diff --git a/conf-template.json b/conf-template.json index e1e18a2..aa70b68 100644 --- a/conf-template.json +++ b/conf-template.json @@ -1,4 +1,5 @@ { + "loglevel": "", "chkinterval": "", "filepath": "", "srcurl": "", diff --git a/deploy.py b/deploy.py index 6399829..598356f 100644 --- a/deploy.py +++ b/deploy.py @@ -3,79 +3,108 @@ import json import os import time # i need time to get this done import requests # for getting the commands to run on client +import logging -# import modules - +# Open the config file and make it accessible via "cfg" with open("conf.json", "r") as file: cfg = json.load(file) -# open the config file and make it accessible via "cfg" +# set our variables sshc = paramiko.client.SSHClient() healthstatus = "" # possible values: "ok", "err" healthpassing = True shcommands = [] -# set our variables -def healthcheck(): +# Configure logging +logging.basicConfig(format='%(asctime)s %(levelname)s %(message)s') +log = logging.getLogger() +try: + if cfg["loglevel"] == "debug": + log.setLevel(logging.DEBUG) + else: + log.setLevel(logging.INFO) +except KeyError: + log.setLevel(logging.INFO) +log.debug("Logger was initialized") + +def healthcheck(): # Uses os.system to ping the ONT to check for responses/status. global healthstatus response = "" if cfg["os"] == "win": - response = os.system("ping -n 2 " + cfg["server"]) + response = os.system("ping -n 2 " + cfg["server"]+ "> nul") else: response = os.system("ping -c 2 " + cfg["server"] + ">> /dev/null") if response != 0: + log.debug("healthstatus set to err!") healthstatus = "err" - else: + else: + log.debug("healthstatus set to ok!") healthstatus = "ok" -def downloadLatestCommands(): - r = requests.get(cfg['srcurl']) - open(cfg["filepath"], 'wb').write(r.content) +def downloadLatestCommands(): # If the "srcurl" attribute in the configuration is set, downloads the latest iptables commands to be run on the ONT from another server using HTTP. + try: + r = requests.get(cfg['srcurl']) + open(cfg["filepath"], 'wb').write(r.content) + commandList() # Run this here instead of seperately if this method is used. + except: + if os.path.exists(cfg["filepath"]): + log.warning("The latest commands could not be retrieved, however a copy of the commands was saved previously, which will be used.") + else: + log.error("The latest commands could not be retrieved, and no previous copy is saved on the system.") + log.debug("The commandList method will also fail!") -def commandList(): +def commandList(): # Opens the file defined by the configuration's "filepath" variable and splits the commands into a parseable list with every new line (\n). global shcommands - cmdtxt = open(cfg["filepath"], "r") - cmddata = cmdtxt.read() - shcommands = cmddata.split("\n") - cmdtxt.close() + if os.path.exists(cfg["filepath"]): + cmdtxt = open(cfg["filepath"], "r") + cmddata = cmdtxt.read() + shcommands = cmddata.split("\n") + cmdtxt.close() + else: + log.error("The commands to be run on the ONT could not be split into a list, as no previous copy is saved on the system.") def deploy(): downloadLatestCommands() sshc.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # so we don't get whined at and crash over a unrecognized host-key sshc.connect(cfg["server"],port=cfg["port"],username=cfg["ssh-user"],password=cfg["ssh-pw"]) - time.sleep(3) # Sleep 3 seconds, so that the ONT is initialized enough + time.sleep(3) # Sleep 3 seconds, because the ONT's sshd takes forever to start a shell. for command in shcommands: sshc.exec_command(command) - print(f'{command} was executed on the ONT') + log.info(f'{command} was executed on the ONT') - print("All commands were executed, now disconnecting...") + log.info("All commands were executed, now disconnecting...") sshc.close # close the connection. - # sshc.exec_command("chmod +x $HOME/payload.sh") # make it executable - # sshc.exec_command("./payload.sh") # and finally, run the payload. - - -while True: +def firstRun(): # Methods to run when starting the script initially. + log.debug("firstRun method started") + log.info("--iptables-deploy for Brazos WiFi ONTs--") + log.info("Co-authored by iRaven and IDeletedSystem64.") downloadLatestCommands() # Do this at first run commandList() # Break all the commands into a list healthcheck() # Run the health check for the first time + main() # Start the loop. - if healthstatus != "ok": - print("ONT is not responding!! Did we lose network connection, or is the ONT rebooting? waiting for ONT to respond, then deploying payload!") - healthpassing = False - while healthpassing == False: - print("Checking for a response...") - healthcheck() - - if healthstatus == "ok": - print("ONT responded after a fail, deploying payload!") - healthpassing == True - time.sleep(10) # Wait 10 seconds for the ONT to fully boot up and start sshd. - deploy() - break - else: - print("Got a response! health status is ok.") - print("Trying again in " + cfg["chkinterval"] + " seconds.") - time.sleep(int(cfg["chkinterval"])) # we will run this loop every X seconds, defined by checkinterval +def main(): # Main method to be looped. + while True: + healthcheck() # Run the health check + if healthstatus != "ok": + log.info("ONT is not responding- Waiting for a response, then deploying iptables commands!") + healthpassing = False + while healthpassing == False: + log.info("Checking for a response (pinging "+cfg["server"]+")...") + healthcheck() + if healthstatus == "ok": + log.warn("ONT responded after a fail, deploying payload!") + healthpassing == True + time.sleep(10) # Wait 10 seconds for the ONT to fully boot up and start sshd. + deploy() + log.info("ONT payload was deployed, resuming normal operations.") + break + else: + log.info("Got a response, the ONT is running and healthy.") + log.info("Trying again in " + cfg["chkinterval"] + " seconds.") + time.sleep(int(cfg["chkinterval"])) # we will run this loop every X seconds, defined by checkinterval + +firstRun() \ No newline at end of file