imperituroard 0.5.1 → 0.5.7

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,18 @@
1
+
2
+
3
+ class DnsUkaz60_2
4
+
5
+ attr_accessor :dns_login, :dns_password
6
+
7
+ def initialize(dns_login, dns_password)
8
+ @dns_login = dns_login
9
+ @dns_password = dns_password
10
+ end
11
+
12
+ def get_current_block_dns(dns_ip)
13
+
14
+
15
+
16
+ end
17
+
18
+ end
@@ -54,6 +54,7 @@ class Ukaz60Dns_2
54
54
  @unblo = 0
55
55
  end
56
56
 
57
+ =begin
57
58
 
58
59
 
59
60
  def gen_mem_script()
@@ -142,144 +143,11 @@ class Ukaz60Dns_2
142
143
  end
143
144
 
144
145
 
145
- def dns_processe
146
- a = "cruel world"
147
- f = a.scan(/\w+/)
148
146
 
149
- starttime = DateTime.now
150
-
151
-
152
- comm = `curl -d "name=#{belgim_login}&pass=#{belgim_password}" -H "Content-Type: application/x-www-form-urlencoded" -X POST #{belgim_url}`
153
-
154
- comm = comm.gsub!("\n","")
155
-
156
- #p comm
157
-
158
- #comm = comm.gsub!("\r","")
159
-
160
- #p comm
161
-
162
- redns = /<dns>(.{1,100})dns>/
163
- rednsurl = /<url>(.{1,100})url>/
164
-
165
- m1 = comm.scan(redns)
166
- m2 = []
167
-
168
- f1 = comm.scan(rednsurl)
169
- f2 =[]
170
-
171
- results = {}
172
-
173
- for i in m1
174
- a1 = i[0]
175
- elem = a1.gsub!("</","")
176
-
177
- if elem.include? " "
178
- elem = elem.gsub!(" ", "")
179
- end
180
-
181
-
182
- if elem.match(/а|б|в|г|д|е|ж|ё|Ё|з|и|й|к|л|м|н|о|п|р|с|т|у|ф|х|ц|ч|ш|щ|ь|ы|ъ|э|ю|я|А|Б|В|Г|Д|Е|Ж|З|И|Й|К|Л|М|Н|О|П|Р|С|Т|У|Ф|Х|Ц|Ч|Ш|Щ|Ь|Ы|Ъ|Э|Ю|Я/)
183
- elem = SimpleIDN.to_ascii(elem)
184
- end
185
-
186
- p elem
187
-
188
- if elem != "-"
189
-
190
- m2.push(elem)
191
-
192
- daaa = elem[0]+elem[1]+elem[2]+elem[3]
193
-
194
- if daaa != "www."
195
- m2.push("www."+elem)
196
- end
197
-
198
- if daaa == "www."
199
- gar = elem[4..elem.length]
200
- m2.push(gar)
201
- end
202
-
203
- end
204
-
205
-
206
- end
207
-
208
- p m2
209
-
210
-
211
- for s in f1
212
- a1 = s[0]
213
-
214
-
215
- elem1 = a1.gsub!("</","")
216
- elem2 =""
217
-
218
- if elem1.include? "http://"
219
- elem1.gsub!("http://", "")
220
- end
221
-
222
- if elem1.include? "http:/"
223
- elem1.gsub!("http:/", "")
224
- end
225
-
226
-
227
- if elem1.include? "https://"
228
- elem1.gsub!("https://", "")
229
- if elem1.include?("/")
230
- elem1=elem1.split("/")[0]
231
- end
232
- end
233
-
234
- if elem1.include? " "
235
- elem1 = elem1.gsub!(" ", "")
236
- end
237
-
238
- #p elem1
239
-
240
- if elem1[elem1.size-1]=="/"
241
- sss = elem1.size
242
- elem1 = elem1[0..sss-2]
243
- end
244
-
245
- if !elem1.include? "/"
246
- if elem1.match(/а|б|в|г|д|е|ж|ё|Ё|з|и|й|к|л|м|н|о|п|р|с|т|у|ф|х|ц|ч|ш|щ|ь|ы|ъ|э|ю|я|А|Б|В|Г|Д|Е|Ж|З|И|Й|К|Л|М|Н|О|П|Р|С|Т|У|Ф|Х|Ц|Ч|Ш|Щ|Ь|Ы|Ъ|Э|Ю|Я/)
247
- elem1 = SimpleIDN.to_ascii(elem1)
248
- end
249
-
250
- if elem1 != "-" && elem1 != ""
251
- m2.push(elem1)
252
-
253
- p elem1
254
-
255
-
256
- daaa2 = elem1[0]+elem1[1]+elem1[2]+elem1[3]
257
-
258
- p daaa2
259
-
260
-
261
-
262
-
263
- if daaa2 != "www."
264
- m2.push("www."+elem1)
265
- end
266
-
267
- if daaa2 == "www."
268
- gar1 = elem1[4..elem1.length]
269
- m2.push(gar1)
270
- end
271
-
272
- end
273
- end
274
-
275
- end
276
-
277
- m2 = m2.uniq
278
147
 
279
148
 
280
149
 
281
150
  stringnunblo = File.open('/scripts/ruby/dns/nonblocked.conf', 'r'){ |file| file.read }
282
-
283
151
  noblocked = stringnunblo.split("\n")
284
152
 
285
153
  m2 = m2 - noblocked
@@ -400,12 +268,12 @@ class Ukaz60Dns_2
400
268
 
401
269
  telegram_messanger.telegram_message(results.to_s)
402
270
 
271
+ =end
403
272
 
404
273
  #File.delete("blocked.conf") if File.exist?("blocked.conf")
405
274
  #File.delete("blocked_old.conf") if File.exist?("blocked_old.conf")
406
275
  #File.delete("add_bl_memory.sh") if File.exist?("add_bl_memory.sh")
407
276
 
408
- end
409
277
 
410
278
 
411
279
  end
@@ -0,0 +1,187 @@
1
+ require 'net/scp'
2
+ require 'date'
3
+
4
+ require 'imperituroard/projects/ukaz60/ukaz60_add_func'
5
+
6
+
7
+ class FortiUkaz60_2
8
+
9
+ attr_accessor :ansible_tmp_folder,
10
+ :local_tmp_directory,
11
+ :ansible_ssh_user,
12
+ :ansible_ssh_password,
13
+ :ansible_host,
14
+ :add_func_connector,
15
+ :add_functions_full,
16
+ :url_backup_dir
17
+
18
+
19
+ def initialize(ansible_tmp_folder,
20
+ local_tmp_directory,
21
+ ansible_ssh_user,
22
+ ansible_ssh_password,
23
+ ansible_host,
24
+ url_backup_dir)
25
+ @ansible_tmp_folder = ansible_tmp_folder
26
+ @local_tmp_directory = local_tmp_directory
27
+ @ansible_ssh_user = ansible_ssh_user
28
+ @ansible_ssh_password = ansible_ssh_password
29
+ @ansible_host = ansible_host
30
+ @add_func_connector = AddFuncUkaz60_2.new
31
+ @add_functions_full = LogAddFunctions_2.new
32
+ @url_backup_dir = url_backup_dir
33
+ end
34
+
35
+ #1 Function for upload data to ansible server
36
+ # Full ready
37
+ def upload_url(url_list)
38
+
39
+ input_data = {:url_list => url_list}
40
+ output_data = {}
41
+
42
+ begin
43
+
44
+ write_data = JSON.pretty_generate(url_list)
45
+
46
+ date_time = DateTime.now.to_s
47
+ add_date_name = date_time.gsub("+03:00", "").gsub("-", "_").gsub(":", "_")
48
+
49
+ local_url_file = "#{local_tmp_directory}/urls.json"
50
+ remote_url_file = "#{ansible_tmp_folder}/urls.json"
51
+ backup_url_file = "#{url_backup_dir}/urls_#{add_date_name}.json"
52
+
53
+ #create local file
54
+ gg = File.open(local_url_file, "w:UTF-8") {|f| f.write(write_data)}
55
+
56
+ #create backup
57
+ begin
58
+ gg1 = Net::SCP.upload!(ansible_host, ansible_ssh_user,
59
+ local_url_file, backup_url_file,
60
+ :ssh => {:password => ansible_ssh_password})
61
+ rescue
62
+ nil
63
+ end
64
+
65
+ #upload local file
66
+ gg1 = Net::SCP.upload!(ansible_host, ansible_ssh_user,
67
+ local_url_file, remote_url_file,
68
+ :ssh => {:password => ansible_ssh_password})
69
+
70
+ output_data = {:code => 200, :result => "upload_url: Data uploaded"}
71
+
72
+ rescue
73
+ output_data = {:code => 507, :result => "upload_url: Unknown SDK error"}
74
+ end
75
+ add_functions_full.printer_texter(output_data, "debug")
76
+ output_data
77
+ end
78
+
79
+
80
+ #2 function for process data to fortigate directly by ansible
81
+ # Full ready
82
+ def update_weburl_fortigate
83
+ output_data = {}
84
+ begin
85
+ command = "/bin/bash /scripts/temp_fortigate_url_upload.sh"
86
+ ansible_answer = ""
87
+ Net::SSH.start(ansible_host, ansible_ssh_user, :password => ansible_ssh_password) do |ssh|
88
+ ansible_answer = ssh.exec!(command)
89
+ end
90
+ p "ansible_answer: #{ansible_answer}"
91
+
92
+ #hh = "\nPLAY [ha_master] ***************************************************************\n\nTASK [set url table] ***********************************************************\nchanged: [gom32sg1]\nchanged: [bre32sg1]\nchanged: [min32sg1]\nchanged: [vit32sg1]\nchanged: [min32sg3]\nchanged: [gro32sg1]\nchanged: [mog32sg1]\n\nTASK [check current url table] *************************************************\nok: [min32sg1]\nok: [bre32sg1]\nok: [min32sg3]\nok: [vit32sg1]\nok: [gom32sg1]\nok: [gro32sg1]\nok: [mog32sg1]\n\nTASK [debug] *******************************************************************\nok: [min32sg1] => {\n \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [min32sg3] => {\n \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [bre32sg1] => {\n \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [vit32sg1] => {\n \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gom32sg1] => {\n \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gro32sg1] => {\n \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [mog32sg1] => {\n \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\n\nPLAY RECAP *********************************************************************\nbre32sg1 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 \ngom32sg1 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 \ngro32sg1 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 \nmin32sg1 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 \nmin32sg3 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 \nmog32sg1 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 \nvit32sg1 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 \n\n"
93
+ answ_pr = add_func_connector.ansible_answer_parse(ansible_answer)
94
+ output_data = {:code => 200, :result => "update_weburl_fortigate: Request completed", :body => answ_pr}
95
+ rescue
96
+ output_data = {:code => 507, :result => "update_weburl_fortigate: Unknown SDK error"}
97
+ end
98
+ add_functions_full.printer_texter(output_data, "debug")
99
+ output_data
100
+ end
101
+
102
+ #3 Clean all temp files
103
+ # Full ready
104
+ def clean_tmp_folders
105
+ out_data = {}
106
+ folder = "#{ansible_tmp_folder}/"
107
+ path_to_local_file = "#{local_tmp_directory}/urls.json"
108
+ if folder != "/" && folder != "" && folder != nil && folder != "//" && folder.split("/").length > 2
109
+ begin
110
+ Net::SSH.start(ansible_host, ansible_ssh_user, :password => ansible_ssh_password) do |ssh|
111
+ comm_delete = "rm -rf #{folder}*"
112
+ result = ssh.exec!(comm_delete)
113
+ end
114
+ File.delete(path_to_local_file) if File.exist?(path_to_local_file)
115
+ out_data = {:code => 200, :result => "clean_tmp_folders: Cleared successfully"}
116
+ rescue
117
+ out_data = {:code => 500, :result => "clean_tmp_folders: ssh_failed"}
118
+ end
119
+ else
120
+ out_data = {:code => 404, :result => "clean_tmp_folders: invalid and danger temp path"}
121
+ end
122
+ add_functions_full.printer_texter(out_data, "debug")
123
+ out_data
124
+ end
125
+
126
+ #4 process belgim data parse function
127
+ # and do list for Fortigate upload
128
+ # Full ready
129
+ def prepare_url_config_fortigate(data_belgim)
130
+
131
+ to_fortigate = []
132
+ output_data = {}
133
+
134
+ begin
135
+
136
+ for ipv4 in data_belgim[:ipv4_parsed]
137
+ to_fortigate.push({
138
+ "url" => ipv4,
139
+ "action" => "block"
140
+ })
141
+ end
142
+
143
+ for ipv6 in data_belgim[:ipv6_parsed]
144
+ to_fortigate.push({
145
+ "url" => "[#{ipv6}]",
146
+ "action" => "block"
147
+ })
148
+ end
149
+
150
+ for dns in data_belgim[:domains_for_block]
151
+ to_fortigate.push({
152
+ "url" => dns,
153
+ "action" => "block"
154
+ })
155
+ end
156
+
157
+ #for url in data_belgim[:url_for_block]
158
+ for url in data_belgim[:url_for_block]
159
+ format_url1 = add_func_connector.http_to_forti_prep(url)
160
+ to_fortigate.push({
161
+ "url" => format_url1,
162
+ "action" => "block"
163
+ })
164
+ end
165
+
166
+ for https in data_belgim[:https_parsed]
167
+ format_url2 = add_func_connector.https_to_forti_prep(https)
168
+ to_fortigate.push({
169
+ "url" => format_url2,
170
+ "action" => "block"
171
+ })
172
+ end
173
+
174
+ num_list = to_fortigate.length
175
+
176
+ output_data = {:code => 200, :result => "Request completed", :body => {:num_list => num_list,
177
+ :to_fortigate => to_fortigate}}
178
+ rescue
179
+ output_data = {:code => 507, :result => "Unknown error"}
180
+ p "ERROR !!! prepare_url_config_fortigate"
181
+ end
182
+ output_data
183
+ end
184
+
185
+
186
+ end
187
+
@@ -0,0 +1,126 @@
1
+ require 'net/ssh'
2
+
3
+ require 'imperituroard/platforms/staros/get_data_ssh'
4
+
5
+
6
+ class Ukaz60Staros_2
7
+
8
+ attr_accessor :staros_platform_get,
9
+ :ukaz60_http_groups,
10
+ :ukaz60_https_groups,
11
+ :staros_hosts
12
+
13
+ def initialize(star_login, star_password, ukaz60_http_groups, ukaz60_https_groups, staros_hosts)
14
+ @staros_platform_get = StarosGet_2.new(star_login, star_password)
15
+ @ukaz60_http_groups = ukaz60_http_groups
16
+ @ukaz60_https_groups = ukaz60_https_groups
17
+ @staros_hosts = staros_hosts
18
+ end
19
+
20
+
21
+ #get data from staros and return urls from staros
22
+ def get_data_staros(ip_staros)
23
+
24
+ input_data = {:ip_staros => ip_staros}
25
+ output_data = {}
26
+ ecs_name = ""
27
+ blocked_urls_http = []
28
+ blocked_urls_https = []
29
+
30
+ begin
31
+ ecs_config_json = staros_platform_get.get_all_active_charging(ip_staros)
32
+
33
+ if ecs_config_json[:code] == 200
34
+
35
+ #get ecs name
36
+ ecs_sss = ecs_config_json[:parsed_data]["config"]["active-charging service"][0]
37
+ ecs_sss.each do |hhh|
38
+ ecs_name = hhh[0]
39
+ end
40
+
41
+ regexp_ruldef = /add-ruledef priority \d+ ruledef (.+)/
42
+
43
+ #for http urls
44
+ begin
45
+ ukaz60_http_groups.each do |rule|
46
+ group_ruled_ukaz60 = ecs_config_json[:parsed_data]["config"]["active-charging service"][0][ecs_name]["group-of-ruledefs"][rule]
47
+
48
+ group_ruled_ukaz60.each do |gr_rul_str|
49
+ ruledef_name = gr_rul_str.match(regexp_ruldef)[1]
50
+ rdef_config = ecs_config_json[:parsed_data]["config"]["active-charging service"][0][ecs_name]["ruledef"][ruledef_name]
51
+ rdef_config.each do |g|
52
+ if g[0..15] == "www url contains"
53
+ blocked_urls_http.push({:url => g.gsub("www url contains ", ""), :ruledef => ruledef_name, :gr_of_ruledefs => rule, :gr_rul_str => gr_rul_str})
54
+ end
55
+ end
56
+ end
57
+ end
58
+ rescue
59
+ blocked_urls_http.push("failed")
60
+ end
61
+
62
+ for https_rule in ukaz60_https_groups
63
+ group_rule_https = ecs_config_json[:parsed_data]["config"]["active-charging service"][0][ecs_name]["group-of-ruledefs"][https_rule]
64
+ end
65
+
66
+ output_data = {:code => 200, :result => "Success", :ecs_name => ecs_name, :blocked_urls_http => blocked_urls_http, :http_rules_num => blocked_urls_http.length}
67
+
68
+ else
69
+ output_data = ecs_config_json
70
+ end
71
+ rescue
72
+ output_data = {:code => 507, :result => "get_data_staros: Unknown SDK error"}
73
+ end
74
+ output_data
75
+ # Net::SSH.start("172.24.214.17", "starscript", :password => "$rfv3EDC") do |ssh|
76
+ # staros_answer = ssh.exec!("show configuration active-charging service all")
77
+ # p staros_answer
78
+ #
79
+ # staros_answer = staros_answer.gsub("\n", "")
80
+ #
81
+ # regexp_ukaz60_9 = /group-of-ruledefs Ukaz60-9_HTTP.+HTTP\s+#exit/
82
+ # regexp_ukaz60_https = /group-of-ruledefs Ukaz60_HTTPS.+HTTPS\s+#exit/
83
+ # regexp_ukaz60_7 = /group-of-ruledefs Ukaz60-7_HTTP.+HTTP\s+#exit/
84
+ #
85
+ #
86
+ #
87
+ # group_ruled_ukaz60_9 = staros_answer.match(regexp_ukaz60_9)[0]
88
+ # group_ruled_ukaz60_https = staros_answer.match(regexp_ukaz60_https)[0]
89
+ # group_ruled_ukaz60_7 = staros_answer.match(regexp_ukaz60_7)[0]
90
+ #
91
+ # p group_ruled_ukaz60_9
92
+ # p group_ruled_ukaz60_https
93
+ # p group_ruled_ukaz60_7
94
+ #
95
+ # end
96
+ end
97
+
98
+
99
+ #procedure for get data from all MPC
100
+ def get_all_staros_ukaz60
101
+
102
+ returned_data = {:mpc_data => [], :add_format => {}}
103
+ get_all_staros_ukaz60_1 = []
104
+
105
+ begin
106
+ staros_hosts.each do |ggsn|
107
+ get_all_staros_ukaz60_1 << Thread.new do
108
+ begin
109
+ mpc_data = self.get_data_staros(ggsn[1])
110
+ returned_data[:mpc_data].push({:code => 200, :result => "Success", :hostname => ggsn[0], :host_ip => ggsn[1], :body => mpc_data})
111
+ returned_data[:add_format][ggsn[0]] = mpc_data
112
+ rescue
113
+ returned_data[:mpc_data].push({:code => 507, :result => "Unknown thread error", :hostname => ggsn[0], :host_ip => ggsn[1], :body => {}})
114
+ end
115
+ end
116
+ end
117
+ get_all_staros_ukaz60_1.each(&:join)
118
+ returned_data[:code] = 200
119
+ returned_data[:result] = "get_all_staros_ukaz60: Success"
120
+ rescue
121
+ returned_data[:code] = 507
122
+ returned_data[:result] = "get_all_staros_ukaz60: Unknown SDK error"
123
+ end
124
+ returned_data
125
+ end
126
+ end