Blacklistage sur ldap pour les virus
darcs-hash:20051001165455-6d78a-4c427b877e82635caf56ce7447ce6adf73365314.gz
This commit is contained in:
pessoles
parent
32fae7710c
commit
6729c186be
1 changed files with 40 additions and 14 deletions
|
|
@ -73,7 +73,7 @@ for i in range(0,len(table)) :
|
||||||
debut = localtime(date)
|
debut = localtime(date)
|
||||||
#fin = localtime(date+60*60*24*300)#test
|
#fin = localtime(date+60*60*24*300)#test
|
||||||
fin = localtime(date+60*60*24)
|
fin = localtime(date+60*60*24)
|
||||||
proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'upload',"Déconn auto. %s Mo" % elupload])
|
proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'autodisc',"Déconn auto. %s Mo" % elupload])
|
||||||
proprio.save()
|
proprio.save()
|
||||||
|
|
||||||
# On récupere l'adresse électronique :
|
# On récupere l'adresse électronique :
|
||||||
|
|
@ -194,7 +194,7 @@ curseur.execute(requete)
|
||||||
# date = time()
|
# date = time()
|
||||||
# debut = localtime(date)
|
# debut = localtime(date)
|
||||||
# fin = localtime(date+60*60*24*30)
|
# fin = localtime(date+60*60*24*30)
|
||||||
# # proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'upload'," TESTS upload de %s Mo" % elupload])
|
# # proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'upload'," TESTS upload de %s Mo" % elupload])
|
||||||
# # proprio.save()
|
# # proprio.save()
|
||||||
# # MAILS
|
# # MAILS
|
||||||
# ########
|
# ########
|
||||||
|
|
@ -215,7 +215,7 @@ curseur.execute(requete)
|
||||||
veroles = curseur.fetchall()
|
veroles = curseur.fetchall()
|
||||||
|
|
||||||
# Recuperation des infectes pour ne pas les reblacklister
|
# Recuperation des infectes pour ne pas les reblacklister
|
||||||
requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'"
|
requete = "SELECT ip_crans FROM avertis_virus"
|
||||||
curseur.execute(requete)
|
curseur.execute(requete)
|
||||||
infectes = curseur.fetchall()
|
infectes = curseur.fetchall()
|
||||||
ip1=str('0.0.0.0')
|
ip1=str('0.0.0.0')
|
||||||
|
|
@ -237,15 +237,15 @@ if veroles:
|
||||||
# Inscription dans la table des infectes
|
# Inscription dans la table des infectes
|
||||||
requete="INSERT INTO avertis_virus (ip_crans,date) VALUES ('%s','now')" % ip1
|
requete="INSERT INTO avertis_virus (ip_crans,date) VALUES ('%s','now')" % ip1
|
||||||
curseur.execute(requete)
|
curseur.execute(requete)
|
||||||
requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'"
|
requete = "SELECT ip_crans FROM avertis_virus"
|
||||||
curseur.execute(requete)
|
curseur.execute(requete)
|
||||||
infectes = curseur.fetchall()
|
infectes = curseur.fetchall()
|
||||||
# Blacklistage
|
# Blacklistage
|
||||||
date = time()
|
date = time()
|
||||||
debut = localtime(date)
|
debut = localtime(date)
|
||||||
fin = localtime(date+60*2)
|
proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),'-','virus',"Virus (auto)"])
|
||||||
proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'virus',"Virus (auto)"])
|
|
||||||
proprio.save()
|
proprio.save()
|
||||||
|
|
||||||
|
|
||||||
# Flood
|
# Flood
|
||||||
########
|
########
|
||||||
|
|
@ -256,7 +256,7 @@ curseur.execute(requete)
|
||||||
veroles = curseur.fetchall()
|
veroles = curseur.fetchall()
|
||||||
|
|
||||||
# Recuperation des infectes pour ne pas les reblacklister
|
# Recuperation des infectes pour ne pas les reblacklister
|
||||||
requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'"
|
requete = "SELECT ip_crans FROM avertis_virus "
|
||||||
curseur.execute(requete)
|
curseur.execute(requete)
|
||||||
infectes = curseur.fetchall()
|
infectes = curseur.fetchall()
|
||||||
ip1=str('0.0.0.0')
|
ip1=str('0.0.0.0')
|
||||||
|
|
@ -271,25 +271,51 @@ if veroles:
|
||||||
else :
|
else :
|
||||||
N=N+1
|
N=N+1
|
||||||
if N >= virus.flood and [ip] not in infectes:
|
if N >= virus.flood and [ip] not in infectes:
|
||||||
# Recuperation des infectes pour ne pas les reblacklister
|
|
||||||
machine = ldap.search('ipHostNumber=%s' % ip,'w' )['machine'][0]
|
machine = ldap.search('ipHostNumber=%s' % ip,'w' )['machine'][0]
|
||||||
hostname = machine.nom()
|
hostname = machine.nom()
|
||||||
proprio = machine.proprietaire()
|
proprio = machine.proprietaire()
|
||||||
# Inscription dans la table des infectes
|
# Inscription dans la table des infectes
|
||||||
requete="INSERT INTO avertis_virus (ip_crans,date) VALUES ('%s','now')" % ip1
|
requete="INSERT INTO avertis_virus (ip_crans,date) VALUES ('%s','now')" % ip1
|
||||||
curseur.execute(requete)
|
curseur.execute(requete)
|
||||||
requete = "SELECT ip_crans FROM avertis_virus WHERE date > timestamp 'now' - interval '1 hour'"
|
requete = "SELECT ip_crans FROM avertis_virus"
|
||||||
curseur.execute(requete)
|
curseur.execute(requete)
|
||||||
infectes = curseur.fetchall()
|
infectes = curseur.fetchall()
|
||||||
# Blacklistage
|
# Blacklistage
|
||||||
date = time()
|
date = time()
|
||||||
debut = localtime(date)
|
debut = localtime(date)
|
||||||
fin = localtime(date+60*2)
|
proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),'-','virus',"Virus_flood (auto)"])
|
||||||
proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'virus',"Virus (auto)"])
|
|
||||||
proprio.save()
|
proprio.save()
|
||||||
|
|
||||||
|
|
||||||
|
# Reconnexion si le virus a disparu
|
||||||
|
###################################
|
||||||
|
|
||||||
|
requete = "SELECT ip_crans FROM avertis_virus"
|
||||||
|
curseur.execute(requete)
|
||||||
|
infectes = curseur.fetchall()
|
||||||
|
for i in range(1,len(infectes)):
|
||||||
|
IP=infectes[i][0]
|
||||||
|
requete1="SELECT COUNT(ip_src) FROM virus where ip_src='%s' and date > timestamp 'now' - interval '1 hour'" % IP
|
||||||
|
curseur.execute(requete1)
|
||||||
|
nb_virus = curseur.fetchall()
|
||||||
|
requete2="SELECT COUNT(ip_src) FROM flood where ip_src='%s' and date > timestamp 'now' - interval '1 hour'" % IP
|
||||||
|
curseur.execute(requete2)
|
||||||
|
nb_flood = curseur.fetchall()
|
||||||
|
if nb_virus[0][0] < virus.virus and nb_flood[0][0] < virus.flood:
|
||||||
|
machine = ldap.search('ipHostNumber=%s' % IP,'w' )['machine'][0]
|
||||||
|
proprio = machine.proprietaire()
|
||||||
|
bl = proprio.blacklist()
|
||||||
|
hostname = machine.nom()
|
||||||
|
for ligne in bl:
|
||||||
|
if ',-,virus,' in ligne:
|
||||||
|
liste=ligne.split(',')
|
||||||
|
argument=[liste[0],'now',liste[2],liste[3]]
|
||||||
|
print argument,IP
|
||||||
|
index = bl.index(ligne)
|
||||||
|
proprio.blacklist((index,argument))
|
||||||
|
proprio.save()
|
||||||
|
requete="DELETE FROM avertis_virus where ip_crans='%s'"%IP
|
||||||
|
|
||||||
|
|
||||||
# Gestion du P2P :
|
# Gestion du P2P :
|
||||||
##################
|
##################
|
||||||
|
|
@ -340,6 +366,6 @@ if pair :
|
||||||
debut = localtime(date)
|
debut = localtime(date)
|
||||||
# 7 jours
|
# 7 jours
|
||||||
fin = localtime(date+60*60*24*7)
|
fin = localtime(date+60*60*24*7)
|
||||||
# proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],dabut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'p2p',"P2P (auto)" % protocole])
|
# proprio.blacklist(["%d/%d/%d %d:%d" % (debut[2],debut[1],debut[0],debut[3],debut[4]),"%d/%d/%d %d:%d" % (fin[2],fin[1],fin[0],fin[3],fin[4]),'p2p',"P2P (auto)" % protocole])
|
||||||
# proprio.save()
|
# proprio.save()
|
||||||
mail.quit()
|
mail.quit()
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue