示例#1
0
def updateIpfire():
    if os.path.exists("/tmp/customhosts"):
        os.remove("/tmp/customhosts")
    if os.path.exists("/tmp/customgroups"):
        os.remove("/tmp/customgroups")
    dbconn = db.database()
    dbconn.execute("SELECT lastknownIPv4, address, networklock FROM device D INNER JOIN hardwareidentifier HW ON HW.device_id = D.id")
    with open("/tmp/customhosts", "w") as customhosts:
        with open("/tmp/customgroups", "w") as customgroups:
            counter = 1
            for machine in dbconn.fetchall():
                customhosts.write(str(counter) + "," + machine["address"] + ",ip," + machine["lastknownIPv4"] + "/255.255.255.255\n")
                if machine["networklock"] == 0:
                    customgroups.write(str(counter) + ",blocked,," + machine["address"] + ",Custom Host\n")
    configfile = cf.configfile()
    sshConnection = ssh.ssh(configfile.get("ipfire", "url"), int(configfile.get("ipfire", "port")), "philleconnect", configfile.get("ipfire", "password"))
    if sshConnection == False:
        return False
    if not sshConnection.put("/tmp/customhosts", "/var/ipfire/fwhosts/customhosts"):
        return False
    if not sshConnection.put("/tmp/customgroups", "/var/ipfire/fwhosts/customgroups"):
        return False
    if not sshConnection.exec("/usr/local/bin/firewallctrl"):
        return False
    sshConnection.close()
    return True
示例#2
0
 def __init__(self):
     self.config = cf.configfile()
     ldapServer = Server(self.config.get("ldap", "url"))
     self.connection = Connection(ldapServer,
                                  self.config.get("ldap", "admindn") + "," +
                                  self.config.get("ldap", "basedn"),
                                  self.config.get("ldap", "password"),
                                  auto_bind=True)
 def __init__(self):
     config = cf.configfile()
     self.__db = mysql.connector.connect(
         host = config.get("database", "url"),
         user = config.get("database", "user"),
         passwd = config.get("database", "password"),
         database = config.get("database", "name")
     )
     self.__cursor = self.__db.cursor(dictionary=True)
示例#4
0
def ipfire():
    if not es.isAuthorized("servmgmt"):
        return "ERR_ACCESS_DENIED", 403
    config = cf.configfile()
    if request.method == "GET":
        data = {
            "url": config.get("ipfire", "url"),
            "port": config.get("ipfire", "port"),
            "password": config.get("ipfire", "password"),
        }
        return jsonify(data), 200
    elif request.method == "PUT":
        config.set("ipfire", "url", request.form.get("url"))
        config.set("ipfire", "port", request.form.get("port"))
        config.set("ipfire", "password", request.form.get("password"))
        return "SUCCESS", 200
示例#5
0
def setupIPFire():
    if os.path.exists(config.CONFIG_IPFIRE_FILE):
        return "ERR_SETUP_ALREADY_DONE", 403
    else:
        if request.form.get("jump") == None:
            if not request.form.get("setup") == None:
                try:
                    sshConnection = ssh.ssh(request.form.get("url"), int(request.form.get("port")), "root", request.form.get("rootpassword"))
                    if sshConnection == False:
                        return "ERR_ROOT_PASSWORD_WRONG", 200
                except ValueError:
                    return "ERR_PORT_NOT_A_NUMBER", 400
                if not sshConnection.exec("useradd philleconnect"):
                    return "ERR_IPFIRE_SETUP_USERADD", 500
                if not sshConnection.exec("echo philleconnect:" + request.form.get("password") + " | chpasswd"):
                    return "ERR_IPFIRE_SETUP_SETPASS", 500
                if not sshConnection.exec("chmod =4755 /usr/local/bin/firewallctrl"):
                    return "ERR_IPFIRE_SETUP_PERMISSIONS", 500
                if not sshConnection.exec("chmod =666 /var/ipfire/fwhosts/customhosts"):
                    return "ERR_IPFIRE_SETUP_PERMISSIONS", 500
                if not sshConnection.exec("chmod =666 /var/ipfire/fwhosts/customgroups"):
                    return "ERR_IPFIRE_SETUP_PERMISSIONS", 500
                if not sshConnection.exec("mkdir /home/philleconnect"):
                    return "ERR_IPFIRE_SETUP_HOMEFOLDER", 500
                if not sshConnection.exec("mkdir /home/philleconnect/.ssh"):
                    return "ERR_IPFIRE_SETUP_SSHFILES", 500
                if not sshConnection.exec("chown -R philleconnect /home/philleconnect/"):
                    return "ERR_IPFIRE_SETUP_PERMISSIONS", 500
                if not sshConnection.put(config.CONFIG_BASE + "/ipfire/config", "/var/ipfire/firewall/input"):
                    return "ERR_IPFIRE_SETUP_RULES", 500
                sshConnection.close()
                sshConnection = ssh.ssh(request.form.get("url"), int(request.form.get("port")), "philleconnect", request.form.get("password"))
                if sshConnection == False:
                    return "ERR_SETUP_ERROR", 200
                if not sshConnection.put(config.CONFIG_BASE + "/id_rsa.pub", "/home/philleconnect/.ssh/authorized_keys"):
                    return "ERR_IPFIRE_SETUP_SSHKEY", 500
                if not sshConnection.exec("/usr/local/bin/firewallctrl"):
                    return "ERR_IPFIRE_SETUP_RELOAD", 500
                sshConnection.close()
            configfile = cf.configfile()
            configfile.set("ipfire", "url", request.form.get("url"))
            configfile.set("ipfire", "port", request.form.get("port"))
            configfile.set("ipfire", "password", request.form.get("password"))
        open(config.CONFIG_IPFIRE_FILE, "a").close()
        return "SUCCESS", 200
 def __init__(self):
     self.__config = cf.configfile()