Package zephir :: Package monitor :: Package agents :: Module rvp
[frames] | no frames]

Source Code for Module zephir.monitor.agents.rvp

  1  # -*- coding: UTF-8 -*- 
  2  ########################################################################### 
  3  # Eole NG - 2007 
  4  # Copyright Pole de Competence Eole  (Ministere Education - Academie Dijon) 
  5  # Licence CeCill  cf /root/LicenceEole.txt 
  6  # eole@ac-dijon.fr 
  7  ########################################################################### 
  8   
  9  """ 
 10  Agent zephir pour le test des tunnels 
 11  """ 
 12  from os import system 
 13  from time import sleep 
 14  from os.path import isfile 
 15  from IPy import IP 
 16  from creole.parsedico import parse_dico 
 17  from twisted.internet.utils import getProcessOutput 
 18  from zephir.monitor.agentmanager import status 
 19  from zephir.monitor.agentmanager.agent import Agent, RRDAgent 
 20  from zephir.monitor.agentmanager.data import HTMLData, TableData 
 21  from zephir.monitor.agentmanager.util import status_to_img, log 
 22   
23 -class FrozenIpsecError(Exception):
24 pass
25
26 -def parse_ipsec_statusall(zephir_client_noaction, response):
27 """parses ipsec statusall info 28 response format : 29 Connections: 30 amontestha-sphynxtestha1: 192.168.0.6...192.168.0.16, dpddelay=120s 31 amontestha-sphynxtestha1: local: [C=fr, O=gouv, OU=education, OU=ac-dijon, CN=0210066H-15] uses public key authentication 32 amontestha-sphynxtestha1: remote: [C=fr, O=gouv, OU=education, OU=ac-dijon, CN=AGRIATES-DIJON-10] uses any authentication 33 dmz-reseau172: child: 10.121.11.0/24 === 172.16.0.0/12 , dpdaction=clear 34 admin-reseau_eth1: child: 10.21.11.0/24 === 172.30.107.0/25 , dpdaction=clear 35 admin-reseau10: child: 10.21.11.0/24 === 10.0.0.0/8 , dpdaction=clear 36 admin-reseau172: child: 10.21.11.0/24 === 172.16.0.0/12 , dpdaction=clear 37 Security Associations: 38 amontestha-sphynxtestha1[2]: ESTABLISHED 15 minutes ago, 192.168.0.6[C=fr, O=gouv, OU=education, OU=ac-dijon, CN=0210066H-15]...192.168.0.16[C=fr, O=gouv, OU=education, OU=ac-dijon, CN=AGRIATES-DIJON-10] 39 amontestha-sphynxtestha1[2]: IKE SPIs: 7c61e6943c503455_i* 670a092581afa023_r, public key reauthentication in 36 minutes 40 amontestha-sphynxtestha1[2]: IKE proposal: AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 41 admin-reseau_eth1{2}: INSTALLED, TUNNEL, ESP SPIs: c5abf3db_i c1abb8d6_o 42 admin-reseau_eth1{2}: AES_GCM_16_128, 0 bytes_i, 0 bytes_o, rekeying in 15 minutes 43 admin-reseau_eth1{2}: 10.21.11.0/24 === 172.30.107.0/25 44 admin-reseau10{3}: INSTALLED, TUNNEL, ESP SPIs: c8e253f3_i c9bbec32_o 45 admin-reseau10{3}: AES_GCM_16_128, 0 bytes_i, 0 bytes_o, rekeying in 15 minutes 46 admin-reseau10{3}: 10.21.11.0/24 === 10.0.0.0/8 47 dmz-reseau172{1}: INSTALLED, TUNNEL, ESP SPIs: c64a5816_i c6b2622d_o 48 dmz-reseau172{1}: AES_GCM_16_128, 0 bytes_i, 0 bytes_o, rekeying in 13 minutes 49 dmz-reseau172{1}: 10.121.11.0/24 === 172.16.0.0/12 50 admin-reseau172{4}: INSTALLED, TUNNEL, ESP SPIs: c1b2d485_i c5be1b6d_o 51 admin-reseau172{4}: AES_GCM_16_128, 0 bytes_i, 0 bytes_o, rekeying in 16 minutes 52 admin-reseau172{4}: 10.21.11.0/24 === 172.16.0.0/12 53 """ 54 55 try: 56 if "statusall" in response: 57 raise FrozenIpsecError("Frozen ipsec") 58 response = response.split('\n') 59 idle_threads = 0 60 for line in response: 61 if "worker threads: " in line: 62 idle_threads = int(line.split('worker threads: ')[1].split(' ')[0]) 63 break 64 # On mémorise les connexions définies 65 startindex_connections_list = response.index('Connections:') 66 endindex_connections_list = 0 67 for line in response: 68 if 'Security Associations' in line: 69 break 70 endindex_connections_list += 1 71 tunnels = [] 72 total = 0 73 peer_name = None 74 for line in response[startindex_connections_list+1:endindex_connections_list]: 75 data = line.split(':') 76 if 'child' not in line: 77 # Il s'agit d'un peer 78 tmp_name = data[0].lstrip() 79 if tmp_name != peer_name: 80 # Nouveau peer: on extrait le nom et les IP src et dst 81 peer_name = tmp_name 82 subnets = data[1].split('...') 83 src = subnets[0].strip() 84 dst = subnets[1].split(',')[0].strip() 85 dst = dst.split(' ')[0].strip() 86 elif 'local' in data[1]: 87 # On extrait le certif source 88 src = src + data[2].split('uses')[0].strip() 89 elif 'remote' in data[1]: 90 # On extrait le certif dest et on ajoute à la liste 91 # Le child_name est vide si c'est un peer 92 dst = dst + data[2].split('uses')[0].strip() 93 tunnels.append({'peer_name':peer_name, 'child_name':'', 'src':src, 'dst':dst, 'status':''}) 94 else: 95 # Il s'agit d'un child 96 child_name = data[0].lstrip() 97 subnets = data[2].split(' === ') 98 src = subnets[0].strip() 99 if src == '': 100 src = 'Réseau(x) source et/ou destination non renseigné(s) !!!' 101 dst = subnets[1].split(',')[0].strip() 102 dst = dst.split(' ')[0].strip() 103 if dst == '': 104 dst = 'Réseau(x) source et/ou destination non renseigné(s) !!!' 105 tunnels.append({'peer_name':peer_name, 'child_name':child_name, 'src':src, 'dst':dst, 'status':''}) 106 total += 1 107 108 # On mémorise les connexions actives 109 active_tunnels = {} 110 peer_name = None 111 child_name = None 112 for line in response[endindex_connections_list+1:]: 113 if 'none' in line: 114 active_tunnels['none'] = {'peer_name':peer_name, 'child_name':child_name, 'src':'', 'dst':'', 'status':''} 115 else: 116 data = line.split(':') 117 if '[' in data[0]: 118 # Il s'agit d'un peer 119 tmp_name = data[0].split('[')[0].lstrip() 120 if tmp_name != peer_name: 121 # Nouveau peer: on extrait le nom, IP et certif src et dest et le statut 122 peer_name = tmp_name 123 if 'ESTABLISHED' in data[1]: 124 subnets = data[1].split('...') 125 src = subnets[0].split('ago,')[1].strip() 126 dst = subnets[1].strip() 127 status = data[1].strip().split(' ')[0] 128 elif 'CONNECTING' in data[1]: 129 src = '' 130 dst = '' 131 status = 'CONNECTING' 132 elif 'DELETING' in data[1]: 133 src = '' 134 dst = '' 135 status = 'DELETING' 136 else: 137 src = '' 138 dst = '' 139 status = 'UNKNOWN' 140 if status != 'CONNECTING' and status != 'DELETING': 141 active_tunnels[peer_name] = {'peer_name':peer_name, 'child_name':'', 'src':src, 'dst':dst, 'status':status} 142 else: 143 if status == 'CONNECTING': 144 if '0000000000000000_r' in data[2]: 145 src = '' 146 dst = '' 147 status = 'NO_REMOTE_KEY' 148 active_tunnels[peer_name] = {'peer_name':peer_name, 'child_name':'', 'src':src, 'dst':dst, 'status':status} 149 connection = peer_name 150 if zephir_client_noaction == 'non': 151 log.msg("""No remote key : Stopping "{0}" connections""".format(connection)) 152 cmd = '/usr/sbin/ipsec down "{0}[*]" >/dev/null 2>&1'.format(connection) 153 errcode = system(cmd) 154 if errcode == 0: 155 log.msg("""Connection "{0}" stopped""".format(connection)) 156 else: 157 log.msg("""Problem while stopping "{0}" connection""".format(connection)) 158 else: 159 log.msg("""No remote key for "{0}" connection : zephir_client_noaction mode""".format(connection)) 160 elif status == 'DELETING': 161 if 'Tasks queued' in data[1]: 162 connection = peer_name 163 if zephir_client_noaction == 'non': 164 log.msg("""DELETING SA still in task queued : Stopping "{0}[*]" connections""".format(connection)) 165 cmd = '/usr/sbin/ipsec down "{0}[*]" >/dev/null 2>&1'.format(connection) 166 errcode = system(cmd) 167 if errcode == 0: 168 log.msg("""Connection "{0}" stopped""".format(connection)) 169 else: 170 log.msg("""Problem while stopping "{0}" connection""".format(connection)) 171 else: 172 log.msg("""DELETING SA still in task queued for "{0}" connection : zephir_client_noaction mode""".format(connection)) 173 elif 'Tasks queued' in data[1]: 174 if len(data[2].split(' ')) > 10: 175 if zephir_client_noaction == 'non': 176 if isfile('/usr/share/eole/test-rvp'): 177 raise FrozenIpsecError("Frozen ipsec") 178 else: 179 connection = peer_name 180 log.msg("""Too much tasks queued : Stopping "{0}[*]" connections""".format(connection)) 181 cmd = '/usr/sbin/ipsec down "{0}[*]" >/dev/null 2>&1'.format(connection) 182 errcode = system(cmd) 183 if errcode == 0: 184 log.msg("""Connection "{0}" stopped""".format(connection)) 185 else: 186 log.msg("""Problem while stopping "{0}" connection""".format(connection)) 187 else: 188 log.msg("""Too much tasks queued for "{0}" connections : zephir_client_noaction mode""".format(connection)) 189 elif '{' in data[0]: 190 # Il s'agit d'un child 191 tmp_name = data[0].split('{')[0].lstrip() 192 if tmp_name != child_name: 193 # Nouveau child: on extrait le nom et le statut 194 child_name = tmp_name 195 status = data[1].split(',')[0].strip() 196 elif "===" in data[1]: 197 # Dans les lignes suivantes, on extrait les réseaux src et dst 198 subnets = data[1].split('===') 199 src = subnets[0].strip() 200 dst = subnets[1].strip() 201 active_tunnels[peer_name+child_name] = {'peer_name':peer_name, 'child_name':child_name, 'src':src, 'dst':dst, 'status':status} 202 203 # On regarde l'état des tunnels 204 up=down=0 205 if active_tunnels.has_key('none'): 206 # Aucune connexion active 207 for tunnel in tunnels: 208 tunnel['status'] = 'none' 209 down += 1 210 else: 211 for tunnel in tunnels: 212 # on renseigne le status de la connexion 213 if tunnel['child_name'] == '': 214 try: 215 if active_tunnels.has_key(tunnel['peer_name']): 216 if active_tunnels[tunnel['peer_name']]['status'] == 'ESTABLISHED': 217 tunnel['status'] = 'On' 218 elif active_tunnels[tunnel['peer_name']]['status'] == 'NO_REMOTE_KEY': 219 tunnel['dst'] += " injoignable !!!" 220 tunnel['status'] = 'Off' 221 else: 222 tunnel['status'] = 'Off' 223 else: 224 tunnel['status'] = 'Off' 225 except: 226 tunnel['status'] = 'Off' 227 # on renseigne le status de chaque tunnel 228 else: 229 try: 230 if active_tunnels.has_key(tunnel['peer_name']+tunnel['child_name']): 231 if active_tunnels[tunnel['peer_name']+tunnel['child_name']]['status'] == 'INSTALLED': 232 tunnel['status'] = 'On' 233 up += 1 234 else: 235 tunnel['status'] = 'Off' 236 down += 1 237 else: 238 tunnel['status'] = 'Off' 239 except: 240 tunnel['status'] = 'Off' 241 down += 1 242 243 # Si on est sur Amon, on vérifie les test-rvp 244 ip_list = [] 245 try: 246 test_rvp = open('/usr/share/eole/test-rvp','r').read().split('\n') 247 for line in test_rvp: 248 if 'fping' in line: 249 ip_list.append(line.split('fping')[1].strip()) 250 except: 251 pass 252 try: 253 test_rvp = open('/usr/share/eole/test-rvp_more_ip','r').read().split('\n') 254 for line in test_rvp: 255 if 'fping' in line: 256 ip_list.append(line.split('fping')[1].strip()) 257 except: 258 pass 259 for tunnel in tunnels: 260 if tunnel['child_name'] != '': 261 ip_in_tunnel = ip_err = 0 262 try: 263 subnet = IP(tunnel['dst']) 264 for ip in ip_list: 265 if IP(ip) in subnet: 266 ip_in_tunnel +=1 267 cmd = "fping -r 1 -t 200 "+str(ip)+" >/dev/null 2>&1" 268 errcode = system(cmd) 269 if errcode != 0: 270 tunnel['dst'] += " -- "+ip+" injoignable" 271 ip_err +=1 272 else: 273 tunnel['dst'] += " -- "+ip+" joignable" 274 except: 275 pass 276 277 if ip_in_tunnel == ip_err and ip_in_tunnel > 0: 278 if tunnel['status'] == 'On': 279 tunnel['status'] = 'Off' 280 down +=1 281 up -=1 282 283 if zephir_client_noaction == 'non': 284 # Si pb tunnel sur Amon, on relance la connexion 285 if isfile('/usr/share/eole/test-rvp'): 286 current_peer = "" 287 current_peer_status = "" 288 for tunnel in tunnels: 289 if current_peer != tunnel['peer_name']: 290 if " injoignable !!!" in tunnel['dst']: 291 down +=1 292 break 293 current_peer = tunnel['peer_name'] 294 current_peer_status = tunnel['status'] 295 if current_peer_status == 'Off': 296 connection = '{0}'.format(str(tunnel['peer_name'])) 297 log.msg("""Restarting "{0}" connection""".format(connection)) 298 cmd = '/usr/sbin/ipsec down "{0}[*]" >/dev/null 2>&1'.format(connection) 299 errcode = system(cmd) 300 if errcode == 0: 301 log.msg("""Connection "{0}" stopped""".format(connection)) 302 else: 303 log.msg("""Problem while stopping "{0}" connection""".format(connection)) 304 cmd = '/usr/sbin/ipsec up "{0}" >/dev/null 2>&1'.format(connection) 305 errcode = system(cmd) 306 if errcode == 0: 307 log.msg("""Connection "{0}" started""".format(connection)) 308 else: 309 log.msg("""Problem while starting "{0}" connection""".format(connection)) 310 tunnel['status'] = 'On' 311 current_peer_status = 'restarted' 312 313 else: 314 # Si un tunnel est tombé, on redémarre la connexion 315 if tunnel['child_name'] != '' and current_peer_status == 'On' and tunnel['status'] == 'Off': 316 connection = '{0}'.format(str(tunnel['peer_name'])) 317 log.msg("""Failed "{0}" tunnel, restarting "{1}" connection""".format(str(tunnel['child_name']), connection)) 318 cmd = '/usr/sbin/ipsec down "{0}[*]">/dev/null 2>&1'.format(connection) 319 errcode = system(cmd) 320 if errcode == 0: 321 log.msg("""Connection "{0}" stopped""".format(connection)) 322 else: 323 log.msg("""Problem while stopping "{0}" connection""".format(connection)) 324 cmd = 'ipsec up "{0}">/dev/null 2>&1'.format(connection) 325 errcode = system(cmd) 326 if errcode == 0: 327 log.msg("""Connection "{0}" started""".format(connection)) 328 else: 329 log.msg("""Problem while starting "{0}" connection""".format(connection)) 330 tunnel['status'] == 'On' 331 current_peer_status = 'restarted' 332 down -=1 333 up +=1 334 # Si la connexion a été redémarrée, on repositionne le status du tunnel à 'On' 335 elif tunnel['child_name'] != '' and current_peer_status == 'restarted' and tunnel['status'] == 'Off': 336 tunnel['status'] == 'On' 337 down -=1 338 up +=1 339 # else: 340 # log.msg("""Do nothing if bad connections : zephir_client_noaction mode""") 341 342 except FrozenIpsecError: 343 # ipsec frozen after ipsec down/up tries 344 # Sur Amon on relance rvp si activé 345 if isfile('/usr/share/eole/test-rvp'): 346 log.msg("Frozen ipsec : kill all ipsec process and restart rvp") 347 cmd = 'service rvp stop >/dev/null 2>&1' 348 errcode = system(cmd) 349 cmd = 'for pid in `pidof stroke`; do kill -9 $pid;done >/dev/null 2>&1' 350 errcode = system(cmd) 351 cmd = 'for pid in `pidof ipsec`; do kill -9 $pid;done >/dev/null 2>&1' 352 errcode = system(cmd) 353 cmd = 'for pid in `pidof charon`; do kill -9 $pid;done >/dev/null 2>&1' 354 errcode = system(cmd) 355 cmd = 'for pid in `pidof starter`; do kill -9 $pid;done >/dev/null 2>&1' 356 errcode = system(cmd) 357 cmd = 'service rvp start >/dev/null 2>&1' 358 errcode = system(cmd) 359 tunnels = [] 360 total=up=down=0 361 362 except: 363 # Réponse vide: ipsec arrêté 364 # ou erreur dans le traitement de response 365 # Sur Amon on relance rvp si activé 366 if isfile('/usr/share/eole/test-rvp'): 367 log.msg("RVP seems to be stopped or ipsec statusall response interpretation failed : restart rvp") 368 cmd = 'service rvp stop >/dev/null 2>&1' 369 errcode = system(cmd) 370 cmd = 'service rvp start >/dev/null 2>&1 &' 371 errcode = system(cmd) 372 tunnels = [] 373 total=up=down=0 374 return tunnels, total, up, down, idle_threads
375
376 -class RvpAmon(Agent):
377
378 - def __init__(self, name, 379 **params):
380 Agent.__init__(self, name, **params) 381 self.status = status.Unknown() 382 self.table = TableData([ 383 ('peer_name', "Connexion", {'align':'left'}, None), 384 ('child_name', "Tunnel", {'align':'left'}, None), 385 ('status', "Etat", {'align':'center'}, status_to_img), 386 ('src', "Source", {'align':'left'}, None), 387 ('dst', "Destination", {'align':'left'}, None), 388 ]) 389 self.data = [self.table] 390 self.measure_data = {} 391 conf_eole = parse_dico() 392 self.zephir_client_noaction = conf_eole['zephir_client_noaction']
393
394 - def frozen_ipsec_callback(self, response):
395 if response != '': 396 cmd = 'echo' 397 else: 398 cmd = "/usr/sbin/ipsec" 399 update = getProcessOutput(cmd, ['statusall']) 400 return update.addCallbacks(self.callback_tunnels, self.errback_tunnels)
401
402 - def frozen_ipsec_errback(self):
403 log.msg("It doesn't work")
404
405 - def measure(self):
406 self.status = status.OK() 407 cmd = "pgrep" 408 res = getProcessOutput(cmd, ['stroke']) 409 return res.addCallbacks(self.frozen_ipsec_callback, self.frozen_ipsec_errback)
410
411 - def callback_tunnels(self,response):
412 tunnels, total, up, down, idle_threads = parse_ipsec_statusall(self.zephir_client_noaction, response) 413 tunnels_status_content = [] 414 tunnels_status_content.append(str(tunnels)) 415 tunnels_status_content.append(str(total)) 416 tunnels_status_content.append(str(up)) 417 tunnels_status_content.append(str(down)) 418 tunnels_status = open('/tmp/tunnels_status.txt', "w") 419 tunnels_status.write('\n'.join(tunnels_status_content)) 420 tunnels_status.close() 421 # On force l'action en cas d'erreur 422 if down > 0 or total != up + down: 423 self.last_status=status.OK() 424 self.status=status.Error() 425 426 for data in tunnels: 427 self.measure_data[data['peer_name']+data['child_name']] = (data['src'], data['dst'], data['status']) 428 self.measure_data['ok'] = up 429 self.measure_data['bad'] = down 430 return {'statistics':tunnels}
431
432 - def errback_tunnels(self, err):
433 self.status = status.Error("Erreur d'execution : ipsec status") 434 return {'statistics':None}
435
436 - def write_data(self):
437 Agent.write_data(self) 438 if self.last_measure is not None: 439 self.table.table_data = self.last_measure.value['statistics']
440
441 - def check_status(self):
442 return self.status
443
444 -class RvpSphynx(RRDAgent):
445
446 - def __init__(self, name, **params):
447 RRDAgent.__init__(self, name, **params) 448 self.status = status.Unknown() 449 self.measure_data = {} 450 self.pourcentok = 100 451 conf_eole = parse_dico() 452 self.activer_haute_dispo = conf_eole['activer_haute_dispo'] 453 self.zephir_client_noaction = conf_eole['zephir_client_noaction']
454 455 # test frozen
456 - def frozen_ipsec_callback(self, response):
457 if response != '': 458 cmd = 'echo' 459 else: 460 cmd = "/usr/sbin/ipsec" 461 update = getProcessOutput(cmd, ['statusall']) 462 return update.addCallbacks(self.callback_tunnels, self.errback_tunnels)
463
464 - def frozen_ipsec_errback(self):
465 log.msg("It doesn't work")
466
467 - def measure(self):
468 self.status = status.OK() 469 cmd = "pgrep" 470 res = getProcessOutput(cmd, ['stroke']) 471 return res.addCallbacks(self.frozen_ipsec_callback, self.frozen_ipsec_errback)
472
473 - def callback_tunnels(self,response):
474 tunnels, total, up, down, idle_threads = parse_ipsec_statusall(self.zephir_client_noaction, response) 475 tunnels_status_content = [] 476 tunnels_status_content.append(str(tunnels)) 477 tunnels_status_content.append(str(total)) 478 tunnels_status_content.append(str(up)) 479 tunnels_status_content.append(str(down)) 480 tunnels_status = open('/tmp/tunnels_status.txt', "w") 481 tunnels_status.write('\n'.join(tunnels_status_content)) 482 tunnels_status.close() 483 self.measure_data['ok'] = up 484 self.measure_data['bad'] = down 485 if self.activer_haute_dispo == 'non': 486 if total != 0: 487 self.pourcentok = (100*up)/total 488 else: 489 self.pourcentok = 100 490 else: 491 # Si haute dispo activée, on teste sur quel node ipsec est activé 492 cmd = "ip route|grep default|grep -q src" 493 errcode = system(cmd) 494 # Si le node est actif, on renvoi les stats 495 if errcode == 0: 496 if total != 0: 497 self.pourcentok = (100*up)/total 498 else: 499 self.pourcentok = 100 500 # Si le node n'est pas actif, on dit que tout est bon 501 else: 502 self.pourcentok = 100 503 504 return {'ok':up,'bad':down,'total':total,'pourcentok':self.pourcentok}
505
506 - def errback_tunnels(self, err):
507 self.status = status.Error("Erreur d'execution : ipsec statusall") 508 res = None 509 self.pourcentok = 100 510 return res
511
512 - def check_status(self):
513 if self.pourcentok < 75: 514 return status.Error("plus de 25% de tunnels en erreur") 515 if self.pourcentok < 95: 516 return status.Warn("plus de 5% de tunnels en erreur") 517 return status.OK()
518
519 -class strongSwan_threads(RRDAgent):
520
521 - def __init__(self, name, **params):
522 log.msg("Entering init sw_threads") 523 RRDAgent.__init__(self, name, **params) 524 self.status = status.Unknown() 525 self.measure_data = {} 526 conf_eole = parse_dico() 527 self.activer_haute_dispo = conf_eole['activer_haute_dispo'] 528 self.zephir_client_noaction = conf_eole['zephir_client_noaction'] 529 self.max_threads = int(conf_eole['sw_threads']) 530 self.running_threads = 0 531 log.msg("init sw_#threads")
532 533 # test frozen
534 - def frozen_ipsec_callback(self, response):
535 if response != '': 536 cmd = 'echo' 537 else: 538 cmd = "/usr/sbin/ipsec" 539 update = getProcessOutput(cmd, ['statusall']) 540 return update.addCallbacks(self.callback_tunnels, self.errback_tunnels)
541
542 - def frozen_ipsec_errback(self):
543 log.msg("It doesn't work")
544
545 - def measure(self):
546 self.status = status.OK() 547 cmd = "pgrep" 548 res = getProcessOutput(cmd, ['stroke']) 549 return res.addCallbacks(self.frozen_ipsec_callback, self.frozen_ipsec_errback)
550
551 - def callback_tunnels(self,response):
552 tunnels, total, up, down, idle_threads = parse_ipsec_statusall(self.zephir_client_noaction, response) 553 if self.activer_haute_dispo == 'non': 554 self.running_threads = self.max_threads - idle_threads 555 else: 556 # Si haute dispo activée, on teste sur quel node ipsec est activé 557 cmd = "ip route|grep default|grep -q src" 558 errcode = system(cmd) 559 # Si le node est actif, on renvoi les stats 560 if errcode == 0: 561 self.running_threads = self.max_threads - idle_threads 562 else: 563 self.running_threads = 0 564 return {'max_threads':self.max_threads,'running_threads':self.running_threads}
565
566 - def errback_tunnels(self, err):
567 self.status = status.Error("Erreur d'execution : ipsec statusall") 568 res = None 569 return res
570
571 - def check_status(self):
572 if (self.max_threads - self.running_threads) < 2: 573 return status.Error("Moins de 2 threads strongSwan disponibles") 574 if (self.max_threads - self.running_threads) < 5: 575 return status.Warn("Moins de 5 threads strongSwan disponibles") 576 return status.OK()
577