-
Notifications
You must be signed in to change notification settings - Fork 0
/
systemWrapper.py
198 lines (170 loc) · 6.25 KB
/
systemWrapper.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
import sys, os, time, atexit, subprocess
from signal import SIGTERM
import databaseWrapper
import htmlReport
class Daemon(object):
"""
A generic daemon class.
Usage: subclass the Daemon class and override the run() method
"""
def __init__(self, pidfile, stdin='/dev/null', stdout='/dev/null', stderr='/dev/null'):
self.stdin = stdin
self.stdout = stdout
self.stderr = stderr
self.pidfile = pidfile
def daemonize(self):
"""
do the UNIX double-fork magic, see Stevens' "Advanced
Programming in the UNIX Environment" for details (ISBN 0201563177)
http://www.erlenstar.demon.co.uk/unix/faq_2.html#SEC16
"""
try:
pid = os.fork()
if pid > 0:
# exit first parent
sys.exit(0)
except OSError as e:
sys.stderr.write("fork #1 failed: %d (%s)\n" % (e.errno, e.strerror))
sys.exit(1)
# decouple from parent environment
os.chdir("/")
os.setsid()
os.umask(0)
# do second fork
try:
pid = os.fork()
if pid > 0:
# exit from second parent
sys.exit(0)
except OSError as e:
sys.stderr.write("fork #2 failed: %d (%s)\n" % (e.errno, e.strerror))
sys.exit(1)
# redirect standard file descriptors
sys.stdout.flush()
sys.stderr.flush()
si = open(self.stdin, 'r')
so = open(self.stdout, 'a+')
se = open(self.stderr, 'a+')
os.dup2(si.fileno(), sys.stdin.fileno())
os.dup2(so.fileno(), sys.stdout.fileno())
os.dup2(se.fileno(), sys.stderr.fileno())
# write pidfile
atexit.register(self.delpid)
pid = str(os.getpid())
open(self.pidfile,'w+').write("%s\n" % pid)
def delpid(self):
os.remove(self.pidfile)
def start(self):
"""
Start the daemon
"""
# Check for a pidfile to see if the daemon already runs
try:
pf = open(self.pidfile,'r')
pid = int(pf.read().strip())
pf.close()
except IOError:
pid = None
if pid:
message = "pidfile %s already exist. Daemon already running?\n"
sys.stderr.write(message % self.pidfile)
sys.exit(1)
# Start the daemon
self.daemonize()
self.run()
def stop(self):
"""
Stop the daemon
"""
# Get the pid from the pidfile
try:
pf = open(self.pidfile,'r')
pid = int(pf.read().strip())
pf.close()
except IOError:
pid = None
if not pid:
message = "pidfile %s does not exist. Daemon not running?\n"
sys.stderr.write(message % self.pidfile)
return # not an error in a restart
# Try killing the daemon process
try:
while 1:
os.kill(pid, SIGTERM)
time.sleep(0.1)
except OSError as e:
err = str(e)
if err.find("No such process") > 0:
if os.path.exists(self.pidfile):
os.remove(self.pidfile)
else:
print (str(err))
sys.exit(1)
def restart(self):
"""
Restart the daemon
"""
self.stop()
self.start()
def run(self):
"""
You should override this method when you subclass Daemon. It will be called after the process has been
daemonized by start() or restart().
"""
class Tcpdump(Daemon):
command_type_1 = "sudo tcpdump -tttt -en -l -i %s \"src port %s and net not %s/16\""
command_type_2 = "sudo tcpdump -tttt -en -l -i %s \"src port %s\""
command_type_3 = "sudo tcpdump -tttt -en -l -i %s"
command = None
conn = None
log = None
options = None
def run(self):
while True:
self.conn = databaseWrapper.connectDB(self.options)
self.log = open(self.options["log-path"], "a")
proc = subprocess.Popen(self.command, shell = True, stdout = subprocess.PIPE)
info = ' '.join(str(i) for i in os.uname())
self.log.write("--- TRAFFICDB LOG FILE ---\n")
self.log.write("%s\n\n\n" % info)
self.log.write("[INFO] Start monitoring on interface %s, port %s.\n" % (self.options["interface"], self.options["port"]))
self.log.write("[INFO] Tcpdump command: %s\n" % self.command)
while True:
line = proc.stdout.readline()
if line != "":
entry = None
line = str(line)
#print (line)
try:
entry = htmlReport.getLineElements(line)
#print (entry)
except Exception as e:
self.log.write("[ERROR] Crashed on line %s.\n" % line)
self.log.write("Error: %s\n" % e)
if entry == None:
continue
try:
print ("Write entry: %s" % entry)
databaseWrapper.writeEntry(self.conn, entry, self.options["table"])
except Exception as e:
self.log.write("[ERROR] Database crashed on entry %s.\n" % entry)
self.log.write("[ERROR] Error: %s\n" % e)
else:
self.log.write("[INFO] Process finished.\n")
break
databaseWrapper.disconnectDB(self.conn)
self.log.close()
def setOptions(self, options):
self.options = options
if options["port"] == None and options["ip-filter"] == None:
self.command = self.command_type_3 % (options["interface"])
elif options["ip-filter"] == None:
self.command = self.command_type_2 % (options["interface"], options["port"])
else:
self.command = self.command_type_1 % (options["interface"], options["port"], options["ip-filter"])
print (self.command)
def startService(service, options):
service.setOptions(options)
service.start()
def stopService(service, options):
service.stop()