def gettsigid(thiskeyname): thisresultlist=[] selectlist=['tsig_id','tsig_keys','tsig_name',thiskeyname] thisresultlist = menudbselect_dm.dbRecordSelect(selectlist) #print "Length of array/list returned" #print len(thisresultlist) return thisresultlist
def getviewid(thiskeyname): thisresultlist=[] selectlist=['view_id','bind_views','view_name',thiskeyname] thisresultlist = menudbselect_dm.dbRecordSelect(selectlist) #print "Length of array/list returned" #print len(thisresultlist) return thisresultlist
def doView(mwlist): #print "do menu view" #for val in mwlist: # print val # create a dictionary to collect all the results to generate SQL inserts or update viewDict = dict() # insert org id into dictionary viewDict['org_id'] = mwlist[2] if mwlist[1] != 'update': # start the menu to gather view details viewmenuactive=True while viewmenuactive: getviewname = True print "\nYou are about to provide the data needed for a new Bind View and related zone files." print "\nThe view must be a unique name within the system," print "it must also be a single word with no spaces, letters, dashes, underscores and digits ok" while getviewname: uvinput = raw_input("Enter view name: ") uvinput = uvinput.strip().lower() vresult = inputView(uvinput) # needed to get the status, using length of list to avoid global vars if not vresult[0]: viewDict['view_name'] = vresult[1] getviewname = False getmonip = True while getmonip: print "\nIdeally you want to direct suspicious traffic to a server you control, AKA, sinkhole" uvlinput = raw_input("What is the internal IP for the monitoring application? ( dotted quad): ") uvlinput = iptoint_dm.dotQuadtoInt(uvlinput) if uvlinput > 10: viewDict['sh_ip'] = uvlinput getmonip = False else: print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again" print"\nProvide a short description of this sink hole, EG, .net app running in Calgary office" getmondesc = True while getmondesc: uvlinput = raw_input("Description: ") uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1') #print uvlinput if uvlinput == 'invalid_format': continue else: viewDict['sh_desc'] = uvlinput getmondesc = False getviewip = True viewClientIPList=[] print "\nDefine the source IP(s)/ subnets for the recursive clients using this view( dotted quad or cidr): " while getviewip: addrtype= raw_input("Is this a single IP or subnet (ip|cidr)? ") addrtype = addrtype.strip().lower() if addrtype == 'ip': uvsinput = raw_input("What is the source IP for the recursive clients?( dotted quad): ") uvsinput = inputSani_dm.inputSanitizer(uvsinput,'ip') if uvsinput == 'invalid_format': print "hmm, looks like that wasn't a dotted quad, EG 172.16.28.7, please enter again" continue else: uvsinput = raw_input("What is the source subnet for the recursive clients?( cidr notation): ") uvsinput = inputSani_dm.inputSanitizer(uvsinput,'cidr') if uvsinput == 'invalid_format': print "hmm, looks like that wasn't cidr notation, EG 172.16.28.0/26, please enter again" continue viewClientIPList.append(uvsinput) nextIP = raw_input("\nDo you need to add another IP address (yes|no)?") nextIP = nextIP.strip().lower() if nextIP == 'no': getviewip = False # build IPs and cidr into a CSV string to be used with views rcsvclients = ",".join(map(str,viewClientIPList)) viewDict['view_src_acl_ips'] = rcsvclients # build into an ACL data structure later on getviewdesc = True print"\nProvide a short description of what's behind these IP addresses, EG, Eastern office or Engineering dept" while getviewdesc: uvlinput = raw_input("Description: ") uvlinput = inputSani_dm.inputSanitizer(uvlinput,'desc1') #print uvlinput if uvlinput == 'invalid_format': continue else: viewDict['view_desc'] = uvlinput getviewdesc = False print "\n please standby, generating a view specific domain for RPZ usage." dompart = genRandomString_dm.genString(7) hostpart = genRandomString_dm.genString(6) shfqdn = hostpart + '.' + dompart + '.local' print "\n created this virtually unguessable FQDN just for this view: " + shfqdn viewDict['sh_fqdn'] = shfqdn # generate the list to be fed to db-insert_sinkholedata sinkholesql = insertsinkholedata_dm.parsemenudict(viewDict) #print sinkholesql shresult=menudbinsert_dm.dbinsert(sinkholesql) #print shresult if shresult == 1: print "sinkhole table entry created successfully" # grab teh sinkhole id to dump into the view table shselect = ['sinkhole_id','view_sinkholes','sh_fqdn',shfqdn] thisresultlist = menudbselect_dm.dbRecordSelect(shselect) if len(thisresultlist) == 1: viewDict['def_sh_id'] = thisresultlist[0] else: print "failed to retrieve sinkhole ID, you should probably exit and debug this" else: print "You may need to manually check the view_sinkholes table" #generate tsig_key meta data, ( this is static even if the keys are updated oid = viewDict['org_id'] vname = viewDict['view_name'] tsigid = genTsigData_dm.gentsigsql(oid,vname) newtsigid = tsigid[0] viewDict['tsig_id'] = newtsigid # debug dictionary contents #for key,val in viewDict.iteritems(): # print key, '-->', viewDict[key] # generate the list from dictinary values and push data viewsqlinsert=[viewDict['org_id'],viewDict['view_name'],viewDict['def_sh_id'],viewDict['view_src_acl_ips'],viewDict['view_desc'],viewDict['tsig_id']] # debug (org_id,view_name,def_sh_id,view_src_acl_ips,view_desc,tsig_id) #for val in viewsqlinsert: # print val thisviewid = insertviewdata_dm.genviewgsql(viewsqlinsert) newviewid = thisviewid[0] if len(thisviewid) == 1: print "\nProgress report: \nCreation of view " + viewDict['view_name'] + " confirmed successful, please generate an view file for this organization now, menu/genorgview\n" # generate black and white list entries since there is a now a view for the org print "\nStand by, just making a few internal database updates" shid = viewDict['def_sh_id'] wlcreate = genDefListData_dm.genbworgsql(oid,vname,shid) if wlcreate == 1: print "All black list and white list default records were successfully initialized" # exit do view menu viewmenuactive=False return