/flowspec/tasks.py - Annotate - Firewall on Demand - Greek Research and Technology Network's projects

root / flowspec / tasks.py @ 736b67bf

History | View | Annotate | Download (7.1 kB)

1	9cad4715	Leonidas Poulopoulos	from utils import proxy as PR
2	9cad4715	Leonidas Poulopoulos	from celery.task import task
3	3e99e2d1	Leonidas Poulopoulos	from celery.task.sets import subtask
4	3e99e2d1	Leonidas Poulopoulos	import logging
5	25d08a62	Leonidas Poulopoulos	import json
6	3e99e2d1	Leonidas Poulopoulos	from celery.task.http import *
7	f57f6e68	Leonidas Poulopoulos	import beanstalkc
8	3e99e2d1	Leonidas Poulopoulos	from django.conf import settings
9	6e9a9419	Leonidas Poulopoulos	import datetime
10	15d4014d	Leonidas Poulopoulos	from django.core.mail import send_mail
11	15d4014d	Leonidas Poulopoulos	from django.template.loader import render_to_string
12	15d4014d	Leonidas Poulopoulos	from django.core.urlresolvers import reverse
13	57de574d	Leonidas Poulopoulos	import os
14	57de574d	Leonidas Poulopoulos
15	57de574d	Leonidas Poulopoulos
16	b4401a0c	Leonidas Poulopoulos
17	b4401a0c	Leonidas Poulopoulos	LOG_FILENAME = os.path.join(settings.LOG_FILE_LOCATION, 'celery_jobs.log')
18	57de574d	Leonidas Poulopoulos
19	57de574d	Leonidas Poulopoulos	#FORMAT = '%(asctime)s %(levelname)s: %(message)s'
20	57de574d	Leonidas Poulopoulos	#logging.basicConfig(format=FORMAT)
21	57de574d	Leonidas Poulopoulos	formatter = logging.Formatter('%(asctime)s %(levelname)s: %(message)s')
22	57de574d	Leonidas Poulopoulos
23	3e99e2d1	Leonidas Poulopoulos	logger = logging.getLogger(__name__)
24	3e99e2d1	Leonidas Poulopoulos	logger.setLevel(logging.DEBUG)
25	57de574d	Leonidas Poulopoulos	handler = logging.FileHandler(LOG_FILENAME)
26	57de574d	Leonidas Poulopoulos	handler.setFormatter(formatter)
27	57de574d	Leonidas Poulopoulos	logger.addHandler(handler)
28	57de574d	Leonidas Poulopoulos
29	9cad4715	Leonidas Poulopoulos
30	b77dcedb	Leonidas Poulopoulos	@task(ignore_result=True)
31	3e99e2d1	Leonidas Poulopoulos	def add(route, callback=None):
32	9cad4715	Leonidas Poulopoulos	applier = PR.Applier(route_object=route)
33	9cad4715	Leonidas Poulopoulos	commit, response = applier.apply()
34	9cad4715	Leonidas Poulopoulos	if commit:
35	97e42c7d	Leonidas Poulopoulos	status = "ACTIVE"
36	9cad4715	Leonidas Poulopoulos	else:
37	97e42c7d	Leonidas Poulopoulos	status = "ERROR"
38	97e42c7d	Leonidas Poulopoulos	route.status = status
39	9cad4715	Leonidas Poulopoulos	route.response = response
40	3e99e2d1	Leonidas Poulopoulos	route.save()
41	b77dcedb	Leonidas Poulopoulos	announce("[%s] Rule add: %s - Result: %s" %(route.applier, route.name, response), route.applier)
42	3e99e2d1	Leonidas Poulopoulos
43	b77dcedb	Leonidas Poulopoulos	@task(ignore_result=True)
44	3e99e2d1	Leonidas Poulopoulos	def edit(route, callback=None):
45	3e99e2d1	Leonidas Poulopoulos	applier = PR.Applier(route_object=route)
46	3e99e2d1	Leonidas Poulopoulos	commit, response = applier.apply(operation="replace")
47	3e99e2d1	Leonidas Poulopoulos	if commit:
48	97e42c7d	Leonidas Poulopoulos	status = "ACTIVE"
49	3e99e2d1	Leonidas Poulopoulos	else:
50	97e42c7d	Leonidas Poulopoulos	status = "ERROR"
51	97e42c7d	Leonidas Poulopoulos	route.status = status
52	3e99e2d1	Leonidas Poulopoulos	route.response = response
53	9cad4715	Leonidas Poulopoulos	route.save()
54	b77dcedb	Leonidas Poulopoulos	announce("[%s] Rule edit: %s - Result: %s"%(route.applier, route.name, response), route.applier)
55	3e99e2d1	Leonidas Poulopoulos
56	3e99e2d1	Leonidas Poulopoulos
57	971645d6	Leonidas Poulopoulos
58	b77dcedb	Leonidas Poulopoulos	@task(ignore_result=True)
59	6a946adf	Leonidas Poulopoulos	def delete(route, **kwargs):
60	3e99e2d1	Leonidas Poulopoulos	applier = PR.Applier(route_object=route)
61	3e99e2d1	Leonidas Poulopoulos	commit, response = applier.apply(operation="delete")
62	6a946adf	Leonidas Poulopoulos	reason_text = ''
63	3e99e2d1	Leonidas Poulopoulos	if commit:
64	97e42c7d	Leonidas Poulopoulos	status = "INACTIVE"
65	6a946adf	Leonidas Poulopoulos	if "reason" in kwargs and kwargs['reason']=='EXPIRED':
66	6a946adf	Leonidas Poulopoulos	status = 'EXPIRED'
67	6a946adf	Leonidas Poulopoulos	reason_text = " Reason: %s " %status
68	3e99e2d1	Leonidas Poulopoulos	else:
69	97e42c7d	Leonidas Poulopoulos	status = "ERROR"
70	97e42c7d	Leonidas Poulopoulos	route.status = status
71	3e99e2d1	Leonidas Poulopoulos	route.response = response
72	3e99e2d1	Leonidas Poulopoulos	route.save()
73	b77dcedb	Leonidas Poulopoulos	announce("[%s] Suspending rule : %s%s- Result %s" %(route.applier, route.name, reason_text, response), route.applier)
74	3e99e2d1	Leonidas Poulopoulos
75	6a946adf	Leonidas Poulopoulos	# May not work in the first place... proxy is not aware of Route models
76	6a946adf	Leonidas Poulopoulos	@task
77	6a946adf	Leonidas Poulopoulos	def batch_delete(routes, **kwargs):
78	6a946adf	Leonidas Poulopoulos	if routes:
79	e173e7c2	Leonidas Poulopoulos	for route in routes:
80	e173e7c2	Leonidas Poulopoulos	route.status='PENDING';route.save()
81	6a946adf	Leonidas Poulopoulos	applier = PR.Applier(route_objects=routes)
82	6a946adf	Leonidas Poulopoulos	conf = applier.delete_routes()
83	6a946adf	Leonidas Poulopoulos	commit, response = applier.apply(configuration = conf)
84	6a946adf	Leonidas Poulopoulos	reason_text = ''
85	6a946adf	Leonidas Poulopoulos	if commit:
86	6a946adf	Leonidas Poulopoulos	status = "INACTIVE"
87	6a946adf	Leonidas Poulopoulos	if "reason" in kwargs and kwargs['reason']=='EXPIRED':
88	6a946adf	Leonidas Poulopoulos	status = 'EXPIRED'
89	6a946adf	Leonidas Poulopoulos	reason_text = " Reason: %s " %status
90	d50fd7b6	Leonidas Poulopoulos	elif "reason" in kwargs and kwargs['reason']!='EXPIRED':
91	d50fd7b6	Leonidas Poulopoulos	status = kwargs['reason']
92	d50fd7b6	Leonidas Poulopoulos	reason_text = " Reason: %s " %status
93	6a946adf	Leonidas Poulopoulos	else:
94	6a946adf	Leonidas Poulopoulos	status = "ERROR"
95	6a946adf	Leonidas Poulopoulos	for route in routes:
96	6a946adf	Leonidas Poulopoulos	route.status = status
97	6a946adf	Leonidas Poulopoulos	route.response = response
98	6e9a9419	Leonidas Poulopoulos	route.expires = datetime.date.today()
99	6a946adf	Leonidas Poulopoulos	route.save()
100	b77dcedb	Leonidas Poulopoulos	announce("[%s] Rule removal: %s%s- Result %s" %(route.applier, route.name, reason_text, response), route.applier)
101	6a946adf	Leonidas Poulopoulos	else:
102	6a946adf	Leonidas Poulopoulos	return False
103	3e99e2d1	Leonidas Poulopoulos
104	b77dcedb	Leonidas Poulopoulos	#@task(ignore_result=True)
105	25d08a62	Leonidas Poulopoulos	def announce(messg, user):
106	3e99e2d1	Leonidas Poulopoulos	messg = str(messg)
107	97e42c7d	Leonidas Poulopoulos	# username = user.username
108	97e42c7d	Leonidas Poulopoulos	username = user.get_profile().peer.domain_name
109	3e99e2d1	Leonidas Poulopoulos	b = beanstalkc.Connection()
110	3e99e2d1	Leonidas Poulopoulos	b.use(settings.POLLS_TUBE)
111	25d08a62	Leonidas Poulopoulos	tube_message = json.dumps({'message': messg, 'username':username})
112	25d08a62	Leonidas Poulopoulos	b.put(tube_message)
113	3e99e2d1	Leonidas Poulopoulos	b.close()
114	3e99e2d1	Leonidas Poulopoulos
115	97e42c7d	Leonidas Poulopoulos	@task
116	97e42c7d	Leonidas Poulopoulos	def check_sync(route_name=None, selected_routes = []):
117	6a946adf	Leonidas Poulopoulos	from flowspy.flowspec.models import Route, MatchPort, MatchDscp, ThenAction
118	97e42c7d	Leonidas Poulopoulos	if not selected_routes:
119	97e42c7d	Leonidas Poulopoulos	routes = Route.objects.all()
120	97e42c7d	Leonidas Poulopoulos	else:
121	97e42c7d	Leonidas Poulopoulos	routes = selected_routes
122	97e42c7d	Leonidas Poulopoulos	if route_name:
123	97e42c7d	Leonidas Poulopoulos	routes = routes.filter(name=route_name)
124	6a946adf	Leonidas Poulopoulos	for route in routes:
125	fd3870ee	Leonidas Poulopoulos	if route.has_expired() and (route.status != 'EXPIRED' and route.status != 'ADMININACTIVE' and route.status != 'INACTIVE'):
126	736b67bf	Leonidas Poulopoulos	if route.status != 'ERROR':
127	736b67bf	Leonidas Poulopoulos	logger.info('Expiring %s route %s' %(route.status, route.name))
128	736b67bf	Leonidas Poulopoulos	subtask(delete).delay(route, reason="EXPIRED")
129	fdc3d663	Leonidas Poulopoulos	# elif route.has_expired() and (route.status == 'ADMININACTIVE' or route.status == 'INACTIVE'):
130	fdc3d663	Leonidas Poulopoulos	# route.status = 'EXPIRED'
131	fdc3d663	Leonidas Poulopoulos	# route.response = 'Rule Expired'
132	fdc3d663	Leonidas Poulopoulos	# logger.info('Expiring route %s' %route.name)
133	fdc3d663	Leonidas Poulopoulos	# route.save()
134	fd3870ee	Leonidas Poulopoulos	else:
135	fd3870ee	Leonidas Poulopoulos	if route.status != 'EXPIRED':
136	fd3870ee	Leonidas Poulopoulos	route.check_sync()
137	6a946adf	Leonidas Poulopoulos
138	15d4014d	Leonidas Poulopoulos	@task(ignore_result=True)
139	15d4014d	Leonidas Poulopoulos	def notify_expired():
140	441a2d31	Leonidas Poulopoulos	from flowspy.flowspec.models import *
141	441a2d31	Leonidas Poulopoulos	from django.contrib.sites.models import Site
142	15d4014d	Leonidas Poulopoulos	logger.info('Initializing expiration notification')
143	15d4014d	Leonidas Poulopoulos	routes = Route.objects.all()
144	15d4014d	Leonidas Poulopoulos	for route in routes:
145	15d4014d	Leonidas Poulopoulos	if route.status not in ['EXPIRED', 'ADMININACTIVE', 'INACTIVE', 'ERROR']:
146	15d4014d	Leonidas Poulopoulos	expiration_days = (route.expires - datetime.date.today()).days
147	15d4014d	Leonidas Poulopoulos	if expiration_days < settings.EXPIRATION_NOTIFY_DAYS:
148	15d4014d	Leonidas Poulopoulos	try:
149	15d4014d	Leonidas Poulopoulos	fqdn = Site.objects.get_current().domain
150	15d4014d	Leonidas Poulopoulos	admin_url = "https://%s%s" % \
151	15d4014d	Leonidas Poulopoulos	(fqdn,
152	15d4014d	Leonidas Poulopoulos	"/fod/edit/%s"%route.name)
153	15d4014d	Leonidas Poulopoulos	mail_body = render_to_string("rule_expiration.txt",
154	15d4014d	Leonidas Poulopoulos	{"route": route, 'expiration_days':expiration_days, 'url':admin_url})
155	15d4014d	Leonidas Poulopoulos	days_num = ' days'
156	15d4014d	Leonidas Poulopoulos	expiration_days_text = "%s %s" %('in',expiration_days)
157	15d4014d	Leonidas Poulopoulos	if expiration_days == 0:
158	15d4014d	Leonidas Poulopoulos	days_num = ' today'
159	15d4014d	Leonidas Poulopoulos	expiration_days_text = ''
160	15d4014d	Leonidas Poulopoulos	if expiration_days == 1:
161	15d4014d	Leonidas Poulopoulos	days_num = ' day'
162	15d4014d	Leonidas Poulopoulos	logger.info('Route %s expires %s%s. Notifying %s (%s)' %(route.name, expiration_days_text, days_num, route.applier.username, route.applier.email))
163	15d4014d	Leonidas Poulopoulos	send_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s expires %s%s" %
164	15d4014d	Leonidas Poulopoulos	(route.name,expiration_days_text, days_num),
165	15d4014d	Leonidas Poulopoulos	mail_body, settings.SERVER_EMAIL,
166	15d4014d	Leonidas Poulopoulos	[route.applier.email])
167	15d4014d	Leonidas Poulopoulos	except Exception as e:
168	15d4014d	Leonidas Poulopoulos	logger.info("Exception: %s"%e)
169	15d4014d	Leonidas Poulopoulos	pass
170	15d4014d	Leonidas Poulopoulos	logger.info('Expiration notification process finished')
171	6a946adf	Leonidas Poulopoulos
172	9cad4715	Leonidas Poulopoulos	#def delete(route):
173	9cad4715	Leonidas Poulopoulos	#
174	9cad4715	Leonidas Poulopoulos	# applier = PR.Applier(route_object=route)
175	9cad4715	Leonidas Poulopoulos	# commit, response = applier.apply(configuration=applier.delete_routes())
176	9cad4715	Leonidas Poulopoulos	# if commit:
177	9cad4715	Leonidas Poulopoulos	# rows = queryset.update(is_online=False, is_active=False)
178	9cad4715	Leonidas Poulopoulos	# queryset.update(response="Successfully removed route from network")
179	9cad4715	Leonidas Poulopoulos	# self.message_user(request, "Successfully removed %s routes from network" % rows)
180	9cad4715	Leonidas Poulopoulos	# else:
181	9cad4715	Leonidas Poulopoulos	# self.message_user(request, "Could not remove routes from network")
182	9cad4715	Leonidas Poulopoulos	# if commit:
183	9cad4715	Leonidas Poulopoulos	# is_online = False
184	9cad4715	Leonidas Poulopoulos	# is_active = False
185	9cad4715	Leonidas Poulopoulos	# response = "Successfully removed route from network"
186	9cad4715	Leonidas Poulopoulos	# else:
187	9cad4715	Leonidas Poulopoulos	# is_online = False
188	9cad4715	Leonidas Poulopoulos	# is_active = True
189	9cad4715	Leonidas Poulopoulos	# route.is_online = is_online
190	9cad4715	Leonidas Poulopoulos	# route.is_active = is_active
191	9cad4715	Leonidas Poulopoulos	# route.response = response
192	9cad4715	Leonidas Poulopoulos	# route.save()