From c2e85a872e4f21f45fed18eac643bac55368921e Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Fri, 21 Aug 2015 20:06:08 +0530 Subject: [PATCH] networks: Implement diagnostics - Since DNS server is started now by setting ipv4 'shared' method on a network connection, DNS tests are done here. --- plinth/modules/networks/__init__.py | 81 +++++++++++++++++++ .../networks/templates/connections_list.html | 2 + 2 files changed, 83 insertions(+) diff --git a/plinth/modules/networks/__init__.py b/plinth/modules/networks/__init__.py index d0c79a325..84a3ed45b 100644 --- a/plinth/modules/networks/__init__.py +++ b/plinth/modules/networks/__init__.py @@ -19,9 +19,90 @@ Plinth module to interface with network-manager """ +from gettext import gettext as _ +from logging import Logger +import subprocess + from . import networks from .networks import init +from plinth import action_utils +from plinth import network + __all__ = ['networks', 'init'] depends = ['plinth.modules.system'] + +logger = Logger(__name__) + + +def diagnose(): + """Run diagnostics and return the results.""" + results = [] + + interfaces = _get_shared_interfaces() + addresses = _get_interface_addresses(interfaces) + + for address in addresses: + results.append(action_utils.diagnose_port_listening(53, 'tcp', address)) + results.append(action_utils.diagnose_port_listening(53, 'udp', address)) + + results.append(_diagnose_dnssec('4')) + results.append(_diagnose_dnssec('6')) + + return results + + +def _get_shared_interfaces(): + """Get active network interfaces in shared mode.""" + shared_interfaces = [] + for connection in network.get_connection_list(): + if not connection['is_active']: + continue + + connection_uuid = connection['uuid'] + connection = network.get_connection(connection_uuid) + + settings_ipv4 = connection.get_setting_ip4_config() + if settings_ipv4.get_method() == 'shared': + settings_connection = connection.get_setting_connection() + interface = settings_connection.get_interface_name() + if interface: + shared_interfaces.append(interface) + + return shared_interfaces + + +def _get_interface_addresses(interfaces): + """Get the IPv4 addresses for the given interfaces.""" + output = subprocess.check_output(['ip', '-o', 'addr']) + lines = output.decode().splitlines() + + addresses = [] + for line in lines: + parts = line.split() + if parts[1] in interfaces and parts[2] == 'inet': + addresses.append(parts[3].split('/')[0]) + + return addresses + + +def _diagnose_dnssec(kind='4'): + """Perform diagnostic on whether the system is using DNSSEC. + + Kind is either '4' or '6' for IPv4 and IPv6 respectively. + """ + kind_option = {'4': '-4', '6': '-6'}[kind] + + result = 'failed' + try: + output = subprocess.check_output( + ['dig', kind_option, '+time=2', '+tries=1', + 'test.dnssec-or-not.net', 'TXT']) + + if 'Yes, you are using DNSSEC' in output.decode(): + result = 'passed' + except subprocess.CalledProcessError: + pass + + return [_('Using DNSSEC on IPv{kind}').format(kind=kind), result] diff --git a/plinth/modules/networks/templates/connections_list.html b/plinth/modules/networks/templates/connections_list.html index 116758410..462a5eea9 100644 --- a/plinth/modules/networks/templates/connections_list.html +++ b/plinth/modules/networks/templates/connections_list.html @@ -93,6 +93,8 @@ {% endfor %} + + {% include "diagnostics_button.html" with module="networks" %}