forked from IDeletedSystem64/iptables-deploy
Added log level, changed comments, redefined methods
This commit is contained in:
parent
82b63a6fe3
commit
bcc2e54da6
@ -1,4 +1,5 @@
|
|||||||
{
|
{
|
||||||
|
"loglevel": "",
|
||||||
"chkinterval": "",
|
"chkinterval": "",
|
||||||
"filepath": "",
|
"filepath": "",
|
||||||
"srcurl": "",
|
"srcurl": "",
|
||||||
|
|||||||
109
deploy.py
109
deploy.py
@ -3,79 +3,108 @@ import json
|
|||||||
import os
|
import os
|
||||||
import time # i need time to get this done
|
import time # i need time to get this done
|
||||||
import requests # for getting the commands to run on client
|
import requests # for getting the commands to run on client
|
||||||
|
import logging
|
||||||
|
|
||||||
# import modules
|
# Open the config file and make it accessible via "cfg"
|
||||||
|
|
||||||
with open("conf.json", "r") as file:
|
with open("conf.json", "r") as file:
|
||||||
cfg = json.load(file)
|
cfg = json.load(file)
|
||||||
# open the config file and make it accessible via "cfg"
|
|
||||||
|
|
||||||
|
# set our variables
|
||||||
sshc = paramiko.client.SSHClient()
|
sshc = paramiko.client.SSHClient()
|
||||||
healthstatus = "" # possible values: "ok", "err"
|
healthstatus = "" # possible values: "ok", "err"
|
||||||
healthpassing = True
|
healthpassing = True
|
||||||
shcommands = []
|
shcommands = []
|
||||||
# set our variables
|
|
||||||
|
|
||||||
def healthcheck():
|
# Configure logging
|
||||||
|
logging.basicConfig(format='%(asctime)s %(levelname)s %(message)s')
|
||||||
|
log = logging.getLogger()
|
||||||
|
try:
|
||||||
|
if cfg["loglevel"] == "debug":
|
||||||
|
log.setLevel(logging.DEBUG)
|
||||||
|
else:
|
||||||
|
log.setLevel(logging.INFO)
|
||||||
|
except KeyError:
|
||||||
|
log.setLevel(logging.INFO)
|
||||||
|
log.debug("Logger was initialized")
|
||||||
|
|
||||||
|
def healthcheck(): # Uses os.system to ping the ONT to check for responses/status.
|
||||||
global healthstatus
|
global healthstatus
|
||||||
response = ""
|
response = ""
|
||||||
if cfg["os"] == "win":
|
if cfg["os"] == "win":
|
||||||
response = os.system("ping -n 2 " + cfg["server"])
|
response = os.system("ping -n 2 " + cfg["server"]+ "> nul")
|
||||||
else:
|
else:
|
||||||
response = os.system("ping -c 2 " + cfg["server"] + ">> /dev/null")
|
response = os.system("ping -c 2 " + cfg["server"] + ">> /dev/null")
|
||||||
if response != 0:
|
if response != 0:
|
||||||
|
log.debug("healthstatus set to err!")
|
||||||
healthstatus = "err"
|
healthstatus = "err"
|
||||||
else:
|
else:
|
||||||
|
log.debug("healthstatus set to ok!")
|
||||||
healthstatus = "ok"
|
healthstatus = "ok"
|
||||||
|
|
||||||
def downloadLatestCommands():
|
def downloadLatestCommands(): # If the "srcurl" attribute in the configuration is set, downloads the latest iptables commands to be run on the ONT from another server using HTTP.
|
||||||
r = requests.get(cfg['srcurl'])
|
try:
|
||||||
open(cfg["filepath"], 'wb').write(r.content)
|
r = requests.get(cfg['srcurl'])
|
||||||
|
open(cfg["filepath"], 'wb').write(r.content)
|
||||||
|
commandList() # Run this here instead of seperately if this method is used.
|
||||||
|
except:
|
||||||
|
if os.path.exists(cfg["filepath"]):
|
||||||
|
log.warning("The latest commands could not be retrieved, however a copy of the commands was saved previously, which will be used.")
|
||||||
|
else:
|
||||||
|
log.error("The latest commands could not be retrieved, and no previous copy is saved on the system.")
|
||||||
|
log.debug("The commandList method will also fail!")
|
||||||
|
|
||||||
def commandList():
|
def commandList(): # Opens the file defined by the configuration's "filepath" variable and splits the commands into a parseable list with every new line (\n).
|
||||||
global shcommands
|
global shcommands
|
||||||
cmdtxt = open(cfg["filepath"], "r")
|
if os.path.exists(cfg["filepath"]):
|
||||||
cmddata = cmdtxt.read()
|
cmdtxt = open(cfg["filepath"], "r")
|
||||||
shcommands = cmddata.split("\n")
|
cmddata = cmdtxt.read()
|
||||||
cmdtxt.close()
|
shcommands = cmddata.split("\n")
|
||||||
|
cmdtxt.close()
|
||||||
|
else:
|
||||||
|
log.error("The commands to be run on the ONT could not be split into a list, as no previous copy is saved on the system.")
|
||||||
|
|
||||||
def deploy():
|
def deploy():
|
||||||
downloadLatestCommands()
|
downloadLatestCommands()
|
||||||
sshc.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # so we don't get whined at and crash over a unrecognized host-key
|
sshc.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # so we don't get whined at and crash over a unrecognized host-key
|
||||||
sshc.connect(cfg["server"],port=cfg["port"],username=cfg["ssh-user"],password=cfg["ssh-pw"])
|
sshc.connect(cfg["server"],port=cfg["port"],username=cfg["ssh-user"],password=cfg["ssh-pw"])
|
||||||
|
|
||||||
time.sleep(3) # Sleep 3 seconds, so that the ONT is initialized enough
|
time.sleep(3) # Sleep 3 seconds, because the ONT's sshd takes forever to start a shell.
|
||||||
|
|
||||||
for command in shcommands:
|
for command in shcommands:
|
||||||
sshc.exec_command(command)
|
sshc.exec_command(command)
|
||||||
print(f'{command} was executed on the ONT')
|
log.info(f'{command} was executed on the ONT')
|
||||||
|
|
||||||
print("All commands were executed, now disconnecting...")
|
log.info("All commands were executed, now disconnecting...")
|
||||||
sshc.close # close the connection.
|
sshc.close # close the connection.
|
||||||
|
|
||||||
# sshc.exec_command("chmod +x $HOME/payload.sh") # make it executable
|
def firstRun(): # Methods to run when starting the script initially.
|
||||||
# sshc.exec_command("./payload.sh") # and finally, run the payload.
|
log.debug("firstRun method started")
|
||||||
|
log.info("--iptables-deploy for Brazos WiFi ONTs--")
|
||||||
|
log.info("Co-authored by iRaven and IDeletedSystem64.")
|
||||||
while True:
|
|
||||||
downloadLatestCommands() # Do this at first run
|
downloadLatestCommands() # Do this at first run
|
||||||
commandList() # Break all the commands into a list
|
commandList() # Break all the commands into a list
|
||||||
healthcheck() # Run the health check for the first time
|
healthcheck() # Run the health check for the first time
|
||||||
|
main() # Start the loop.
|
||||||
|
|
||||||
if healthstatus != "ok":
|
def main(): # Main method to be looped.
|
||||||
print("ONT is not responding!! Did we lose network connection, or is the ONT rebooting? waiting for ONT to respond, then deploying payload!")
|
while True:
|
||||||
healthpassing = False
|
healthcheck() # Run the health check
|
||||||
while healthpassing == False:
|
if healthstatus != "ok":
|
||||||
print("Checking for a response...")
|
log.info("ONT is not responding- Waiting for a response, then deploying iptables commands!")
|
||||||
healthcheck()
|
healthpassing = False
|
||||||
|
while healthpassing == False:
|
||||||
if healthstatus == "ok":
|
log.info("Checking for a response (pinging "+cfg["server"]+")...")
|
||||||
print("ONT responded after a fail, deploying payload!")
|
healthcheck()
|
||||||
healthpassing == True
|
if healthstatus == "ok":
|
||||||
time.sleep(10) # Wait 10 seconds for the ONT to fully boot up and start sshd.
|
log.warn("ONT responded after a fail, deploying payload!")
|
||||||
deploy()
|
healthpassing == True
|
||||||
break
|
time.sleep(10) # Wait 10 seconds for the ONT to fully boot up and start sshd.
|
||||||
else:
|
deploy()
|
||||||
print("Got a response! health status is ok.")
|
log.info("ONT payload was deployed, resuming normal operations.")
|
||||||
print("Trying again in " + cfg["chkinterval"] + " seconds.")
|
break
|
||||||
time.sleep(int(cfg["chkinterval"])) # we will run this loop every X seconds, defined by checkinterval
|
else:
|
||||||
|
log.info("Got a response, the ONT is running and healthy.")
|
||||||
|
log.info("Trying again in " + cfg["chkinterval"] + " seconds.")
|
||||||
|
time.sleep(int(cfg["chkinterval"])) # we will run this loop every X seconds, defined by checkinterval
|
||||||
|
|
||||||
|
firstRun()
|
||||||
Loading…
x
Reference in New Issue
Block a user