error('[SNAT]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) if message: flash(u'iptables 程序异常,无法调用,请排查操作系统相关设置!', 'alert') return False #: check result for r, c in zip(results, [cmd, save_rules]): if r['return_code'] == 0: continue elif message: message = u"设置规则失败:%s" % r['stderr'] flash(message, 'alert') current_app.logger.error('[SNAT]: exec_command return: %s:%s:%s', c, r['return_code'], r['stderr']) return False return True
def check_update(): cmd = ['/usr/local/flexgw/scripts/update', '--check'] try: r = exec_command(cmd, timeout=10) except: current_app.logger.error('[API]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) return jsonify({"message": u"执行命令:`/usr/local/flexgw/scripts/update --check' 失败!"}), 500 if r['return_code'] != 0: current_app.logger.error('[API]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return jsonify({"message": u"检查更新失败,请手工执行命令:`/usr/local/flexgw/scripts/update --check'"}), 504 for line in r['stdout'].split('\n'): if ' new ' in line: info = u"发现新版本:%s!" % (line.split(':')[1]) return jsonify({"message": info}) return jsonify({"message": u"已经是最新版本了!"}), 404
def get_localhost_ip(): cmd = ['/sbin/ifconfig'] eth_ip = {} try: r = exec_command(cmd) except: current_app.logger.error('[Dial Helpers]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) return False if r['return_code'] == 0: r_data = r['stdout'].split('\n') for index, line in enumerate(r_data): if line.startswith('inet addr:'): eth_ip[r_data[index-1].split()[0]] = line.split().split(':')[1] else: current_app.logger.error('[Dial Helpers]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return False return eth_ip
def _exec(self, cmd, message=None): try: r = exec_command(cmd) except: current_app.logger.error('[Dial Services]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) flash(u'VPN 程序异常,无法调用,请排查操作系统相关设置!', 'alert') return False #: store cmd info self.cmd = cmd self.c_code = r['return_code'] self.c_stdout = r['stdout'] self.c_stderr = r['stderr'] #: check return code if r['return_code'] == 0: return True if message: flash(message % r['stderr'], 'alert') current_app.logger.error('[Dial Services]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return False
def get_localhost_ip(): cmd = ['/sbin/ifconfig'] eth_ip = {} try: r = exec_command(cmd) except: current_app.logger.error('[Dial Helpers]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) return False if r['return_code'] == 0: r_data = r['stdout'].split('\n') for index, line in enumerate(r_data): if line.startswith('inet addr:'): eth_ip[r_data[index - 1].split()[0]] = line.split().split(':')[1] else: current_app.logger.error( '[Dial Helpers]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return False return eth_ip
def _exec(self, cmd, message=None): try: r = exec_command(cmd) except: current_app.logger.error( '[Dial Services]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) flash(u'VPN 程序异常,无法调用,请排查操作系统相关设置!', 'alert') return False #: store cmd info self.cmd = cmd self.c_code = r['return_code'] self.c_stdout = r['stdout'] self.c_stderr = r['stderr'] #: check return code if r['return_code'] == 0: return True if message: flash(message % r['stderr'], 'alert') current_app.logger.error( '[Dial Services]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return False
def iptables_get_snat_rules(message=True): cmd = ['iptables', '-t', 'nat', '--list-rules'] try: r = exec_command(cmd) except: current_app.logger.error('[SNAT]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) if message: flash(u'iptables 程序异常,无法调用,请排查操作系统相关设置!', 'alert') return False if r['return_code'] != 0: current_app.logger.error('[SNAT]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) if message: message = u"获取规则失败:%s" % r['stderr'] flash(message, 'alert') return False rules = [] for item in r['stdout'].split('\n'): if '-j SNAT' in item: t = item.split() rules.append((t[t.index('-s') + 1], t[t.index('--to-source') + 1])) return rules
def query_filter_by(cls, id=None, username=None): if id: cmd = ['getent', 'passwd', str(id)] elif username: cmd = ['id', '-u', str(username)] else: return None try: r = exec_command(cmd) except: current_app.logger.error('[Account System]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) return None if r['return_code'] != 0: current_app.logger.error('[Account System]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return None if id: username = r['stdout'].split(':')[0] return cls(id, username) if username: id = int(r['stdout']) return cls(id, username)
def check_update(): cmd = ['/usr/local/flexgw/scripts/update', '--check'] try: r = exec_command(cmd, timeout=10) except: current_app.logger.error('[API]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) return jsonify({ "message": u"执行命令:`/usr/local/flexgw/scripts/update --check' 失败!" }), 500 if r['return_code'] != 0: current_app.logger.error('[API]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) return jsonify({ "message": u"检查更新失败,请手工执行命令:`/usr/local/flexgw/scripts/update --check'" }), 504 for line in r['stdout'].split('\n'): if ' new ' in line: info = u"发现新版本:%s!" % (line.split(':')[1]) return jsonify({"message": info}) return jsonify({"message": u"已经是最新版本了!"}), 404
def iptables_get_snat_rules(message=True): cmd = ['iptables', '-t', 'nat', '--list-rules'] try: r = exec_command(cmd) except: current_app.logger.error('[SNAT]: exec_command error: %s:%s', cmd, sys.exc_info()[1]) if message: flash(u'iptables 程序异常,无法调用,请排查操作系统相关设置!', 'alert') return False if r['return_code'] != 0: current_app.logger.error('[SNAT]: exec_command return: %s:%s:%s', cmd, r['return_code'], r['stderr']) if message: message = u"获取规则失败:%s" % r['stderr'] flash(message, 'alert') return False rules = [] for item in r['stdout'].split('\n'): if '-j SNAT' in item: t = item.split() rules.append((t[t.index('-s')+1], t[t.index('--to-source')+1])) return rules