root / flowspec / models.py @ 2a2ea58f
History | View | Annotate | Download (13.4 kB)
1 | 478173ac | Leonidas Poulopoulos | # -*- coding: utf-8 -*- vim:encoding=utf-8:
|
---|---|---|---|
2 | 478173ac | Leonidas Poulopoulos | # vim: tabstop=4:shiftwidth=4:softtabstop=4:expandtab
|
3 | 478173ac | Leonidas Poulopoulos | |
4 | a3af8464 | Leonidas Poulopoulos | from django.db import models |
5 | b10e01d6 | Leonidas Poulopoulos | from django.conf import settings |
6 | a3af8464 | Leonidas Poulopoulos | from django.contrib.auth.models import User |
7 | 357d48dc | Leonidas Poulopoulos | from utils import proxy as PR |
8 | 478173ac | Leonidas Poulopoulos | from ipaddr import * |
9 | c1509909 | Leonidas Poulopoulos | import datetime |
10 | 357d48dc | Leonidas Poulopoulos | import logging |
11 | 9cad4715 | Leonidas Poulopoulos | from time import sleep |
12 | 357d48dc | Leonidas Poulopoulos | |
13 | f57f6e68 | Leonidas Poulopoulos | import beanstalkc |
14 | 97e42c7d | Leonidas Poulopoulos | from flowspy.utils.randomizer import id_generator as id_gen |
15 | 3e99e2d1 | Leonidas Poulopoulos | |
16 | 7fac6521 | Leonidas Poulopoulos | from flowspec.tasks import * |
17 | 3e99e2d1 | Leonidas Poulopoulos | |
18 | 357d48dc | Leonidas Poulopoulos | FORMAT = '%(asctime)s %(levelname)s: %(message)s'
|
19 | 357d48dc | Leonidas Poulopoulos | logging.basicConfig(format=FORMAT) |
20 | 357d48dc | Leonidas Poulopoulos | logger = logging.getLogger(__name__) |
21 | 357d48dc | Leonidas Poulopoulos | logger.setLevel(logging.DEBUG) |
22 | 357d48dc | Leonidas Poulopoulos | |
23 | a24fbf37 | Leonidas Poulopoulos | |
24 | a3af8464 | Leonidas Poulopoulos | FRAGMENT_CODES = ( |
25 | a3af8464 | Leonidas Poulopoulos | ("dont-fragment", "Don't fragment"), |
26 | a3af8464 | Leonidas Poulopoulos | ("first-fragment", "First fragment"), |
27 | a3af8464 | Leonidas Poulopoulos | ("is-fragment", "Is fragment"), |
28 | a3af8464 | Leonidas Poulopoulos | ("last-fragment", "Last fragment"), |
29 | a3af8464 | Leonidas Poulopoulos | ("not-a-fragment", "Not a fragment") |
30 | a3af8464 | Leonidas Poulopoulos | ) |
31 | a3af8464 | Leonidas Poulopoulos | |
32 | a3af8464 | Leonidas Poulopoulos | THEN_CHOICES = ( |
33 | a3af8464 | Leonidas Poulopoulos | ("accept", "Accept"), |
34 | a3af8464 | Leonidas Poulopoulos | ("discard", "Discard"), |
35 | a3af8464 | Leonidas Poulopoulos | ("community", "Community"), |
36 | a3af8464 | Leonidas Poulopoulos | ("next-term", "Next term"), |
37 | a3af8464 | Leonidas Poulopoulos | ("routing-instance", "Routing Instance"), |
38 | a3af8464 | Leonidas Poulopoulos | ("rate-limit", "Rate limit"), |
39 | a3af8464 | Leonidas Poulopoulos | ("sample", "Sample") |
40 | a3af8464 | Leonidas Poulopoulos | ) |
41 | a3af8464 | Leonidas Poulopoulos | |
42 | 7fac6521 | Leonidas Poulopoulos | MATCH_PROTOCOL = ( |
43 | 7fac6521 | Leonidas Poulopoulos | ("ah", "ah"), |
44 | 7fac6521 | Leonidas Poulopoulos | ("egp", "egp"), |
45 | 7fac6521 | Leonidas Poulopoulos | ("esp", "esp"), |
46 | 7fac6521 | Leonidas Poulopoulos | ("gre", "gre"), |
47 | 7fac6521 | Leonidas Poulopoulos | ("icmp", "icmp"), |
48 | 7fac6521 | Leonidas Poulopoulos | ("icmp6", "icmp6"), |
49 | 7fac6521 | Leonidas Poulopoulos | ("igmp", "igmp"), |
50 | 7fac6521 | Leonidas Poulopoulos | ("ipip", "ipip"), |
51 | 7fac6521 | Leonidas Poulopoulos | ("ospf", "ospf"), |
52 | 7fac6521 | Leonidas Poulopoulos | ("pim", "pim"), |
53 | 7fac6521 | Leonidas Poulopoulos | ("rsvp", "rsvp"), |
54 | 7fac6521 | Leonidas Poulopoulos | ("sctp", "sctp"), |
55 | 7fac6521 | Leonidas Poulopoulos | ("tcp", "tcp"), |
56 | 7fac6521 | Leonidas Poulopoulos | ("udp", "udp"), |
57 | 7fac6521 | Leonidas Poulopoulos | ) |
58 | 7fac6521 | Leonidas Poulopoulos | |
59 | 97e42c7d | Leonidas Poulopoulos | ROUTE_STATES = ( |
60 | 97e42c7d | Leonidas Poulopoulos | ("ACTIVE", "ACTIVE"), |
61 | 97e42c7d | Leonidas Poulopoulos | ("ERROR", "ERROR"), |
62 | 97e42c7d | Leonidas Poulopoulos | ("EXPIRED", "EXPIRED"), |
63 | 97e42c7d | Leonidas Poulopoulos | ("PENDING", "PENDING"), |
64 | 97e42c7d | Leonidas Poulopoulos | ("OUTOFSYNC", "OUTOFSYNC"), |
65 | d50fd7b6 | Leonidas Poulopoulos | ("INACTIVE", "INACTIVE"), |
66 | d50fd7b6 | Leonidas Poulopoulos | ("ADMININACTIVE", "ADMININACTIVE"), |
67 | 97e42c7d | Leonidas Poulopoulos | ) |
68 | 97e42c7d | Leonidas Poulopoulos | |
69 | a3af8464 | Leonidas Poulopoulos | |
70 | c1509909 | Leonidas Poulopoulos | def days_offset(): return datetime.date.today() + datetime.timedelta(days = settings.EXPIRATION_DAYS_OFFSET) |
71 | a3af8464 | Leonidas Poulopoulos | |
72 | a3af8464 | Leonidas Poulopoulos | class MatchPort(models.Model): |
73 | 97e42c7d | Leonidas Poulopoulos | port = models.CharField(max_length=24, unique=True) |
74 | a24fbf37 | Leonidas Poulopoulos | def __unicode__(self): |
75 | a24fbf37 | Leonidas Poulopoulos | return self.port |
76 | a3af8464 | Leonidas Poulopoulos | class Meta: |
77 | a3af8464 | Leonidas Poulopoulos | db_table = u'match_port'
|
78 | a3af8464 | Leonidas Poulopoulos | |
79 | a3af8464 | Leonidas Poulopoulos | class MatchDscp(models.Model): |
80 | a3af8464 | Leonidas Poulopoulos | dscp = models.CharField(max_length=24)
|
81 | a24fbf37 | Leonidas Poulopoulos | def __unicode__(self): |
82 | a24fbf37 | Leonidas Poulopoulos | return self.dscp |
83 | a3af8464 | Leonidas Poulopoulos | class Meta: |
84 | a3af8464 | Leonidas Poulopoulos | db_table = u'match_dscp'
|
85 | a3af8464 | Leonidas Poulopoulos | |
86 | 7fac6521 | Leonidas Poulopoulos | class MatchProtocol(models.Model): |
87 | 7fac6521 | Leonidas Poulopoulos | protocol = models.CharField(max_length=24, unique=True) |
88 | 7fac6521 | Leonidas Poulopoulos | def __unicode__(self): |
89 | 7fac6521 | Leonidas Poulopoulos | return self.protocol |
90 | 7fac6521 | Leonidas Poulopoulos | class Meta: |
91 | 7fac6521 | Leonidas Poulopoulos | db_table = u'match_protocol'
|
92 | 7fac6521 | Leonidas Poulopoulos | |
93 | 7a8a4da4 | Leonidas Poulopoulos | |
94 | a3af8464 | Leonidas Poulopoulos | class ThenAction(models.Model): |
95 | b10e01d6 | Leonidas Poulopoulos | action = models.CharField(max_length=60, choices=THEN_CHOICES, verbose_name="Action") |
96 | b10e01d6 | Leonidas Poulopoulos | action_value = models.CharField(max_length=255, blank=True, null=True, verbose_name="Action Value") |
97 | a24fbf37 | Leonidas Poulopoulos | def __unicode__(self): |
98 | 97e42c7d | Leonidas Poulopoulos | ret = "%s:%s" %(self.action, self.action_value) |
99 | 97e42c7d | Leonidas Poulopoulos | return ret.rstrip(":") |
100 | a3af8464 | Leonidas Poulopoulos | class Meta: |
101 | a3af8464 | Leonidas Poulopoulos | db_table = u'then_action'
|
102 | fdc3d663 | Leonidas Poulopoulos | ordering = ['action', 'action_value'] |
103 | f12b3d54 | Leonidas Poulopoulos | unique_together = ("action", "action_value") |
104 | a3af8464 | Leonidas Poulopoulos | |
105 | a3af8464 | Leonidas Poulopoulos | class Route(models.Model): |
106 | 971645d6 | Leonidas Poulopoulos | name = models.SlugField(max_length=128)
|
107 | 9cad4715 | Leonidas Poulopoulos | applier = models.ForeignKey(User, blank=True, null=True) |
108 | abad126d | Leonidas Poulopoulos | source = models.CharField(max_length=32, help_text=u"Network address. Use address/CIDR notation", verbose_name="Source Address") |
109 | b10e01d6 | Leonidas Poulopoulos | sourceport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchSourcePort", verbose_name="Source Port") |
110 | 971645d6 | Leonidas Poulopoulos | destination = models.CharField(max_length=32, help_text=u"Network address. Use address/CIDR notation", verbose_name="Destination Address") |
111 | b10e01d6 | Leonidas Poulopoulos | destinationport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchDestinationPort", verbose_name="Destination Port") |
112 | b10e01d6 | Leonidas Poulopoulos | port = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchPort", verbose_name="Port" ) |
113 | b10e01d6 | Leonidas Poulopoulos | dscp = models.ManyToManyField(MatchDscp, blank=True, null=True, verbose_name="DSCP") |
114 | b10e01d6 | Leonidas Poulopoulos | fragmenttype = models.CharField(max_length=20, choices=FRAGMENT_CODES, blank=True, null=True, verbose_name="Fragment Type") |
115 | b10e01d6 | Leonidas Poulopoulos | icmpcode = models.CharField(max_length=32, blank=True, null=True, verbose_name="ICMP Code") |
116 | b10e01d6 | Leonidas Poulopoulos | icmptype = models.CharField(max_length=32, blank=True, null=True, verbose_name="ICMP Type") |
117 | b10e01d6 | Leonidas Poulopoulos | packetlength = models.IntegerField(blank=True, null=True, verbose_name="Packet Length") |
118 | 7fac6521 | Leonidas Poulopoulos | protocol = models.ManyToManyField(MatchProtocol, blank=True, null=True, verbose_name="Protocol") |
119 | b10e01d6 | Leonidas Poulopoulos | tcpflag = models.CharField(max_length=128, blank=True, null=True, verbose_name="TCP flag") |
120 | b10e01d6 | Leonidas Poulopoulos | then = models.ManyToManyField(ThenAction, verbose_name="Then")
|
121 | a3af8464 | Leonidas Poulopoulos | filed = models.DateTimeField(auto_now_add=True)
|
122 | a3af8464 | Leonidas Poulopoulos | last_updated = models.DateTimeField(auto_now=True)
|
123 | 97e42c7d | Leonidas Poulopoulos | status = models.CharField(max_length=20, choices=ROUTE_STATES, blank=True, null=True, verbose_name="Status", default="PENDING") |
124 | 97e42c7d | Leonidas Poulopoulos | # is_online = models.BooleanField(default=False)
|
125 | 97e42c7d | Leonidas Poulopoulos | # is_active = models.BooleanField(default=False)
|
126 | 052c14aa | Leonidas Poulopoulos | expires = models.DateField(default=days_offset) |
127 | 357d48dc | Leonidas Poulopoulos | response = models.CharField(max_length=512, blank=True, null=True) |
128 | b10e01d6 | Leonidas Poulopoulos | comments = models.TextField(null=True, blank=True, verbose_name="Comments") |
129 | 357d48dc | Leonidas Poulopoulos | |
130 | 357d48dc | Leonidas Poulopoulos | |
131 | a24fbf37 | Leonidas Poulopoulos | def __unicode__(self): |
132 | a24fbf37 | Leonidas Poulopoulos | return self.name |
133 | a24fbf37 | Leonidas Poulopoulos | |
134 | a3af8464 | Leonidas Poulopoulos | class Meta: |
135 | a24fbf37 | Leonidas Poulopoulos | db_table = u'route'
|
136 | 7d408f6f | Leonidas Poulopoulos | verbose_name = "Rule"
|
137 | 7d408f6f | Leonidas Poulopoulos | verbose_name_plural = "Rules"
|
138 | 7a8a4da4 | Leonidas Poulopoulos | |
139 | 97e42c7d | Leonidas Poulopoulos | def save(self, *args, **kwargs): |
140 | 97e42c7d | Leonidas Poulopoulos | if not self.pk: |
141 | 97e42c7d | Leonidas Poulopoulos | hash = id_gen() |
142 | 97e42c7d | Leonidas Poulopoulos | self.name = "%s_%s" %(self.name, hash) |
143 | 97e42c7d | Leonidas Poulopoulos | super(Route, self).save(*args, **kwargs) # Call the "real" save() method. |
144 | 97e42c7d | Leonidas Poulopoulos | |
145 | 97e42c7d | Leonidas Poulopoulos | |
146 | 7a8a4da4 | Leonidas Poulopoulos | def clean(self, *args, **kwargs): |
147 | 7a8a4da4 | Leonidas Poulopoulos | from django.core.exceptions import ValidationError |
148 | 7a8a4da4 | Leonidas Poulopoulos | if self.destination: |
149 | 7a8a4da4 | Leonidas Poulopoulos | try:
|
150 | b10e01d6 | Leonidas Poulopoulos | address = IPNetwork(self.destination)
|
151 | b10e01d6 | Leonidas Poulopoulos | self.destination = address.exploded
|
152 | 7a8a4da4 | Leonidas Poulopoulos | except Exception: |
153 | b10e01d6 | Leonidas Poulopoulos | raise ValidationError('Invalid network address format at Destination Field') |
154 | 7a8a4da4 | Leonidas Poulopoulos | if self.source: |
155 | 7a8a4da4 | Leonidas Poulopoulos | try:
|
156 | b10e01d6 | Leonidas Poulopoulos | address = IPNetwork(self.source)
|
157 | b10e01d6 | Leonidas Poulopoulos | self.source = address.exploded
|
158 | 7a8a4da4 | Leonidas Poulopoulos | except Exception: |
159 | b10e01d6 | Leonidas Poulopoulos | raise ValidationError('Invalid network address format at Source Field') |
160 | 6a946adf | Leonidas Poulopoulos | |
161 | 9cad4715 | Leonidas Poulopoulos | def commit_add(self, *args, **kwargs): |
162 | 97e42c7d | Leonidas Poulopoulos | peer = self.applier.get_profile().peer.domain_name
|
163 | 933c1f31 | Leonidas Poulopoulos | send_message("[%s] Adding rule %s. Please wait..." %(self.applier.username, self.name), peer) |
164 | 9cad4715 | Leonidas Poulopoulos | response = add.delay(self)
|
165 | 6a946adf | Leonidas Poulopoulos | logger.info("Got add job id: %s" %response)
|
166 | 9cad4715 | Leonidas Poulopoulos | |
167 | 3e99e2d1 | Leonidas Poulopoulos | def commit_edit(self, *args, **kwargs): |
168 | 97e42c7d | Leonidas Poulopoulos | peer = self.applier.get_profile().peer.domain_name
|
169 | 933c1f31 | Leonidas Poulopoulos | send_message("[%s] Editing rule %s. Please wait..." %(self.applier.username, self.name), peer) |
170 | 3e99e2d1 | Leonidas Poulopoulos | response = edit.delay(self)
|
171 | 3e99e2d1 | Leonidas Poulopoulos | logger.info("Got edit job id: %s" %response)
|
172 | b10e01d6 | Leonidas Poulopoulos | |
173 | 3e99e2d1 | Leonidas Poulopoulos | def commit_delete(self, *args, **kwargs): |
174 | 6a946adf | Leonidas Poulopoulos | reason_text = ''
|
175 | 049a5a10 | Leonidas Poulopoulos | reason = ''
|
176 | 6a946adf | Leonidas Poulopoulos | if "reason" in kwargs: |
177 | 6a946adf | Leonidas Poulopoulos | reason = kwargs['reason']
|
178 | 6a946adf | Leonidas Poulopoulos | reason_text = "Reason: %s. " %reason
|
179 | 97e42c7d | Leonidas Poulopoulos | peer = self.applier.get_profile().peer.domain_name
|
180 | 61e178c3 | Leonidas Poulopoulos | send_message("[%s] Suspending rule %s. %sPlease wait..." %(self.applier.username, self.name, reason_text), peer) |
181 | 6a946adf | Leonidas Poulopoulos | response = delete.delay(self, reason=reason)
|
182 | 6a946adf | Leonidas Poulopoulos | logger.info("Got delete job id: %s" %response)
|
183 | 6a946adf | Leonidas Poulopoulos | |
184 | c1509909 | Leonidas Poulopoulos | def has_expired(self): |
185 | c1509909 | Leonidas Poulopoulos | today = datetime.date.today() |
186 | c1509909 | Leonidas Poulopoulos | if today > self.expires: |
187 | c1509909 | Leonidas Poulopoulos | return True |
188 | c1509909 | Leonidas Poulopoulos | return False |
189 | 6a946adf | Leonidas Poulopoulos | |
190 | 6a946adf | Leonidas Poulopoulos | def check_sync(self): |
191 | 6a946adf | Leonidas Poulopoulos | if not self.is_synced(): |
192 | 6a946adf | Leonidas Poulopoulos | self.status = "OUTOFSYNC" |
193 | 6a946adf | Leonidas Poulopoulos | self.save()
|
194 | 6a946adf | Leonidas Poulopoulos | |
195 | 6a946adf | Leonidas Poulopoulos | def is_synced(self): |
196 | 357d48dc | Leonidas Poulopoulos | found = False
|
197 | 357d48dc | Leonidas Poulopoulos | get_device = PR.Retriever() |
198 | 357d48dc | Leonidas Poulopoulos | device = get_device.fetch_device() |
199 | 357d48dc | Leonidas Poulopoulos | try:
|
200 | 357d48dc | Leonidas Poulopoulos | routes = device.routing_options[0].routes
|
201 | 357d48dc | Leonidas Poulopoulos | except Exception as e: |
202 | 97e42c7d | Leonidas Poulopoulos | self.status = "EXPIRED" |
203 | 971645d6 | Leonidas Poulopoulos | self.save()
|
204 | 357d48dc | Leonidas Poulopoulos | logger.error("No routing options on device. Exception: %s" %e)
|
205 | 6a946adf | Leonidas Poulopoulos | return True |
206 | 357d48dc | Leonidas Poulopoulos | for route in routes: |
207 | 357d48dc | Leonidas Poulopoulos | if route.name == self.name: |
208 | 357d48dc | Leonidas Poulopoulos | found = True
|
209 | 933c1f31 | Leonidas Poulopoulos | logger.info('Found a matching rule name')
|
210 | 357d48dc | Leonidas Poulopoulos | devicematch = route.match |
211 | 357d48dc | Leonidas Poulopoulos | try:
|
212 | b10e01d6 | Leonidas Poulopoulos | assert(self.destination) |
213 | 357d48dc | Leonidas Poulopoulos | assert(devicematch['destination'][0]) |
214 | b10e01d6 | Leonidas Poulopoulos | if self.destination == devicematch['destination'][0]: |
215 | 357d48dc | Leonidas Poulopoulos | found = found and True |
216 | 357d48dc | Leonidas Poulopoulos | logger.info('Found a matching destination')
|
217 | 357d48dc | Leonidas Poulopoulos | else:
|
218 | 357d48dc | Leonidas Poulopoulos | found = False
|
219 | 357d48dc | Leonidas Poulopoulos | logger.info('Destination fields do not match')
|
220 | 357d48dc | Leonidas Poulopoulos | except:
|
221 | 357d48dc | Leonidas Poulopoulos | pass
|
222 | 357d48dc | Leonidas Poulopoulos | try:
|
223 | b10e01d6 | Leonidas Poulopoulos | assert(self.source) |
224 | 357d48dc | Leonidas Poulopoulos | assert(devicematch['source'][0]) |
225 | b10e01d6 | Leonidas Poulopoulos | if self.source == devicematch['source'][0]: |
226 | 357d48dc | Leonidas Poulopoulos | found = found and True |
227 | 357d48dc | Leonidas Poulopoulos | logger.info('Found a matching source')
|
228 | 357d48dc | Leonidas Poulopoulos | else:
|
229 | 357d48dc | Leonidas Poulopoulos | found = False
|
230 | 357d48dc | Leonidas Poulopoulos | logger.info('Source fields do not match')
|
231 | 357d48dc | Leonidas Poulopoulos | except:
|
232 | 357d48dc | Leonidas Poulopoulos | pass
|
233 | 357d48dc | Leonidas Poulopoulos | try:
|
234 | b10e01d6 | Leonidas Poulopoulos | assert(self.fragmenttype) |
235 | 357d48dc | Leonidas Poulopoulos | assert(devicematch['fragment'][0]) |
236 | b10e01d6 | Leonidas Poulopoulos | if self.fragmenttype == devicematch['fragment'][0]: |
237 | 357d48dc | Leonidas Poulopoulos | found = found and True |
238 | 357d48dc | Leonidas Poulopoulos | logger.info('Found a matching fragment type')
|
239 | 357d48dc | Leonidas Poulopoulos | else:
|
240 | 357d48dc | Leonidas Poulopoulos | found = False
|
241 | 357d48dc | Leonidas Poulopoulos | logger.info('Fragment type fields do not match')
|
242 | 357d48dc | Leonidas Poulopoulos | except:
|
243 | 357d48dc | Leonidas Poulopoulos | pass
|
244 | 357d48dc | Leonidas Poulopoulos | try:
|
245 | b10e01d6 | Leonidas Poulopoulos | assert(self.icmpcode) |
246 | 357d48dc | Leonidas Poulopoulos | assert(devicematch['icmp-code'][0]) |
247 | b10e01d6 | Leonidas Poulopoulos | if self.icmpcode == devicematch['icmp-code'][0]: |
248 | 357d48dc | Leonidas Poulopoulos | found = found and True |
249 | 357d48dc | Leonidas Poulopoulos | logger.info('Found a matching icmp code')
|
250 | 357d48dc | Leonidas Poulopoulos | else:
|
251 | 357d48dc | Leonidas Poulopoulos | found = False
|
252 | 357d48dc | Leonidas Poulopoulos | logger.info('Icmp code fields do not match')
|
253 | 357d48dc | Leonidas Poulopoulos | except:
|
254 | 357d48dc | Leonidas Poulopoulos | pass
|
255 | 357d48dc | Leonidas Poulopoulos | try:
|
256 | b10e01d6 | Leonidas Poulopoulos | assert(self.icmptype) |
257 | 357d48dc | Leonidas Poulopoulos | assert(devicematch['icmp-type'][0]) |
258 | b10e01d6 | Leonidas Poulopoulos | if self.icmptype == devicematch['icmp-type'][0]: |
259 | 357d48dc | Leonidas Poulopoulos | found = found and True |
260 | 357d48dc | Leonidas Poulopoulos | logger.info('Found a matching icmp type')
|
261 | 357d48dc | Leonidas Poulopoulos | else:
|
262 | 357d48dc | Leonidas Poulopoulos | found = False
|
263 | 357d48dc | Leonidas Poulopoulos | logger.info('Icmp type fields do not match')
|
264 | 357d48dc | Leonidas Poulopoulos | except:
|
265 | 357d48dc | Leonidas Poulopoulos | pass
|
266 | 97e42c7d | Leonidas Poulopoulos | if found and self.status != "ACTIVE": |
267 | e173e7c2 | Leonidas Poulopoulos | logger.error('Rule is applied on device but appears as offline')
|
268 | e173e7c2 | Leonidas Poulopoulos | self.status = "ACTIVE" |
269 | e173e7c2 | Leonidas Poulopoulos | self.save()
|
270 | e173e7c2 | Leonidas Poulopoulos | found = True
|
271 | 33281310 | Leonidas Poulopoulos | if self.status == "ADMININACTIVE" or self.status == "INACTIVE" or self.status == "EXPIRED": |
272 | e173e7c2 | Leonidas Poulopoulos | found = True
|
273 | 357d48dc | Leonidas Poulopoulos | return found
|
274 | 357d48dc | Leonidas Poulopoulos | |
275 | 357d48dc | Leonidas Poulopoulos | def get_then(self): |
276 | 357d48dc | Leonidas Poulopoulos | ret = ''
|
277 | b10e01d6 | Leonidas Poulopoulos | then_statements = self.then.all()
|
278 | 357d48dc | Leonidas Poulopoulos | for statement in then_statements: |
279 | 357d48dc | Leonidas Poulopoulos | if statement.action_value:
|
280 | 357d48dc | Leonidas Poulopoulos | ret = "%s %s:<strong>%s</strong><br/>" %(ret, statement.action, statement.action_value)
|
281 | 357d48dc | Leonidas Poulopoulos | else:
|
282 | 357d48dc | Leonidas Poulopoulos | ret = "%s %s<br>" %(ret, statement.action)
|
283 | 357d48dc | Leonidas Poulopoulos | return ret.rstrip(',') |
284 | 357d48dc | Leonidas Poulopoulos | |
285 | 357d48dc | Leonidas Poulopoulos | get_then.short_description = 'Then statement'
|
286 | 357d48dc | Leonidas Poulopoulos | get_then.allow_tags = True
|
287 | b10e01d6 | Leonidas Poulopoulos | #
|
288 | 357d48dc | Leonidas Poulopoulos | def get_match(self): |
289 | 357d48dc | Leonidas Poulopoulos | ret = ''
|
290 | b10e01d6 | Leonidas Poulopoulos | if self.destination: |
291 | f5d68f6f | Leonidas Poulopoulos | ret = '%s Dst Addr:<strong>%s</strong> <br/>' %(ret, self.destination) |
292 | b10e01d6 | Leonidas Poulopoulos | if self.fragmenttype: |
293 | 3e99e2d1 | Leonidas Poulopoulos | ret = "%s Fragment Type:<strong>%s</strong><br/>" %(ret, self.fragmenttype) |
294 | b10e01d6 | Leonidas Poulopoulos | if self.icmpcode: |
295 | 3e99e2d1 | Leonidas Poulopoulos | ret = "%s ICMP code:<strong>%s</strong><br/>" %(ret, self.icmpcode) |
296 | b10e01d6 | Leonidas Poulopoulos | if self.icmptype: |
297 | 3e99e2d1 | Leonidas Poulopoulos | ret = "%s ICMP Type:<strong>%s</strong><br/>" %(ret, self.icmptype) |
298 | b10e01d6 | Leonidas Poulopoulos | if self.packetlength: |
299 | 3e99e2d1 | Leonidas Poulopoulos | ret = "%s Packet Length:<strong>%s</strong><br/>" %(ret, self.packetlength) |
300 | b10e01d6 | Leonidas Poulopoulos | if self.source: |
301 | f5d68f6f | Leonidas Poulopoulos | ret = "%s Src Addr:<strong>%s</strong> <br/>" %(ret, self.source) |
302 | b10e01d6 | Leonidas Poulopoulos | if self.tcpflag: |
303 | 3e99e2d1 | Leonidas Poulopoulos | ret = "%s TCP flag:<strong>%s</strong><br/>" %(ret, self.tcpflag) |
304 | b10e01d6 | Leonidas Poulopoulos | if self.port: |
305 | b10e01d6 | Leonidas Poulopoulos | for port in self.port.all(): |
306 | f5d68f6f | Leonidas Poulopoulos | ret = ret + "Port:<strong>%s</strong> <br/>" %(port)
|
307 | 7fac6521 | Leonidas Poulopoulos | if self.protocol: |
308 | 7fac6521 | Leonidas Poulopoulos | for protocol in self.protocol.all(): |
309 | 7fac6521 | Leonidas Poulopoulos | ret = ret + "Protocol:<strong>%s</strong> <br/>" %(protocol)
|
310 | b10e01d6 | Leonidas Poulopoulos | if self.destinationport: |
311 | b10e01d6 | Leonidas Poulopoulos | for port in self.destinationport.all(): |
312 | f5d68f6f | Leonidas Poulopoulos | ret = ret + "Dst Port:<strong>%s</strong> <br/>" %(port)
|
313 | b10e01d6 | Leonidas Poulopoulos | if self.sourceport: |
314 | b10e01d6 | Leonidas Poulopoulos | for port in self.sourceport.all(): |
315 | f5d68f6f | Leonidas Poulopoulos | ret = ret +"Src Port:<strong>%s</strong> <br/>" %(port)
|
316 | b10e01d6 | Leonidas Poulopoulos | if self.dscp: |
317 | b10e01d6 | Leonidas Poulopoulos | for dscp in self.dscp.all(): |
318 | f5d68f6f | Leonidas Poulopoulos | ret = ret + "%s Port:<strong>%s</strong> <br/>" %(ret, dscp)
|
319 | 357d48dc | Leonidas Poulopoulos | return ret.rstrip('<br/>') |
320 | 357d48dc | Leonidas Poulopoulos | |
321 | 357d48dc | Leonidas Poulopoulos | get_match.short_description = 'Match statement'
|
322 | 357d48dc | Leonidas Poulopoulos | get_match.allow_tags = True
|
323 | d50fd7b6 | Leonidas Poulopoulos | |
324 | d50fd7b6 | Leonidas Poulopoulos | @property
|
325 | d50fd7b6 | Leonidas Poulopoulos | def applier_peer(self): |
326 | d50fd7b6 | Leonidas Poulopoulos | try:
|
327 | d50fd7b6 | Leonidas Poulopoulos | applier_peer = self.applier.get_profile().peer
|
328 | d50fd7b6 | Leonidas Poulopoulos | except:
|
329 | d50fd7b6 | Leonidas Poulopoulos | applier_peer = None
|
330 | d50fd7b6 | Leonidas Poulopoulos | return applier_peer
|
331 | fb67376a | Leonidas Poulopoulos | |
332 | fb67376a | Leonidas Poulopoulos | @property
|
333 | fb67376a | Leonidas Poulopoulos | def days_to_expire(self): |
334 | e74203ca | Leonidas Poulopoulos | if self.status not in ['EXPIRED', 'ADMININACTIVE', 'ERROR', 'INACTIVE']: |
335 | fb67376a | Leonidas Poulopoulos | expiration_days = (self.expires - datetime.date.today()).days
|
336 | fb67376a | Leonidas Poulopoulos | if expiration_days < settings.EXPIRATION_NOTIFY_DAYS:
|
337 | 7c4bc8de | Leonidas Poulopoulos | return "%s" %expiration_days |
338 | fb67376a | Leonidas Poulopoulos | else:
|
339 | fb67376a | Leonidas Poulopoulos | return False |
340 | fb67376a | Leonidas Poulopoulos | else:
|
341 | fb67376a | Leonidas Poulopoulos | return False |
342 | 357d48dc | Leonidas Poulopoulos | |
343 | 25d08a62 | Leonidas Poulopoulos | def send_message(msg, user): |
344 | 97e42c7d | Leonidas Poulopoulos | # username = user.username
|
345 | 97e42c7d | Leonidas Poulopoulos | peer = user |
346 | 3e99e2d1 | Leonidas Poulopoulos | b = beanstalkc.Connection() |
347 | 3e99e2d1 | Leonidas Poulopoulos | b.use(settings.POLLS_TUBE) |
348 | 97e42c7d | Leonidas Poulopoulos | tube_message = json.dumps({'message': str(msg), 'username':peer}) |
349 | 25d08a62 | Leonidas Poulopoulos | b.put(tube_message) |
350 | 3e99e2d1 | Leonidas Poulopoulos | b.close() |