def get_flow(host):
proxy = xmlrpclib.ServerProxy("http://%s:%s/" %
(host, SS_NODE_LISTENING_PORT))
aes_data = xmlrpclib.Binary(mycrypto.encrypt_verify(AES_KEY, '1'))
aes_res = proxy.get_flow(aes_data)
res_json = mycrypto.decrypt_verify(AES_KEY, aes_res.data)
return json.loads(res_json, encoding='utf8')
def get_flow(aes_data):
u''''''
text = mycrypto.decrypt_verify(AES_KEY,aes_data.data)
if text == None:return xmlrpclib.Binary(json.dumps({'statos':'err_ase'},encoding='utf8'))
res={
'flow_in':[], # [(8001,3916788L)]
'flow_out':[],
'status':'ok'
}
table = iptc.Table(iptc.Table.FILTER)
chain_in = iptc.Chain(table, 'INPUT')
chain_out = iptc.Chain(table, 'OUTPUT')
table.refresh()
for rule in chain_out.rules:
if len(rule.matches)>0:
sport = rule.matches[0].sport
if sport:
res['flow_out'].append((sport,rule.get_counters()[1]))
for rule in chain_in.rules:
if len(rule.matches)>0:
dport = rule.matches[0].dport
if sport:
res['flow_in'].append((dport,rule.get_counters()[1]))
return xmlrpclib.Binary(mycrypto.encrypt_verify(AES_KEY,json.dumps(res,encoding='utf8')))
def async_update_ss_config(aes_data):
data = mycrypto.decrypt_verify(AES_KEY,aes_data)
if data:
thread.start_new_thread(update_ss_config, ())
return xmlrpclib.Binary(mycrypto.encrypt_verify(AES_KEY,json.dumps({'status':'ok'})))
else:
return xmlrpclib.Binary(json.dumps({'status':'aes_err'}))
def update_ss_config(aes_data):
u""" 更新 ss config 接口
注意,数据要使用 AES 加密。
解密后的格式为
{
'ok':hash 后的 AES_KEY +'test 串' ,用来确认安全
'ss_config':config.json 文件内容
}
返回值:同样加密了。
在解密失败的情况下不会再返回加密信息了,直接返回原文。
"""
text = mycrypto.decrypt_verify(AES_KEY, aes_data.data)
if text == None:
return xmlrpclib.Binary(
json.dumps({'statos': 'err_ase'}, encoding='utf8'))
r = json.loads(text, encoding='utf8')
with open(SS_CONFIG_PATH, 'wb') as file:
file.write(r['ss_config'])
os.system('killall -HUP shadowsocks-server')
return xmlrpclib.Binary(
mycrypto.encrypt_verify(AES_KEY,
json.dumps({'status': 'ok'}, encoding='utf8')))
def async_update_ss_config(aes_data):
data = mycrypto.decrypt_verify(AES_KEY, aes_data)
if data:
thread.start_new_thread(update_ss_config, ())
return xmlrpclib.Binary(
mycrypto.encrypt_verify(AES_KEY, json.dumps({'status': 'ok'})))
else:
return xmlrpclib.Binary(json.dumps({'status': 'aes_err'}))
def update_ss_config_as_node(host,ss_config,port = SS_NODE_LISTENING_PORT,key = AES_KEY):
proxy = xmlrpclib.ServerProxy("http://%s:%s/"%(host,port))
aes_data = xmlrpclib.Binary(mycrypto.encrypt_verify(AES_KEY,json.dumps({'ss_config':ss_config},encoding='utf8')))
aes_res = proxy.update_ss_config(aes_data)
res = json.loads( mycrypto.decrypt_verify(AES_KEY,aes_res.data) ,encoding='utf8')
if res['status']=='ok':
return True
else:
return False
def update_ss_config_as_node(host,
ss_config,
port=SS_NODE_LISTENING_PORT,
key=AES_KEY):
proxy = xmlrpclib.ServerProxy("http://%s:%s/" % (host, port))
aes_data = xmlrpclib.Binary(
mycrypto.encrypt_verify(
AES_KEY, json.dumps({'ss_config': ss_config}, encoding='utf8')))
aes_res = proxy.update_ss_config(aes_data)
res = json.loads(mycrypto.decrypt_verify(AES_KEY, aes_res.data),
encoding='utf8')
if res['status'] == 'ok':
return True
else:
return False
def update_ss_config(aes_data):
u""" 更新 ss config 接口
注意,数据要使用 AES 加密。
解密后的格式为
{
'ok':hash 后的 AES_KEY +'test 串' ,用来确认安全
'ss_config':config.json 文件内容
}
返回值:同样加密了。
在解密失败的情况下不会再返回加密信息了,直接返回原文。
"""
text = mycrypto.decrypt_verify(AES_KEY,aes_data.data)
if text == None:return xmlrpclib.Binary(json.dumps({'statos':'err_ase'},encoding='utf8'))
r = json.loads(text,encoding='utf8')
with open(SS_CONFIG_PATH,'wb') as file:
file.write(r['ss_config'])
os.system('killall -HUP shadowsocks-server')
return xmlrpclib.Binary(mycrypto.encrypt_verify(AES_KEY,json.dumps({'status':'ok'},encoding='utf8')))
chain_out = iptc.Chain(table, 'OUTPUT')
table.refresh()
for rule in chain_out.rules:
try:
if len(rule.matches)==1:
sport = int(rule.matches[0].sport)
res['flow_out'][sport] = rule.get_counters()[1]
except Exception,inst:
print (u'[警告]未知的 iptables 规则,如果是其他软件添加的可以忽略。')
print(inst)
for rule in chain_in.rules:
try:
if len(rule.matches)==1:
dport = int(rule.matches[0].dport)
res['flow_in'][dport] = rule.get_counters()[1]
except Exception,inst:
print (u'[警告]未知的 iptables 规则,如果是其他软件添加的可以忽略。')
print(inst)
return xmlrpclib.Binary(mycrypto.encrypt_verify(AES_KEY,json.dumps(res,encoding='utf8')))
server.register_function(update_ss_config, 'update_ss_config')
server.register_function(get_flow, 'get_flow')
server.serve_forever()
def up_user():
u"""更新了user后调用的方法。通知主服务器"""
proxy = xmlrpclib.ServerProxy("http://127.0.0.1:%s/"%(settings.LISTENING_PORT))
proxy.update_ss_config(mycrypto.encrypt_verify(settings.AES_KEY,1))
def get_flow(host):
proxy = xmlrpclib.ServerProxy("http://%s:%s/"%(host,SS_NODE_LISTENING_PORT))
aes_data = xmlrpclib.Binary(mycrypto.encrypt_verify(AES_KEY,'1'))
aes_res = proxy.get_flow(aes_data)
res_json = mycrypto.decrypt_verify(AES_KEY,aes_res.data)
return json.loads( res_json ,encoding='utf8')
def up_user():
u"""更新了user后调用的方法。通知主服务器"""
proxy = xmlrpclib.ServerProxy("http://127.0.0.1:%s/"%(settings.MASTER_SERVER_LISTENING_PORT))
proxy.update_ss_config(mycrypto.encrypt_verify(settings.AES_KEY,1))
chain_in = iptc.Chain(table, 'INPUT')
chain_out = iptc.Chain(table, 'OUTPUT')
table.refresh()
for rule in chain_out.rules:
try:
if len(rule.matches) == 1:
sport = int(rule.matches[0].sport)
res['flow_out'][sport] = rule.get_counters()[1]
except Exception, inst:
print(u'[警告]未知的 iptables 规则,如果是其他软件添加的可以忽略。')
print(inst)
for rule in chain_in.rules:
try:
if len(rule.matches) == 1:
dport = int(rule.matches[0].dport)
res['flow_in'][dport] = rule.get_counters()[1]
except Exception, inst:
print(u'[警告]未知的 iptables 规则,如果是其他软件添加的可以忽略。')
print(inst)
return xmlrpclib.Binary(
mycrypto.encrypt_verify(AES_KEY, json.dumps(res, encoding='utf8')))
server.register_function(update_ss_config, 'update_ss_config')
server.register_function(get_flow, 'get_flow')
server.serve_forever()