[arpwatch_sendmail] On ne trace les macs qu'en cas de flip flop sur une ip crans

d6fb41aa · Valentin Samir · b59d291c · d6fb41aa · d6fb41aa
Commit d6fb41aa authored May 26, 2013 by Valentin Samir
--- a/gestion/config/config.py
+++ b/gestion/config/config.py
@@ -156,6 +156,7 @@ NETs = { 'serveurs' : [ '138.231.136.0/24' ],
         'accueil': ['10.51.0.0/16' ],
         'isolement': ['10.52.0.0/16' ],
         'personnel-ens': ['10.2.9.0/24' ],
+         'evenementiel': ['10.231.137.0/24'],
         'ens' : ['138.231.135.0/24'],
         'all' : [ '138.231.136.0/21', '138.231.144.0/21' ],
         'multicast' : ['239.0.0.0/8'],

--- a/surveillance/arpwatch_sendmail.py
+++ b/surveillance/arpwatch_sendmail.py
@@ -8,21 +8,32 @@
 import sys, os, re, smtplib
 from commands import getstatusoutput

+sys.path.append('/usr/scripts/gestion')
 sys.path.append('/usr/scripts/gestion/tools')
 from locate_mac import trace_machine, format_mac, info_machine
+from config import NETs
+from iptools import AddrInNets

 find_mac = re.compile(r'[0-9A-Fa-f]{1,2}(?::[0-9A-Fa-f]{1,2}){5}')
+find_ip = re.compile(r'[0-9]{1,3}(?:\.[0-9]{1,3}){3}')
+arpwatched_net = NETs['all'] + NETs['adm'] + NETs['accueil'] + NETs['isolement'] + NETs['personnel-ens'] + NETs['evenementiel']


 def get_machine(unformated_mac):
    mac = format_mac(unformated_mac)
    return u"\n" + info_machine(mac) + u"\n" + trace_machine(mac)

+def get_subject(headers_list):
+    for line in headers_list:
+        if line.lower().startswith('subject:'):
+            return line
+    return None

 if __name__ == "__main__":
    texte = sys.stdin.read() #.decode('ISO-8859-15')
    textes = texte.splitlines(True)
    i = textes.index(u'\n')
+    subject = get_subject(textes[:i])
    textes[i-1:i-1] = [
            u'MIME-Version: 1.0\n', 
            u'Content-Type: text/plain; charset=UTF-8\n', 
@@ -31,16 +42,20 @@ if __name__ == "__main__":

    # On récupère les destinataires dans les arguments (très ad hoc)
    recipients = sys.argv[2].split(',')
+
+    try : ip = set(find_ip.findall(texte)).pop()
+    except KeyError: ip = None
    # On complète le message
-    try:
-        macs = find_mac.findall(texte)
-        for mac in macs:
-            textes.append(get_machine(mac))
-    except:
-        # En cas d'exception, on envoie le traceback
-        import traceback
-        textes.append(u'\n')
-        textes.append(u''.join(traceback.format_exception(sys.exc_type, sys.exc_value, sys.exc_traceback)))
+    if 'flip flop' in subject and ip is not None and AddrInNets(ip, arpwatched_net):
+        try:
+            macs = find_mac.findall(texte)
+            for mac in macs:
+                textes.append(get_machine(mac))
+        except:
+            # En cas d'exception, on envoie le traceback
+            import traceback
+            textes.append(u'\n')
+            textes.append(u''.join(traceback.format_exception(sys.exc_type, sys.exc_value, sys.exc_traceback)))
    textes.append('\n-- \narpwatch_sendmail.py\n')

    smtp = smtplib.SMTP()