Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gelencsér Szabolcs
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
e21437b1
authored
Feb 13, 2013
by
Bach Dániel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
firewall: ssh replaced with rabbitmq
parent
fe568466
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
55 additions
and
43 deletions
+55
-43
cloud/settings.py
+7
-1
firewall/fw.py
+8
-0
firewall/models.py
+13
-0
firewall/tasks.py
+27
-39
one/models.py
+0
-3
No files found.
cloud/settings.py
View file @
e21437b1
...
...
@@ -175,7 +175,13 @@ AUTH_PROFILE_MODULE = 'school.Person'
import
djcelery
djcelery
.
setup_loader
()
BROKER_URL
=
'django://'
BROKER_URL
=
'amqp://nyuszi:teszt@localhost:5672/django'
CELERY_ROUTES
=
{
'firewall.tasks.ReloadTask'
:
{
'queue'
:
'local'
},
'firewall.tasks.reload_dns_task'
:
{
'queue'
:
'dns'
},
'firewall.tasks.reload_firewall_task'
:
{
'queue'
:
'firewall'
},
'firewall.tasks.reload_dhcp_task'
:
{
'queue'
:
'dhcp'
},
}
store_settings
=
{
"basic_auth"
:
"True"
,
...
...
firewall/fw.py
View file @
e21437b1
...
...
@@ -280,6 +280,12 @@ class firewall:
process
=
subprocess
.
Popen
([
'/usr/bin/ssh'
,
'fw2'
,
'/usr/bin/sudo'
,
'/sbin/iptables-restore'
,
'-c'
],
shell
=
False
,
stdin
=
subprocess
.
PIPE
)
process
.
communicate
(
"
\n
"
.
join
(
self
.
SZABALYOK
)
+
"
\n
"
+
"
\n
"
.
join
(
self
.
SZABALYOK_NAT
)
+
"
\n
"
)
def
get
(
self
):
if
self
.
IPV6
:
return
{
'filter'
:
self
.
SZABALYOK
,
}
else
:
return
{
'filter'
:
self
.
SZABALYOK
,
'nat'
:
self
.
SZABALYOK_NAT
}
def
show
(
self
):
if
self
.
IPV6
:
return
"
\n
"
.
join
(
self
.
SZABALYOK
)
+
"
\n
"
...
...
@@ -373,6 +379,7 @@ def dns():
mx
=
d
[
'address'
]
.
split
(
':'
,
2
)
DNS
.
append
(
"@
%(fqdn)
s::
%(mx)
s:
%(dist)
s:
%(ttl)
s"
%
{
'fqdn'
:
d
[
'name'
],
'mx'
:
mx
[
1
],
'dist'
:
mx
[
0
],
'ttl'
:
d
[
'ttl'
]})
return
DNS
process
=
subprocess
.
Popen
([
'/usr/bin/ssh'
,
'tinydns@
%
s'
%
settings
[
'dns_hostname'
]],
shell
=
False
,
stdin
=
subprocess
.
PIPE
)
process
.
communicate
(
"
\n
"
.
join
(
DNS
)
+
"
\n
"
)
# print "\n".join(DNS)+"\n"
...
...
@@ -434,6 +441,7 @@ def dhcp():
'ipv4'
:
i_host
.
ipv4
,
})
return
DHCP
process
=
subprocess
.
Popen
([
'/usr/bin/ssh'
,
'fw2'
,
'cat > /tools/dhcp3/dhcpd.conf.generated;sudo /etc/init.d/isc-dhcp-server restart'
],
shell
=
False
,
stdin
=
subprocess
.
PIPE
)
# print "\n".join(DHCP)+"\n"
process
.
communicate
(
"
\n
"
.
join
(
DHCP
)
+
"
\n
"
)
...
...
firewall/models.py
View file @
e21437b1
...
...
@@ -9,6 +9,7 @@ from south.modelsinspector import add_introspection_rules
from
django.core.validators
import
MinValueValidator
,
MaxValueValidator
from
cloud.settings
import
firewall_settings
as
settings
from
django.utils.ipv6
import
is_valid_ipv6_address
from
django.db.models.signals
import
post_save
import
re
class
Rule
(
models
.
Model
):
...
...
@@ -270,4 +271,16 @@ class Record(models.Model):
return
retval
def
send_task
(
sender
,
instance
,
created
,
**
kwargs
):
from
firewall.tasks
import
ReloadTask
ReloadTask
.
apply_async
(
args
=
[
sender
.
__name__
])
post_save
.
connect
(
send_task
,
sender
=
Host
)
post_save
.
connect
(
send_task
,
sender
=
Rule
)
post_save
.
connect
(
send_task
,
sender
=
Domain
)
post_save
.
connect
(
send_task
,
sender
=
Record
)
post_save
.
connect
(
send_task
,
sender
=
Vlan
)
post_save
.
connect
(
send_task
,
sender
=
Firewall
)
post_save
.
connect
(
send_task
,
sender
=
Group
)
post_save
.
connect
(
send_task
,
sender
=
Host
)
firewall/tasks.py
View file @
e21437b1
from
celery.task
import
Task
,
PeriodicTask
import
celery
from
django.core.cache
import
cache
import
os
import
time
from
firewall.fw
import
*
from
cloud.settings
import
firewall_settings
as
settings
def
reload_firewall_lock
():
acquire_lock
=
lambda
:
cache
.
add
(
"reload_lock1"
,
"true"
,
9
)
if
acquire_lock
():
print
"megszereztem"
ReloadTask
.
delay
()
else
:
print
"nem szereztem meg"
@celery.task
def
reload_dns_task
(
data
):
pass
@celery.task
def
reload_firewall_task
(
data4
,
data6
):
pass
@celery.task
def
reload_dhcp_task
(
data
):
pass
class
ReloadTask
(
Task
):
def
run
(
self
,
**
kwargs
):
acquire_lock
=
lambda
:
cache
.
add
(
"reload_lock1"
,
"true"
,
90
)
release_lock
=
lambda
:
cache
.
delete
(
"reload_lock1"
)
def
run
(
self
,
type
):
if
type
in
[
"Host"
,
"Records"
,
"Domain"
,
"Vlan"
]:
lock
=
lambda
:
cache
.
add
(
"dns_lock"
,
"true"
,
9
)
if
lock
():
reload_dns_task
.
delay
(
dns
())
if
not
acquire_lock
():
print
"mar folyamatban van egy reload"
return
if
type
==
"Host"
:
lock
=
lambda
:
cache
.
add
(
"dhcp_lock"
,
"true"
,
9
)
if
lock
():
reload_dhcp_task
.
delay
(
dhcp
())
print
"indul"
try
:
sleep
=
float
(
settings
[
'reload_sleep'
])
except
:
sleep
=
10
time
.
sleep
(
sleep
)
if
type
in
[
"Host"
,
"Rule"
,
"Firewall"
]:
lock
=
lambda
:
cache
.
add
(
"firewall_lock"
,
"true"
,
9
)
if
lock
():
ipv4
=
firewall
()
.
get
()
ipv6
=
firewall
(
True
)
.
get
()
reload_firewall_task
.
delay
(
ipv4
,
ipv6
)
try
:
print
"ipv4"
ipv4
=
firewall
()
ipv4
.
reload
()
# print ipv4.show()
print
"ipv6"
ipv6
=
firewall
(
True
)
ipv6
.
reload
()
print
"dns"
dns
()
print
"dhcp"
dhcp
()
print
"vege"
except
:
raise
print
"nem sikerult :("
print
type
print
"leall"
release_lock
()
one/models.py
View file @
e21437b1
...
...
@@ -8,7 +8,6 @@ from django.db.models.signals import post_save
from
django
import
forms
from
django.utils.translation
import
ugettext_lazy
as
_
from
firewall.models
import
Host
,
Rule
,
Vlan
from
firewall.tasks
import
reload_firewall_lock
from
one.util
import
keygen
from
school.models
import
Person
,
Group
from
datetime
import
timedelta
as
td
...
...
@@ -531,7 +530,6 @@ class Instance(models.Model):
host
.
add_port
(
"tcp"
,
inst
.
get_port
(),
{
"rdp"
:
3389
,
"nx"
:
22
,
"ssh"
:
22
}[
inst
.
template
.
access_type
])
inst
.
firewall_host
=
host
inst
.
save
()
reload_firewall_lock
()
return
inst
"""
...
...
@@ -549,7 +547,6 @@ class Instance(models.Model):
self
.
firewall_host
=
None
self
.
save
()
h
.
delete
()
reload_firewall_lock
()
def
_update_vm
(
self
,
template
):
out
=
""
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment