crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
scripts/gestion/gen_confs/ipset.py
Vincent Le Gallic 2ce185720e Éclatement de config.py en plusieurs sous-module de config. L'API reste à peu près la même, il faut juste penser à import config.submodule avant d'utilisr config.submodule (confid.dns, config.upload par exemple) 
Tous les autres fichiers modifiés le sont pour compatibilité avec ce changement.

Ce commit implique des commits du même genre dans l'intranet2, lc_ldap et bcfg2.
2013-03-26 16:24:31 +01:00

98 lines
2.7 KiB
Python
Raw Blame History

#!/usr/bin/env python
# -*- coding: utf-8 -*-
# The authors of this code are
#
# Permission to use, copy, and modify this software with or without fee
# is hereby granted, provided that this entire notice is included in
# all source code copies of any software which is or includes a copy or
# modification of this software.
#
# THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRSS OR
# IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
# REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
# MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
# PURPOSE.
import sys
sys.path.append('/usr/scripts/gestion')
sys.path.append('/usr/scripts/lc_ldap')
import commands
import lock
import lc_ldap
import secrets
class IpsetError(Exception):
# Gestion des erreurs d'ipset
def __init__(self,cmd,err_code,output):
self.cmd=cmd
self.err_code=err_code
self.output=output
def __str__(self):
return "%s\n status : %s\n %s" % (self.cmd,self.err_code,self.output)
class Ipset(object):
ipset="/usr/sbin/ipset"
def __init__(self,set,type,typeopt=''):
self.set=set
self.type=type
self.typeopt=typeopt
def call(self,cmd,arg=''):
"""Appel système à ipset"""
cmd_line="%s %s %s %s" % (self.ipset,cmd,self.set,arg)
status,output=commands.getstatusoutput(cmd_line)
if status:
raise IpsetError(cmd_line,status,output)
return output
def create(self,opt=''):
self.call("-N","%s %s" % (self.type, self.typeopt))
def add(self,arg):
self.call("-A",arg)
def list(self):
output=self.call("-L").splitlines()
list=[]
for line in output[6:]:
if line=='Bindings:':
break
list.append(line)
return list
def delete(self,ip):
"""Delete an IP"""
self.call("-D",ip)
def restore(self,rules):
""" restore le set courrant"""
rules_str=self.restore_format(rules)
create_str="-N %s %s %s" % (self.set,self.type,self.typeopt)
str="%s\n%s\nCOMMIT\n" % (create_str,rules_str)
path='/tmp/ipset_%s' % self.set
f=open(path, 'w+')
f.write(str)
f.close()
try:
self.flush()
self.destroy()
except IpsetError: pass
cmd="cat %s | %s -R" % (path,self.ipset)
status,output=commands.getstatusoutput(cmd)
if status:
raise IpsetError(cmd,status,output)
return output
def flush(self):
self.call("-F")
def destroy(self):
self.call("-X")
def restore_format(self,rules):
return '\n'.join(["-A %s %s,%s" % (self.set,ip,mac) for (ip,mac) in rules])
Reference in a new issue View git blame Copy permalink