imperituroard 0.5.1 → 0.5.7

data/lib/imperituroard/projects/ukaz60/dns.rb

@@ -0,0 +1,18 @@
+
+
+class DnsUkaz60_2
+
+  attr_accessor :dns_login, :dns_password
+
+  def initialize(dns_login, dns_password)
+    @dns_login = dns_login
+    @dns_password = dns_password
+  end
+
+  def get_current_block_dns(dns_ip)
+
+
+
+  end
+
+end

data/lib/imperituroard/projects/{dns/ukaz60 → ukaz60}/dns_update.rb

@@ -54,6 +54,7 @@ class Ukaz60Dns_2
     @unblo = 0
   end
 
+=begin
 
 
   def gen_mem_script()
@@ -142,144 +143,11 @@ class Ukaz60Dns_2
   end
 
 
-  def dns_processe
-    a = "cruel world"
-    f = a.scan(/\w+/)
 
-    starttime = DateTime.now
-
-
-    comm = `curl -d "name=#{belgim_login}&pass=#{belgim_password}" -H "Content-Type: application/x-www-form-urlencoded" -X POST #{belgim_url}`
-
-    comm = comm.gsub!("\n","")
-
-#p comm
-
-#comm = comm.gsub!("\r","")
-
-#p comm
-
-    redns = /<dns>(.{1,100})dns>/
-    rednsurl = /<url>(.{1,100})url>/
-
-    m1 = comm.scan(redns)
-    m2 = []
-
-    f1 = comm.scan(rednsurl)
-    f2 =[]
-
-    results = {}
-
-    for i in m1
-      a1 = i[0]
-      elem = a1.gsub!("</","")
-
-      if elem.include? " "
-        elem = elem.gsub!(" ", "")
-      end
-
-
-      if elem.match(/а|б|в|г|д|е|ж|ё|Ё|з|и|й|к|л|м|н|о|п|р|с|т|у|ф|х|ц|ч|ш|щ|ь|ы|ъ|э|ю|я|А|Б|В|Г|Д|Е|Ж|З|И|Й|К|Л|М|Н|О|П|Р|С|Т|У|Ф|Х|Ц|Ч|Ш|Щ|Ь|Ы|Ъ|Э|Ю|Я/)
-        elem = SimpleIDN.to_ascii(elem)
-      end
-
-      p elem
-
-      if elem != "-"
-
-        m2.push(elem)
-
-        daaa = elem[0]+elem[1]+elem[2]+elem[3]
-
-        if daaa != "www."
-          m2.push("www."+elem)
-        end
-
-        if daaa == "www."
-          gar = elem[4..elem.length]
-          m2.push(gar)
-        end
-
-      end
-
-
-    end
-
-    p m2
-
-
-    for s in f1
-      a1 = s[0]
-
-
-      elem1 = a1.gsub!("</","")
-      elem2 =""
-
-      if elem1.include? "http://"
-        elem1.gsub!("http://", "")
-      end
-
-      if elem1.include? "http:/"
-        elem1.gsub!("http:/", "")
-      end
-
-
-      if elem1.include? "https://"
-        elem1.gsub!("https://", "")
-        if elem1.include?("/")
-          elem1=elem1.split("/")[0]
-        end
-      end
-
-      if elem1.include? " "
-        elem1 = elem1.gsub!(" ", "")
-      end
-
-      #p elem1
-
-      if elem1[elem1.size-1]=="/"
-        sss = elem1.size
-        elem1 = elem1[0..sss-2]
-      end
-
-      if !elem1.include? "/"
-        if elem1.match(/а|б|в|г|д|е|ж|ё|Ё|з|и|й|к|л|м|н|о|п|р|с|т|у|ф|х|ц|ч|ш|щ|ь|ы|ъ|э|ю|я|А|Б|В|Г|Д|Е|Ж|З|И|Й|К|Л|М|Н|О|П|Р|С|Т|У|Ф|Х|Ц|Ч|Ш|Щ|Ь|Ы|Ъ|Э|Ю|Я/)
-          elem1 = SimpleIDN.to_ascii(elem1)
-        end
-
-        if elem1 != "-" && elem1 != ""
-          m2.push(elem1)
-
-          p elem1
-
-
-          daaa2 = elem1[0]+elem1[1]+elem1[2]+elem1[3]
-
-          p daaa2
-
-
-
-
-          if daaa2 != "www."
-            m2.push("www."+elem1)
-          end
-
-          if daaa2 == "www."
-            gar1 = elem1[4..elem1.length]
-            m2.push(gar1)
-          end
-
-        end
-      end
-
-    end
-
-    m2 = m2.uniq
 
 
 
     stringnunblo = File.open('/scripts/ruby/dns/nonblocked.conf', 'r'){ |file| file.read }
-
     noblocked =  stringnunblo.split("\n")
 
     m2 = m2 - noblocked
@@ -400,12 +268,12 @@ class Ukaz60Dns_2
 
     telegram_messanger.telegram_message(results.to_s)
 
+=end
 
 #File.delete("blocked.conf") if File.exist?("blocked.conf")
 #File.delete("blocked_old.conf") if File.exist?("blocked_old.conf")
 #File.delete("add_bl_memory.sh") if File.exist?("add_bl_memory.sh")
 
-  end
 
 
 end

data/lib/imperituroard/projects/ukaz60/fortigate.rb

@@ -0,0 +1,187 @@
+require 'net/scp'
+require 'date'
+
+require 'imperituroard/projects/ukaz60/ukaz60_add_func'
+
+
+class FortiUkaz60_2
+
+  attr_accessor :ansible_tmp_folder,
+                :local_tmp_directory,
+                :ansible_ssh_user,
+                :ansible_ssh_password,
+                :ansible_host,
+                :add_func_connector,
+                :add_functions_full,
+                :url_backup_dir
+
+
+  def initialize(ansible_tmp_folder,
+                 local_tmp_directory,
+                 ansible_ssh_user,
+                 ansible_ssh_password,
+                 ansible_host,
+                 url_backup_dir)
+    @ansible_tmp_folder = ansible_tmp_folder
+    @local_tmp_directory = local_tmp_directory
+    @ansible_ssh_user = ansible_ssh_user
+    @ansible_ssh_password = ansible_ssh_password
+    @ansible_host = ansible_host
+    @add_func_connector = AddFuncUkaz60_2.new
+    @add_functions_full = LogAddFunctions_2.new
+    @url_backup_dir = url_backup_dir
+  end
+
+  #1 Function for upload data to ansible server
+  # Full ready
+  def upload_url(url_list)
+
+    input_data = {:url_list => url_list}
+    output_data = {}
+
+    begin
+
+      write_data = JSON.pretty_generate(url_list)
+
+      date_time = DateTime.now.to_s
+      add_date_name = date_time.gsub("+03:00", "").gsub("-", "_").gsub(":", "_")
+
+      local_url_file = "#{local_tmp_directory}/urls.json"
+      remote_url_file = "#{ansible_tmp_folder}/urls.json"
+      backup_url_file = "#{url_backup_dir}/urls_#{add_date_name}.json"
+
+      #create local file
+      gg = File.open(local_url_file, "w:UTF-8") {|f| f.write(write_data)}
+
+      #create backup
+      begin
+        gg1 = Net::SCP.upload!(ansible_host, ansible_ssh_user,
+                               local_url_file, backup_url_file,
+                               :ssh => {:password => ansible_ssh_password})
+      rescue
+        nil
+      end
+
+      #upload local file
+      gg1 = Net::SCP.upload!(ansible_host, ansible_ssh_user,
+                             local_url_file, remote_url_file,
+                             :ssh => {:password => ansible_ssh_password})
+
+      output_data = {:code => 200, :result => "upload_url: Data uploaded"}
+
+    rescue
+      output_data = {:code => 507, :result => "upload_url: Unknown SDK error"}
+    end
+    add_functions_full.printer_texter(output_data, "debug")
+    output_data
+  end
+
+
+  #2 function for process data to fortigate directly by ansible
+  # Full ready
+  def update_weburl_fortigate
+    output_data = {}
+    begin
+      command = "/bin/bash /scripts/temp_fortigate_url_upload.sh"
+      ansible_answer = ""
+      Net::SSH.start(ansible_host, ansible_ssh_user, :password => ansible_ssh_password) do |ssh|
+        ansible_answer = ssh.exec!(command)
+      end
+      p "ansible_answer: #{ansible_answer}"
+
+      #hh = "\nPLAY [ha_master] ***************************************************************\n\nTASK [set url table] ***********************************************************\nchanged: [gom32sg1]\nchanged: [bre32sg1]\nchanged: [min32sg1]\nchanged: [vit32sg1]\nchanged: [min32sg3]\nchanged: [gro32sg1]\nchanged: [mog32sg1]\n\nTASK [check current url table] *************************************************\nok: [min32sg1]\nok: [bre32sg1]\nok: [min32sg3]\nok: [vit32sg1]\nok: [gom32sg1]\nok: [gro32sg1]\nok: [mog32sg1]\n\nTASK [debug] *******************************************************************\nok: [min32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [min32sg3] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [bre32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [vit32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gom32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [gro32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\nok: [mog32sg1] => {\n    \"msg\": \"URL loaded/in-file: [1273 / 1273]\"\n}\n\nPLAY RECAP *********************************************************************\nbre32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \ngom32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \ngro32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmin32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmin32sg3                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nmog32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \nvit32sg1                   : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   \n\n"
+      answ_pr = add_func_connector.ansible_answer_parse(ansible_answer)
+      output_data = {:code => 200, :result => "update_weburl_fortigate: Request completed", :body => answ_pr}
+    rescue
+      output_data = {:code => 507, :result => "update_weburl_fortigate: Unknown SDK error"}
+    end
+    add_functions_full.printer_texter(output_data, "debug")
+    output_data
+  end
+
+  #3 Clean all temp files
+  # Full ready
+  def clean_tmp_folders
+    out_data = {}
+    folder = "#{ansible_tmp_folder}/"
+    path_to_local_file = "#{local_tmp_directory}/urls.json"
+    if folder != "/" && folder != "" && folder != nil && folder != "//" && folder.split("/").length > 2
+      begin
+        Net::SSH.start(ansible_host, ansible_ssh_user, :password => ansible_ssh_password) do |ssh|
+          comm_delete = "rm -rf #{folder}*"
+          result = ssh.exec!(comm_delete)
+        end
+        File.delete(path_to_local_file) if File.exist?(path_to_local_file)
+        out_data = {:code => 200, :result => "clean_tmp_folders: Cleared successfully"}
+      rescue
+        out_data = {:code => 500, :result => "clean_tmp_folders: ssh_failed"}
+      end
+    else
+      out_data = {:code => 404, :result => "clean_tmp_folders: invalid and danger temp path"}
+    end
+    add_functions_full.printer_texter(out_data, "debug")
+    out_data
+  end
+
+  #4 process belgim data parse function
+  # and do list for Fortigate upload
+  # Full ready
+  def prepare_url_config_fortigate(data_belgim)
+
+    to_fortigate = []
+    output_data = {}
+
+    begin
+
+      for ipv4 in data_belgim[:ipv4_parsed]
+        to_fortigate.push({
+                              "url" => ipv4,
+                              "action" => "block"
+                          })
+      end
+
+      for ipv6 in data_belgim[:ipv6_parsed]
+        to_fortigate.push({
+                              "url" => "[#{ipv6}]",
+                              "action" => "block"
+                          })
+      end
+
+      for dns in data_belgim[:domains_for_block]
+        to_fortigate.push({
+                              "url" => dns,
+                              "action" => "block"
+                          })
+      end
+
+      #for url in data_belgim[:url_for_block]
+      for url in data_belgim[:url_for_block]
+        format_url1 = add_func_connector.http_to_forti_prep(url)
+        to_fortigate.push({
+                              "url" => format_url1,
+                              "action" => "block"
+                          })
+      end
+
+      for https in data_belgim[:https_parsed]
+        format_url2 = add_func_connector.https_to_forti_prep(https)
+        to_fortigate.push({
+                              "url" => format_url2,
+                              "action" => "block"
+                          })
+      end
+
+      num_list = to_fortigate.length
+
+      output_data = {:code => 200, :result => "Request completed", :body => {:num_list => num_list,
+                                                                             :to_fortigate => to_fortigate}}
+    rescue
+      output_data = {:code => 507, :result => "Unknown error"}
+      p "ERROR !!! prepare_url_config_fortigate"
+    end
+    output_data
+  end
+
+
+end
+

data/lib/imperituroard/projects/ukaz60/staros.rb

@@ -0,0 +1,126 @@
+require 'net/ssh'
+
+require 'imperituroard/platforms/staros/get_data_ssh'
+
+
+class Ukaz60Staros_2
+
+  attr_accessor :staros_platform_get,
+                :ukaz60_http_groups,
+                :ukaz60_https_groups,
+                :staros_hosts
+
+  def initialize(star_login, star_password, ukaz60_http_groups, ukaz60_https_groups, staros_hosts)
+    @staros_platform_get = StarosGet_2.new(star_login, star_password)
+    @ukaz60_http_groups = ukaz60_http_groups
+    @ukaz60_https_groups = ukaz60_https_groups
+    @staros_hosts = staros_hosts
+  end
+
+
+  #get data from staros and return urls from staros
+  def get_data_staros(ip_staros)
+
+    input_data = {:ip_staros => ip_staros}
+    output_data = {}
+    ecs_name = ""
+    blocked_urls_http = []
+    blocked_urls_https = []
+
+    begin
+      ecs_config_json = staros_platform_get.get_all_active_charging(ip_staros)
+
+      if ecs_config_json[:code] == 200
+
+        #get ecs name
+        ecs_sss = ecs_config_json[:parsed_data]["config"]["active-charging service"][0]
+        ecs_sss.each do |hhh|
+          ecs_name = hhh[0]
+        end
+
+        regexp_ruldef = /add-ruledef priority \d+ ruledef (.+)/
+
+        #for http urls
+        begin
+          ukaz60_http_groups.each do |rule|
+            group_ruled_ukaz60 = ecs_config_json[:parsed_data]["config"]["active-charging service"][0][ecs_name]["group-of-ruledefs"][rule]
+
+            group_ruled_ukaz60.each do |gr_rul_str|
+              ruledef_name = gr_rul_str.match(regexp_ruldef)[1]
+              rdef_config = ecs_config_json[:parsed_data]["config"]["active-charging service"][0][ecs_name]["ruledef"][ruledef_name]
+              rdef_config.each do |g|
+                if g[0..15] == "www url contains"
+                  blocked_urls_http.push({:url => g.gsub("www url contains ", ""), :ruledef => ruledef_name, :gr_of_ruledefs => rule, :gr_rul_str => gr_rul_str})
+                end
+              end
+            end
+          end
+        rescue
+          blocked_urls_http.push("failed")
+        end
+
+        for https_rule in ukaz60_https_groups
+          group_rule_https = ecs_config_json[:parsed_data]["config"]["active-charging service"][0][ecs_name]["group-of-ruledefs"][https_rule]
+        end
+
+        output_data = {:code => 200, :result => "Success", :ecs_name => ecs_name, :blocked_urls_http => blocked_urls_http, :http_rules_num => blocked_urls_http.length}
+
+      else
+        output_data = ecs_config_json
+      end
+    rescue
+      output_data = {:code => 507, :result => "get_data_staros: Unknown SDK error"}
+    end
+    output_data
+    # Net::SSH.start("172.24.214.17", "starscript", :password => "$rfv3EDC") do |ssh|
+    #   staros_answer = ssh.exec!("show configuration active-charging service all")
+    #   p staros_answer
+    #
+    #   staros_answer = staros_answer.gsub("\n", "")
+    #
+    #   regexp_ukaz60_9 = /group-of-ruledefs Ukaz60-9_HTTP.+HTTP\s+#exit/
+    #   regexp_ukaz60_https = /group-of-ruledefs Ukaz60_HTTPS.+HTTPS\s+#exit/
+    #   regexp_ukaz60_7 = /group-of-ruledefs Ukaz60-7_HTTP.+HTTP\s+#exit/
+    #
+    #
+    #
+    #   group_ruled_ukaz60_9 = staros_answer.match(regexp_ukaz60_9)[0]
+    #   group_ruled_ukaz60_https = staros_answer.match(regexp_ukaz60_https)[0]
+    #   group_ruled_ukaz60_7 = staros_answer.match(regexp_ukaz60_7)[0]
+    #
+    #   p group_ruled_ukaz60_9
+    #   p group_ruled_ukaz60_https
+    #   p group_ruled_ukaz60_7
+    #
+    # end
+  end
+
+
+  #procedure for get data from all MPC
+  def get_all_staros_ukaz60
+
+    returned_data = {:mpc_data => [], :add_format => {}}
+    get_all_staros_ukaz60_1 = []
+
+    begin
+      staros_hosts.each do |ggsn|
+        get_all_staros_ukaz60_1 << Thread.new do
+          begin
+            mpc_data = self.get_data_staros(ggsn[1])
+            returned_data[:mpc_data].push({:code => 200, :result => "Success", :hostname => ggsn[0], :host_ip => ggsn[1], :body => mpc_data})
+            returned_data[:add_format][ggsn[0]] = mpc_data
+          rescue
+            returned_data[:mpc_data].push({:code => 507, :result => "Unknown thread error", :hostname => ggsn[0], :host_ip => ggsn[1], :body => {}})
+          end
+        end
+      end
+      get_all_staros_ukaz60_1.each(&:join)
+      returned_data[:code] = 200
+      returned_data[:result] = "get_all_staros_ukaz60: Success"
+    rescue
+      returned_data[:code] = 507
+      returned_data[:result] = "get_all_staros_ukaz60: Unknown SDK error"
+    end
+    returned_data
+  end
+end