def ip_list(ip_version, path, filename): """ Return a list of address strings with netmask (if supplied) which is read from a file. Only those addresses matching the IP version are returned. Parameters: ip_version The IP version (e.g. 4) filename The file to read adddresses from """ listfile_path = os.path.join(path, filename) xtmlib.debug("Reading IPv{} addresses from '{}'".format( ip_version, listfile_path)) addresses = [] if ip_version == 4: ip_version = socket.AF_INET else: ip_version = socket.AF_INET6 with open(listfile_path) as listfile: for line in listfile: # skip comments if line.startswith("#"): continue line = line.rstrip() # split the line into address and netmask address, _, netmask = line.partition("/") # try to parse the address try: socket.inet_pton(ip_version, address) except: continue addresses.append(line) return addresses
def get_counters(ip_version=4): xtmlib.debug("Getting counters from current setup.") xtmlib.debug_indent(1) counters = CounterSet() try: ipt_output = subprocess.check_output( [xtables_commands[ip_version] + "-save", "-c"]).decode() except subprocess.CalledProcessError: xtmlib.debug("Failed to call %s!" % (xtables_commands[ip_version] + "-save")) return counters table = None for line in ipt_output.splitlines(): line = line.strip() counter = None if line.startswith("*"): # table table = line[1:] xtmlib.debug("Table '%s'" % table) xtmlib.debug_indent(1) elif line.startswith(":"): # chain match = re_chain.match(line) chain = match.group("name") counter = Counter("%s.%s" % (table, chain), int(match.group("packets_in")), int(match.group("bytes_in"))) elif line.startswith("["): # rule rule = re_rule.match(line) args = shlex.split(rule.group("arguments")) comment = False chain = None for arg in args: if comment is True: comment = arg elif chain is True: chain = arg elif arg == "--comment": comment = True elif arg in {"-A", "-I", "-R"}: chain = True if type(comment) is str and comment.startswith(COMMENT_TAG): counter = Counter( "%s.%s.%s" % (table, chain, comment[len(COMMENT_TAG):]), int(rule.group("packets_in")), int(rule.group("bytes_in"))) elif line == "COMMIT": table = None xtmlib.debug_indent(-1) if counter: xtmlib.debug("Counter '%s': %s" % (counter.name, str(counter))) counters.add(counter) xtmlib.debug_indent(-1) xtmlib.debug("Done.") return counters
def get_counters(ip_version=4): xtmlib.debug("Getting counters from current setup.") xtmlib.debug_indent(1) counters = CounterSet() try: ipt_output = subprocess.check_output( [xtables_commands[ip_version] + "-save", "-c"] ).decode() except subprocess.CalledProcessError: xtmlib.debug( "Failed to call %s!" % (xtables_commands[ip_version] + "-save") ) return counters table = None for line in ipt_output.splitlines(): line = line.strip() counter = None if line.startswith("*"): # table table = line[1:] xtmlib.debug("Table '%s'" % table) xtmlib.debug_indent(1) elif line.startswith(":"): # chain match = re_chain.match(line) chain = match.group("name") counter = Counter( "%s.%s" % (table, chain), int(match.group("packets_in")), int(match.group("bytes_in")) ) elif line.startswith("["): # rule rule = re_rule.match(line) args = shlex.split(rule.group("arguments")) comment = False chain = None for arg in args: if comment is True: comment = arg elif chain is True: chain = arg elif arg == "--comment": comment = True elif arg in {"-A", "-I", "-R"}: chain = True if type(comment) is str and comment.startswith(COMMENT_TAG): counter = Counter( "%s.%s.%s" % (table, chain, comment[len(COMMENT_TAG):]), int(rule.group("packets_in")), int(rule.group("bytes_in")) ) elif line == "COMMIT": table = None xtmlib.debug_indent(-1) if counter: xtmlib.debug("Counter '%s': %s" % (counter.name, str(counter))) counters.add(counter) xtmlib.debug_indent(-1) xtmlib.debug("Done.") return counters
def get_interfaces(ip_version=4): """ Retrieve network interface information and return a list of Interface instances. """ interfaces = InterfaceSet() xtmlib.debug("Getting interface information") xtmlib.debug_indent(1) for interface in netifaces.interfaces(): interface = Interface(interface) # skip localhost if interface == "lo": continue # get addresses of given family if ip_version == 4: family = netifaces.AF_INET else: family = netifaces.AF_INET6 interface_addresses = netifaces.ifaddresses(interface.name) if family not in interface_addresses: continue # print interface name xtmlib.debug("Interface %s" % str(interface)) xtmlib.debug_indent(1) interface_addresses = interface_addresses[family] # process each address for interface_address in interface_addresses: # strip trailing "%ifname" for IPv6 addr = interface_address["addr"] # for IPv4, the netmask might be invisible if ip_version == 4: # convert address to byte sequence to check the first byte addr = socket.inet_pton(socket.AF_INET, addr) # from https://en.wikipedia.org/wiki/IPv4_subnetting_reference if "netmask" in interface_address: netmask = interface_address["netmask"] elif addr[0] < 128: netmask = "255.0.0.0" elif addr[0] < 192: netmask = "255.255.0.0" elif addr[0] < 224: netmask = "255.255.255.0" else: netmask = "255.255.255.255" addr = socket.inet_ntop(socket.AF_INET, addr) else: addr = addr.partition("%")[0] netmask = interface_address["netmask"] # create Address instance address = Address(addr, netmask, 0, ip_version) xtmlib.debug( "Address %d: %s/%s" % ( address.num, str(address), address.netmask) ) # add address to interface instance interface.addresses.append(address) xtmlib.debug_indent(-1) # sort and enumerate addresses for interface """ we do this here so the numbering is persistent for a given set of addresses (regardless of their order) """ interface.addresses.sort() num = 1 for addr in interface.addresses: addr.num = num num += 1 interfaces.add(interface) xtmlib.debug_indent(-1) xtmlib.debug("Done.") return interfaces