2018-08-10 23:29:10 +05:00
|
|
|
#!/usr/local/CyberCP/bin/python2
|
2018-08-06 02:01:09 +05:00
|
|
|
import CyberCPLogFileWriter as logging
|
|
|
|
|
import subprocess
|
|
|
|
|
import shlex
|
|
|
|
|
import argparse
|
|
|
|
|
from virtualHostUtilities import virtualHostUtilities
|
|
|
|
|
import os
|
|
|
|
|
import tarfile
|
|
|
|
|
import shutil
|
|
|
|
|
from mailUtilities import mailUtilities
|
2018-08-10 23:29:10 +05:00
|
|
|
import threading as multi
|
2019-03-21 23:26:42 +05:00
|
|
|
from plogical.processUtilities import ProcessUtilities
|
2018-08-06 02:01:09 +05:00
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
class CSF(multi.Thread):
|
2018-08-06 02:01:09 +05:00
|
|
|
installLogPath = "/home/cyberpanel/csfInstallLog"
|
|
|
|
|
csfURL = 'https://download.configserver.com/csf.tgz'
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
def __init__(self, installApp, extraArgs):
|
|
|
|
|
multi.Thread.__init__(self)
|
|
|
|
|
self.installApp = installApp
|
|
|
|
|
self.extraArgs = extraArgs
|
|
|
|
|
|
|
|
|
|
def run(self):
|
2018-08-06 02:01:09 +05:00
|
|
|
try:
|
2018-08-10 23:29:10 +05:00
|
|
|
if self.installApp == 'installCSF':
|
|
|
|
|
self.installCSF()
|
|
|
|
|
elif self.installApp == 'removeCSF':
|
|
|
|
|
self.removeCSF()
|
|
|
|
|
except BaseException, msg:
|
|
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + ' [CSF.run]')
|
2018-08-06 02:01:09 +05:00
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
def installCSF(self):
|
|
|
|
|
try:
|
2018-08-06 02:01:09 +05:00
|
|
|
##
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
command = 'wget ' + CSF.csfURL
|
2018-08-06 02:01:09 +05:00
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
with open(CSF.installLogPath, 'a') as f:
|
|
|
|
|
subprocess.call(cmd, stdout=f)
|
2018-08-06 02:01:09 +05:00
|
|
|
|
|
|
|
|
##
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
command = 'tar -xzf csf.tgz'
|
2018-08-06 02:01:09 +05:00
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
with open(CSF.installLogPath, 'a') as f:
|
2018-08-06 02:01:09 +05:00
|
|
|
res = subprocess.call(cmd, stdout=f)
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
os.chdir('csf')
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
command = './install.sh'
|
2018-08-06 02:01:09 +05:00
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
with open(CSF.installLogPath, 'a') as f:
|
2018-08-06 02:01:09 +05:00
|
|
|
res = subprocess.call(cmd, stdout=f)
|
|
|
|
|
|
|
|
|
|
os.chdir('/usr/local/CyberCP')
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
## Some initial configurations
|
|
|
|
|
|
|
|
|
|
data = open('/etc/csf/csf.conf', 'r').readlines()
|
|
|
|
|
writeToConf = open('/etc/csf/csf.conf', 'w')
|
|
|
|
|
|
|
|
|
|
for items in data:
|
|
|
|
|
if items.find('TCP_IN') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToConf.writelines('TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,8090,40110:40210"\n')
|
|
|
|
|
elif items.find('TCP_OUT') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToConf.writelines('TCP_OUT = "20,21,22,25,53,80,110,113,443,587,993,995,8090,40110:40210"\n')
|
|
|
|
|
elif items.find('UDP_IN') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToConf.writelines('UDP_IN = "20,21,53"\n')
|
|
|
|
|
elif items.find('UDP_OUT') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToConf.writelines('UDP_OUT = "20,21,53,113,123"\n')
|
|
|
|
|
else:
|
|
|
|
|
writeToConf.writelines(items)
|
|
|
|
|
|
|
|
|
|
writeToConf.close()
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
command = 'csf -s'
|
|
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
|
|
|
|
with open(CSF.installLogPath, 'a') as f:
|
|
|
|
|
subprocess.call(cmd, stdout=f)
|
|
|
|
|
|
|
|
|
|
|
2018-08-06 02:01:09 +05:00
|
|
|
writeToFile = open(CSF.installLogPath, 'a')
|
|
|
|
|
writeToFile.writelines("CSF successfully Installed.[200]\n")
|
|
|
|
|
writeToFile.close()
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
os.remove('csf.tgz')
|
|
|
|
|
os.removedirs('csf')
|
2018-08-06 02:01:09 +05:00
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
return 1
|
|
|
|
|
except BaseException, msg:
|
|
|
|
|
os.remove('csf.tgz')
|
|
|
|
|
os.removedirs('csf')
|
|
|
|
|
writeToFile = open(CSF.installLogPath, 'a')
|
|
|
|
|
writeToFile.writelines(str(msg) + " [404]")
|
|
|
|
|
writeToFile.close()
|
|
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[installCSF]")
|
|
|
|
|
|
|
|
|
|
def removeCSF(self):
|
|
|
|
|
try:
|
|
|
|
|
|
|
|
|
|
##
|
2018-10-12 18:18:10 +05:00
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
os.chdir('/etc/csf')
|
|
|
|
|
|
|
|
|
|
command = './uninstall.sh'
|
2018-08-06 02:01:09 +05:00
|
|
|
cmd = shlex.split(command)
|
2018-08-10 23:29:10 +05:00
|
|
|
subprocess.call(cmd)
|
|
|
|
|
|
|
|
|
|
os.chdir('/usr/local/CyberCP')
|
|
|
|
|
|
|
|
|
|
#
|
2018-08-06 02:01:09 +05:00
|
|
|
|
2018-10-12 18:18:10 +05:00
|
|
|
command = 'systemctl unmask firewalld'
|
|
|
|
|
subprocess.call(shlex.split(command))
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
command = 'systemctl start firewalld'
|
|
|
|
|
subprocess.call(shlex.split(command))
|
|
|
|
|
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
command = 'systemctl enable firewalld'
|
|
|
|
|
subprocess.call(shlex.split(command))
|
|
|
|
|
|
2018-08-06 02:01:09 +05:00
|
|
|
return 1
|
|
|
|
|
except BaseException, msg:
|
2018-08-10 23:29:10 +05:00
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[removeCSF]")
|
2018-08-06 02:01:09 +05:00
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
@staticmethod
|
|
|
|
|
def fetchCSFSettings():
|
|
|
|
|
try:
|
|
|
|
|
|
|
|
|
|
currentSettings = {}
|
|
|
|
|
|
|
|
|
|
command = 'sudo cat /etc/csf/csf.conf'
|
2019-03-26 16:19:03 +05:00
|
|
|
output = ProcessUtilities.outputExecutioner(command).splitlines()
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
for items in output:
|
|
|
|
|
if items.find('TESTING') > -1 and items.find('=') > -1 and (items[0]!= '#') and items.find('TESTING_INTERVAL') == -1:
|
|
|
|
|
if items.find('0') > -1:
|
|
|
|
|
currentSettings['TESTING'] = 0
|
|
|
|
|
else:
|
|
|
|
|
currentSettings['TESTING'] = 1
|
|
|
|
|
elif items.find('TCP_IN') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
tcpIN = items[items.find('"'):]
|
|
|
|
|
currentSettings['tcpIN'] = tcpIN.strip('"')
|
|
|
|
|
elif items.find('TCP_OUT') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
tcpOUT = items[items.find('"'):]
|
|
|
|
|
currentSettings['tcpOUT'] = tcpOUT.strip('"')
|
|
|
|
|
elif items.find('UDP_IN') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
udpIN = items[items.find('"'):]
|
|
|
|
|
currentSettings['udpIN'] = udpIN.strip('"')
|
|
|
|
|
elif items.find('UDP_OUT') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
udpOUT = items[items.find('"'):]
|
|
|
|
|
currentSettings['udpOUT'] = udpOUT.strip('"')
|
2018-08-06 02:01:09 +05:00
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
### Check if rules are applied
|
|
|
|
|
|
|
|
|
|
currentSettings['firewallStatus'] = 0
|
|
|
|
|
|
|
|
|
|
command = 'sudo iptables -nv -L'
|
2019-03-26 16:19:03 +05:00
|
|
|
output = ProcessUtilities.outputExecutioner(command)
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
if output.find('0.0.0.0/0') > -1:
|
|
|
|
|
currentSettings['firewallStatus'] = 1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return currentSettings
|
|
|
|
|
|
|
|
|
|
except BaseException, msg:
|
2018-12-20 16:18:16 +05:00
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [fetchCSFSettings]")
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
|
def changeStatus(controller, status):
|
|
|
|
|
try:
|
|
|
|
|
if controller == 'csf':
|
|
|
|
|
if status == 'enable':
|
|
|
|
|
command = 'csf -s'
|
|
|
|
|
subprocess.call(shlex.split(command))
|
|
|
|
|
print '1,None'
|
|
|
|
|
else:
|
|
|
|
|
command = 'csf -f'
|
|
|
|
|
subprocess.call(shlex.split(command))
|
|
|
|
|
print '1,None'
|
|
|
|
|
|
|
|
|
|
elif controller == 'testingMode':
|
|
|
|
|
data = open('/etc/csf/csf.conf', 'r').readlines()
|
|
|
|
|
writeToFile = open('/etc/csf/csf.conf', 'w')
|
|
|
|
|
|
|
|
|
|
for items in data:
|
|
|
|
|
if items.find('TESTING') > -1 and items.find('=') > -1 and (items[0] != '#') and items.find(
|
|
|
|
|
'TESTING_INTERVAL') == -1:
|
|
|
|
|
if status == 'enable':
|
|
|
|
|
writeToFile.writelines('TESTING = "1"\n')
|
|
|
|
|
else:
|
|
|
|
|
writeToFile.writelines('TESTING = "0"\n')
|
|
|
|
|
else:
|
|
|
|
|
writeToFile.writelines(items)
|
|
|
|
|
writeToFile.close()
|
|
|
|
|
print '1,None'
|
|
|
|
|
|
|
|
|
|
except BaseException, msg:
|
|
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[changeStatus]")
|
|
|
|
|
print '0',str(msg)
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
|
def modifyPorts(protocol, ports):
|
|
|
|
|
try:
|
|
|
|
|
data = open('/etc/csf/csf.conf', 'r').readlines()
|
|
|
|
|
writeToFile = open('/etc/csf/csf.conf', 'w')
|
|
|
|
|
|
|
|
|
|
if protocol == 'TCP_IN':
|
|
|
|
|
for items in data:
|
|
|
|
|
if items.find('TCP_IN') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToFile.writelines('TCP_IN = "' + ports + '"\n')
|
|
|
|
|
else:
|
|
|
|
|
writeToFile.writelines(items)
|
|
|
|
|
writeToFile.close()
|
|
|
|
|
elif protocol == 'TCP_OUT':
|
|
|
|
|
for items in data:
|
|
|
|
|
if items.find('TCP_OUT') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToFile.writelines('TCP_OUT = "' + ports + '"\n')
|
|
|
|
|
else:
|
|
|
|
|
writeToFile.writelines(items)
|
|
|
|
|
writeToFile.close()
|
|
|
|
|
elif protocol == 'UDP_IN':
|
|
|
|
|
for items in data:
|
|
|
|
|
if items.find('UDP_IN') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToFile.writelines('UDP_IN = "' + ports + '"\n')
|
|
|
|
|
else:
|
|
|
|
|
writeToFile.writelines(items)
|
|
|
|
|
writeToFile.close()
|
|
|
|
|
elif protocol == 'UDP_OUT':
|
|
|
|
|
for items in data:
|
|
|
|
|
if items.find('UDP_OUT') > -1 and items.find('=') > -1 and (items[0] != '#'):
|
|
|
|
|
writeToFile.writelines('UDP_OUT = "' + ports + '"\n')
|
|
|
|
|
else:
|
|
|
|
|
writeToFile.writelines(items)
|
|
|
|
|
writeToFile.close()
|
|
|
|
|
|
|
|
|
|
command = 'csf -r'
|
|
|
|
|
subprocess.call(shlex.split(command))
|
|
|
|
|
|
|
|
|
|
print '1,None'
|
|
|
|
|
|
|
|
|
|
except BaseException, msg:
|
|
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[modifyPorts]")
|
|
|
|
|
print '0', str(msg)
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
|
def allowIP(ipAddress):
|
|
|
|
|
try:
|
|
|
|
|
command = 'sudo csf -dr ' + ipAddress
|
2019-03-26 16:19:03 +05:00
|
|
|
ProcessUtilities.executioner(command)
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
command = 'sudo csf -a ' + ipAddress
|
2019-03-26 16:19:03 +05:00
|
|
|
ProcessUtilities.executioner(command)
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
except BaseException, msg:
|
|
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[allowIP]")
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
|
def blockIP(ipAddress):
|
|
|
|
|
try:
|
|
|
|
|
|
|
|
|
|
command = 'sudo csf -tr ' + ipAddress
|
2019-03-26 16:19:03 +05:00
|
|
|
ProcessUtilities.executioner(command)
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
command = 'sudo csf -d ' + ipAddress
|
2019-03-26 16:19:03 +05:00
|
|
|
ProcessUtilities.executioner(command)
|
2018-08-10 23:29:10 +05:00
|
|
|
|
|
|
|
|
except BaseException, msg:
|
|
|
|
|
logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[blockIP]")
|
2018-08-06 02:01:09 +05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
parser = argparse.ArgumentParser(description='CSF Manager')
|
2018-08-06 02:01:09 +05:00
|
|
|
parser.add_argument('function', help='Specific a function to call!')
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
parser.add_argument('--controller', help='Controller selection!')
|
|
|
|
|
parser.add_argument('--status', help='Controller status!')
|
|
|
|
|
parser.add_argument('--protocol', help='Protocol Modifications!')
|
|
|
|
|
parser.add_argument('--ports', help='Ports!')
|
2018-08-06 02:01:09 +05:00
|
|
|
|
|
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
2018-08-10 23:29:10 +05:00
|
|
|
if args.function == "installCSF":
|
|
|
|
|
controller = CSF(args.function, {})
|
|
|
|
|
controller.run()
|
|
|
|
|
elif args.function == 'removeCSF':
|
|
|
|
|
controller = CSF(args.function, {})
|
|
|
|
|
controller.run()
|
|
|
|
|
elif args.function == 'changeStatus':
|
|
|
|
|
CSF.changeStatus(args.controller, args.status)
|
|
|
|
|
elif args.function == 'modifyPorts':
|
|
|
|
|
CSF.modifyPorts(args.protocol, args.ports)
|
2018-08-06 02:01:09 +05:00
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
2018-10-12 18:18:10 +05:00
|
|
|
main()
|
