[nanny] Win32 Chrono and Filtering works



commit 93fda22d51e793e87fade632551b79f152a01223
Author: Roberto Majadas <roberto majadas openshine com>
Date:   Thu Sep 23 12:16:33 2010 +0200

    Win32 Chrono and Filtering works

 daemon/src/Win32Chrono.py    |   36 +++++-------
 daemon/src/Win32Filtering.py |  135 +++++++++++++++++++++++++++++++-----------
 daemon/src/Win32Top.py       |   45 +++++++++++++-
 3 files changed, 159 insertions(+), 57 deletions(-)
---
diff --git a/daemon/src/Win32Chrono.py b/daemon/src/Win32Chrono.py
index 92f3c9e..22fc51a 100644
--- a/daemon/src/Win32Chrono.py
+++ b/daemon/src/Win32Chrono.py
@@ -54,52 +54,46 @@ class Win32Chrono(gobject.GObject) :
         gobject.GObject.__init__(self)
         self.quarterback = quarterback
 
+        file_dir = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+        for x in range(6):
+            file_dir = os.path.dirname(file_dir)
+        root_path = file_dir
+        self.apps_list_path = os.path.join(root_path, "etc", "nanny", "applists")
+
         self.day = datetime.date.today().day
         self.categories = ['session', 'browser', 'email', 'im']
 
         self.quarterback.connect('block-status', self.__update_cb)
 
     def __update_cb(self, quarterback, block_status, user_id, app_id, next_change, available_time):
-        return 
-
         '''Callback that updates the used times of the categories.'''
         if block_status == False:
             app_list = self.__get_application_list(self.categories)
-            proclist = gtop.proclist(gtop.PROCLIST_KERN_PROC_UID, int(user_id))
+            proclist = self.quarterback.win32top.proclist(int(user_id))
             
             if app_id == SESSION_APPID :
                 try:
-                    d = dbus.SystemBus()
-                    manager = dbus.Interface(d.get_object("org.freedesktop.ConsoleKit", "/org/freedesktop/ConsoleKit/Manager"), 
-                                             "org.freedesktop.ConsoleKit.Manager")
-                    sessions = manager.GetSessionsForUnixUser(int(user_id))
-                    for session_name in sessions :
-                        session = dbus.Interface(d.get_object("org.freedesktop.ConsoleKit", session_name),
-                                                 "org.freedesktop.ConsoleKit.Session")
-                        x11_display = session.GetX11Display()
-                        if x11_display == "":
-                            continue
+                    if self.quarterback.win32top.get_current_user_session() == int(user_id) :
                         self.quarterback.subtract_time(user_id, app_id)
-                        break
+                        return
                 except:
                     print "Crash Chrono __update_cb"
             else:
                 category = self.categories[app_id]
                 found = False
                 for proc in proclist:
-                    if len(gtop.proc_args(proc)) > 0:
-                        process = gtop.proc_args(proc)[0]
+                    if len(self.quarterback.win32top.proc_args(proc)) > 0:
+                        process = self.quarterback.win32top.proc_args(proc)
                         if self.is_a_controlled_app(process, category, app_list):
                             self.quarterback.subtract_time(user_id, app_id)
-                            break
+                            return
 
     def is_a_controlled_app(self, process, category, app_list):
-        return False
         found = False
 
         for app in app_list:
             if app[0] == category:
-                if os.path.basename(process) == app[1]:
+                if process == app[1]:
                     found = True
                     break
 
@@ -113,9 +107,9 @@ class Win32Chrono(gobject.GObject) :
                         ['email', 'thunderbird']]
         '''
 
-        app_list = [['session', 'gnome-session']]
+        app_list = []
         for category in categories:
-            file_path = '/etc/nanny/applists/' + category
+            file_path = os.path.join(self.apps_list_path, category + ".w32")
             if os.path.exists(file_path):
                 file = open(file_path, 'rb')
                 for line in file:
diff --git a/daemon/src/Win32Filtering.py b/daemon/src/Win32Filtering.py
index 40509c4..5aa42a1 100644
--- a/daemon/src/Win32Filtering.py
+++ b/daemon/src/Win32Filtering.py
@@ -48,6 +48,66 @@ services_ports = {WEB_APPID : "80, 443, 8080",
                   IM_APPID : "1863, 5222, 5269",
                   }
 
+class Win32Firewall(gobject.GObject) :
+    def __init__(self) :
+        gobject.GObject.__init__(self)
+        self.fw_status = [None, None, None, None]
+        self.platform = None
+        if self.__find_in_path("ipseccmd.exe") != None :
+            self.platform = "xp"
+            self.fw = "ipseccmd.exe"
+        elif self.__find_in_path("ipsecpol.exe") != None :
+            self.platform = "2000"
+            self.fw = "ipsecpol.exe"
+        else:
+            pass
+
+    def get_platform(self):
+        return self.platform
+
+    def set_appid_fwstatus(self, appid, block):
+        if self.fw_status[appid] != None and self.fw_status[appid] == block :
+            return
+
+        if self.platform == "xp" or self.platform == "2000":
+            port_params = ''
+            for port in services_ports[appid].replace(" ","").split(",") :
+                port_params = port_params + '-f 0=*:%s:TCP ' % port
+
+            block_param = "-n BLOCK "
+            if block == False:
+                block_param = "-n PASS"
+            
+            os.system('%s -x -w REG -p "nanny_firewall" -r "nanny_appid_%s" %s %s > NUL' % (self.fw, appid, port_params, block_param))
+            if self.fw_status[appid] != block :
+                appid_name = { 1: "WEB", 2: "MAIL", 3: "IM"}
+                print "[W32Filtering] %s ports block == %s" % (appid_name[appid], block)
+                self.fw_status[appid] = block
+
+    def start(self):
+        if self.platform == "xp" or self.platform == "2000":
+            os.system('%s -w reg -p "nanny_firewall" -y > NUL' % self.fw)
+            os.system('%s -w reg -p "nanny_firewall" -o > NUL' % self.fw)
+            self.set_appid_fwstatus(WEB_APPID, False)
+            self.set_appid_fwstatus(MAIL_APPID, False)
+            self.set_appid_fwstatus(IM_APPID, False)
+        else:
+            pass
+
+    def stop(self):
+        if self.platform == "xp" or self.platform == "2000":
+            os.system('%s -w reg -p "nanny_firewall" -y > NUL' % self.fw)
+            os.system('%s -w reg -p "nanny_firewall" -o > NUL' % self.fw)
+        else:
+            pass
+
+    def __find_in_path(self, program):
+        for dir in os.environ["PATH"].split(";") :
+            if os.path.exists(os.path.join(dir, program)) :
+                return os.path.join(dir, program)
+        return None
+        
+
 class Win32Filtering(gobject.GObject) :
     def __init__(self, quarterback) :
         gobject.GObject.__init__(self)
@@ -55,47 +115,54 @@ class Win32Filtering(gobject.GObject) :
         
         reactor.addSystemEventTrigger("before", "startup", self.start)
         reactor.addSystemEventTrigger("before", "shutdown", self.stop)
-        
-        self.quarterback.connect("update-blocks", self.__update_blocks_cb)
 
     def start(self):
         print "Start Win32 Filtering"
-        self.__update_blocks_cb(self.quarterback, self.quarterback.blocks)
+        self.win32fw = Win32Firewall()
+        if self.win32fw.get_platform() != None:
+            print "[W32Filtering] found Windows %s fw_tool" % self.win32fw.get_platform()
+            self.win32fw.start()
+            gobject.timeout_add(1000, self.__update_rules)
 
     def stop(self):
         print "Stop Win32 Filtering"
+        if self.win32fw.get_platform() != None:
+            self.win32fw.stop()
+
+    def __update_rules(self):
+        if self.win32fw.get_platform() == None:
+            return True
+        
+        if self.quarterback.win32top.get_current_user_session() == 0 :
+            self.win32fw.set_appid_fwstatus(WEB_APPID, False)
+            self.win32fw.set_appid_fwstatus(MAIL_APPID, False)
+            self.win32fw.set_appid_fwstatus(IM_APPID, False)
+            return True
+
+        session_uid = str(self.quarterback.win32top.get_current_user_session())
+        blocks = self.quarterback.blocks
 
-    def __update_blocks_cb(self, quarterback, blocks):
-        #Create pre-chain
-        rules=[]
         for user_id in blocks.keys() :
-            for app_id in blocks[user_id].keys() :
-                if app_id == SESSION_APPID :
-                    continue
-
-                if quarterback.get_available_time(user_id, app_id) == 0 :
-                    rules.append(
-                            (user_id,
-                             strftime("%a", localtime()),
-                             "00:01",
-                             "23:59",
-                             services_ports[app_id]
-                             )
-                        )
-                
-                to_block = quarterback.get_blocks(user_id, app_id)
-                for week_day in to_block.keys() :
-                    for i_time, e_time in to_block[week_day] :
-                        rules.append(
-                            (user_id,
-                             iptables_weekdays[week_day],
-                             i_time,
-                             e_time,
-                             services_ports[app_id]
-                             )
-                            )
-            
-        #apply rules firewall
-        print ("update_firewall_rules : WIP")
+            if int(user_id) == int(session_uid):
+                for app_id in blocks[user_id].keys() :
+                    if app_id == SESSION_APPID :
+                        continue
+
+                    if self.quarterback.get_available_time(user_id, app_id) == 0 :
+                        self.win32fw.set_appid_fwstatus(int(app_id), True)
+                        continue
+                    try:
+                        block_status, next_block = self.quarterback.is_blocked(user_id, app_id)
+                    except:
+                        print "[W32Filtering] Fail getting self.quarterback.is_blocked"
+                        block_status = False
+
+                    if block_status == True :
+                        self.win32fw.set_appid_fwstatus(int(app_id), True)
+                    else:
+                        self.win32fw.set_appid_fwstatus(int(app_id), False)
+
+        return True
         
 gobject.type_register(Win32Filtering)
+gobject.type_register(Win32Firewall)
diff --git a/daemon/src/Win32Top.py b/daemon/src/Win32Top.py
index 67772f8..db98242 100644
--- a/daemon/src/Win32Top.py
+++ b/daemon/src/Win32Top.py
@@ -33,7 +33,9 @@ class Win32Top(gobject.GObject) :
         gobject.GObject.__init__(self)
         self.quarterback = quarterback
         self.process_list = {}
+        self.session_user = 0
         self.first_time = True
+        self.oWMI = win32com.client.GetObject(r"winmgmts:\\.\root\cimv2")
         
         reactor.addSystemEventTrigger("before", "startup", self.start)
         reactor.addSystemEventTrigger("before", "shutdown", self.stop)
@@ -41,17 +43,56 @@ class Win32Top(gobject.GObject) :
     def start(self):
         print "Start Win32 Top"
         gobject.timeout_add(1000, self.__update_info)
+        gobject.timeout_add(3000, self.__update_session_info)
 
     def stop(self):
         print "Stop Win32 Top"
 
+    def get_current_user_session(self):
+        return self.session_user
+
+    def proclist(self, uid):
+        proclist = []
+        for pid in self.process_list :
+            if self.process_list[pid][0] == uid :
+                proclist.append(pid)
+
+        return proclist
+
+    def proc_args(self, pid):
+        try:
+            return self.process_list(pid)[1]
+        except:
+            return ''
+            
+    def __update_session_info(self):
+        qry = "Select * from Win32_ComputerSystem"
+        qry = self.oWMI.ExecQuery(qry)
+        if qry.count > 0:
+            for result in qry:
+                try:
+                    username = str(result.UserName).split("\\")[-1]
+                    users_list = self.quarterback.usersmanager.get_users()
+                    for uid, uname, ufname in users_list:
+                        if uname == username :
+                            #print "[W32TOP] Session User : %s" % uid
+                            self.session_user = uid
+                            return True
+                    self.session_user = 0
+                    return True
+                except:
+                    self.session_user = 0
+                    return True
+        
+        self.session_user = 0
+        return True
+
     def __update_info(self):
         if self.first_time == True:
             print "[W32TOP] Initial process check start"
 
-        oWMI = win32com.client.GetObject(r"winmgmts:\\.\root\cimv2")
         qry = "SELECT * FROM Win32_Process"
-        qry = oWMI.ExecQuery(qry)
+        qry = self.oWMI.ExecQuery(qry)
         users_list = self.quarterback.usersmanager.get_users()
 
         if qry.count > 0:



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]