Commit ab46c87b by Bach Dániel

random hacks

parent 2810272e
...@@ -11,8 +11,7 @@ ...@@ -11,8 +11,7 @@
ik.bme.hu</tt> e-mail címen várjuk. ik.bme.hu</tt> e-mail címen várjuk.
Ugyancsak örömmel fogadjuk a rendszer használatával kapcsolatos beszámolókat.</p> Ugyancsak örömmel fogadjuk a rendszer használatával kapcsolatos beszámolókat.</p>
<p>A rendszerben talált hibákat (vagy azok gyanúját), valamint ötleteit, javaslatait kérjük, <p>A rendszerben talált hibákat (vagy azok gyanúját), valamint ötleteit, javaslatait kérjük,
<a href="https://giccero.cloud.ik.bme.hu/trac/cloud/newticket" rel="nofollow"> hogy a <tt>cloud<em>(kukac)</em>ik.bme.hu</tt> címen jelezze.
hibajegy felvételével</a> jelezze.
</p> </p>
</section> </section>
......
...@@ -138,6 +138,7 @@ class Firewall: ...@@ -138,6 +138,7 @@ class Firewall:
self.iptables('-N PUB_OUT') self.iptables('-N PUB_OUT')
if not self.IPV6:
self.iptables('-A FORWARD -m set --match-set blacklist src,dst -j DROP') self.iptables('-A FORWARD -m set --match-set blacklist src,dst -j DROP')
# self.iptables('-A FORWARD -m state --state INVALID -g LOG_DROP') # self.iptables('-A FORWARD -m state --state INVALID -g LOG_DROP')
self.iptables('-A FORWARD -m state --state ESTABLISHED,RELATED ' self.iptables('-A FORWARD -m state --state ESTABLISHED,RELATED '
...@@ -145,6 +146,7 @@ class Firewall: ...@@ -145,6 +146,7 @@ class Firewall:
self.iptables('-A FORWARD -p icmp --icmp-type echo-request ' self.iptables('-A FORWARD -p icmp --icmp-type echo-request '
'-g LOG_ACC') '-g LOG_ACC')
if not self.IPV6:
self.iptables('-A INPUT -m set --match-set blacklist src -j DROP') self.iptables('-A INPUT -m set --match-set blacklist src -j DROP')
self.iptables('-A INPUT -m state --state INVALID -g LOG_DROP') self.iptables('-A INPUT -m state --state INVALID -g LOG_DROP')
self.iptables('-A INPUT -i lo -j ACCEPT') self.iptables('-A INPUT -i lo -j ACCEPT')
...@@ -213,9 +215,9 @@ class Firewall: ...@@ -213,9 +215,9 @@ class Firewall:
# hard-wired rules # hard-wired rules
self.iptablesnat('-A POSTROUTING -s 10.5.0.0/16 -o vlan0003 -j SNAT ' self.iptablesnat('-A POSTROUTING -s 10.5.0.0/16 -o vlan0003 -j SNAT '
'--to-source 10.3.255.254') # man elerheto legyen '--to-source 10.3.255.254') # man elerheto legyen az eszkozok def gw-je nelkul is
self.iptablesnat('-A POSTROUTING -s 10.3.0.0/16 -p udp --dport 53 -o vlan0002 -j SNAT ' self.iptablesnat('-A POSTROUTING -s 10.3.0.0/16 -p udp --dport 53 -o vlan0002 -j SNAT '
'--to-source %s' % self.pub.ipv4) # kulonben nem megy a dns man-ban '--to-source %s' % self.pub.ipv4) # kulonben nem megy a dns man-ban (ket interfesze van a monitornak)
self.iptablesnat('-A PREROUTING -d 152.66.243.130/32 -p udp --dport 1194 -j DNAT --to-destination 10.12.255.253') self.iptablesnat('-A PREROUTING -d 152.66.243.130/32 -p udp --dport 1194 -j DNAT --to-destination 10.12.255.253')
......
...@@ -55,7 +55,7 @@ class Periodic(PeriodicTask): ...@@ -55,7 +55,7 @@ class Periodic(PeriodicTask):
if cache.get('dhcp_lock'): if cache.get('dhcp_lock'):
cache.delete("dhcp_lock") cache.delete("dhcp_lock")
reload_dhcp_task.delay(dhcp()) reload_dhcp.apply_async(args=[dhcp()], queue='dhcp')
reload_dhcp.apply_async(args=[dhcp()], queue='dhcp2') reload_dhcp.apply_async(args=[dhcp()], queue='dhcp2')
print "dhcp ujratoltese kesz" print "dhcp ujratoltese kesz"
...@@ -63,25 +63,21 @@ class Periodic(PeriodicTask): ...@@ -63,25 +63,21 @@ class Periodic(PeriodicTask):
cache.delete("firewall_lock") cache.delete("firewall_lock")
ipv4 = Firewall().get() ipv4 = Firewall().get()
ipv6 = Firewall(True).get() ipv6 = Firewall(True).get()
# old reload_firewall.apply_async(args=[ipv4, ipv6], queue='firewall')
reload_firewall_task.apply_async((ipv4, ipv6), queue='firewall')
# new
reload_firewall.apply_async(args=[ipv4, ipv6], queue='firewall2') reload_firewall.apply_async(args=[ipv4, ipv6], queue='firewall2')
print "firewall ujratoltese kesz" print "firewall ujratoltese kesz"
if cache.get('firewall_vlan_lock'): if cache.get('firewall_vlan_lock'):
cache.delete("firewall_vlan_lock") cache.delete("firewall_vlan_lock")
data = vlan() data = vlan()
# reload_firewall_vlan.apply_async(args=[data], queue='firewall') reload_firewall_vlan.apply_async(args=[data], queue='firewall')
reload_firewall_vlan.apply_async(args=[data], queue='firewall2') reload_firewall_vlan.apply_async(args=[data], queue='firewall2')
print "firewall_vlan ujratoltese kesz" print "firewall_vlan ujratoltese kesz"
if cache.get('blacklist_lock'): if cache.get('blacklist_lock'):
cache.delete("blacklist_lock") cache.delete("blacklist_lock")
# old reload_blacklist.apply_async(args=[list(ipset())], queue='firewall')
reload_blacklist_task.delay(list(ipset()))
# new
reload_blacklist.apply_async(args=[list(ipset())], queue='firewall2') reload_blacklist.apply_async(args=[list(ipset())], queue='firewall2')
print "blacklist ujratoltese kesz" print "blacklist ujratoltese kesz"
......
...@@ -87,9 +87,10 @@ class TemplateAdmin(contrib.admin.ModelAdmin): ...@@ -87,9 +87,10 @@ class TemplateAdmin(contrib.admin.ModelAdmin):
class InstanceAdmin(contrib.admin.ModelAdmin): class InstanceAdmin(contrib.admin.ModelAdmin):
model=models.Instance model=models.Instance
actions = [update_state, submit_vm, delete_vm, suspend_vm, resume_vm] actions = [update_state, submit_vm, delete_vm, suspend_vm, resume_vm]
list_display = ('id', 'name', owner_person, 'state') list_display = ('id', 'name', owner_person, 'state', 'ip')
readonly_fields = ('ip', 'active_since', 'pw', ) readonly_fields = ('ip', 'active_since', 'pw', )
list_filter = ('owner', 'template', 'state') list_filter = ('state', 'owner', 'template')
search_fields = ('ip', 'name')
def queryset(self, request): def queryset(self, request):
return super(InstanceAdmin, self).queryset(request) return super(InstanceAdmin, self).queryset(request)
......
...@@ -224,7 +224,10 @@ class Share(models.Model): ...@@ -224,7 +224,10 @@ class Share(models.Model):
return running.count() return running.count()
def get_instance_pc(self): def get_instance_pc(self):
try:
return float(self.get_running()) / self.instance_limit * 100 return float(self.get_running()) / self.instance_limit * 100
except ZeroDivisionError:
return 100
def __unicode__(self): def __unicode__(self):
return u"%(group)s: %(tpl)s %(owner)s" % { return u"%(group)s: %(tpl)s %(owner)s" % {
......
...@@ -45,7 +45,13 @@ def login(request): ...@@ -45,7 +45,13 @@ def login(request):
user.set_unusable_password() user.set_unusable_password()
user.first_name = request.META['givenName'] user.first_name = request.META['givenName']
user.last_name = request.META['sn'] user.last_name = request.META['sn']
try:
user.email = request.META['email'] user.email = request.META['email']
except KeyError:
messages.error(request, _('E-mail address is required, '
'but the directory does not send any.'))
return redirect('/')
user.save() user.save()
p, created = Person.objects.get_or_create(code=user.username) p, created = Person.objects.get_or_create(code=user.username)
p.user_id = user.id p.user_id = user.id
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment