def get_ip(self, text):
if common.match_ipv4_address(text) is not None:
return common.match_ipv4_address(text)
else:
if common.match_ipv6_address(text) is not None:
return common.match_ipv6_address(text)
return None
def get_ip(text): if common.match_ipv4_address(text) != None: return common.match_ipv4_address(text) else: if common.match_ipv6_address(text) != None: return common.match_ipv6_address(text) return None
def update_all_user(self, dt_transfer):
import cymysql
update_transfer = {}
query_head = 'UPDATE user'
query_sub_when = ''
query_sub_when2 = ''
query_sub_in = None
alive_user_count = 0
bandwidth_thistime = 0
if get_config().MYSQL_SSL_ENABLE == 1:
conn = cymysql.connect(host=get_config().MYSQL_HOST, port=get_config().MYSQL_PORT, user=get_config().MYSQL_USER,
passwd=get_config().MYSQL_PASS, db=get_config().MYSQL_DB, charset='utf8',ssl={'ca':get_config().MYSQL_SSL_CA,'cert':get_config().MYSQL_SSL_CERT,'key':get_config().MYSQL_SSL_KEY})
else:
conn = cymysql.connect(host=get_config().MYSQL_HOST, port=get_config().MYSQL_PORT, user=get_config().MYSQL_USER,
passwd=get_config().MYSQL_PASS, db=get_config().MYSQL_DB, charset='utf8')
conn.autocommit(True)
for id in dt_transfer.keys():
if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0:
continue
query_sub_when += ' WHEN %s THEN u+%s' % (id, dt_transfer[id][0] * self.traffic_rate)
query_sub_when2 += ' WHEN %s THEN d+%s' % (id, dt_transfer[id][1] * self.traffic_rate)
update_transfer[id] = dt_transfer[id]
alive_user_count = alive_user_count + 1
cur = conn.cursor()
cur.execute("INSERT INTO `user_traffic_log` (`id`, `user_id`, `u`, `d`, `Node_ID`, `rate`, `traffic`, `log_time`) VALUES (NULL, '" + str(self.port_uid_table[id]) + "', '" + str(dt_transfer[id][0]) +"', '" + str(dt_transfer[id][1]) + "', '" + str(get_config().NODE_ID) + "', '" + str(self.traffic_rate) + "', '" + self.trafficShow((dt_transfer[id][0]+dt_transfer[id][1]) * self.traffic_rate) + "', unix_timestamp()); ")
cur.close()
bandwidth_thistime = bandwidth_thistime + ((dt_transfer[id][0] + dt_transfer[id][1]) * self.traffic_rate)
if query_sub_in is not None:
query_sub_in += ',%s' % id
else:
query_sub_in = '%s' % id
if query_sub_when != '':
query_sql = query_head + ' SET u = CASE port' + query_sub_when + \
' END, d = CASE port' + query_sub_when2 + \
' END, t = unix_timestamp() ' + \
' WHERE port IN (%s)' % query_sub_in
cur = conn.cursor()
cur.execute(query_sql)
cur.close()
cur = conn.cursor()
cur.execute("UPDATE `ss_node` SET `node_heartbeat`=unix_timestamp(),`node_bandwidth`=`node_bandwidth`+'" + str(bandwidth_thistime) + "' WHERE `id` = " + str(get_config().NODE_ID) + " ; ")
cur.close()
cur = conn.cursor()
cur.execute("INSERT INTO `ss_node_online_log` (`id`, `node_id`, `online_user`, `log_time`) VALUES (NULL, '" + str(get_config().NODE_ID) + "', '" + str(alive_user_count) + "', unix_timestamp()); ")
cur.close()
cur = conn.cursor()
cur.execute("INSERT INTO `ss_node_info` (`id`, `node_id`, `uptime`, `load`, `log_time`) VALUES (NULL, '" + str(get_config().NODE_ID) + "', '" + str(self.uptime()) + "', '" + str(self.load()) + "', unix_timestamp()); ")
cur.close()
online_iplist = ServerPool.get_instance().get_servers_iplist()
for id in online_iplist.keys():
for ip in online_iplist[id]:
cur = conn.cursor()
cur.execute("INSERT INTO `alive_ip` (`id`, `nodeid`,`userid`, `ip`, `datetime`) VALUES (NULL, '" + str(get_config().NODE_ID) + "','" + str(self.port_uid_table[id]) + "', '" + str(ip) + "', unix_timestamp())")
cur.close()
detect_log_list = ServerPool.get_instance().get_servers_detect_log()
for port in detect_log_list.keys():
for rule_id in detect_log_list[port]:
cur = conn.cursor()
cur.execute("INSERT INTO `detect_log` (`id`, `user_id`, `list_id`, `datetime`, `node_id`) VALUES (NULL, '" + str(self.port_uid_table[port]) + "', '" + str(rule_id) + "', UNIX_TIMESTAMP(), '" + str(get_config().NODE_ID) + "')")
cur.close()
deny_str = ""
if platform.system() == 'Linux' and get_config().ANTISSATTACK == 1 :
wrong_iplist = ServerPool.get_instance().get_servers_wrong()
server_ip = socket.gethostbyname(get_config().MYSQL_HOST)
for id in wrong_iplist.keys():
for ip in wrong_iplist[id]:
realip = ""
is_ipv6 = False
if common.is_ip(ip) != False:
if(common.is_ip(ip) == socket.AF_INET):
realip = ip
else:
if common.match_ipv4_address(ip) != None:
realip = common.match_ipv4_address(ip)
else:
is_ipv6 = True
realip = ip
else:
continue
if str(realip) == str(server_ip):
continue
cur = conn.cursor()
cur.execute("SELECT * FROM `blockip` where `ip` = '" + str(realip) + "'")
rows = cur.fetchone()
cur.close()
if rows != None:
continue
if get_config().CLOUDSAFE == 1:
cur = conn.cursor()
cur.execute("INSERT INTO `blockip` (`id`, `nodeid`, `ip`, `datetime`) VALUES (NULL, '" + str(get_config().NODE_ID) + "', '" + str(realip) + "', unix_timestamp())")
cur.close()
else:
if is_ipv6 == False:
os.system('route add -host %s gw 127.0.0.1' % str(realip))
deny_str = deny_str + "\nALL: " + str(realip)
else:
os.system('ip -6 route add ::1/128 via %s/128' % str(realip))
deny_str = deny_str + "\nALL: [" + str(realip) +"]/128"
logging.info("Local Block ip:" + str(realip))
if get_config().CLOUDSAFE == 0:
deny_file=open('/etc/hosts.deny','a')
fcntl.flock(deny_file.fileno(),fcntl.LOCK_EX)
deny_file.write(deny_str + "\n")
deny_file.close()
conn.close()
return update_transfer
def update_all_user(self, dt_transfer):
global webapi
update_transfer = {}
alive_user_count = 0
bandwidth_thistime = 0
data = []
for id in dt_transfer.keys():
if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0:
continue
data.append({
'u': dt_transfer[id][0],
'd': dt_transfer[id][1],
'user_id': self.port_uid_table[id]
})
update_transfer[id] = dt_transfer[id]
webapi.postApi('users/traffic', {'node_id': get_config().NODE_ID},
{'data': data})
webapi.postApi('nodes/%d/info' % (get_config().NODE_ID),
{'node_id': get_config().NODE_ID}, {
'uptime': str(self.uptime()),
'load': str(self.load())
})
online_iplist = ServerPool.get_instance().get_servers_iplist()
data = []
for port in online_iplist.keys():
for ip in online_iplist[port]:
data.append({'ip': ip, 'user_id': self.port_uid_table[port]})
webapi.postApi('users/aliveip', {'node_id': get_config().NODE_ID},
{'data': data})
detect_log_list = ServerPool.get_instance().get_servers_detect_log()
data = []
for port in detect_log_list.keys():
for rule_id in detect_log_list[port]:
data.append({
'list_id': rule_id,
'user_id': self.port_uid_table[port]
})
webapi.postApi('users/detectlog', {'node_id': get_config().NODE_ID},
{'data': data})
deny_str = ""
data = []
if platform.system() == 'Linux' and get_config().ANTISSATTACK == 1:
wrong_iplist = ServerPool.get_instance().get_servers_wrong()
server_ip = socket.gethostbyname(get_config().MYSQL_HOST)
for id in wrong_iplist.keys():
for ip in wrong_iplist[id]:
realip = ""
is_ipv6 = False
if common.is_ip(ip):
if (common.is_ip(ip) == socket.AF_INET):
realip = ip
else:
if common.match_ipv4_address(ip) is not None:
realip = common.match_ipv4_address(ip)
else:
is_ipv6 = True
realip = ip
else:
continue
if str(realip).find(str(server_ip)) != -1:
continue
has_match_node = False
for node_ip in self.node_ip_list:
if str(realip).find(node_ip) != -1:
has_match_node = True
continue
if has_match_node:
continue
if get_config().CLOUDSAFE == 1:
data.append({'ip': realip})
else:
if not is_ipv6:
os.system('route add -host %s gw 127.0.0.1' %
str(realip))
deny_str = deny_str + "\nALL: " + str(realip)
else:
os.system('ip -6 route add ::1/128 via %s/128' %
str(realip))
deny_str = deny_str + \
"\nALL: [" + str(realip) + "]/128"
logging.info("Local Block ip:" + str(realip))
if get_config().CLOUDSAFE == 0:
deny_file = open('/etc/hosts.deny', 'a')
fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX)
deny_file.write(deny_str)
deny_file.close()
webapi.postApi('func/block_ip', {'node_id': get_config().NODE_ID},
{'data': data})
return update_transfer
def update_all_user(self, dt_transfer):
global webapi
update_transfer = {}
alive_user_count = 0
bandwidth_thistime = 0
data = []
for id in dt_transfer.keys():
if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0:
continue
data.append({
"u": dt_transfer[id][0],
"d": dt_transfer[id][1],
"user_id": self.port_uid_table[id],
})
update_transfer[id] = dt_transfer[id]
webapi.postApi("traffic", {"node_id": get_config().NODE_ID},
{"data": data})
webapi.postApi("uptimeinfo", {"node_id": get_config().NODE_ID},
{"node_id": get_config().NODE_ID})
online_iplist = ServerPool.get_instance().get_servers_iplist()
data = []
for port in online_iplist.keys():
for ip in online_iplist[port]:
data.append({"ip": ip, "user_id": self.port_uid_table[port]})
webapi.postApi("aliveip", {"node_id": get_config().NODE_ID},
{"data": data})
detect_log_list = ServerPool.get_instance().get_servers_detect_log()
data = []
for port in detect_log_list.keys():
for rule_id in detect_log_list[port]:
data.append({
"list_id": rule_id,
"user_id": self.port_uid_table[port]
})
webapi.postApi(
"detectlog",
{"node_id": get_config().NODE_ID},
{"data": data},
)
deny_str = ""
data = []
if platform.system() == "Linux" and get_config().ANTISSATTACK == 1:
wrong_iplist = ServerPool.get_instance().get_servers_wrong()
server_ip = socket.gethostbyname(get_config().MYSQL_HOST)
for id in wrong_iplist.keys():
for ip in wrong_iplist[id]:
realip = ""
is_ipv6 = False
if common.is_ip(ip):
if common.is_ip(ip) == socket.AF_INET:
realip = ip
else:
if common.match_ipv4_address(ip) is not None:
realip = common.match_ipv4_address(ip)
else:
is_ipv6 = True
realip = ip
else:
continue
if str(realip).find(str(server_ip)) != -1:
continue
has_match_node = False
for node_ip in self.node_ip_list:
if str(realip).find(node_ip) != -1:
has_match_node = True
continue
if has_match_node:
continue
if get_config().CLOUDSAFE == 1:
data.append({"ip": realip})
else:
if not is_ipv6:
os.system("route add -host %s gw 127.0.0.1" %
str(realip))
deny_str = deny_str + "\nALL: " + str(realip)
else:
os.system("ip -6 route add ::1/128 via %s/128" %
str(realip))
deny_str = deny_str + "\nALL: [" + str(
realip) + "]/128"
logging.info("Local Block ip:" + str(realip))
if get_config().CLOUDSAFE == 0:
deny_file = open("/etc/hosts.deny", "a")
fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX)
deny_file.write(deny_str)
deny_file.close()
webapi.postApi(
"block_ip",
{"node_id": get_config().NODE_ID},
{"data": data},
)
return update_transfer
def update_all_user(self, dt_transfer):
update_transfer = {}
query_head = "UPDATE user"
query_sub_when = ""
query_sub_when2 = ""
query_sub_in = None
alive_user_count = 0
bandwidth_thistime = 0
for offset_port in dt_transfer.keys():
port = self.get_real_port(offset_port)
if dt_transfer[offset_port][0] == 0 and dt_transfer[offset_port][1] == 0:
continue
query_sub_when += " WHEN %s THEN u+%s" % (port, dt_transfer[offset_port][0] * self.traffic_rate)
query_sub_when2 += " WHEN %s THEN d+%s" % (port, dt_transfer[offset_port][1] * self.traffic_rate)
update_transfer[offset_port] = dt_transfer[offset_port]
alive_user_count = alive_user_count + 1
self.append_traffic_log(offset_port, dt_transfer)
bandwidth_thistime = bandwidth_thistime + (dt_transfer[offset_port][0] + dt_transfer[offset_port][1])
if query_sub_in is not None:
query_sub_in += ",%s" % port
else:
query_sub_in = "%s" % port
self.mass_insert_traffic()
if query_sub_when != "":
query_sql = (
query_head
+ " SET u = CASE port"
+ query_sub_when
+ " END, d = CASE port"
+ query_sub_when2
+ " END, t = unix_timestamp() "
+ " WHERE port IN (%s)" % query_sub_in
)
self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE)
query_sql = (
"UPDATE `ss_node` SET `node_heartbeat`=unix_timestamp(),`node_bandwidth`=`node_bandwidth`+'"
+ str(bandwidth_thistime)
+ "' WHERE `id` = "
+ str(self.api_config.NODE_ID)
+ " ; "
)
self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE)
query_sql = (
"INSERT INTO `ss_node_online_log` (`id`, `node_id`, `online_user`, `log_time`) VALUES (NULL, '"
+ str(self.api_config.NODE_ID)
+ "', '"
+ str(alive_user_count)
+ "', unix_timestamp()); "
)
self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE)
query_sql = (
"INSERT INTO `ss_node_info` (`id`, `node_id`, `uptime`, `load`, `log_time`) VALUES (NULL, '"
+ str(self.api_config.NODE_ID)
+ "', '"
+ str(self.uptime())
+ "', '"
+ str(self.load())
+ "', unix_timestamp()); "
)
self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE)
online_iplist = sp_instance().get_servers_iplist()
for port in online_iplist.keys():
for ip in online_iplist[port]:
self.append_alive_ip(port, ip)
self.mass_insert_alive_ip()
detect_log_list = sp_instance().get_servers_detect_log()
for port in detect_log_list.keys():
for rule_id in detect_log_list[port]:
query_sql = (
"INSERT INTO `detect_log` (`id`, `user_id`, `list_id`, `datetime`, `node_id`) VALUES (NULL, '"
+ str(self.port_uid_table[port])
+ "', '"
+ str(rule_id)
+ "', UNIX_TIMESTAMP(), '"
+ str(self.api_config.NODE_ID)
+ "')"
)
self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE)
deny_str = ""
if platform.system() == "Linux" and self.api_config.ANTISSATTACK == 1:
wrong_iplist = sp_instance().get_servers_wrong()
server_ip = socket.gethostbyname(self.api_config.MYSQL_HOST)
for id in wrong_iplist.keys():
for ip in wrong_iplist[id]:
is_ipv6 = False
if common.is_ip(ip):
if common.is_ip(ip) == socket.AF_INET:
realip = ip
else:
if common.match_ipv4_address(ip) is not None:
realip = common.match_ipv4_address(ip)
else:
is_ipv6 = True
realip = ip
else:
continue
if str(realip).find(str(server_ip)) != -1:
continue
has_match_node = False
for node_ip in self.node_ip_list:
if str(realip).find(node_ip) != -1:
has_match_node = True
continue
if has_match_node:
continue
query_sql = "SELECT * FROM `blockip` where `ip` = '" + str(realip) + "'"
rows = self.get_mysql_cur(query_sql, fetch_type=FETCH_ONE)
if rows is not None:
continue
if self.api_config.CLOUDSAFE == 1:
query_sql = (
"INSERT INTO `blockip` (`id`, `nodeid`, `ip`, `datetime`) VALUES (NULL, '"
+ str(self.api_config.NODE_ID)
+ "', '"
+ str(realip)
+ "', unix_timestamp())"
)
self.get_mysql_cur(query_sql, fetch_type=FETCH_NONE)
else:
if not is_ipv6:
os.system("route add -host %s gw 127.0.0.1" % str(realip))
deny_str = deny_str + "\nALL: " + str(realip)
else:
os.system("ip -6 route add ::1/128 via %s/128" % str(realip))
deny_str = deny_str + "\nALL: [" + str(realip) + "]/128"
logging.info("Local Block ip: %s", str(realip))
if self.api_config.CLOUDSAFE == 0:
deny_file = open("/etc/hosts.deny", "a")
fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX)
deny_file.write(deny_str)
deny_file.close()
return update_transfer
def update_all_user(self, dt_transfer):
import cymysql
update_transfer = {}
query_head = 'UPDATE user'
query_sub_when = ''
query_sub_when2 = ''
query_sub_in = None
alive_user_count = 0
bandwidth_thistime = 0
for id in dt_transfer.keys():
if dt_transfer[id][0] == 0 and dt_transfer[id][1] == 0:
continue
query_sub_when += ' WHEN %s THEN u+%s' % (id, dt_transfer[id][0] *
self.traffic_rate)
query_sub_when2 += ' WHEN %s THEN d+%s' % (id, dt_transfer[id][1] *
self.traffic_rate)
update_transfer[id] = dt_transfer[id]
alive_user_count = alive_user_count + 1
self.append_traffic_log(id, dt_transfer)
bandwidth_thistime = bandwidth_thistime + \
(dt_transfer[id][0] + dt_transfer[id][1])
if query_sub_in is not None:
query_sub_in += ',%s' % id
else:
query_sub_in = '%s' % id
self.mass_insert_traffic()
if query_sub_when != '':
query_sql = query_head + ' SET u = CASE port' + query_sub_when + \
' END, d = CASE port' + query_sub_when2 + \
' END, t = unix_timestamp() ' + \
' WHERE port IN (%s)' % query_sub_in
self.getMysqlCur(query_sql, no_result=True)
query_sql = "UPDATE `ss_node` SET `node_heartbeat`=unix_timestamp(),`node_bandwidth`=`node_bandwidth`+'" + \
str(bandwidth_thistime) + \
"' WHERE `id` = " + str(self.NODE_ID) + " ; "
self.getMysqlCur(query_sql, no_result=True)
query_sql = "INSERT INTO `ss_node_online_log` (`id`, `node_id`, `online_user`, `log_time`) VALUES (NULL, '" + \
str(self.NODE_ID) + "', '" + str(alive_user_count) + "', unix_timestamp()); "
self.getMysqlCur(query_sql, no_result=True)
query_sql = "INSERT INTO `ss_node_info` (`id`, `node_id`, `uptime`, `load`, `log_time`) VALUES (NULL, '" + \
str(get_config().NODE_ID) + "', '" + str(self.uptime()) + "', '" + str(self.load()) + "', unix_timestamp()); "
self.getMysqlCur(query_sql, no_result=True)
online_iplist = ServerPool.get_instance().get_servers_iplist()
for id in online_iplist.keys():
for ip in online_iplist[id]:
self.append_alive_ip(id, ip)
self.mass_insert_alive_ip()
detect_log_list = ServerPool.get_instance().get_servers_detect_log()
for port in detect_log_list.keys():
for rule_id in detect_log_list[port]:
query_sql = "INSERT INTO `detect_log` (`id`, `user_id`, `list_id`, `datetime`, `node_id`) VALUES (NULL, '" + \
str(self.port_uid_table[port]) + "', '" + str(rule_id) + "', UNIX_TIMESTAMP(), '" + str(self.NODE_ID) + "')"
self.getMysqlCur(query_sql, no_result=True)
deny_str = ""
if platform.system() == 'Linux' and get_config().ANTISSATTACK == 1:
wrong_iplist = ServerPool.get_instance().get_servers_wrong()
server_ip = socket.gethostbyname(get_config().MYSQL_HOST)
for id in wrong_iplist.keys():
for ip in wrong_iplist[id]:
realip = ""
is_ipv6 = False
if common.is_ip(ip):
if (common.is_ip(ip) == socket.AF_INET):
realip = ip
else:
if common.match_ipv4_address(ip) is not None:
realip = common.match_ipv4_address(ip)
else:
is_ipv6 = True
realip = ip
else:
continue
if str(realip).find(str(server_ip)) != -1:
continue
has_match_node = False
for node_ip in self.node_ip_list:
if str(realip).find(node_ip) != -1:
has_match_node = True
continue
if has_match_node:
continue
query_sql = "SELECT * FROM `blockip` where `ip` = '" + str(
realip) + "'"
rows = self.getMysqlCur(query_sql, fetchone=True)
if rows is not None:
continue
if get_config().CLOUDSAFE == 1:
query_sql = "INSERT INTO `blockip` (`id`, `nodeid`, `ip`, `datetime`) VALUES (NULL, '" + \
str(self.NODE_ID) + "', '" + str(realip) + "', unix_timestamp())"
self.getMysqlCur(query_sql, no_result=True)
else:
if not is_ipv6:
os.system('route add -host %s gw 127.0.0.1' %
str(realip))
deny_str = deny_str + "\nALL: " + str(realip)
else:
os.system('ip -6 route add ::1/128 via %s/128' %
str(realip))
deny_str = deny_str + \
"\nALL: [" + str(realip) + "]/128"
logging.info("Local Block ip:" + str(realip))
if get_config().CLOUDSAFE == 0:
deny_file = open('/etc/hosts.deny', 'a')
fcntl.flock(deny_file.fileno(), fcntl.LOCK_EX)
deny_file.write(deny_str)
deny_file.close()
return update_transfer
