From b46660e55a49b2fb91f90c3ed2fc108b1aa0d2b3 Mon Sep 17 00:00:00 2001 From: Daniel Dayley Date: Fri, 13 Dec 2019 16:21:01 -0700 Subject: [PATCH] Fixed typo on f5 and got basic openvpn working --- plugins/f5.py | 2 +- plugins/openvpn.py | 59 ++++++++++++++++++++++++++++++++++++++++------ 2 files changed, 53 insertions(+), 8 deletions(-) diff --git a/plugins/f5.py b/plugins/f5.py index 1ca4adc..d43d375 100644 --- a/plugins/f5.py +++ b/plugins/f5.py @@ -18,7 +18,7 @@ class ServiceDelegate(ServiceBase) : def startup(self) : for requirement in ['hosts','username','key'] : if requirement not in self.config or (requirement in self.config and self.config[requirement] is ''): - self.error.appendupdate('Missing required config option ' + requirement) + self.error.append('Missing required config option ' + requirement) return self.hosts = self.config['hosts'] self.debug("Logging into F5's and searching for hosts, this make take some time.",1) diff --git a/plugins/openvpn.py b/plugins/openvpn.py index 30dd964..0d0bb19 100644 --- a/plugins/openvpn.py +++ b/plugins/openvpn.py @@ -1,15 +1,60 @@ from servicebase import ServiceBase +import paramiko +import re class ServiceDelegate(ServiceBase) : + + connections = None + def get_arguments(cls) : """Returns an array of information used to construct an argumentparser argument.""" - # [ ,,, ] - # Example return: [ '-n', '--net', 'store_true', "Return network information about the subject" ] return ['-r', '--vpn','store_true',"Return VPN information about the subject"] - def get_user_from_ip(ip) : - """Given an IP address, return the user who was last assigned the address.""" - pass - def get_user_login_time_from_ip(ip) : - """Given an IP address, return the time of the last assignment of the address""" + def startup(self) : + for requirement in ['hosts','username','key'] : + if requirement not in self.config or (requirement in self.config and self.config[requirement] is ''): + self.error.append('Missing required config option ' + requirement) + return + self.hosts = self.config['hosts'] + self.debug("Logging into OpenVPN servers...",1) + connections = [] + for host in self.config['hosts'] : + try : + sshclient = paramiko.SSHClient() + sshclient.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + sshclient.connect(host,22,username=self.config['username'],password=self.config['key']) + connections.append(sshclient) + except Exception as exception : + self.error.append("Unable to ssh into " + host + ': ' + str(exception)) + self.connections = connections + + + def shutdown(self) : + for connection in self.connections : + connection.close() + + def perform_lookup(self,host_tuple) : + search_command = "sudo -S cat /etc/openvpn/openvpn-*p.log | grep 'primary virtual IP for' | grep '" + host_tuple[0] + "' | tail -n 1" + for connection in self.connections : + try: + stdin,stdout,stderr=connection.exec_command(search_command) + stdin.write(self.config['key'] + '\n') + stdin.flush() + result = stdout.readlines() + if len(result) > 0 : + self.debug('Retrieved line from ssh session: \n' + result[0],2) + result = result[0] + else : + result = "" + items = {'nat_address': r'.*\ ([0-9a-fA-F\.\:]*)$', 'source_address': r'.*/([0-9a-fA-F\.\:]*)\ .*', 'user_name': r'.*us=[0-9]*\ ([a-zA-Z0-9\.]*)/.*', 'timestamp': r'(.*)\ us=.*'} + return_dictionary = {} + for item in items.keys() : + matches = re.match(items[item],result) + if matches and len(matches.groups()) and matches[1] : + return_dictionary.update({item: matches[1]}) + if return_dictionary is not {} : + return return_dictionary + except Exception as exception : + self.error.append("Unable to get results from ssh: " + str(exception)) pass +