endian.restartscripts package

Submodules

endian.restartscripts.authentication module

class AuthenticationJob

Bases: endian.job.job.Job

config_values = None

configure_local_certs(job, *args, **argv)

Create the CA and host certificate for IPsec or OpenVPN if they does not exist and update the settings file

create_ca()

create_host_cert()

get_active_uplink_ip()

Return the IP of the active RED interface, or None

get_host_certificate(cert_filename)

load_config()

migrate()

Migrate the OpenVPN users to the authentication layer

restart(job, *args, **argv)

save_config()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

static string_to_list(l)

update_ca(job, *args, **argv)

Regenerate the CRL file and update the index

updatewizard(job, *args, **argv)

endian.restartscripts.autoupdate module

class AutoupdateJob

Bases: endian.job.job.Job

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

update(job, *args, **argv)

Checks if there are new updates using /usr/bin/efw-update update -d

upgrade(job, *args, **argv)

Starts an upgrade using /usr/bin/efw-update upgrade -d

endian.restartscripts.backup module

class BackupJob

Bases: endian.job.job.Job

backup(job, *args, **argv)

config_values = None

do_backup(job, *args, **argv)

load_config()

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.base module

class BaseJob

Bases: endian.job.job.Job

get_brand(job, *args, **argv)

Get brand

get_company(job, *args, **argv)

Get company

get_kernel_version(job, *args, **argv)

Get kernel version

get_release(job, *args, **argv)

Get release

get_version(job, *args, **argv)

Get version

noop(job, *args, **argv)

No Operation - Do nothing

start(job, *args, **argv)

endian.restartscripts.bridges module

class BridgeJob

Bases: endian.job.job.Job

build_bridge(interface)

call_restart(job, *args, **argv)

getBridgesFromDataSource()

get_purple_devices()

get_root_dev(interface)

join_bridge(bridge, dev)

leave_bridge(bridge, dev)

nic_list(bridge)

restart(job, *args, **argv)

update_stp(interface)

Update the STP parameters for a bridge interface.

endian.restartscripts.clamav module

class ClamAVJob

Bases: endian.job.generic.servicejob.ServiceJob

actions = {'icap': [{'action': 'apply', 'type': 'job', 'name': 'icap', 'options': {'force': True}}]}

configFiles = [{'affects': 'clamd', 'onstop': True, 'file': '/etc/clamav/clamd.conf'}, {'affects': 'nothing', 'file': '/etc/clamav/freshclam.conf'}, {'affects': 'nothing', 'file': '/etc/logrotate.d/clamav'}, {'affects': 'icap', 'onstop': True, 'file': '/etc/c-icap/virus_scan.d/clamd_mod.conf'}, {'affects': 'nothing', 'onstop': True, 'file': '/etc/squid/squid.conf.d/clamav.conf'}]

job_actions = {'start': {'priority': 80, 'use_notifications': True, 'depends': ['system_accessible=start', 'clamavcron=start'], 'options': {'debug': (<type 'bool'>, 'Be more verbose.'), 'force': (<type 'bool'>, 'Forces restart.')}}, 'restart': {'use_notifications': True, 'depends': ['system_accessible=start', 'clamavcron=start'], 'options': {'debug': (<type 'bool'>, 'Be more verbose.'), 'force': (<type 'bool'>, 'Forces restart.')}}}

job_groups = ['icapgroup']

restart_hook(options)

save_hook(options, changed)

serviceCanReload = False

serviceName = 'clamd'

settingsName = 'clamav'

shouldstart_hook()

stop_hook(options)

endian.restartscripts.clamavcron module

Module author: Peter Warasin

class ClamavCronJob

Bases: endian.job.generic.cronjob.AnaCronJob, endian.job.job.Job

Resets the Clamav cron scripts.

pre_set(scripts)

set scripts to empty dict if clamav is not used by any service

scripts = {'freshclam': ('/usr/lib/cron/freshclam.cron', 'UPDATE_SCHEDULE')}

settings_file_name = 'clamav/settings'

start(job, *args, **argv)

Resets the scripts.

endian.restartscripts.cleanup module

class CleanupJob

Bases: endian.job.job.Job

start(job, *args, **argv)

endian.restartscripts.collectd module

class CollectdJob

Bases: endian.job.job.Job

restart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.console module

class ConsoleJob

Bases: endian.job.job.Job

reload(job, *args, **argv)

start(job, *args, **argv)

endian.restartscripts.createtemplates module

class CreateTemplatesJob

Bases: endian.job.job.Job

create_message_file(config, dryrun, force)

get_config(f)

get_languages()

get_services(options={})

is_expired(tmpl, file)

iterate_services(config, options={})

iterate_templates(config, dryrun, force)

need_rebuild(config)

restart(job, *args, **argv)

select_template(filename, conf)

set_accessable_dir(dir, dryrun)

start(job, *args, **argv)

stat(file)

stat_cache = None

endian.restartscripts.dhcp module

class DhcpJob

Bases: endian.job.job.Job

actualize_subnets()

actualize_subnets_zone(zone, conf)

alter_config(config_values)

calc_range(ip, mask, start)

calculate_HA_management_net()

calculate_slave_DHCP()

compatibility()

concatenate(a, b, sep)

config_values = None

empty_zone()

get_zone_values(zone, VALUES)

has_blue()

has_orange()

load_config()

load_passwd(filename, sep, offkey, keys)

net_conf = None

old_net_conf = None

restart(job, *args, **argv)

save_config()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.dio module

class DioJob

Bases: endian.job.job.Job

config_values = None

get_conf(ds)

get_input(job, *args, **argv)

get_output(job, *args, **argv)

load_config()

restart(job, *args, **argv)

save_config()

set_output(job, *args, **argv)

shouldstart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

toggle_output(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.dnsblackhole module

Module author: Alber Maximilian

class DnsBlackHoleJob

Bases: endian.job.generic.cronjob.AnaCronJob, endian.job.job.Job

Resets the dnsblackhole cron scripts.

restart(job, *args, **argv)

Resets the scripts.

scripts = {'blackholedns': ('/usr/local/bin/getblackholedns', 'DNSMASQ_UPDATE_SCHEDULE')}

settings_file_name = 'dnsmasq/settings'

start(job, *args, **argv)

Resets the scripts.

endian.restartscripts.dnsmasq module

class DNSMasqJob

Bases: endian.job.job.Job

config_values = None

get_enabled_zones()

get_hooked_resolvers()

get_uplinks()

load_config()

prepare()

resolvonly(job, *args, **argv)

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

class RuleEntry

Bases: object

endian.restartscripts.dynaccess module

class DynAccessJob

Bases: endian.job.job.Job

create_pid_file_dir()

get_instances()

get_pid_file(instance)

remove_pid_files()

restart(job, *args, **argv)

start(job, *args, **argv)

start_instance(instance, force=False)

stop(job, *args, **argv)

stop_all()

stop_instance(instance)

endian.restartscripts.enclient module

class EnClientJob

Bases: endian.job.job.Job

add_anacron_hook()

If the system is not registered and the auto-registration info are available, create the auto-registration anacron hook

auto_register(job, *args, **argv)

compatibility()

Older version of the endian-client didn’t have a settings file, only the en-client.conf. If no settings file exists, but a sysid is contained within the old en-client.conf, the sysid is retrieved and stored in a settings file.

config_values = None

delete_sysid()

enable_ssh()

The liveclient requires SSH to be enabled. Hence, if SSH is not running, it has to ensured it is started. For that the settings file for remote access is modified and SSH enabled.

load_config()

reload(job, *args, **argv)

remove_anacron_hook()

Delete the auto-registration anacrond hook (if exist)

restart(job, *args, **argv)

save_config(delete_sysid=False)

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

sync_sysinfo(job, *args, **argv)

Synchronizing sysinfo if neeeded

endian.restartscripts.fcron module

class FcronJob

Bases: endian.job.job.Job

restart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.fetchsnortrules module

Module author: Alber Maximilian

class FetchSnortRulesJob

Bases: endian.job.generic.downloadjob.DownLoadJob, endian.job.job.Job

backup_rules(urls)

Backups the rules in a directory with same path appended BACKUP.

Parameters:urls (list of dicts) – The urls to download.

find_rules(rules_dir, block_rules=False)

Returns a list of rule files in the passed directory.

Parameters:

• rules_dir (String) – directory to scan.
• block_rules (bool) – allow block rules.

get_urls()

Returns dicts with information about the urls to download.

If a custom file is provided, modifies the job so that no download will be done.

The dict will have following keys:

• url: the url.

The dict will mey have following keys:

• etag: the etag of the last download.

• uncompress: True, if the url returns a tar.gz

  file which should be uncompressed.

• location: The location, where the download is

  to save.

• archive_prefix: The prefix-“directory” in the

  archive.

In the default implementation the function will use, if exists, the member urls to create the dicts. If url_key, etag_key, uncompress_key, location_key or archive_prefix_key is given in the dict, the function will lookup in the settings file for the value. If the key is not given or the value is empty, the value referenced by the key url, etag, uncompress, location or archive_prefix will used. If both keys are missing no entry will made in the return dict.

Returns:A list of url dicts. Return type:list of dicts

install_rules(urls)

Installs the rules.

Creates or cleans the target locations, moves all files ending in .rules. and touches the status files.

Parameters:urls (list of dicts) – The urls to download.

post(tmp_dir, urls)

Post hook, is triggered after the download and the possible uncompressing.

In the default implementation the content of urls with a location key in the urls parameter will be moved to this location.

Parameters:

• tmp_dir (String) – The temporary directory for the downloads.
• urls (list of dicts) – The urls to downloaded.

pre(tmp_dir, urls)

Prepare custom files. Set the download location for the files.

Parameters:

• tmp_dir (String) – The temporary directory for the downloads.
• urls (list of dicts) – The urls to download.

Returns:

The url list to pass to the download.

Return type:

list of dicts

remove_backup_rules(urls)

Removes the rules from a directory with a path appended BACKUP.

Parameters:urls (list of dicts) – The urls to download.

restart(job, *args, **kw)

Starts the job.

Parameters:options (dict) – A dict with options.

restore_rules(urls)

Restores the rules from a directory with a path appended BACKUP.

Parameters:urls (list of dicts) – The urls to download.

settings_file_name = '/var/efw/snort/settings'

should_update(urls)

Returns True, if there is new content to download.

In the default implementation the function will return true, if no etag key is in the url dict otherwise will controll, if the etag has changed.

Parameters:urls (list of dicts) – The urls to download. Returns:The urls to update. Return type:list of dicts

start(job, *args, **argv)

Starts the download jobs. In detail controlls, if there is new data. If so, launches the pre hook, downloads the urls retrieved by getURLS, lanaunches the postUnCompress and then the post hook.

Parameters:options (dict) – A dict with options.

urls = [{'uncompress': True, 'url_key': 'SNORT_RULES_URL', 'etag_key': 'SNORT_RULES_ETAG'}]

endian.restartscripts.firewall module

class FirewallJob

Bases: endian.job.job.Job

ebtables_zonechains()

get_ifaces()

handle_hotspot_drops(chain)

has_blue()

has_orange()

iptables_defaultfw()

iptables_init()

iptables_newnotsyn()

iptables_setlog()

iptables_zonechains()

load_config()

reload(job, *args, **argv)

restart(job, *args, **argv)

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.frox module

class FroxJob

Bases: endian.job.job.Job

compatibility()

config_values = None

get_enabled_zones()

load_config()

restart(job, *args, **argv)

save_config()

shouldstart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.getblackholedns module

Module author: Alber Maximilian <m.alber@endian.com>

class GetBlackholeDNSJob

Bases: endian.job.generic.downloadjob.DownLoadJob, endian.job.job.Job

Downloads from the configured url the dnsmasq spywaredomains zones.

get_domain_list(filename, parse=None)

post(tmp_dir, urls)

Post hook, is triggered after the download and the possible uncompressing.

In the default implementation the content of urls with a location key in the urls parameter will be moved to this location.

Parameters:

• tmp_dir (String) – The temporary directory for the downloads.
• urls (list of dicts) – The urls to downloaded.

restart(job, *args, **argv)

Starts the job.

Parameters:options (dict) – A dict with options.

save_config()

settings_file_name = '/var/efw/dnsmasq/settings'

start(job, *args, **argv)

Starts the download jobs.

Parameters:options (dict) – A dict with options.

urls = [{'uncompress': False, 'url_key': 'DNSMASQ_BLACKHOLE_URL', 'location': '/var/signatures/dnsmasq/', 'etag_key': 'DNSMASQ_BLACKHOLE_ETAG'}]

endian.restartscripts.ha module

exception HAException

Bases: exceptions.Exception

class HAJob

Bases: endian.job.job.Job

after_rsync(job, *args, **argv)

Execute on the DESTINATION node (can be a master or slave) after rsync

before_rsync(job, *args, **argv)

Execute on the SOURCE node (can be a master or slave) before rsync

can_sync(remote, local_state)

config_values = None

create_HA_data(c)

do_rsync(source, target)

synchronize source -> target using rsync

find_master(job, *args, **argv)

Scan nodes and find the current master node

generate_secret(ha_global)

get_CIDRs(nets)

get_IPs(nets)

get_ha_current_state(job, *args, **argv)

Returns the value of ha.settings.HA_CURRENT_STATE

get_ha_node(job, *args, **argv)

Returns the value of ha.settings.HA_NODE

get_ha_state(job, *args, **argv)

Returns the value of ha.settings.HA_STATE

get_nets(nets)

get_nodes()

Return a list of all nodes (except the node itself)

ha_copytree(src, dst, includes=None)

Recursively copy a directory tree

has_blue(c)

has_orange(c)

init(job, *args, **argv)

Initialize master/slave Node

load_config()

merge_config(filetype, variables)

Create a temporary rsync configuration file by mergeing multiple files and substitute runtime variables

migrate_interfaces(source_is_arm=False)

Migrate br*, bond* and vlan_* interfaces.

migrate_uplinks(source_is_arm=False)

Migrate interfaces for uplinks.

post_updatewizard(job, *args, **argv)

pre_updatewizard(job, *args, **argv)

register(job, *args, **argv)

Register a new node on the master

Returns:“NOT_MASTER”, “HA_DISABLED”, “FAILED”, “SUCCESS %s” % cnodenum Return type:string

remove_know_host(job, *args, **argv)

Remove an host from the /root/.ssh/know_hosts file

restart(job, *args, **argv)

save_config()

send_cmd_to_slaves(job, *args, **argv)

Send a jobsengine command to slave nodes

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

synchronize_slaves(job, *args, **argv)

Synchronize files from master to slaves

unregister(job, *args, **argv)

write_ha_current_state()

endian.restartscripts.hostname module

class HostnameJob

Bases: endian.job.job.Job

fix_hosts()

start(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.hotspot module

class DbHotspotSettings(db_host, db_port, db_password)

Bases: dict

Class for reading the hotspot settings from the database

class HotspotJob

Bases: endian.job.generic.apachejob.ApacheJob, endian.job.job.Job

add_cyclic_tickets(job, *args, **argv)

Add cyclic tickets.

background_rebuild(job, *args, **argv)

Rebuild radius account settings in background (radcheck, radreply, radusergroup) of all accounts

config_values = None

disable_radiusd()

fix(job, *args, **argv)

Fixes radacct table by removing open session of users not logged in anymore after unclean shutdown

generate_secret()

install_db()

list(job, *args, **argv)

List filtered accounts

load_config()

load_db_config()

logout(job, *args, **argv)

Logout filtered accounts

migrate_db()

parse_chilli_allowed(delimiter=', ')

ping_db()

pre_updatewizard(job, *args, **argv)

rebuild(job, *args, **argv)

Rebuild radius account settings (radcheck, radreply, radusergroup) of all accounts

reload_dbservice()

restart(job, *args, **argv)

restart_db(options)

restart_dbservice()

save_config(options)

shouldstart()

shouldstart_db()

sites = {'hotspot.conf': True}

start(job, *args, **argv)

stop(job, *args, **argv)

stop_dbservice()

update(job, *args, **argv)

Update radius entries of filtered accounts

updatewizard(job, *args, **argv)

write_db_config()

writeuser()

get_openvpn_user_ips(username)

Return the list of static IPs for the given OpenVPN user.

endian.restartscripts.httpd module

class HttpdJob

Bases: endian.job.generic.apachejob.ApacheJob, endian.job.job.Job

conf = {}

listening_ports()

Return a list of unique, non-overlapping binding IP:port

mods = {'setenvif.conf': True, 'ssl.conf': True, 'remoteip.load': True, 'proxy_html.conf': True, 'alias.load': True, 'access_compat.load': True, 'authz_host.load': True, 'xml2enc.load': True, 'proxy_html.load': True, 'authn_core.load': True, 'ssl.load': True, 'negotiation.conf': True, 'mpm_worker.load': True, 'mpm_worker.conf': True, 'negotiation.load': True, 'rewrite.conf': True, 'log_config.load': True, 'dir.load': True, 'authnz_external.load': True, 'headers.load': True, 'authz_core.load': True, 'socache_dbm.load': True, 'env.load': True, 'auth_basic.load': True, 'unixd.load': True, 'dir.conf': True, 'cgid.load': True, 'authz_groupfile.load': True, 'authn_file.load': True, 'authz_user.load': True, 'log_config.conf': True, 'mime.conf': True, 'proxy_http.load': True, 'setenvif.load': True, 'proxy.load': True, 'rewrite.load': True, 'cgid.conf': True, 'mime.load': True}

restart(job, *args, **argv)

save_config()

sites = {'000-default.conf': True}

start(job, *args, **argv)

stop(job, *args, **argv)

update_groups()

endian.restartscripts.hwclock module

class HwClockJob

Bases: endian.job.job.Job

start(job, *args, **argv)

endian.restartscripts.icap module

class Icap

Bases: endian.job.generic.servicejob.ServiceJob

configFiles = [{'affects': 'c-icap', 'file': '/etc/c-icap/c-icap.conf'}, {'affects': 'nothing', 'file': '/etc/logrotate.d/c-icap'}]

enabledkeys = ['ENABLED']

load_config_hook()

serviceBlocking = True

serviceCanReload = True

serviceName = 'c-icap'

settingsName = 'icap'

endian.restartscripts.ifplugd module

class IfplugdJob

Bases: endian.job.job.Job

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.installifmissing module

class InstallIfMissingJob

Bases: endian.job.job.Job

filterPackages()

restart(job, *args, **argv)

rootPackages = {}

endian.restartscripts.ipsec module

class IPSEC

Bases: object

class IpsecJob

Bases: endian.job.job.Job

config_values = None

configure_local_certs()

connections(job, *args, **argv)

Return the list of the open connections

get_source_ip(subnet)

get_uplink_data()

has_blue()

has_orange()

ipcidr2netcidr(iplist)

load_config()

reload(job, *args, **argv)

Write the IPSec configuration and reload the whole configuration on the running daemons

reload_crls(job, *args, **argv)

reset_connection(job, *args, **argv)

Closes and reopen a IPsec connection

restart(job, *args, **argv)

save_config()

shouldstart()

start(job, *args, **argv)

status(job, *args, **argv)

Return the IPsec status

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.jobsengine module

class JobsengineJob

Bases: endian.job.generic.handlersjob.HandlersJob, endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

This function does not start the jobsengine, but it creates the logrotate config file

run_parts(job, *args, **argv)

run_parts()

Runs a number of scripts and jobsengine commands found in a single directory directory. Scripts and jobsengine commands are recognized by the filename.

• scripts – Filenames should consist entirely of upper and lower case letters,

  digits, underscores, and hyphens (e.g. 01interfacemark)

• jobsengine cmd – Filename format [PRIORITY].cmd.args (e.g. 05.restart.xyz, restart.xyz)

  If the file is not empty, the file content is used as additional argument.

Options:

• directory directory path

• prefix prefix added to the jobsengine cmds (e.g. internal)

• environ if it is not None, it must be a mapping that defines the

  environment variables for the new process; these are used instead of inheriting the jobsengine environment, which is the default behavior.

All the additional argument except directory, prefix and eviron are converted in environ vars passed to the triggered commands.

save_config()

start(job, *args, **argv)

This function does not start the jobsengine, but it creates the logrotate config file

endian.restartscripts.kernelconfig module

class KernelConfigJob

Bases: endian.job.generic.servicejob.ServiceJob

configFiles = []

enabledkeys = ['KERNELCONFIG_ENABLED']

hasService = False

restart(job, *args, **argv)

restart_hook(options)

settingsName = 'kernel'

start(job, *args, **argv)

endian.restartscripts.l2tp module

class L2tpJob

Bases: endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.logrotate module

class LogrotateJob

Bases: endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

endian.restartscripts.logsurfer module

class LogsurferJob

Bases: endian.job.job.Job

config_values = None

load_actions(val)

load_config()

load_events(ds, lang)

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

stop(job, *args, **argv)

translate_severity(nr, type)

updatewizard(job, *args, **argv)

endian.restartscripts.migrationjob module

class MigrationJob

Bases: endian.job.job.Job

migrate(job, *args, **argv)

migrate()

Starts configuration migration

Searches all migration modules for package ‘’‘pkg’‘’, or all packages, if ‘’‘pkg’‘’ is omitted.

If ‘’‘pkg’‘’ is supplied, versioning information may also be provided, in order to migrate to a specific version.

Calls all migration modules of those versions between that one of the last update and the current status within the rpm db.

name = 'migration'

update(job, *args, **argv)

run_parts()

Updates list of the version of current configuration files

The list of teh version of current configuration files is basically a list of rpm package names with their version, release and epoch. In order to allow to understand which configuration file must be migrated this list should reflect always the versions the corresponding settings files have at the moment.

This function should be called before upgrades, in order to understand which packages need migration during upgrade process.

endian.restartscripts.modules module

class ModulesJob

Bases: endian.job.job.Job

detect_hardware()

start(job, *args, **argv)

endian.restartscripts.monit module

class MonitJob

Bases: endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

set_oom_adj()

start(job, *args, **argv)

endian.restartscripts.network module

class NetworkJob

Bases: endian.job.job.Job

bonding_start()

bonding_stop()

configure_address(interface, ip_pool, ha_enabled)

delete_uplink(job, *args, **argv)

Delete an uplink

emergency_fill_br0()

ethconfig()

get_dhcp()

get_red_devices()

haresync()

has_blue(net_settings)

has_orange(net_settings)

has_zone(net_settings, zone)

netdrivers()

nic_list(bridge)

remove_dhcp()

restart_vlans(job, *args, **argv)

Restart the VLANs

set_mac_addresses()

set_net_addresses()

start(job, *args, **argv)

store_ethconfig_json()

updatewizard(job, *args, **argv)

vlan_start(preserve_red_devices=False)

vlan_stop(preserve_red_devices=False)

endian.restartscripts.ntop module

class NtopJob

Bases: endian.job.job.Job

compatibility()

config_values = None

get_down_interfaces()

load_config()

restart(job, *args, **argv)

save_config()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.ntp module

class NTPJob

Bases: endian.job.job.Job

compatibility()

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

set_timezone()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

sync(job, *args, **argv)

update_time(job, *args, **argv)

Set the current time

updatewizard(job, *args, **argv)

endian.restartscripts.openvpnclients module

class OpenVPNClientsJob

Bases: endian.job.generic.handlersjob.HandlersJob, endian.job.job.Job

alter_config(values)

client_status(job, *args, **argv)

clients_names()

compatibility()

config_values = None

forcerestart_client(name)

get_client_config(name, force_disable=False)

get_credentials(name)

Returns the username/password for a given connection

get_openvpn_server_ip(device, tries=1)

get_tap_or_tun(id, type)

list_clients(job, *args, **argv)

load_config(options=None)

prepare_download_request(download_url, name)

prepare_download_url(download_url, device)

remove_statusfiles(name)

restart(job, *args, **argv)

restart_client(name, force=False)

save_client_config(name, force_disable=False)

scheduled_downloads(job, *args, **argv)

For each connected tunnel, if there are the DOWNLOAD_URL and DOWNLOAD_PATH options, try to retrieve DOWNLOAD_URL and store to DOWNLOAD_PATH

shouldstart_client(name)

start(job, *args, **argv)

start_client(job, *args, **argv)

stop(job, *args, **argv)

stop_client(job, *args, **argv)

updatewizard(job, *args, **argv)

write_global_settings()

endian.restartscripts.openvpnjob module

class OpenVPNJob

Bases: endian.job.generic.handlersjob.HandlersJob, endian.job.job.Job

checkdhgen()

client_connect(job, *args, **argv)

client_disconnect(job, *args, **argv)

config_value = None

configure_local_certs()

create_delay_triggers_cron_script()

create_diffie(job, *args, **argv)

execute_delayed_triggers(job, *args, **argv)

explode_nat(nat)

Convert a string in the format CLIENT_SIDE_NET/CIDR SERVER_SIDE_NET,... into a list [(CLIENT_SIDE_NET, NETMASK, SERVER_SIDE_NET), ...]

explode_networks(record)

explode_server_cores(name)

get_devices_from_server_nr(server_nr)

Return the devices names for a given server number

get_invalid_ips(nets)

get_ips(ips, invalid)

get_server_nrs_from_device(dev)

Return the server numbers from the device name

get_tap_or_tun(id_, type_='tap')

kill_client(job, *args, **argv)

load_ca_config()

load_config(_forceLoad=False)

load_servers(config_value, _forceLoad=False)

migrate_old_ca_cert()

on_portsharing_changed()

prepare()

remote_route(job, *args, **argv)

Sets up local routing table entries for networks of the other side of an openvpn tunnel

remove_delay_triggers_cron_script()

restart(job, *args, **argv)

restart_server(job, *args, **argv)

save_config()

save_global_config(changed)

save_server_config(name, changed)

server_core_ids(name)

should_create_certs()

shouldstart()

shouldstart_server(name)

split_network(network, slices)

start(job, *args, **argv)

stop(job, *args, **argv)

stop_server(job, *args, **argv)

updatednsmasq(job, *args, **argv)

updatewizard(job, *args, **argv)

write_httpd_settings(port)

write_openvpn_user(user, config_pathname, dev)

Write the openvpn configuration for an user.

Parameters:

• user (string) – user name
• config_pathname (string) – pathname of a not-yet-created temporary config file
• dev (string) – network device of the server

Returns:

the configs used for writing the user configuration file

Return type:

ConfigDict

endian.restartscripts.popscan module

class PopScanJob

Bases: endian.job.job.Job

compatibility()

config_values = None

get_enabled_zones()

has_blue()

has_orange()

load_config()

restart(job, *args, **argv)

save_config()

shouldstart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.provisioning module

class Provisioning

Bases: endian.job.job.Job

is_switchboard(openvpn_server_ip)

Return True if the OpenVPN server is a VPN Switchboard

openvpnclient(job, *args, **argv)

restart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.pyzord module

class PyzordJob

Bases: endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

shouldstart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.qos module

class BandwidthClass

Bases: object

getCmd()

class BandwidthManager(device, downstream, upstream, defaultClass, mtu, bridgeDevice=None, qdisc='hfsc', rulesTable='QOS', logger=None)

Bases: object

BandwidthManager manages the upstream and downstream bandwith of the given device

addClass(name, parent='root', reservedDown=0, reservedUp=0, limitDown=0, limitUp=0, priority=0)

Add a new bandwidth management class

addRule(classname, src=None, sport=None, inputdev=None, mac=None, dst=None, dport=None, tos=None, dscp=None, dscp_class=None, protocol=None)

id = -1

processRule(rule, stream)

setup()

class QOSJob

Bases: endian.job.job.Job

classes

config_values = None

delete_iptables_rules(device)

devices

firewall_restart(job, *args, **argv)

init_iptables()

load_config()

migrate()

nicvars

restart(job, *args, **argv)

rules

setup(job, *args, **argv)

setup_device(device)

start(job, *args, **argv)

updatewizard(job, *args, **argv)

class Shaper(device, bridge_device, bandwidth, defaultClass, mtu=1500)

Bases: object

addClass(name, parent=None, reserved=None, limit=None, priority=0)

findClass(name, classes=None)

prefix = 0

setup()

show()

getMTU(device)

get_network_interfaces()

get_network_interfaces_mtu()

reset(logger=None)

Remove all qdiscs

reset_classes(iface, logger=None)

endian.restartscripts.radiusd module

class RadiusdJob

Bases: endian.job.job.Job

changed()

checkdhgen()

config_values = None

configure_local_certs()

creates a new pkcs file, if there is none ca public certificate will be left within filesystem in order to have it for downloads

if there is a pkcs file, extract the ca public certificate in order to have it for downloads. this happens in every case, since one may upload a new pkcs file

create_ca()

create_host_cert()

load_config()

prepare_ca()

remove_ca()

restart(job, *args, **argv)

save_config()

shouldstart()

sign_cert()

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.reporting module

class ReportingJob

Bases: endian.job.generic.servicejob.ServiceJob

actions = {'syslogjob': [{'action': 'apply', 'type': 'job', 'name': 'syslogjob', 'options': {'force': True}}]}

configFiles = [{'affects': 'syslogjob', 'onstop': True, 'file': '/etc/syslog/syslog-events.conf'}, {'affects': 'nothing', 'file': '/etc/logrotate.d/events'}]

filter_by_classes(classes_to_log)

get_system_users(job, *args, **argv)

Collect statistics about users on the system.

hasService = False

restart(job, *args, **argv)

restart_hook(options)

settingsName = 'reporting'

shouldstart_hook()

start(job, *args, **argv)

stop(job, *args, **argv)

stop_hook(options)

update_patterndb(job, *args, **argv)

Update the patterndb.xml file.

updatewizard(job, *args, **argv)

endian.restartscripts.reportingcron module

class ReportingCronJob

Bases: endian.job.generic.cronjob.CronJob, endian.job.job.Job

Resets the Reporting cron scripts.

post_set(scripts)

pre_set(scripts)

set scripts to empty dict if clamav is not used by any service

scripts = {'sumeventsdb': ('/usr/local/bin/sum-events-db', 'EVENTS_SUMMARY_SCHEDULE')}

settings_file_name = 'reporting/settings'

endian.restartscripts.restartemi module

class EmiJob

Bases: endian.job.job.Job

config_values = None

expire_menu_cache(job, *args, **argv)

Expire the menu cache

load_config()

name = 'emi'

reload(job, *args, **argv)

Reload EMI

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.samba module

class SambaJob

Bases: endian.job.job.Job

get_smb_interfaces()

load_config()

net_conf = None

restart(job, *args, **argv)

save_config()

shouldstart()

smb_conf = None

start(job, *args, **argv)

stop(job, *args, **argv)

use_virtualization()

virtual_conf = None

endian.restartscripts.sarg module

class SargJob

Bases: endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

endian.restartscripts.satrain module

class SatrainJob

Bases: endian.job.job.Job

restart(job, *args, **argv)

start(job, *args, **argv)

endian.restartscripts.save_defaults module

class SaveDefaultsJob

Bases: endian.job.job.Job

start(job, *args, **argv)

endian.restartscripts.setdnat module

class SetDNAT

Bases: endian.job.job.Job

all_openvpn_interfaces()

all_openvpn_ips()

all_red_interfaces()

colon2dash(value)

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

get_address_table()

get_addresses_by_interface(dev)

get_interface_by_openvpn_name(name)

get_interface_by_uplink(uplink)

get_openvpn_ip_by_user(user)

get_purple_devices(server_name=None)

get_remote_vpn_nets(user)

get_rules()

get_uplink_pool()

get_vpn_device(conn)

insert_rule(obj, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

subst_addresses_by_interface(value, rule=None)

subst_iter(values, cb, rule=None, delimiter='&')

subst_openvpn_user_ip(user, rule=None)

subst_openvpn_user_nets(user, rule=None)

subst_uplink_dev(dev, rule=None)

subst_vpn_dev(dev, rule=None)

subst_zone_dev(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setincoming module

class SetIncoming

Bases: endian.job.job.Job

all_red_interfaces()

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

get_bridge_by_interface(iface)

get_bridge_config()

get_interface_by_uplink(uplink)

get_next_mark(hash)

get_remote_vpn_nets(user)

get_rules()

get_uplink_pool()

insert_rule(obj, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

subst_iter(values, cb, rule=None, delimiter='&')

subst_uplink_dev(dev, rule=None)

subst_zone_dev(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setinterfacemark module

class RuleEntry

class SetInterfaceMarkJob

Bases: endian.job.job.Job

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

get_interfaces()

get_mark_by_interface(iff)

get_rtable_by_name(value)

get_rules()

get_uplink_by_interface(value)

get_uplink_pool()

insert_rule(obj, log=False)

load_config()

map_if_to_uplink()

restart(job, *args, **argv)

save_config()

script = None

settings = None

start(job, *args, **argv)

subst_interface_rtable(value, rule=None)

subst_iter(values, cb, rule=None, delimiter='&')

subst_nfmark(value, rule=None)

substitute_values(rule)

sync_interfaces(iflist)

tmpl = None

endian.restartscripts.setoutgoing module

class SetOutgoing

Bases: endian.job.job.Job

all_red_interfaces()

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

get_interface_by_uplink(uplink)

get_rules()

get_uplink_pool()

insert_rule(obj, data={})

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

subst_iter(values, cb, rule=None, delimiter='&')

subst_uplink_dev(dev, rule=None)

subst_zones(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setpolicyrouting module

class SetPolicyRoutingJob

Bases: endian.job.job.Job

all_openvpn_interfaces()

all_openvpn_ips()

all_red_interfaces()

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

get_interface_by_openvpn_name(name)

get_interface_by_uplink(uplink)

get_mark_by_uplink(value, withbackup)

get_openvpn_ip_by_user(user)

get_purple_devices(server_name=None)

get_remote_vpn_nets(user)

get_rtable_by_name(value)

get_rules()

get_uplink_pool()

get_vpn_device(conn)

inflate(value)

insert_rule(obj, tmpl, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

subst_gateway(value, rule=None, params=None)

subst_ipsec(value, rule=None, params=None)

subst_iter(values, cb, rule=None, delimiter='&', params={})

subst_openvpn_user(user, rule=None, params=None)

subst_uplink_dev(dev, rule=None, params=None)

subst_uplink_gateway(value, rule=None, params=None)

subst_vpn_dev(dev, rule=None, params=None)

subst_zones(value, rule=None, params=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setproxyinout module

class SetProxyInOut

Bases: endian.job.job.Job

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

load_config()

render_template(tmpl)

restart(job, *args, **argv)

save_config()

script = None

settings = None

start(job, *args, **argv)

tmpl = None

endian.restartscripts.setqueuefw module

class SetQueuefw

Bases: endian.job.job.Job

all_red_interfaces()

check_pid(pid)

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

get_interface_by_uplink(uplink)

get_rules()

get_uplink_pool()

insert_rule(obj, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

subst_iter(values, cb, rule=None, delimiter='&')

subst_uplink_dev(dev, rule=None)

subst_zones(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setredirect module

class SetRedirect

Bases: endian.job.job.Job

allOVPNInterfaces()

doSplit(line)

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

getAddressByInterface(dev)

getAddressTable()

getInterfaceByOpenvpnName(name)

getRules()

getVPNDevice(conn)

get_purple_devices(server_name=None)

insert_rule(obj, tmpl, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

substAddressByInterface(value, rule=None)

substIter(values, cb, rule=None, delimiter='&')

substVPNDev(dev, rule=None, item=None)

substZones(value, rule=None)

substZonesPrimaryIP(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setrouting module

class SetRoutingJob

Bases: endian.job.job.Job

all_openvpn_ips()

cmp_significancy(x, y)

create_routing_table(rule)

del_rules(prio)

empty_rule(data)

explode_rules(line, explodefields)

get_bits(cidr)

get_ip_rules()

get_local_routes(empty)

get_openvpn_ip_by_user(user)

get_remote_vpn_nets(user)

get_rules()

get_table(table)

iterate_cmd(cmd, regexp, cb)

purge_rules(data)

restart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

subst_gateway(data, rule=None, params=None)

subst_gateway_mark(data, rule=None, params=None)

subst_iter(values, cb, rule=None, delimiter='&', params={})

subst_openvpn_user(user, rule=None, params=None)

subst_uplink(data, rule=None, params=None)

substitute_values(rule)

unregister_unneeded_tables(config)

endian.restartscripts.setsnat module

class SetSNAT

Bases: endian.job.job.Job

allOVPNInterfaces()

allOpenvpnIPs()

allRedInterfaces()

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

getAddressByInterface(dev)

getAddressOfExitingInterface(ip)

getAddressTable()

getExitingInterface(ip)

getInterfaceByAddress(ip)

getInterfaceByOpenvpnName(name)

getInterfaceByUplink(uplink)

getOpenvpnIPByUser(user)

getRemoteVPNNets(user)

getRoutingInformation(ip)

getRules()

getUplinkPool()

getVPNDevice(conn)

get_purple_devices(server_name=None)

insert_rule(obj, tmpl, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

substAddressByInterface(value, rule=None)

substIter(values, cb, rule=None, delimiter='&')

substOpenvpnUser(user, rule=None)

substUplinkDev(dev, rule=None)

substVPNDev(dev, rule=None)

substZoneDev(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setvpnfw module

class SetVPNFirewall

Bases: endian.job.job.Job

allOVPNInterfaces()

allOpenvpnIPs()

allRedInterfaces()

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

getInterfaceByOpenvpnName(name)

getInterfaceByUplink(uplink)

getOpenvpnIPByUser(user)

getRemoteVPNNets(user)

getRules()

getUplinkPool()

getVPNDevice(conn, ipsec=True)

get_purple_devices(server_name=None)

insert_rule(obj, tmpl, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

start(job, *args, **argv)

stop(job, *args, **argv)

substIter(values, cb, rule=None, delimiter='&')

substOpenvpnUser(user, rule=None)

substUplinkDev(dev, rule=None)

substVPNDev(dev, rule=None)

substZones(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.setvpnfwprep module

class RuleEntry

class SetVPNFirewallPreparation

Bases: endian.job.job.Job

bridge_tmpl = None

explode_rules(line, explodefields)

explode_server_cores(config)

generate_script()

get_VPN_static_ips()

get_purple_devices()

get_remote_VPN_nets(user=None)

get_rules()

get_servers()

insert_rule(obj, log=False)

load_config()

restart(job, *args, **argv)

save_config()

script = None

settings = None

split_network(network, slices)

start(job, *args, **argv)

stop(job, *args, **argv)

tmpl = None

endian.restartscripts.setxtaccess module

class SetXTAccessJob

Bases: endian.job.job.Job

all_openvpn_interfaces()

all_red_interfaces()

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

get_interface_by_openvpn_name(name)

get_interface_by_uplink(uplink)

get_purple_devices(server_name=None)

get_rules()

get_uplink_pool()

get_vpn_device(conn)

insert_rule(obj, tmpl, log=False)

load_config()

move_if_ip_to_dst(rule)

post_explodes(rule)

restart(job, *args, **argv)

satanize_rule(item)

save_config()

script = None

settings = None

split_address_from_device(value, rule=None, item=None)

split_mac(rule)

start(job, *args, **argv)

stop(job, *args, **argv)

subst_VPN_dev(dev, rule=None, item=None)

subst_iter(values, cb, rule=None, iterkey='value')

subst_uplink_dev(dev, rule=None, item=None)

subst_zones(value, rule=None, item=None)

substitute_values(rule)

tmpl = None

translate_from_dict(rule, explodingKeys)

translate_to_lists(rule, keys, delimiter='&')

endian.restartscripts.setzonefw module

class SetZoneFw

Bases: endian.job.job.Job

explode_rules(line, explodefields)

firewall_restart(job, *args, **argv)

generate_script()

getBridgeByInterface(iface)

getBridgeConfig()

getNextMark(hash)

getRules()

insert_rule(obj, tmpl, log=False)

load_config()

restart(job, *args, **argv)

satanize_rule(item)

save_config()

settings = {}

start(job, *args, **argv)

stop(job, *args, **argv)

substIter(values, cb, rule=None, delimiter='&')

substZones(value, rule=None)

substitute_values(rule)

tmpl = None

endian.restartscripts.smtpscan module

class BCCEntry

Bases: object

class DomainEntry

Bases: object

class OpenvpnRoutingEntry

Bases: object

class RoutingEntry

Bases: object

class SmtpScanJob

Bases: endian.job.job.Job

config_values = None

get_BCC()

get_REDIP()

get_domain_routing()

get_dsn_ips(zones)

get_enabled_zones()

get_rbl_config()

get_rbls()

get_relay_domains()

get_transparent_zones()

get_zones()

has_blue()

has_orange()

load_config()

load_list(filename)

local_nets()

openvpn_nets()

prepare()

reload()

remove_lock(lockfile)

restart(job, *args, **kw)

save_config(options)

shouldstart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

ipcidr2netcidr(iplist)

endian.restartscripts.snmp module

class SNMPJob

Bases: endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.snort module

class IPSException

Bases: object

class IPSPolicy

Bases: object

class SnortJob

Bases: endian.job.job.Job

a = 'sdrop'

config_values = None

enabled_rule_targets()

Returns all enabled rule targets

generate_rules()

load_config()

process_rules_file(rfile, default_action, policies, exceptions, seen_sids=None)

Process the given rule file.

recursive_glob(path, expr)

Walks the given directory (path) recursively, and finds all files matching $expr

restart(job, *args, **kw)

save_config()

shouldstart()

start(job, *args, **kw)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

valid_config()

Returns true when the configuration and the snort rules are valid.

Returns:True, when the configuration is valid. Return type:bool

endian.restartscripts.snortrules module

Module author: Alber Maximilian

class SnortRulesJob

Bases: endian.job.generic.cronjob.AnaCronJob, endian.job.job.Job

Resets the Snort cron scripts.

post_set(scripts)

Hook, which is triggered atter setting the passed scripts. Can be used to modify the scripts.

Parameters:scripts (dict) – A dict describing the scripts in the form as defined in get_scripts.

restart(job, *args, **argv)

Resets the scripts.

scripts = {'snortrules': ('/usr/local/bin/fetchsnortrules', 'UPDATE_SCHEDULE')}

settings_file_name = 'snort/settings'

start(job, *args, **argv)

Resets the scripts.

endian.restartscripts.spamassassin module

class SpamAssassinJob

Bases: endian.job.job.Job

create_black_white_list(filename)

load_config()

popscan_config_values = None

reschedule()

restart(job, *args, **argv)

save_config()

shouldstart(job, *args, **argv)

spamassassin_config_values = None

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.squid module

class NcsaGroup

Bases: object

class NcsaUser

Bases: object

class SquidJob

Bases: endian.job.job.Job

config_values = None

create_ssl_db_dir()

flush_cache()

Flush the squid cache

load_config()

on_network_configured(job, *args, **argv)

readFilterProfiles()

readLdapConfig()

Get Group Information from a LDAP/ADS Directory

readNcsaConfig()

readNtlmConfig()

Get Informations from a NT Domain -> winbind

readRadiusConfig()

read_policy_rules()

returns all proxy profiles and looks if dg or havp is needed

read_transparent_rules()

read_useragents()

reload_auth(options)

restart(job, *args, **kw)

save_config()

shouldstart(job, *args, **argv)

start(job, *args, **argv)

stop(job, *args, **argv)

write_ldap_config()

write_list(path, lines)

write_ncsa_config()

write_ntlm_config()

write_radius_config()

writeacl()

class TransparentRule

Bases: object

class Useragent

Bases: object

getmaxfd()

reads maximum count of file descriptors

@returns string with count of max file descriptors

endian.restartscripts.ssh module

class SSHJob

Bases: endian.job.job.Job

config_values = None

enable(job, *args, **argv)

load_config()

restart(job, *args, **argv)

save_config()

set_oom_adj()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)

endian.restartscripts.startup_done module

class StartupDoneJob

Bases: endian.job.job.Job

start(job, *args, **argv)

endian.restartscripts.syslogjob module

class SyslogJob

Bases: endian.job.job.Job

config_values = None

create_pipe(pipe)

get_fifo(filename)

get_logsurfer_filter()

load_config()

parse_logsurfer_header(filename)

prepare()

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

stop(job, *args, **argv)

updatewizard(job, *args, **argv)

endian.restartscripts.system_accessible module

class SystemAccessibleJob

Bases: endian.job.job.Job

first_startup(job, *args, **argv)

start(job, *args, **argv)

endian.restartscripts.timestamplogs module

Module author: Alber Maximilian

class TimeStampLogsJob

Bases: endian.job.generic.crawlerjob.CrawlerJob, endian.job.job.Job

Makes a timestamp for all log archives files which, doesn’t have one.

crawl(filename)

Hook to perform a operation on the crawled file.

Create a timestamp if necessary.

Parameters:filename (Strings) – The filename. Returns:The filename of the, may changed file or None. Return type:String

get_pattern()

Returns the search pattern.

In the default implemenation the function looks, if a the settings_file_name and a pattern_key is defined and reads out of the settings file the pattern. If not it uses the member pattern. If even this not exists an empty string will be returned.

Returns:The search patterns. Return type:list of strings String or String

logrotate_pattern = ['/var/log/archives/*%s.gz', '/var/log/archives/*/*%s.gz']

pre(files)

Prepartion hook, is triggered before the crawling.

Parameters:files (list of Strings) – The list of found files. Returns:The list of found files. Return type:list of Strings

restart(job, *args, **argv)

Starts the job.

Parameters:options (dict) – A dict with options.

settings_file_name = 'opentsa/settings'

time_stamp_archived_logging_file(input_filename, server_url, server_certificate=None, webuser=None, webpass=None, output_dir=None, proxy_settings=None, extension='tsr')

Makes a timestamp for a archived logging file and stores the timestamp in the logging archive directory.

Parameters:

• input_filename (String) – The filename for which the timestamp is requested relative to the logging directory.
• server_url (String) – The url of the timestamp server.
• server_certificate (None) – The filename of the server certifcate or None.
• webuser (String) – The username if http basic authentication is requested. None means no authentication.
• webpass (String) – The corresponding passwordto webuser, or None.
• output_dir (String) – The output directory. Default the same as the one of the file.
• proxy_settings (dict) – A dict with upstream proxy settings. Must contain: enabled, server and port. May contains: user and password.
• extension (String) – The output file extension.

time_stamp_file(filename, server_url, server_certificate=None, output_dir=None, webuser=None, webpass=None, proxy_settings=None, extension='tsr')

Makes a timestamp for the passed file.

Parameters:

• filename (String) – The filename for which the timestamp is requested.
• server_url (String) – The url of the timestamp server.
• server_certificate (None) – The filename of the server certifcate or None.
• output_dir (String) – The output directory. Default the same as the one of the file.
• webuser (String) – The username if http basic authentication is requested. None means no authentication.
• webpass (String) – The corresponding password to webuser, or None.
• proxy_settings (dict) – A dict with upstream proxy settings. Must contain: enabled, server and port. May contains: user and password. If None is passed the one of the system will be used.
• extension (String) – The output file extension.

endian.restartscripts.timestamplogscontrol module

Module author: Alber Maximilian

class TimeStampLogsControlJob

Bases: endian.job.generic.crawlerjob.CrawlerJob, endian.job.job.Job

Controls if the timestamps in the logs archive are still untouched.

control_archived_time_stamp_file(input_filename, time_stamp_file, control_certificate)

Controls if the timestamp, the file and control certificate are matching together.

The file will be uncompressed.

Parameters:

• input_filename (String) – The data filename.
• time_stamp_file (String) – The filename of the timestamp.
• control_certificate (String) – The filename of the certificate.

Returns:

True if they ara matching.

Return type:

bool

control_time_stamp_file(filename, time_stamp_file, control_certificate)

Controls if the timestamp, the file and control certificate are matching together.

Parameters:

• filename (String) – The data filename.
• time_stamp_file (String) – The filename of the timestamp.
• control_certificate (String) – The filename of the certificate.

Returns:

True if they ara matching.

Return type:

bool

crawl(filename)

Hook to perform a operation on the crawled file.

Create a timestamp if necessary. :param filename: The filename. :type filename: Strings :return: The filename of the, may changed file or None. :rtype: String

pattern = ['/var/log/archives/*.gz', '/var/log/archives/*/*.gz']

pre(files)

Prepartion hook, is triggered before the crawling.

Parameters:files (list of Strings) – The list of found files. Returns:The list of found files. Return type:list of Strings

restart(job, *args, **argv)

Starts the job. :param options: A dict with options. :type options: dict

settings_file_name = 'opentsa/settings'

exception TimeStampException

Bases: exceptions.Exception

Class used for exception in the timestamping flow.

endian.restartscripts.ulogd module

class UlogdJob

Bases: endian.job.job.Job

config_values = None

load_config()

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

endian.restartscripts.updatewizard_done module

class UpdateWizardDoneJob

Bases: endian.job.job.Job

start(job, *args, **argv)

endian.restartscripts.uplinksdaemonjob module

class StopUplinkThread(uplink, logger)

Bases: threading.Thread

run()

class UplinksDaemonJob

Bases: endian.job.generic.handlersjob.HandlersJob, endian.job.job.Job

addrchanged(job, *args, **argv)

config_values = None

emi = 'uplinksdaemon'

load_config()

mainchanged(job, *args, **argv)

offline(job, *args, **argv)

online(job, *args, **argv)

restart(job, *args, **argv)

save_config()

start(job, *args, **argv)

stop(job, *args, **argv)

stop_uplinks(job, *args, **argv)

Stop the uplinksdaemon and all the uplinks

updatewizard(job, *args, **argv)

endian.restartscripts.urlfilter module

class UrlfilterJob

Bases: endian.job.generic.servicejob.ServiceJob

actions = {'icap': [{'action': 'apply', 'type': 'job', 'name': 'icap', 'options': {'force': True}}]}

configFiles = [{'affects': 'icap', 'onstop': True, 'file': '/etc/c-icap/c-icap.d/srv_url_check.conf'}, {'affects': 'icap', 'onstop': True, 'file': '/etc/squid/squid.conf.d/urlfilter.conf'}]

hasService = False

job_groups = ['icapgroup']

load_config_hook()

settingsName = 'urlfilter'

shouldstart_hook()

endian.restartscripts.urlfiltercron module

Module author: Peter Warasin

class UrlfilterCronJob

Bases: endian.job.generic.cronjob.AnaCronJob, endian.job.job.Job

Resets the urlfilter cron scripts.

pre_set(scripts)

restart(job, *args, **argv)

Resets the scripts.

scripts = {'urlfilterListUpdate': ('/usr/local/bin/restarturlfilterlistsupdate', 'UPDATEFREQUENCE')}

settings_file_name = 'urlfilter/settings'

start(job, *args, **argv)

Resets the scripts.

endian.restartscripts.urlfilterlistsupdate module

Module author: Peter Warasin

class UrlfilterListsUpDateJob

Bases: endian.job.generic.downloadjob.DownLoadJob, endian.job.job.Job

Downloads from the configured url the urlfilter blacklists and updates the urlfilter service.

post(tmp_dir, urls)

Post hook, is triggered after the download and the possible uncompressing.

In the default implementation the content of urls with a location key in the urls parameter will be moved to this location.

Parameters:

• tmp_dir (String) – The temporary directory for the downloads.
• urls (list of dicts) – The urls to downloaded.

restart(job, *args, **argv)

Starts the job.

Parameters:options – A dict with options. :type options: dict

settings_file_name = '/var/efw/urlfilter/settings'

start(job, *args, **argv)

Starts the download jobs. In detail controlls, if there is new data. If so, launches the pre hook, downloads the urls retrieved by getURLS, lanaunches the postUnCompress and then the post hook.

Parameters:options (dict) – A dict with options.

urls = [{'location_key': 'BLACKLIST_SYSTEM_PATH', 'uncompress': True, 'url_key': 'BLACKLIST_URL', 'archive_prefix_key': 'BLACKLIST_TAR_PREFIX', 'etag_key': 'BLACKLIST_ETAG'}]

endian.restartscripts.winbind module

class WinbindJob

Bases: endian.job.job.Job

has_blue()

has_orange()

load_config()

net_conf = None

proxy_conf = None

restart(job, *args, **argv)

save_config()

shouldstart()

start(job, *args, **argv)

stop(job, *args, **argv)