diff --git a/surveillance/deconnexion.py b/surveillance/deconnexion.py index e356d3a9..1139cbfb 100755 --- a/surveillance/deconnexion.py +++ b/surveillance/deconnexion.py @@ -73,7 +73,7 @@ for i in range(0,len(table)) : debut = localtime(date) #fin = localtime(date+60*60*24*300)#test fin = localtime(date+60*60*24) - proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'upload',"Déconn auto. %s Mo" % elupload]) + proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'autodisc',"Déconn auto. %s Mo" % elupload]) proprio.save() # On récupere l'adresse électronique : @@ -194,7 +194,7 @@ curseur.execute(requete) # date = time() # debut = localtime(date) # fin = localtime(date+60*60*24*30) -# # proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'upload'," TESTS upload de %s Mo" % elupload]) +# # proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'upload'," TESTS upload de %s Mo" % elupload]) # # proprio.save() # # MAILS # ######## @@ -215,7 +215,7 @@ curseur.execute(requete) veroles = curseur.fetchall() # Recuperation des infectes pour ne pas les reblacklister -requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'" +requete = "SELECT ip_crans FROM avertis_virus" curseur.execute(requete) infectes = curseur.fetchall() ip1=str('0.0.0.0') @@ -237,15 +237,15 @@ if veroles: # Inscription dans la table des infectes requete="INSERT INTO avertis_virus (ip_crans,date) VALUES ('%s','now')" % ip1 curseur.execute(requete) - requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'" + requete = "SELECT ip_crans FROM avertis_virus" curseur.execute(requete) infectes = curseur.fetchall() # Blacklistage date = time() debut = localtime(date) - fin = localtime(date+60*2) - proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'virus',"Virus (auto)"]) + proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),'-','virus',"Virus (auto)"]) proprio.save() + # Flood ######## @@ -256,7 +256,7 @@ curseur.execute(requete) veroles = curseur.fetchall() # Recuperation des infectes pour ne pas les reblacklister -requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'" +requete = "SELECT ip_crans FROM avertis_virus " curseur.execute(requete) infectes = curseur.fetchall() ip1=str('0.0.0.0') @@ -271,25 +271,51 @@ if veroles: else : N=N+1 if N >= virus.flood and [ip] not in infectes: - # Recuperation des infectes pour ne pas les reblacklister machine = ldap.search('ipHostNumber=%s' % ip,'w' )['machine'][0] hostname = machine.nom() proprio = machine.proprietaire() # Inscription dans la table des infectes requete="INSERT INTO avertis_virus (ip_crans,date) VALUES ('%s','now')" % ip1 curseur.execute(requete) - requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'" + requete = "SELECT ip_crans FROM avertis_virus" curseur.execute(requete) infectes = curseur.fetchall() # Blacklistage date = time() debut = localtime(date) - fin = localtime(date+60*2) - proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'virus',"Virus (auto)"]) + proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),'-','virus',"Virus_flood (auto)"]) proprio.save() - - + +# Reconnexion si le virus a disparu +################################### + +requete = "SELECT ip_crans FROM avertis_virus" +curseur.execute(requete) +infectes = curseur.fetchall() +for i in range(1,len(infectes)): + IP=infectes[i][0] + requete1="SELECT COUNT(ip_src) FROM virus where ip_src='%s' and date > timestamp 'now' - interval '1 hour'" % IP + curseur.execute(requete1) + nb_virus = curseur.fetchall() + requete2="SELECT COUNT(ip_src) FROM flood where ip_src='%s' and date > timestamp 'now' - interval '1 hour'" % IP + curseur.execute(requete2) + nb_flood = curseur.fetchall() + if nb_virus[0][0] < virus.virus and nb_flood[0][0] < virus.flood: + machine = ldap.search('ipHostNumber=%s' % IP,'w' )['machine'][0] + proprio = machine.proprietaire() + bl = proprio.blacklist() + hostname = machine.nom() + for ligne in bl: + if ',-,virus,' in ligne: + liste=ligne.split(',') + argument=[liste[0],'now',liste[2],liste[3]] + print argument,IP + index = bl.index(ligne) + proprio.blacklist((index,argument)) + proprio.save() + requete="DELETE FROM avertis_virus where ip_crans='%s'"%IP + # Gestion du P2P : ################## @@ -340,6 +366,6 @@ if pair : debut = localtime(date) # 7 jours fin = localtime(date+60*60*24*7) - # proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'p2p',"P2P (auto)" % protocole]) + # proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'p2p',"P2P (auto)" % protocole]) # proprio.save() mail.quit()