/flowspec/tasks.py - Annotate - Firewall on Demand - Greek Research and Technology Network's projects

root / flowspec / tasks.py @ 15d4014d

History | View | Annotate | Download (7.1 kB)

1	9cad4715	Leonidas Poulopoulos	from utils import proxy as PR
2	9cad4715	Leonidas Poulopoulos	from celery.task import task
3	3e99e2d1	Leonidas Poulopoulos	from celery.task.sets import subtask
4	3e99e2d1	Leonidas Poulopoulos	import logging
5	25d08a62	Leonidas Poulopoulos	import json
6	3e99e2d1	Leonidas Poulopoulos	from celery.task.http import *
7	f57f6e68	Leonidas Poulopoulos	import beanstalkc
8	3e99e2d1	Leonidas Poulopoulos	from django.conf import settings
9	6e9a9419	Leonidas Poulopoulos	import datetime
10	15d4014d	Leonidas Poulopoulos	from flowspy.flowspec.models import *
11	15d4014d	Leonidas Poulopoulos	from django.core.mail import send_mail
12	15d4014d	Leonidas Poulopoulos	from flowspy.flowspec.models import *
13	15d4014d	Leonidas Poulopoulos	from django.template.loader import render_to_string
14	15d4014d	Leonidas Poulopoulos	from django.contrib.sites.models import Site
15	15d4014d	Leonidas Poulopoulos	from django.core.urlresolvers import reverse
16	57de574d	Leonidas Poulopoulos	import os
17	57de574d	Leonidas Poulopoulos
18	57de574d	Leonidas Poulopoulos
19	b4401a0c	Leonidas Poulopoulos
20	b4401a0c	Leonidas Poulopoulos	LOG_FILENAME = os.path.join(settings.LOG_FILE_LOCATION, 'celery_jobs.log')
21	57de574d	Leonidas Poulopoulos
22	57de574d	Leonidas Poulopoulos	#FORMAT = '%(asctime)s %(levelname)s: %(message)s'
23	57de574d	Leonidas Poulopoulos	#logging.basicConfig(format=FORMAT)
24	57de574d	Leonidas Poulopoulos	formatter = logging.Formatter('%(asctime)s %(levelname)s: %(message)s')
25	57de574d	Leonidas Poulopoulos
26	3e99e2d1	Leonidas Poulopoulos	logger = logging.getLogger(__name__)
27	3e99e2d1	Leonidas Poulopoulos	logger.setLevel(logging.DEBUG)
28	57de574d	Leonidas Poulopoulos	handler = logging.FileHandler(LOG_FILENAME)
29	57de574d	Leonidas Poulopoulos	handler.setFormatter(formatter)
30	57de574d	Leonidas Poulopoulos	logger.addHandler(handler)
31	57de574d	Leonidas Poulopoulos
32	9cad4715	Leonidas Poulopoulos
33	b77dcedb	Leonidas Poulopoulos	@task(ignore_result=True)
34	3e99e2d1	Leonidas Poulopoulos	def add(route, callback=None):
35	9cad4715	Leonidas Poulopoulos	applier = PR.Applier(route_object=route)
36	9cad4715	Leonidas Poulopoulos	commit, response = applier.apply()
37	9cad4715	Leonidas Poulopoulos	if commit:
38	97e42c7d	Leonidas Poulopoulos	status = "ACTIVE"
39	9cad4715	Leonidas Poulopoulos	else:
40	97e42c7d	Leonidas Poulopoulos	status = "ERROR"
41	97e42c7d	Leonidas Poulopoulos	route.status = status
42	9cad4715	Leonidas Poulopoulos	route.response = response
43	3e99e2d1	Leonidas Poulopoulos	route.save()
44	b77dcedb	Leonidas Poulopoulos	announce("[%s] Rule add: %s - Result: %s" %(route.applier, route.name, response), route.applier)
45	3e99e2d1	Leonidas Poulopoulos
46	b77dcedb	Leonidas Poulopoulos	@task(ignore_result=True)
47	3e99e2d1	Leonidas Poulopoulos	def edit(route, callback=None):
48	3e99e2d1	Leonidas Poulopoulos	applier = PR.Applier(route_object=route)
49	3e99e2d1	Leonidas Poulopoulos	commit, response = applier.apply(operation="replace")
50	3e99e2d1	Leonidas Poulopoulos	if commit:
51	97e42c7d	Leonidas Poulopoulos	status = "ACTIVE"
52	3e99e2d1	Leonidas Poulopoulos	else:
53	97e42c7d	Leonidas Poulopoulos	status = "ERROR"
54	97e42c7d	Leonidas Poulopoulos	route.status = status
55	3e99e2d1	Leonidas Poulopoulos	route.response = response
56	9cad4715	Leonidas Poulopoulos	route.save()
57	b77dcedb	Leonidas Poulopoulos	announce("[%s] Rule edit: %s - Result: %s"%(route.applier, route.name, response), route.applier)
58	3e99e2d1	Leonidas Poulopoulos
59	3e99e2d1	Leonidas Poulopoulos
60	971645d6	Leonidas Poulopoulos
61	b77dcedb	Leonidas Poulopoulos	@task(ignore_result=True)
62	6a946adf	Leonidas Poulopoulos	def delete(route, **kwargs):
63	3e99e2d1	Leonidas Poulopoulos	applier = PR.Applier(route_object=route)
64	3e99e2d1	Leonidas Poulopoulos	commit, response = applier.apply(operation="delete")
65	6a946adf	Leonidas Poulopoulos	reason_text = ''
66	3e99e2d1	Leonidas Poulopoulos	if commit:
67	97e42c7d	Leonidas Poulopoulos	status = "INACTIVE"
68	6a946adf	Leonidas Poulopoulos	if "reason" in kwargs and kwargs['reason']=='EXPIRED':
69	6a946adf	Leonidas Poulopoulos	status = 'EXPIRED'
70	6a946adf	Leonidas Poulopoulos	reason_text = " Reason: %s " %status
71	3e99e2d1	Leonidas Poulopoulos	else:
72	97e42c7d	Leonidas Poulopoulos	status = "ERROR"
73	97e42c7d	Leonidas Poulopoulos	route.status = status
74	3e99e2d1	Leonidas Poulopoulos	route.response = response
75	3e99e2d1	Leonidas Poulopoulos	route.save()
76	b77dcedb	Leonidas Poulopoulos	announce("[%s] Suspending rule : %s%s- Result %s" %(route.applier, route.name, reason_text, response), route.applier)
77	3e99e2d1	Leonidas Poulopoulos
78	6a946adf	Leonidas Poulopoulos	# May not work in the first place... proxy is not aware of Route models
79	6a946adf	Leonidas Poulopoulos	@task
80	6a946adf	Leonidas Poulopoulos	def batch_delete(routes, **kwargs):
81	6a946adf	Leonidas Poulopoulos	if routes:
82	e173e7c2	Leonidas Poulopoulos	for route in routes:
83	e173e7c2	Leonidas Poulopoulos	route.status='PENDING';route.save()
84	6a946adf	Leonidas Poulopoulos	applier = PR.Applier(route_objects=routes)
85	6a946adf	Leonidas Poulopoulos	conf = applier.delete_routes()
86	6a946adf	Leonidas Poulopoulos	commit, response = applier.apply(configuration = conf)
87	6a946adf	Leonidas Poulopoulos	reason_text = ''
88	6a946adf	Leonidas Poulopoulos	if commit:
89	6a946adf	Leonidas Poulopoulos	status = "INACTIVE"
90	6a946adf	Leonidas Poulopoulos	if "reason" in kwargs and kwargs['reason']=='EXPIRED':
91	6a946adf	Leonidas Poulopoulos	status = 'EXPIRED'
92	6a946adf	Leonidas Poulopoulos	reason_text = " Reason: %s " %status
93	d50fd7b6	Leonidas Poulopoulos	elif "reason" in kwargs and kwargs['reason']!='EXPIRED':
94	d50fd7b6	Leonidas Poulopoulos	status = kwargs['reason']
95	d50fd7b6	Leonidas Poulopoulos	reason_text = " Reason: %s " %status
96	6a946adf	Leonidas Poulopoulos	else:
97	6a946adf	Leonidas Poulopoulos	status = "ERROR"
98	6a946adf	Leonidas Poulopoulos	for route in routes:
99	6a946adf	Leonidas Poulopoulos	route.status = status
100	6a946adf	Leonidas Poulopoulos	route.response = response
101	6e9a9419	Leonidas Poulopoulos	route.expires = datetime.date.today()
102	6a946adf	Leonidas Poulopoulos	route.save()
103	b77dcedb	Leonidas Poulopoulos	announce("[%s] Rule removal: %s%s- Result %s" %(route.applier, route.name, reason_text, response), route.applier)
104	6a946adf	Leonidas Poulopoulos	else:
105	6a946adf	Leonidas Poulopoulos	return False
106	3e99e2d1	Leonidas Poulopoulos
107	b77dcedb	Leonidas Poulopoulos	#@task(ignore_result=True)
108	25d08a62	Leonidas Poulopoulos	def announce(messg, user):
109	3e99e2d1	Leonidas Poulopoulos	messg = str(messg)
110	97e42c7d	Leonidas Poulopoulos	# username = user.username
111	97e42c7d	Leonidas Poulopoulos	username = user.get_profile().peer.domain_name
112	3e99e2d1	Leonidas Poulopoulos	b = beanstalkc.Connection()
113	3e99e2d1	Leonidas Poulopoulos	b.use(settings.POLLS_TUBE)
114	25d08a62	Leonidas Poulopoulos	tube_message = json.dumps({'message': messg, 'username':username})
115	25d08a62	Leonidas Poulopoulos	b.put(tube_message)
116	3e99e2d1	Leonidas Poulopoulos	b.close()
117	3e99e2d1	Leonidas Poulopoulos
118	97e42c7d	Leonidas Poulopoulos	@task
119	97e42c7d	Leonidas Poulopoulos	def check_sync(route_name=None, selected_routes = []):
120	6a946adf	Leonidas Poulopoulos	from flowspy.flowspec.models import Route, MatchPort, MatchDscp, ThenAction
121	97e42c7d	Leonidas Poulopoulos	if not selected_routes:
122	97e42c7d	Leonidas Poulopoulos	routes = Route.objects.all()
123	97e42c7d	Leonidas Poulopoulos	else:
124	97e42c7d	Leonidas Poulopoulos	routes = selected_routes
125	97e42c7d	Leonidas Poulopoulos	if route_name:
126	97e42c7d	Leonidas Poulopoulos	routes = routes.filter(name=route_name)
127	6a946adf	Leonidas Poulopoulos	for route in routes:
128	fd3870ee	Leonidas Poulopoulos	if route.has_expired() and (route.status != 'EXPIRED' and route.status != 'ADMININACTIVE' and route.status != 'INACTIVE'):
129	6a946adf	Leonidas Poulopoulos	logger.info('Expiring route %s' %route.name)
130	6a946adf	Leonidas Poulopoulos	subtask(delete).delay(route, reason="EXPIRED")
131	fdc3d663	Leonidas Poulopoulos	# elif route.has_expired() and (route.status == 'ADMININACTIVE' or route.status == 'INACTIVE'):
132	fdc3d663	Leonidas Poulopoulos	# route.status = 'EXPIRED'
133	fdc3d663	Leonidas Poulopoulos	# route.response = 'Rule Expired'
134	fdc3d663	Leonidas Poulopoulos	# logger.info('Expiring route %s' %route.name)
135	fdc3d663	Leonidas Poulopoulos	# route.save()
136	fd3870ee	Leonidas Poulopoulos	else:
137	fd3870ee	Leonidas Poulopoulos	if route.status != 'EXPIRED':
138	fd3870ee	Leonidas Poulopoulos	route.check_sync()
139	6a946adf	Leonidas Poulopoulos
140	15d4014d	Leonidas Poulopoulos	@task(ignore_result=True)
141	15d4014d	Leonidas Poulopoulos	def notify_expired():
142	15d4014d	Leonidas Poulopoulos	logger.info('Initializing expiration notification')
143	15d4014d	Leonidas Poulopoulos	routes = Route.objects.all()
144	15d4014d	Leonidas Poulopoulos	for route in routes:
145	15d4014d	Leonidas Poulopoulos	if route.status not in ['EXPIRED', 'ADMININACTIVE', 'INACTIVE', 'ERROR']:
146	15d4014d	Leonidas Poulopoulos	expiration_days = (route.expires - datetime.date.today()).days
147	15d4014d	Leonidas Poulopoulos	if expiration_days < settings.EXPIRATION_NOTIFY_DAYS:
148	15d4014d	Leonidas Poulopoulos	try:
149	15d4014d	Leonidas Poulopoulos	fqdn = Site.objects.get_current().domain
150	15d4014d	Leonidas Poulopoulos	admin_url = "https://%s%s" % \
151	15d4014d	Leonidas Poulopoulos	(fqdn,
152	15d4014d	Leonidas Poulopoulos	"/fod/edit/%s"%route.name)
153	15d4014d	Leonidas Poulopoulos	mail_body = render_to_string("rule_expiration.txt",
154	15d4014d	Leonidas Poulopoulos	{"route": route, 'expiration_days':expiration_days, 'url':admin_url})
155	15d4014d	Leonidas Poulopoulos	days_num = ' days'
156	15d4014d	Leonidas Poulopoulos	expiration_days_text = "%s %s" %('in',expiration_days)
157	15d4014d	Leonidas Poulopoulos	if expiration_days == 0:
158	15d4014d	Leonidas Poulopoulos	days_num = ' today'
159	15d4014d	Leonidas Poulopoulos	expiration_days_text = ''
160	15d4014d	Leonidas Poulopoulos	if expiration_days == 1:
161	15d4014d	Leonidas Poulopoulos	days_num = ' day'
162	15d4014d	Leonidas Poulopoulos	logger.info('Route %s expires %s%s. Notifying %s (%s)' %(route.name, expiration_days_text, days_num, route.applier.username, route.applier.email))
163	15d4014d	Leonidas Poulopoulos	send_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s expires %s%s" %
164	15d4014d	Leonidas Poulopoulos	(route.name,expiration_days_text, days_num),
165	15d4014d	Leonidas Poulopoulos	mail_body, settings.SERVER_EMAIL,
166	15d4014d	Leonidas Poulopoulos	[route.applier.email])
167	15d4014d	Leonidas Poulopoulos	except Exception as e:
168	15d4014d	Leonidas Poulopoulos	logger.info("Exception: %s"%e)
169	15d4014d	Leonidas Poulopoulos	pass
170	15d4014d	Leonidas Poulopoulos	logger.info('Expiration notification process finished')
171	6a946adf	Leonidas Poulopoulos
172	9cad4715	Leonidas Poulopoulos	#def delete(route):
173	9cad4715	Leonidas Poulopoulos	#
174	9cad4715	Leonidas Poulopoulos	# applier = PR.Applier(route_object=route)
175	9cad4715	Leonidas Poulopoulos	# commit, response = applier.apply(configuration=applier.delete_routes())
176	9cad4715	Leonidas Poulopoulos	# if commit:
177	9cad4715	Leonidas Poulopoulos	# rows = queryset.update(is_online=False, is_active=False)
178	9cad4715	Leonidas Poulopoulos	# queryset.update(response="Successfully removed route from network")
179	9cad4715	Leonidas Poulopoulos	# self.message_user(request, "Successfully removed %s routes from network" % rows)
180	9cad4715	Leonidas Poulopoulos	# else:
181	9cad4715	Leonidas Poulopoulos	# self.message_user(request, "Could not remove routes from network")
182	9cad4715	Leonidas Poulopoulos	# if commit:
183	9cad4715	Leonidas Poulopoulos	# is_online = False
184	9cad4715	Leonidas Poulopoulos	# is_active = False
185	9cad4715	Leonidas Poulopoulos	# response = "Successfully removed route from network"
186	9cad4715	Leonidas Poulopoulos	# else:
187	9cad4715	Leonidas Poulopoulos	# is_online = False
188	9cad4715	Leonidas Poulopoulos	# is_active = True
189	9cad4715	Leonidas Poulopoulos	# route.is_online = is_online
190	9cad4715	Leonidas Poulopoulos	# route.is_active = is_active
191	9cad4715	Leonidas Poulopoulos	# route.response = response
192	9cad4715	Leonidas Poulopoulos	# route.save()