Initial YakPanel commit

mod/project/ssh/secureMod.py

@@ -0,0 +1,103 @@
+import os
+import sys
+import subprocess
+from datetime import datetime
+
+if "/www/server/panel/class" not in sys.path:
+    sys.path.insert(0, "/www/server/panel/class")
+
+os.chdir("/www/server/panel")
+import public
+
+from mod.project.ssh.base import SSHbase
+
+
+class SecureManage(SSHbase):
+    def __init__(self):
+        super(SecureManage, self).__init__()
+        self.login_access_flag = "Accepted"
+        self.login_failed_flag = "Failed password"
+        self.login_all_flag = "Failed password|Accepted"
+        if os.path.exists("/var/log/auth.log"):
+            self.ssh_log_path = "/var/log/auth.log"
+        elif os.path.exists("/var/log/secure"):
+            self.ssh_log_path = "/var/log/secure"
+        else:
+            self.ssh_log_path = "/var/log/message"
+
+    def execshell(self, commands):
+        """
+        执行shell命令并返回结果。
+        仅适用于 获取需要通过 标准输出和标准错误输出的命令。
+        """
+        try:
+            result = subprocess.run(
+                commands,
+                shell=True,
+                text=True,
+                capture_output=True,
+                executable="/bin/bash"
+            )
+            count = int(result.stdout.strip())
+            datas = result.stderr.strip().split("\n")
+        except Exception as e:
+            count = 0
+            datas = []
+        return count, datas
+
+    def get_secure_logs(self,login_type,pagesize=10,page=1,query=''):
+        """
+            读取SSH日志文件的内容。
+        :param login_type: ssh登录类型 失败'Failed password'  成功'Accepted' 全部'Failed password|Accepted'
+        :param pagesize: 每页显示的条数
+        :param page: 当前页码
+        :param query: 关键字搜索 ip or user or time
+        :return: 日志内容的列表
+        """
+        new_logins = []
+        end = pagesize * page
+
+        danger_symbol = ['&', '&&', '||', '|', ';']
+        for d in danger_symbol:
+            if d in query:
+                return new_logins
+
+        if query != '':
+            query = "|grep -aE '{}'".format(query)
+        commands = "ls -tr {file_path}|grep -v '\.gz$'|xargs cat|grep -aE '({login_type})'{query}| tee >(tail -n {end}|head -n {pagesize}|tac >&2)|wc -l".format(
+        file_path=self.ssh_log_path,
+        login_type=login_type,
+        query=query,
+        end=end,
+        pagesize=pagesize)
+        count,datas = self.execshell(commands)
+
+        year = datetime.now().year
+        for line in datas:
+            parts = line.split()
+            if not parts:
+                continue
+            entry = self.parse_login_entry(parts, year)
+            if entry:
+                new_logins.append(entry)
+        return count,new_logins
+
+    def get_secure_log_count(self,login_type,query=''):
+        """
+        读取SSH日志文件的内容 统计登陆类型的条数。
+
+        :param login_type: ssh登录类型 失败'Failed password'  成功'Accepted' 全部'Failed password|Accepted'
+        :param query: 关键字搜索 ip or user or time
+        :return: 日志内容的列表
+        """
+
+        danger_symbol = ['&', '&&', '||', '|', ';']
+        for d in danger_symbol:
+            if d in query:
+                return 0
+
+        if query != '':
+            query = "|grep -a '{}'".format(query)
+        commands = "ls -tr {file_path}|grep -v '\.gz$'|xargs cat|grep -aE '({login_type})'{query}|wc -l".format(file_path=self.ssh_log_path,login_type=login_type,query=query)
+        result, err = public.ExecShell(commands)
+        return int(result.strip())