ó è}ý_c@sjdZdZddlZddlZddlZddlZddlZddlZddlZddl Z ddl Z ddl m Z ddlm Z ddlmZmZddlmZmZmZejeƒZd„Zd „Zd „Zd „Zed „Zd „Zd„Zed„Zddddd„Z ddd„Z!d„Z"d„Z#d„Z$dS(s(Funzioni usate dai vari programmi eslocks$Revision: 0.6 $iÿÿÿÿN(t gethostname(t exceptions(tCalledProcessErrortPIPE(t IPNetworkt IPAddresstAddrFormatErrorcCs‚yt|ƒ}Wntk r1t||ƒ|SXytj|ƒ}Wn tk rgd|GHt‚nXt|jƒ|jƒƒS(s Leggi il file di configurazione.s#Errori nel file di configurazione: ( topentIOErrort write_configtyamltloadt ValueErrort SystemExittdicttitems(t config_filetdefault_configtfptconfig_from_file((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyt manage_configs     cCs^yt|dƒ}Wn.ttfk rC}dt|ƒGHt‚nXtj||dtƒdS(s,scrivi file di configurazione con i defaultstws(problemi con il file di configurazione: tdefault_flow_styleN(RtOSErrorRtstrR R tdumptFalse(RRRte((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyR &s  c Csïidd6dd6dd6dd6d d 6d d 6}tjtƒ}|j||ƒtjj|d dd|ƒ}tjddddƒ}|j|ƒ|j||ƒ|j|ƒtj ƒ} | j||ƒ|j| ƒt |_ t ƒ|S(s*setta il logger, sia come file che consolei2tCRITICALi(tERRORitWARNINGitINFOi tDEBUGitNOTSETtwhentmidnightt backupCounttfmts&%(asctime)s %(levelname)s: %(message)stdatefmts%Y-%m-%dT%H:%M:%S( tloggingt getLoggert__name__tsetLevelthandlerstTimedRotatingFileHandlert Formattert setFormattert addHandlert StreamHandlerRt propagatetload_whitelist( tlog_filetlog_level_maintlog_level_filetlog_level_consoletlog_backupcountertlevelstloggertfht formattertch((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyt set_logger0s.          c Cstj||ƒ}tjd|d|d|d|d|ƒ}ytj|ƒ}|SWn6tjk r‹} tjd|dt| ƒƒt SXdS( s apre la connessione con rabbitmqthosttportt virtual_hosttheartbeat_intervalt credentialssNon riesco a connettermi a s: N( tpikatPlainCredentialstConnectionParameterstBlockingConnectionRtAMQPConnectionErrorR9terrorRR( trmq_usertrmq_pwdtrmq_hosttrmq_portt rmq_vhostt rmq_heartbeatRBt parameterstconnR((s3/usr/lib/python2.7/site-packages/eslock/__init__.pytopen_connectionMs cCs:g}x-|D]%}t||ƒr |j|ƒq q W|S(s´valida la lista di indirizzi per evitare di bloccare roba pericolosa ritorna una lista contenente solo indirizzi che vanno bene. Elimina anche gli indirizzi delle reti dada(t validate_iptappend(tip_listtis_nettpurgedtitem((s3/usr/lib/python2.7/site-packages/eslock/__init__.pytvalidate_blacklist^s  cCsŒiatjdƒy;tdƒ}tj|jƒƒaWdQXtjdƒWn*tk rz}tjdt |ƒƒnXtjtƒdS(Ns1Loading whitelist from /etc/eslock/whitelist.jsons/etc/eslock/whitelist.jsonsWhitelist loadedsWhitelist load error: %s( t whitelistR9tinfoRtjsontloadstreadtEnvironmentErrortwarnR(thandleR((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyR2is cCsŽx‡tjƒD]y}t|ddkr>tt|dƒ}ntt|dƒ}|tt|dƒkrptS|t|ƒkr tSq WtS(Nitneti(RYtkeysRRRtTrue(t ip_addresstaddresstc_ip((s3/usr/lib/python2.7/site-packages/eslock/__init__.pytcheck_whitelist_ipysc Csýd}tj||ƒräy£|r0t|ƒ}n t|ƒ}|jƒr]tjd|ƒtSt|ƒs~tjd|ƒtS|tdƒkr¥tjd|ƒtS|tdƒks5|tdƒks5|tdƒks5|td ƒks5|td ƒks5|td ƒks5|td ƒks5|td ƒkrJtjd|ƒtS|j ƒrktjd|ƒtS|s¶|j ƒr’tjd|ƒtS|j ƒr¶tjd|ƒtSnt SWqùt k ràtjd|ƒtSXntjd|ƒtSdS(Ns¢\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\bs Is private :sIs ours s 92.103.17.202s Whitelisted s199.83.128.0/21s198.143.32.0/19s149.126.72.0/21s103.28.248.0/22s185.11.124.0/22s192.230.64.0/18s 45.64.64.0/22s107.154.126.0/24sWhitelisted (SiteLocK)s Is loopback s Is netmask s Is hostmask sFormat Error: s Is invalid: (tretmatchRRt is_privateR9R_RRgt is_loopbackt is_netmaskt is_hostmaskRcR(RdRUtpatterntip((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyRRsR       shash:ipiiicCsattjdƒ}d|}td|ƒ}tjd|ƒtjtj |ƒd|ƒdkrvtjd|ƒt Sy°|rÄtd|d |d t|ƒd t|ƒd t|ƒƒ}n4td|d |d t|ƒd t|ƒƒ}tjd |ƒtj tj |ƒd|ƒWn#t k rKtj d|ƒtSXtjd|ƒt S(screa ipset se non esistenteRtbl_sipset list --terse -name -q s)command line to check for set existence: tstdoutisipset already present: s ipset create t s hashsize s timeout s maxelem scommand line to create set: sset creation error s set created: (RtostdevnullRR9tdebugt subprocesstcalltshlextsplitRct check_callRtcriticalRRZ(tnametset_typethashsizettimeouttmaxelemtFNULLt commandline((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyt create_ipsetÀs( $B1  itcCsåd|}ttjdƒ}tdi|d6|d6ƒ}|r^|tdi|d6ƒ7}n|r‚|tdi|d 6ƒ7}ny tjtj|ƒd |ƒWn<tk ràt j d |ƒt j d |d |ƒt SXt S(s'aggiunge in indirizzo al set desideratoRpRs ipset -exist add %(name)s %(ip)sR|Ros timeout %(t)dtts comment %(c)dtcRqs Commandline: sFailed to add member s to set (RRsRtRRvRzRxRyRR9RuRHRRc(RotipsetRtcommentRR‚((s3/usr/lib/python2.7/site-packages/eslock/__init__.pytadd_ipset_lineás   cCsŒd|}ttjdƒ}y>tdi|d6|d6ƒ}tjtj|ƒd|ƒWn+tk r‡t j d|d|ƒt SXt S( s'rimuove un indirizzo dal set desideratoRpRs ipset -exist del %(name)s %(ip)sR|RoRqsFailed to remove member s from set ( RRsRtRRvRzRxRyRR9RHRRc(RoR‡RR‚((s3/usr/lib/python2.7/site-packages/eslock/__init__.pytdel_ipset_lineôs   c CsRd|}tjd|ƒg}x-|D]%}|jdi|d6|d6ƒq(Wdj|ƒ}tdƒ}y.tjtj|ƒdt d t d t ƒ}Wn#t k r¿tjd |ƒt SXy|j d |ƒ\}}WnKt tfk r)tjd |ƒtjd|ƒtjd|ƒt SX|jdkrNtjd|ƒt StS(s/aggiungo una lista di indirizzi al set indicatoRps$Procedo al caricamento bulk sul set sadd %(ipset)s %(ip)s R‡RoR„sipset -exist restoretstdinRqtstderrs'Failed to Popen for add address to set tinputs'Error while bulk adding address to set sstdout:sstderr:is"Failed to bulk add address to set (R9RuRStjoinRRvtPopenRxRyRRRt communicateRRt returncodeRc( RTR‡tlistonaRWt stringonaR‚tpt stdoutdatat stderrdata((s3/usr/lib/python2.7/site-packages/eslock/__init__.pytadd_ipset_bulks0  # !  cCs0tjdtƒƒ}|r(|jdƒStSdS(s?Restituisco il nome del cluster secondo la convenzione registers ^(.+?)\d+iN(RhRiRtgroupR(tcluster((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyt get_cluster s (%t__doc__t __version__RCR'tlogging.handlersRhRxRvRsR R[tsocketRRRRtnetaddrRRRR(R)R9RR R=RQRRXR2RgRRRƒR‰RŠR—Rš(((s3/usr/lib/python2.7/site-packages/eslock/__init__.pyts8               3!