#!/usr/bin/env python3import sysimport osimport reimport socketimpor

1. #!/usr/bin/env python3
2.  
3. import sys
4. import os
5. import re
6. import socket
7. import xml.etree.ElementTree as etree
8.  
9. hosts_xml = "/opt/etc/hosts.xml"
10. dhcp_hosts = "/etc/dhcp/dhcpd.hosts"
11. ipset_entries = "/etc/iptables/ipset.entries"
12.  
13. bool_flags = ['service', 'voip', 'ext']
14.  
15. def err_msg(msg):
16. sys.stderr.write("Fail: " + str(msg) + "\n")
17. sys.exit(-1)
18.  
19. # getting attributes of hosts
20. def get_hosts(root):
21. hosts = []
22. for item in root.iter('host'):
23. host = {}
24. # main attributes
25. try:
26. host['name'] = item.attrib['name']
27. host['ip'] = item.attrib['ip']
28. host['mac'] = item.attrib['mac'].lower()
29. except KeyError as key:
30. print("Next host does't have attribute ", key, ":", sep="")
31. etree.dump(item)
32. continue
33. # check IP address
34. try:
35. socket.inet_aton(host['ip'])
36. except socket.error:
37. print("This host has a incorrectly value of a IP address:")
38. etree.dump(item)
39. continue
40. # check MAC address
41. if not (re.match("[0-9a-f]{2}([-:][0-9a-f]{2}){5}$", host['mac'])):
42. print("This host has a incorrectly value of a MAC address:")
43. etree.dump(item)
44. continue
45. # other attributes
46. host['mac_wifi'] = item.attrib.get('mac_wifi', '').lower()
47. if ((not (re.match("[0-9a-f]{2}([-:][0-9a-f]{2}){5}$", host['mac_wifi'])))
48. and (host['mac_wifi'] != '')):
49. print("This host has a incorrectly value of a MAC Wi-Fi address:")
50. etree.dump(item)
51. host['desc'] = item.attrib.get('desc', 'Unknow')
52. # boolean attributes
53. for attrib in bool_flags:
54. attrib_value = item.attrib.get(attrib, 'false').lower()
55. if attrib_value not in ['true', 'false']:
56. print("This host has a incorrectly value attribute '", attrib, "':", sep="")
57. etree.dump(item)
58. host[attrib] = (attrib_value == 'true')
59. hosts.append(host)
60. return hosts
61.  
62. def get_dhcp_host(name, ip, mac, desc):
63. return ("host "+ name + " { # " + desc + "\n"
64. " hardware ethernet " + mac + ";\n"
65. " fixed-address " + ip + ";\n"
66. "}\n")
67.  
68. if __name__ == "__main__":
69.  
70. try:
71. tree = etree.parse(hosts_xml)
72. dhcp_f = open(dhcp_hosts, 'w')
73. ipset_f = open(ipset_entries, 'w')
74. except IOError as error:
75. err_msg(error)
76.  
77. hosts = get_hosts(tree.getroot())
78.  
79. # sorting by IP
80. for host in sorted(hosts, key=lambda host: socket.inet_aton(host['ip'])):
81.  
82. # write hosts in dhcp.hosts and ipset.entries
83. dhcp_f.write(get_dhcp_host(host['name'], host['ip'], host['mac'], host['desc']))
84. ipset_f.write("# " + host['desc'] + "\n")
85. ipset_f.write("add check_mac " + host['ip'] + "," + host['mac'] + "\n")
86. if (host['mac_wifi'] != ''):
87. dhcp_f.write(get_dhcp_host(host['name'] + "-wifi", host['ip'], host['mac_wifi'], host['desc'] + " wifi"))
88. ipset_f.write("add check_mac_wifi " + host['ip'] + "," + host['mac_wifi'] + "\n")
89. for flag in bool_flags:
90. if (host[flag]): ipset_f.write("add " + flag + " " + host['ip'] + "\n")
91. ipset_f.write("\n")
92.  
93. dhcp_f.close()
94. ipset_f.close()
95.  
96. # reload dhcpd and ipset
97. os.system("/etc/init.d/isc-dhcp-server restart")
98. os.system("/usr/sbin/ipset flush")
99. os.system("/usr/sbin/ipset restore < " + ipset_entries)