Ignore:
Timestamp:
Jul 14, 2017, 2:55:39 PM (2 years ago)
Author:
Juanma
Message:

WIP

File:
1 edited

Legend:

Unmodified
Added
Removed
  • zero-lliurex-transparent-proxy/trunk/fuentes/install-files/usr/sbin/transparent-proxy-manager.py

    r5526 r5532  
    1313class mainWindow(Gtk.Window):
    1414    def __init__(self):
     15        self.dbg=1
    1516        self.service="squid-ssl"
    1617        Gtk.Window.__init__(self,title="Transparent Proxy Manager")
     
    2324        self.sw_Enable.connect("state-set",self._on_sw_state)
    2425        self.box.attach(self.sw_Enable,1,0,2,1)
     26        self.lbl_State=Gtk.Label('')
     27        self.box.attach(self.lbl_State,0,1, 1,1)
     28        self.spinner = Gtk.Spinner()
     29        self.box.attach(self.spinner, 2, 2, 2, 3)
     30
    2531        self.sw_Enable.set_state(self._is_service_running(self.service))
    2632        if self.sw_Enable.get_state():
     
    2834        else:
    2935            service_label="Service deactivated"
    30         self.lbl_State=Gtk.Label(_(service_label))
    31         self.box.attach(self.lbl_State,0,1, 1,1)
     36        self.lbl_State.set_text(_(service_label))
    3237               
     38    def _debug(self,msg):
     39        if self.dbg==1:
     40            print("DBG: "+str(msg))
     41
    3342    def _on_sw_state(self,widget,data):
     43        self.spinner.start()
    3444        sw_state=widget.get_state()
    3545        if not sw_state:
    36             self.lbl_State.set_text("Enabling transparent proxy")
     46            self.lbl_State.set_text(_("Enabling transparent proxy"))
    3747            self._enable_proxy()
    38             self.lbl_State.set_text("Service up and running")
     48            self.lbl_State.set_text(_("Service up and running"))
    3949        else:
    40             self.lbl_State.set_text("Disabling transparent proxy")
     50            self.lbl_State.set_text(_("Disabling transparent proxy"))
    4151            self._disable_proxy();
    42             self.lbl_State.set_text("Service deactivated")
     52            self.lbl_State.set_text(_("Service deactivated"))
     53        self.spinner.stop()
     54        self._debug("Done")
    4355
    4456    def _enable_proxy(self):
     57        self._debug("Enabling proxy")
     58        if not self._is_squidssl_installed():
     59            self._install_squidssl()
    4560        if not self._is_service_running(self.service):
    4661        #Copy the original squid.conf and make the needed changes
     62            self._debug("Configuring squid-ssl")
    4763            try:
    4864                shutil.copy ("/etc/squid/squid.conf","/etc/squid-ssl/squid.conf")
     
    5672                        if '127.0.' not in line:
    5773                            net_ip=line.split(' ')[1]
    58                             net_ip=net_ip.split('.')[0:3]+'.0'
     74                            net_ip=net_ip.split('.')[0:3]
    5975                            lineHttps="##Transparent https -->\nhttps_port 10.2.1.254:3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myCA.pem key=/etc/squid/ssl_cert/myCA.pem\n#ssl_bump client-first all\nssl_bump splice all\n## <--"
    6076                            line=line.rstrip("\n")+" intercept\n"
     
    6682            except Exception as e:
    6783                print(str(e))
    68        #Disable squid
    69        self._disable_squid()
    70        #Add iptables redirection
    71        with open(os.devnull, 'wb') as hide_output:
    72            iptablesCmd='iptables -t nat -A PREROUTING -s '+net_ip+'/16 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3129'
    73            subprocess.Popen(iptablesCmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
    74            iptablesCmd='iptables -t nat -A PREROUTING -s '+net_ip+'/16 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128'
    75            subprocess.Popen(iptablesCmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
    76        #Enable squid-ssl
    77            cmd="update-rc.d squid-ssl defaults 30"
    78            subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
    79            cmd="invoke-rc.d squid-ssl restart"
    80            subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     84            #Add iptables redirection
     85            self._debug("Adding iptables rules")
     86            net_ip='.'.join(net_ip)+".0"
     87            with open(os.devnull, 'wb') as hide_output:
     88                iptablesCmd='iptables -t nat -A PREROUTING -s '+net_ip+'/16 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3129'
     89                subprocess.Popen(iptablesCmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     90                iptablesCmd='iptables -t nat -A PREROUTING -s '+net_ip+'/16 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128'
     91                subprocess.Popen(iptablesCmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     92            #Enable squid-ssl
     93                self._debug("Enabling squid-ssl service")
     94                cmd="update-rc.d squid-ssl defaults 30"
     95                subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     96                cmd="invoke-rc.d squid-ssl restart"
     97                subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     98        else:
     99            self._debug("Service is already running")
     100        #Disable squid
     101        self._disable_squid()
    81102               
    82103    def _disable_proxy(self):
     
    102123                print(str(e))
    103124        #Remove the conf files
    104         if os.path.isfile('/etc/init.d/squid-ssl'):
    105             os.remove('/etc/init.d/squid-ssl')
     125        self._debug("Removing config files")
    106126        if os.path.isfile("/etc/squid-ssl/squid.conf"):
    107127            os.remove('/etc/squid-ssl/squid.conf')
     
    109129
    110130    def _disable_squid(self):
     131        self._debug("Disabling squid")
    111132        with open(os.devnull, 'wb') as hide_output:
    112133            cmd='service squid stop'
     
    116137
    117138    def _enable_squid(self):
     139        self._debug("Enabling squid")
    118140        with open(os.devnull, 'wb') as hide_output:
    119141            cmd="update-rc.d squid defaults 30"
     
    126148        try:
    127149            with open(os.devnull, 'wb') as hide_output:
    128                 status = subprocess.Popen(['service', name, 'status'], stdout=hide_output, stderr=hide_output).wait()
     150                cmd='service '+name+' status'
     151                status = subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
    129152            if status==0:
    130153                retval=True
    131154        except Exception as e:
    132155            print(str(e))
     156        self._debug("Squid-ssl running: "+str(retval))
    133157        return retval
     158
     159    def _is_squidssl_installed(self):
     160        retval=False
     161        try:
     162            with open(os.devnull, 'wb') as hide_output:
     163                cmd='dpkg -s squid-ssl | grep status | grep installed'
     164                status = subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     165            if status==0:
     166                retval=True
     167        except Exception as e:
     168            print(str(e))
     169
     170        self._debug("Squid-ssl installed: "+str(retval))
     171        return retval
     172
     173    def _install_squidssl(self):
     174        self._debug("Installing needed packages")
     175        self.lbl_State.set_text(_("Installing packages"))
     176        with open(os.devnull, 'wb') as hide_output:
     177            cmd='zero-repos-update'
     178            status = subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     179            cmd='zero-installer install squid-ssl'
     180            status = subprocess.Popen(cmd.split(' '), stdout=hide_output, stderr=hide_output).wait()
     181        self.lbl_State.set_text(_("Enabling transparent proxy"))
    134182
    135183win = mainWindow()
Note: See TracChangeset for help on using the changeset viewer.