From 0db6c091aaad482bd09e75de70a00506fd595455 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Tue, 13 Jun 2017 01:38:41 +0200 Subject: [PATCH] Commandes de management --- portail_captif/portail_captif.service | 4 +- .../management/commands}/start_portail.py | 40 +++++++------------ .../management/commands}/stop_portail.py | 33 +++++++-------- 3 files changed, 32 insertions(+), 45 deletions(-) rename {portail_captif => users/management/commands}/start_portail.py (59%) rename {portail_captif => users/management/commands}/stop_portail.py (60%) diff --git a/portail_captif/portail_captif.service b/portail_captif/portail_captif.service index ab8fd99..0e5f345 100644 --- a/portail_captif/portail_captif.service +++ b/portail_captif/portail_captif.service @@ -11,11 +11,11 @@ User=root Group=root PIDFile=/run/portail_captif.pid WorkingDirectory=/var/www/portail_captif/ -ExecStartPre=/usr/bin/python3 /var/www/portail_captif/portail_captif/start_portail.py +ExecStartPre=/usr/bin/python3 /var/www/portail_captif/manage.py start_portail ExecStart=/usr/bin/gunicorn3 portail_captif.wsgi:application --pid=/run/portail_captif.pid --name www-data --user www-data --group www-data --daemon --log-file /var/log/gunicorn/portail_captif.log --log-level=info --bind=unix:///tmp/gunicorn-portail_captif.sock --workers=1 ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s TERM $MAINPID -ExecStopPost=/usr/bin/python3 /var/www/portail_captif/portail_captif/stop_portail.py +ExecStopPost=/usr/bin/python3 /var/www/portail_captif/manage.py stop_portail Restart=on-failure RestartSec=65 StartLimitInterval=60 diff --git a/portail_captif/start_portail.py b/users/management/commands/start_portail.py similarity index 59% rename from portail_captif/start_portail.py rename to users/management/commands/start_portail.py index 7c096bc..97a8dd6 100755 --- a/portail_captif/start_portail.py +++ b/users/management/commands/start_portail.py @@ -19,36 +19,26 @@ # Ce script est appellé avant le démarage du portail, il insère les bonnes règles # dans l'iptables et active le routage -import os, sys +from django.core.management.base import BaseCommand, CommandError -from django.core.wsgi import get_wsgi_application -from os.path import dirname - -proj_path = "/var/www/portail_captif/" -# This is so Django knows where to find stuff. -os.environ.setdefault("DJANGO_SETTINGS_MODULE", "portail_captif.settings") -sys.path.append(proj_path) - -# This is so my local_settings.py gets loaded. -os.chdir(proj_path) from users.models import restore_iptables, create_ip_set, fill_ipset, apply from portail_captif.settings import AUTORIZED_INTERFACES +class Command(BaseCommand): + help = 'Mets en place iptables et le set ip au démarage' + + def handle(self, *args, **options): + # Creation de l'ipset + create_ip_set() + # Remplissage avec les macs autorisées + fill_ipset() + # Restauration de l'iptables + restore_iptables() + # Activation du routage sur les bonnes if + for interface in AUTORIZED_INTERFACES: + apply(["sudo", "-n", "sysctl", "net.ipv6.conf.%s.forwarding=1" % interface]) + apply(["sudo", "-n", "sysctl", "net.ipv4.conf.%s.forwarding=1" % interface]) -application = get_wsgi_application() - -# Creation de l'ipset -create_ip_set() - -# Remplissage avec les macs autorisées -fill_ipset() - -# Restauration de l'iptables -restore_iptables() -# Activation du routage sur les bonnes if -for interface in AUTORIZED_INTERFACES: - apply("echo 1 > /proc/sys/net/ipv6/conf/%s/forwarding" % interface) - apply("echo 1 > /proc/sys/net/ipv4/conf/%s/forwarding" % interface) diff --git a/portail_captif/stop_portail.py b/users/management/commands/stop_portail.py similarity index 60% rename from portail_captif/stop_portail.py rename to users/management/commands/stop_portail.py index 1be4345..473d71e 100755 --- a/portail_captif/stop_portail.py +++ b/users/management/commands/stop_portail.py @@ -15,30 +15,27 @@ # You should have received a copy of the GNU General Public License along # with this program; if not, write to the Free Software Foundation, Inc., # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# +# # Ce script est appellé avant le démarage du portail, il insère les bonnes règles # dans l'iptables et active le routage -import os, sys +from django.core.management.base import BaseCommand, CommandError -proj_path = "/var/www/portail_captif/" -# This is so Django knows where to find stuff. -os.environ.setdefault("DJANGO_SETTINGS_MODULE", "portail_captif.settings") -sys.path.append(proj_path) -# This is so my local_settings.py gets loaded. -os.chdir(proj_path) - -from users.models import restore_iptables, apply +from users.models import restore_iptables, create_ip_set, fill_ipset, disable_iptables, apply from portail_captif.settings import AUTORIZED_INTERFACES -# Destruction de l'iptables -apply("iptables -t nat -F") -apply("iptables -t filter -F") -apply("iptables -t mangle -F") -# Desactivation du routage sur les bonnes if -for interface in AUTORIZED_INTERFACES: - apply("echo 0 > /proc/sys/net/ipv6/conf/%s/forwarding" % interface) - apply("echo 0 > /proc/sys/net/ipv4/conf/%s/forwarding" % interface) +class Command(BaseCommand): + help = 'Mets en place iptables et le set ip au démarage' + + def handle(self, *args, **options): + # Destruction de l'iptables + disable_iptables() + # Desactivation du routage sur les bonnes if + for interface in AUTORIZED_INTERFACES: + apply(["sudo", "-n", "sysctl", "net.ipv6.conf.%s.forwarding=0" % interface]) + apply(["sudo", "-n", "sysctl", "net.ipv4.conf.%s.forwarding=0" % interface]) + +