tperimeter/tperimeter.py at 5a0dc16935553d74a6e8a25ba27ac1e7f99dcd46

Fork: 0
tundra / tperimeter
Find file
Newer
Older
tperimeter / tperimeter.py
tundra on 20 Jun 2020 2 KB fix path to python interpreter
Raw Blame History
#!/usr/local/bin/python
# tperimeter.py
# Copyright (c) 2006-2020 TundraWare Inc.  All Rights Reserved.
# For Updates See:  http://www.tundraware.com/Software/tperimeter

# Program Information

PROGNAME = "tperimeter.py"
RCSID = "$Id: tperimeter.py,v 1.113 2012/06/09 21:10:21 tundra Exp $"

import os, re, sys, syslog

#####
# Constants
#####

Basedir  = "/www/cgi-bin/tperimeter/requests/" # Base directory to store requests
IPQuad   = r"(\d{1,3}\.){3}\d{1,3}$"           # Regex for IP Quads


#####
# Lookup Tables
#####

Forbidden = ["0.0.0.0", "255.255.255.255"]    # Forbidden IP addresses
Services  = ["sshd"]                          # Services we can open up
DefSvc    = "sshd"                            # Default service to open if none specified

#####
# Print Routine
#####

def Print(s):

    print(("[User@%s] %s" % (requestor, s)))

#####
# Error/Abort Routine
#####

def Error(s):
    Print("ERROR: %s!<br>" % s)
    Print( "Please Try Again ...<br><br>")
    sys.exit(1)

# End of 'Error()'


#####
# Print The HTML Header
####

print("Content-type: text/html\n\n")

#####
# Process Passed Parameters
# Save locally in a variable of the same name
#####

try:
    requestor = os.environ["REMOTE_ADDR"]
    service = address = ""
    for argument in os.environ["QUERY_STRING"].split("&"):
        exec('%s="%s"' % tuple(argument.split("=")))

except:
    Error("Internal Program Error")

#####
# Validate Number And Content Of Passed Parameters
#####

# If no service passed explicitly, use default

if not service:
    service = DefSvc


# Make sure requested service is one of the ones allowed

if service not in Services:
    Error("You Are Not Permitted To Change Access To %s" % service)


# If no address passed explictly, use the requestor's

if not address:
    address = requestor


# Make sure address is in quad format

if not re.match(IPQuad, address):
    Error("You Must Specify Address In IP Quad Format")


# Make sure each quad element is in range

for q in address.split("."):
    if not (0 <= int(q) <= 255):
        Error("IP Address Component Is Out Of Range (%s Not Between 0-255)" % q)

# Make sure address is not on the forbidden list

if address in Forbidden:
    Error("You Are Not Permitted To Enable Access For Address: %s" % address)


#####
# Output Content
#####

Print("Requested...<br>Access To Service: %s<br>For Address: %s<br>" % (service, address))


# Make sure there is a directory present to receive the request

reqdir = Basedir + service

try:
    os.makedirs(reqdir)
except:
    pass

# Now write the request there

reqfil = reqdir + os.sep + address
f=open(reqfil, "w")
f.close()

# Log the request

syslog.openlog("tperimeter")
syslog.syslog(syslog.LOG_NOTICE, "User@%s Requested Service: %s For Address: %s" % (requestor, service, address))
syslog.closelog()