| #!/usr/bin/env python3 |
| # -*- coding: utf-8 -*- |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| ######################################################################## |
| # OPENAPI-URI: /api/myrules |
| ######################################################################## |
| # put: |
| # requestBody: |
| # content: |
| # application/json: |
| # schema: |
| # $ref: '#/components/schemas/IPTables' |
| # description: iptables ruleset blob |
| # required: true |
| # responses: |
| # '200': |
| # content: |
| # application/json: |
| # schema: |
| # $ref: '#/components/schemas/ActionCompleted' |
| # description: iptables entries updatd |
| # default: |
| # content: |
| # application/json: |
| # schema: |
| # $ref: '#/components/schemas/Error' |
| # description: unexpected error |
| # summary: Set a host's iptables list |
| # |
| ######################################################################## |
| |
| |
| |
| |
| |
| """ |
| This is the iptables list handler for Blocky/2 |
| """ |
| |
| import json |
| import re |
| import time |
| import bcrypt |
| import hashlib |
| import plugins.worker |
| |
| # Cached vars |
| BANLIST = [] |
| BAN_TS = 0 |
| BAN_CACHE_TIME = 30 |
| |
| def run(API, environ, indata, session): |
| global BANLIST, BAN_TS |
| method = environ['REQUEST_METHOD'] |
| |
| # Adding a new entry? |
| if method == "PUT": |
| rules = indata.get('iptables') |
| hostname = indata.get('hostname') |
| if hostname and type(rules) is list: #just in case! |
| print("Got %u rules from %s" % (len(rules), hostname)) |
| iid = plugins.worker.make_sha1(hostname) |
| ipdoc = { |
| 'hostname': hostname, |
| 'updated': int(time.time()), |
| 'iptables': rules, |
| } |
| session.DB.ES.index(index=session.DB.dbname, doc_type = 'iptables', id = iid, body = ipdoc) |
| yield json.dumps({"message": "Iptables updated"}) |
| return |
| |
| # Finally, if we hit a method we don't know, balk! |
| yield API.exception(400, "I don't know this request method!!") |