gfwleak/tsg-tsg-diagnose
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature:TSG-12014:新增适配k3s的功能

Browse Source
This commit is contained in:
fumingwei
2022-09-21 19:19:52 +08:00
parent 8c7e9cc7d5
commit ecdc9a2123
6 changed files with 337 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
images_build/client/dign_client/bin/client.py
View File

@@ -169,7 +169,7 @@ DNS_SERVER_ALLOW_TTL = 60
DNS_SERVER_REDIRECT_TTL = 333
DNS_SERVER_REDIRECT_RANGE_LOW = 400
DNS_SERVER_REDIRECT_RANGE_HIGH = 500
DNS_SERVER_IP = ["192.0.2.135"]
DNS_SERVER_IP = ["192.0.2.101"]
DnsRequestFirewallDenyDrop = "Dns request timeout is deny drop sucess"
DnsARequestFireWallDenyRedirect = "Dns rdtype A request is deny reidrect sucess"
DnsAAAARequestFireWallDenyRedirect = "Dns rdtype AAAA request is deny redirect sucess"
@@ -180,7 +180,55 @@ DnsAAAARequestFirewallAllow = "Dns rdtype AAAA request data is sucess"
DnsCNAMERequestFirewallAllow = "Dns rdtype CNAME request data is sucess"
REQUEST_RESOLVE = ['sha384.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'sha256.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'expired.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'self-signed.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'untrusted-root.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'web-replay.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'web-replay.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'testing-download.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'http.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'http-credit-card.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'http-dynamic-login.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'http-login.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'sha512.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'rsa2048.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'rsa4096.badssl.selftest.gdnt-cloud.website:443:192.0.2.101',\
'testing-firewall-filter-host.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'testing-firewall-filter-url.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'testing-proxy-filter-host.badssl.selftest.gdnt-cloud.website:80:192.0.2.101',\
'testing-proxy-filter-url.badssl.selftest.gdnt-cloud.website:80:192.0.2.101']
def set_http_request_resolve(id_service_function):
global REQUEST_RESOLVE
ip_left_edge = 100
ip_http_server = ip_left_edge + id_service_function
REQUEST_RESOLVE = ['sha384.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'sha256.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'expired.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'self-signed.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'untrusted-root.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'web-replay.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'web-replay.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'testing-download.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'http.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'http-credit-card.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'http-dynamic-login.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'http-login.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'sha512.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'rsa2048.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'rsa4096.badssl.selftest.gdnt-cloud.website:443:192.0.2.%d' % ip_http_server,\
'testing-firewall-filter-host.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'testing-firewall-filter-url.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'testing-proxy-filter-host.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server,\
'testing-proxy-filter-url.badssl.selftest.gdnt-cloud.website:80:192.0.2.%d' % ip_http_server]
def set_dns_server_ip(id_service_function):
global DNS_SERVER_IP
ip_left_edge = 100
ip_dns_server = ip_left_edge + id_service_function
DNS_SERVER_IP = ['192.0.2.%d' % ip_dns_server]
class _WritelnDecorator(object):
"""Used to decorate file-like objects with a handy 'writeln' method"""
@@ -532,6 +580,7 @@ class SSLCheckRequestBuild:
self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
self.conn.setopt(self.conn.OPT_CERTINFO, 1)
self.conn.setopt(self.conn.SSL_VERIFYPEER, False)
self.conn.setopt(self.conn.RESOLVE,REQUEST_RESOLVE)
def _set_conn_opt(self,test_suite_name, url):
self.conn.setopt(self.conn.MAX_RECV_SPEED_LARGE, int(suite_test_config_dict[test_suite_name]['max_recv_speed_large']))
@@ -583,6 +632,7 @@ class SslInterceptRequestBuild:
self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
self.conn.setopt(self.conn.OPT_CERTINFO, 1)
self.conn.setopt(self.conn.SSL_VERIFYPEER, False)
self.conn.setopt(self.conn.RESOLVE,REQUEST_RESOLVE)
def _set_conn_opt(self,test_suite_name,url):
self.conn.setopt(self.conn.MAX_RECV_SPEED_LARGE, int(suite_test_config_dict[test_suite_name]['max_recv_speed_large']))
@@ -631,6 +681,7 @@ class ProxyRequestBuild:
self.bodyBuf = BytesIO()
self.conn = pycurl.Curl()
self.conn.setopt(self.conn.ENCODING, "gzip,deflate")
self.conn.setopt(self.conn.RESOLVE,REQUEST_RESOLVE)
def _cert_verify(self, certs, isSsl):
if isSsl == True:
@@ -770,6 +821,7 @@ class SSLFileDownloadBuild:
self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
self.conn.setopt(self.conn.SSL_VERIFYPEER, False)
self.conn.setopt(self.conn.OPT_CERTINFO, 1)
self.conn.setopt(self.conn.RESOLVE,REQUEST_RESOLVE)
def _get_conninfo(self,conn):
dictconninfo = {}
@@ -831,6 +883,7 @@ class HttpFirewallActionBuild:
def __init__(self):
self.conn = pycurl.Curl()
self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
self.conn.setopt(self.conn.RESOLVE,REQUEST_RESOLVE)
def _set_conn_opt(self,test_suite_name, url):
self.conn.setopt(self.conn.MAX_RECV_SPEED_LARGE, int(suite_test_config_dict[test_suite_name]['max_recv_speed_large']))
@@ -894,6 +947,7 @@ class SslFirewallActionBuild:
self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
self.conn.setopt(self.conn.OPT_CERTINFO, 1)
self.conn.setopt(self.conn.SSL_VERIFYPEER, False)
self.conn.setopt(self.conn.RESOLVE,REQUEST_RESOLVE)
def _set_conn_opt(self,test_suite_name, url):
self.conn.setopt(self.conn.MAX_RECV_SPEED_LARGE, int(suite_test_config_dict[test_suite_name]['max_recv_speed_large']))
@@ -939,6 +993,7 @@ class FilterTestingBuild:
def __init__(self):
self.conn = pycurl.Curl()
self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
self.conn.setopt(self.conn.RESOLVE,REQUEST_RESOLVE)
def _set_conn_opt(self,test_suite_name, url):
self.conn.setopt(self.conn.MAX_RECV_SPEED_LARGE, int(suite_test_config_dict[test_suite_name]['max_recv_speed_large']))
@@ -1209,6 +1264,7 @@ class TsgDiagnose:
self.client = None
self.config_dict = {}
self.dign_duration = 0
self.count_service_function = 1
def _get_dign_option(self):
parser = argparse.ArgumentParser(description="Tsg Tools - tsg diagnose", epilog = "Example:help")
@@ -1216,11 +1272,13 @@ class TsgDiagnose:
parser.add_argument('-c','--count', type = int, default = 1, help='Specifies the count of tsg diagnoses ,range:1-65535')
parser.add_argument('-p','--configpath', type = str, default = '/opt/dign_client/etc/client.conf',help='Specifies the config file, default /opt/dign_client/etc/client.conf')
parser.add_argument('-l','--loop', action='store_true', default = False, help='Tsg diagnose loop, exit when recv a signal')
parser.add_argument('-C','--count_service_function', type = int, default = 1, help='Specifies the counts of service_function ,range:1-256')
args = parser.parse_args()
self.interval = args.interval
self.loop = args.loop
self.count = args.count
self.config = args.configpath
self.count_service_function = args.count_service_function
if self.count == 0:
print("Error: bad number of tsg diagnose and will exit")
parser.print_help()
@@ -1292,8 +1350,8 @@ class TsgDiagnose:
self._add_suite('test_proxyDenyFilterHost_http')
self._add_suite('test_proxyDenyFilterURL_http')
def _dign_running(self):
print(format(("Test start time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'#^70s'))
def _dign_running(self,id_service_function):
print(format(("Service function id:" + str(id_service_function) + ",Test start time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'#^70s'))
runningLogPath = "/opt/dign_client/log/tsg-diagnose.log" + '.' + time.strftime("%Y-%m-%d", time.localtime())
#runningLogger = get_logger("running",runningLogPath, False)
#runningLogger.debug("Diagnose Start,the It will take up to %d seconds" %(self.dign_duration))
@@ -1308,7 +1366,14 @@ class TsgDiagnose:
f.write(time.strftime("%a %b %d %H:%M:%S %Y", time.localtime()) + "Diagnose end, Testing results:" + "\n" + result_stream.getvalue())
f.close()
#runningLogger.debug("Diagnose end, Testing results:" + "\n" + result_stream.getvalue())
print(format(("Test end time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'=^70s'))
print(format(("Service function id:" + str(id_service_function) + ",Test end time: " + time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())),'=^70s'))
def _dign_service_function_running(self):
for id_service_function in range(1,self.count_service_function + 1):
set_http_request_resolve(id_service_function)
set_dns_server_ip(id_service_function)
#print(REQUEST_RESOLVE)
self._dign_running(id_service_function)
def dign_exec(self):
self._get_dign_option()
@@ -1322,7 +1387,7 @@ class TsgDiagnose:
int(self.config_dict['start_time_random_delay_range']['right_edge'])))
while True:
print("\nRUN %d" %(dign_counter + 1))
self._dign_running()
self._dign_service_function_running()
dign_counter = dign_counter + 1
if not self.loop:
if dign_counter >= self.count: