diff --git a/gestion/config/config.py b/gestion/config/config.py index dee6036f..c5fcabaf 100644 --- a/gestion/config/config.py +++ b/gestion/config/config.py @@ -156,6 +156,7 @@ NETs = { 'serveurs' : [ '138.231.136.0/24' ], 'accueil': ['10.51.0.0/16' ], 'isolement': ['10.52.0.0/16' ], 'personnel-ens': ['10.2.9.0/24' ], + 'evenementiel': ['10.231.137.0/24'], 'ens' : ['138.231.135.0/24'], 'all' : [ '138.231.136.0/21', '138.231.144.0/21' ], 'multicast' : ['239.0.0.0/8'], diff --git a/surveillance/arpwatch_sendmail.py b/surveillance/arpwatch_sendmail.py index 746c2c85..cb7f7ca0 100755 --- a/surveillance/arpwatch_sendmail.py +++ b/surveillance/arpwatch_sendmail.py @@ -8,21 +8,32 @@ import sys, os, re, smtplib from commands import getstatusoutput +sys.path.append('/usr/scripts/gestion') sys.path.append('/usr/scripts/gestion/tools') from locate_mac import trace_machine, format_mac, info_machine +from config import NETs +from iptools import AddrInNets find_mac = re.compile(r'[0-9A-Fa-f]{1,2}(?::[0-9A-Fa-f]{1,2}){5}') +find_ip = re.compile(r'[0-9]{1,3}(?:\.[0-9]{1,3}){3}') +arpwatched_net = NETs['all'] + NETs['adm'] + NETs['accueil'] + NETs['isolement'] + NETs['personnel-ens'] + NETs['evenementiel'] def get_machine(unformated_mac): mac = format_mac(unformated_mac) return u"\n" + info_machine(mac) + u"\n" + trace_machine(mac) +def get_subject(headers_list): + for line in headers_list: + if line.lower().startswith('subject:'): + return line + return None if __name__ == "__main__": texte = sys.stdin.read() #.decode('ISO-8859-15') textes = texte.splitlines(True) i = textes.index(u'\n') + subject = get_subject(textes[:i]) textes[i-1:i-1] = [ u'MIME-Version: 1.0\n', u'Content-Type: text/plain; charset=UTF-8\n', @@ -31,16 +42,20 @@ if __name__ == "__main__": # On récupère les destinataires dans les arguments (très ad hoc) recipients = sys.argv[2].split(',') + + try : ip = set(find_ip.findall(texte)).pop() + except KeyError: ip = None # On complète le message - try: - macs = find_mac.findall(texte) - for mac in macs: - textes.append(get_machine(mac)) - except: - # En cas d'exception, on envoie le traceback - import traceback - textes.append(u'\n') - textes.append(u''.join(traceback.format_exception(sys.exc_type, sys.exc_value, sys.exc_traceback))) + if 'flip flop' in subject and ip is not None and AddrInNets(ip, arpwatched_net): + try: + macs = find_mac.findall(texte) + for mac in macs: + textes.append(get_machine(mac)) + except: + # En cas d'exception, on envoie le traceback + import traceback + textes.append(u'\n') + textes.append(u''.join(traceback.format_exception(sys.exc_type, sys.exc_value, sys.exc_traceback))) textes.append('\n-- \narpwatch_sendmail.py\n') smtp = smtplib.SMTP()