#!/usr/bin/env python # -*- coding: utf-8 -*- # The authors of this code are # # Permission to use, copy, and modify this software with or without fee # is hereby granted, provided that this entire notice is included in # all source code copies of any software which is or includes a copy or # modification of this software. # # THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRSS OR # IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY # REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE # MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR # PURPOSE. import sys sys.path.append('/usr/scripts/gestion') sys.path.append('/usr/scripts/lc_ldap') import syslog import commands import lock import lc_ldap import config import secrets class IpsetError(Exception): # Gestion des erreurs d'ipset def __init__(self,cmd,err_code,output): self.cmd=cmd self.err_code=err_code self.output=output syslog.syslog(syslog.LOG_ERR,"%s : status %s,%s" % (cmd,err_code,output)) def __str__(self): return "%s\n status : %s\n %s" % (self.cmd,self.err_code,self.output) class Ipset(object): ipset="/usr/sbin/ipset" def __init__(self,set,type,typeopt=''): self.set=set self.type=type self.typeoption=typeopt def call(self,cmd,arg=''): """Appel système à ipset""" cmd_line="%s %s %s %s" % (ipset,cmd,self.set,arg) syslog.syslog(syslog.LOG_INFO,"ipset: %s, %s" % (self.set,arg)) status,output=commands.getstatusoutput(cmd_line) if status: raise IpsetError(cmd_line,status,output) return output def create(self,opt=''): self.call("-N","%s %s" % (self.type, self.typeopt)) def add(self,arg): self.call("-A",arg) def list(self): output=self.call("-L").splitlines() list=[] for line in output[6:]: if line=='Bindings:': break list.append(line) return list def delete(self,ip): """Delete an IP""" self.call("-D",ip) def flush(self): self.call("-F")