[nanny] Win32 Chrono and Filtering works
- From: Roberto Majadas <telemaco src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [nanny] Win32 Chrono and Filtering works
- Date: Sun, 23 Jan 2011 18:02:46 +0000 (UTC)
commit 93fda22d51e793e87fade632551b79f152a01223
Author: Roberto Majadas <roberto majadas openshine com>
Date: Thu Sep 23 12:16:33 2010 +0200
Win32 Chrono and Filtering works
daemon/src/Win32Chrono.py | 36 +++++-------
daemon/src/Win32Filtering.py | 135 +++++++++++++++++++++++++++++++-----------
daemon/src/Win32Top.py | 45 +++++++++++++-
3 files changed, 159 insertions(+), 57 deletions(-)
---
diff --git a/daemon/src/Win32Chrono.py b/daemon/src/Win32Chrono.py
index 92f3c9e..22fc51a 100644
--- a/daemon/src/Win32Chrono.py
+++ b/daemon/src/Win32Chrono.py
@@ -54,52 +54,46 @@ class Win32Chrono(gobject.GObject) :
gobject.GObject.__init__(self)
self.quarterback = quarterback
+ file_dir = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+ for x in range(6):
+ file_dir = os.path.dirname(file_dir)
+ root_path = file_dir
+ self.apps_list_path = os.path.join(root_path, "etc", "nanny", "applists")
+
self.day = datetime.date.today().day
self.categories = ['session', 'browser', 'email', 'im']
self.quarterback.connect('block-status', self.__update_cb)
def __update_cb(self, quarterback, block_status, user_id, app_id, next_change, available_time):
- return
-
'''Callback that updates the used times of the categories.'''
if block_status == False:
app_list = self.__get_application_list(self.categories)
- proclist = gtop.proclist(gtop.PROCLIST_KERN_PROC_UID, int(user_id))
+ proclist = self.quarterback.win32top.proclist(int(user_id))
if app_id == SESSION_APPID :
try:
- d = dbus.SystemBus()
- manager = dbus.Interface(d.get_object("org.freedesktop.ConsoleKit", "/org/freedesktop/ConsoleKit/Manager"),
- "org.freedesktop.ConsoleKit.Manager")
- sessions = manager.GetSessionsForUnixUser(int(user_id))
- for session_name in sessions :
- session = dbus.Interface(d.get_object("org.freedesktop.ConsoleKit", session_name),
- "org.freedesktop.ConsoleKit.Session")
- x11_display = session.GetX11Display()
- if x11_display == "":
- continue
+ if self.quarterback.win32top.get_current_user_session() == int(user_id) :
self.quarterback.subtract_time(user_id, app_id)
- break
+ return
except:
print "Crash Chrono __update_cb"
else:
category = self.categories[app_id]
found = False
for proc in proclist:
- if len(gtop.proc_args(proc)) > 0:
- process = gtop.proc_args(proc)[0]
+ if len(self.quarterback.win32top.proc_args(proc)) > 0:
+ process = self.quarterback.win32top.proc_args(proc)
if self.is_a_controlled_app(process, category, app_list):
self.quarterback.subtract_time(user_id, app_id)
- break
+ return
def is_a_controlled_app(self, process, category, app_list):
- return False
found = False
for app in app_list:
if app[0] == category:
- if os.path.basename(process) == app[1]:
+ if process == app[1]:
found = True
break
@@ -113,9 +107,9 @@ class Win32Chrono(gobject.GObject) :
['email', 'thunderbird']]
'''
- app_list = [['session', 'gnome-session']]
+ app_list = []
for category in categories:
- file_path = '/etc/nanny/applists/' + category
+ file_path = os.path.join(self.apps_list_path, category + ".w32")
if os.path.exists(file_path):
file = open(file_path, 'rb')
for line in file:
diff --git a/daemon/src/Win32Filtering.py b/daemon/src/Win32Filtering.py
index 40509c4..5aa42a1 100644
--- a/daemon/src/Win32Filtering.py
+++ b/daemon/src/Win32Filtering.py
@@ -48,6 +48,66 @@ services_ports = {WEB_APPID : "80, 443, 8080",
IM_APPID : "1863, 5222, 5269",
}
+class Win32Firewall(gobject.GObject) :
+ def __init__(self) :
+ gobject.GObject.__init__(self)
+ self.fw_status = [None, None, None, None]
+ self.platform = None
+ if self.__find_in_path("ipseccmd.exe") != None :
+ self.platform = "xp"
+ self.fw = "ipseccmd.exe"
+ elif self.__find_in_path("ipsecpol.exe") != None :
+ self.platform = "2000"
+ self.fw = "ipsecpol.exe"
+ else:
+ pass
+
+ def get_platform(self):
+ return self.platform
+
+ def set_appid_fwstatus(self, appid, block):
+ if self.fw_status[appid] != None and self.fw_status[appid] == block :
+ return
+
+ if self.platform == "xp" or self.platform == "2000":
+ port_params = ''
+ for port in services_ports[appid].replace(" ","").split(",") :
+ port_params = port_params + '-f 0=*:%s:TCP ' % port
+
+ block_param = "-n BLOCK "
+ if block == False:
+ block_param = "-n PASS"
+
+ os.system('%s -x -w REG -p "nanny_firewall" -r "nanny_appid_%s" %s %s > NUL' % (self.fw, appid, port_params, block_param))
+ if self.fw_status[appid] != block :
+ appid_name = { 1: "WEB", 2: "MAIL", 3: "IM"}
+ print "[W32Filtering] %s ports block == %s" % (appid_name[appid], block)
+ self.fw_status[appid] = block
+
+ def start(self):
+ if self.platform == "xp" or self.platform == "2000":
+ os.system('%s -w reg -p "nanny_firewall" -y > NUL' % self.fw)
+ os.system('%s -w reg -p "nanny_firewall" -o > NUL' % self.fw)
+ self.set_appid_fwstatus(WEB_APPID, False)
+ self.set_appid_fwstatus(MAIL_APPID, False)
+ self.set_appid_fwstatus(IM_APPID, False)
+ else:
+ pass
+
+ def stop(self):
+ if self.platform == "xp" or self.platform == "2000":
+ os.system('%s -w reg -p "nanny_firewall" -y > NUL' % self.fw)
+ os.system('%s -w reg -p "nanny_firewall" -o > NUL' % self.fw)
+ else:
+ pass
+
+ def __find_in_path(self, program):
+ for dir in os.environ["PATH"].split(";") :
+ if os.path.exists(os.path.join(dir, program)) :
+ return os.path.join(dir, program)
+ return None
+
+
class Win32Filtering(gobject.GObject) :
def __init__(self, quarterback) :
gobject.GObject.__init__(self)
@@ -55,47 +115,54 @@ class Win32Filtering(gobject.GObject) :
reactor.addSystemEventTrigger("before", "startup", self.start)
reactor.addSystemEventTrigger("before", "shutdown", self.stop)
-
- self.quarterback.connect("update-blocks", self.__update_blocks_cb)
def start(self):
print "Start Win32 Filtering"
- self.__update_blocks_cb(self.quarterback, self.quarterback.blocks)
+ self.win32fw = Win32Firewall()
+ if self.win32fw.get_platform() != None:
+ print "[W32Filtering] found Windows %s fw_tool" % self.win32fw.get_platform()
+ self.win32fw.start()
+ gobject.timeout_add(1000, self.__update_rules)
def stop(self):
print "Stop Win32 Filtering"
+ if self.win32fw.get_platform() != None:
+ self.win32fw.stop()
+
+ def __update_rules(self):
+ if self.win32fw.get_platform() == None:
+ return True
+
+ if self.quarterback.win32top.get_current_user_session() == 0 :
+ self.win32fw.set_appid_fwstatus(WEB_APPID, False)
+ self.win32fw.set_appid_fwstatus(MAIL_APPID, False)
+ self.win32fw.set_appid_fwstatus(IM_APPID, False)
+ return True
+
+ session_uid = str(self.quarterback.win32top.get_current_user_session())
+ blocks = self.quarterback.blocks
- def __update_blocks_cb(self, quarterback, blocks):
- #Create pre-chain
- rules=[]
for user_id in blocks.keys() :
- for app_id in blocks[user_id].keys() :
- if app_id == SESSION_APPID :
- continue
-
- if quarterback.get_available_time(user_id, app_id) == 0 :
- rules.append(
- (user_id,
- strftime("%a", localtime()),
- "00:01",
- "23:59",
- services_ports[app_id]
- )
- )
-
- to_block = quarterback.get_blocks(user_id, app_id)
- for week_day in to_block.keys() :
- for i_time, e_time in to_block[week_day] :
- rules.append(
- (user_id,
- iptables_weekdays[week_day],
- i_time,
- e_time,
- services_ports[app_id]
- )
- )
-
- #apply rules firewall
- print ("update_firewall_rules : WIP")
+ if int(user_id) == int(session_uid):
+ for app_id in blocks[user_id].keys() :
+ if app_id == SESSION_APPID :
+ continue
+
+ if self.quarterback.get_available_time(user_id, app_id) == 0 :
+ self.win32fw.set_appid_fwstatus(int(app_id), True)
+ continue
+ try:
+ block_status, next_block = self.quarterback.is_blocked(user_id, app_id)
+ except:
+ print "[W32Filtering] Fail getting self.quarterback.is_blocked"
+ block_status = False
+
+ if block_status == True :
+ self.win32fw.set_appid_fwstatus(int(app_id), True)
+ else:
+ self.win32fw.set_appid_fwstatus(int(app_id), False)
+
+ return True
gobject.type_register(Win32Filtering)
+gobject.type_register(Win32Firewall)
diff --git a/daemon/src/Win32Top.py b/daemon/src/Win32Top.py
index 67772f8..db98242 100644
--- a/daemon/src/Win32Top.py
+++ b/daemon/src/Win32Top.py
@@ -33,7 +33,9 @@ class Win32Top(gobject.GObject) :
gobject.GObject.__init__(self)
self.quarterback = quarterback
self.process_list = {}
+ self.session_user = 0
self.first_time = True
+ self.oWMI = win32com.client.GetObject(r"winmgmts:\\.\root\cimv2")
reactor.addSystemEventTrigger("before", "startup", self.start)
reactor.addSystemEventTrigger("before", "shutdown", self.stop)
@@ -41,17 +43,56 @@ class Win32Top(gobject.GObject) :
def start(self):
print "Start Win32 Top"
gobject.timeout_add(1000, self.__update_info)
+ gobject.timeout_add(3000, self.__update_session_info)
def stop(self):
print "Stop Win32 Top"
+ def get_current_user_session(self):
+ return self.session_user
+
+ def proclist(self, uid):
+ proclist = []
+ for pid in self.process_list :
+ if self.process_list[pid][0] == uid :
+ proclist.append(pid)
+
+ return proclist
+
+ def proc_args(self, pid):
+ try:
+ return self.process_list(pid)[1]
+ except:
+ return ''
+
+ def __update_session_info(self):
+ qry = "Select * from Win32_ComputerSystem"
+ qry = self.oWMI.ExecQuery(qry)
+ if qry.count > 0:
+ for result in qry:
+ try:
+ username = str(result.UserName).split("\\")[-1]
+ users_list = self.quarterback.usersmanager.get_users()
+ for uid, uname, ufname in users_list:
+ if uname == username :
+ #print "[W32TOP] Session User : %s" % uid
+ self.session_user = uid
+ return True
+ self.session_user = 0
+ return True
+ except:
+ self.session_user = 0
+ return True
+
+ self.session_user = 0
+ return True
+
def __update_info(self):
if self.first_time == True:
print "[W32TOP] Initial process check start"
- oWMI = win32com.client.GetObject(r"winmgmts:\\.\root\cimv2")
qry = "SELECT * FROM Win32_Process"
- qry = oWMI.ExecQuery(qry)
+ qry = self.oWMI.ExecQuery(qry)
users_list = self.quarterback.usersmanager.get_users()
if qry.count > 0:
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
