diff --git a/ereshkigal.py b/ereshkigal.py index 727f3fe..fd19ce7 100755 --- a/ereshkigal.py +++ b/ereshkigal.py @@ -31,18 +31,17 @@ import logging # fort sorting dictionaries easily from operator import itemgetter -class SSHTunnel(dict): +class SSHConnection(dict): """A dictionary that stores an SSH connection related to a tunnel""" def __init__(self, local_address = '1.1.1.1', local_port = 0, foreign_address = '1.1.1.1', foreign_port = 0, - target_host = "Unknown", status = 'UNKNOWN', ssh_pid = 0 ): + status = 'UNKNOWN', ssh_pid = 0 ): # informations available with netstat self['local_address'] = local_address self['local_port'] = local_port self['foreign_address'] = foreign_address self['foreign_port'] = foreign_port - self['target_host'] = target_host self['status'] = status self['ssh_pid'] = ssh_pid @@ -52,31 +51,38 @@ class SSHTunnel(dict): def __repr__(self): # do not print all the informations by default - return "%i\t%i\t%s\t%s" % ( + return "%i\t%s:%i -> %s:%i\t%s" % ( + self['ssh_pid'], + self['local_address'], self['local_port'], - self['target_host'], + self['foreign_address'], + self['foreign_port'], self['status'] ) -class AutoSSHTunnel(SSHTunnel): - def __init__(self, autossh_pid = 0, *args ): +class AutoSSHConnection(SSHConnection): + def __init__(self, autossh_pid = 0, target_host = "Unknown", *args ): self['autossh_pid'] = autossh_pid + self['target_host'] = target_host super().__init__(*args) def __repr__(self): # do not print all the informations by default - return "%i\t%i\t%s\t%s" % ( + return "%i\t%s:%i -> %s:%i\t%s" % ( self['autossh_pid'], + self['local_address'], self['local_port'], self['target_host'], + self['foreign_port'], self['status'] ) -class AutoSSHprocess(dict): + +class TunnelProcess(dict): """A dictionary that stores an autossh process""" - def __init__(self, pid = 0, local_port = 0, via_host="Unknown", target_host = "Unknown",foreign_port = 0): + def __init__(self, pid = 0, local_port = 0, via_host="Unknown", target_host = "Unknown", foreign_port = 0, kind='raw'): # some informations available on /proc self['pid'] = pid @@ -84,11 +90,14 @@ class AutoSSHprocess(dict): self['via_host'] = via_host self['target_host'] = target_host self['foreign_port'] = foreign_port - self['tunnels'] = [] + assert(kind in ('auto','raw')) + self['kind'] = kind + self['connections'] = [] def __repr__(self): # single informations - repr = "%i\t%i\t%s\t%s\t%i" % ( + repr = "%s\t%i\t%i\t%s\t%s\t%i" % ( + self['kind'], self['pid'], self['local_port'], self['via_host'], @@ -96,14 +105,15 @@ class AutoSSHprocess(dict): self['foreign_port']) # list of tunnels linked to this process - for t in self['tunnels']: - repr += "\n\t↳ %s" % t + for t in self['connections']: + repr += "\n↳\t%s" % t return repr + # FIXME use regexps, for gods sake -class AutoSSHTunnelMonitor(list): +class TunnelMonitor(list): """List of existing autossh processes and ssh connections""" def __init__(self): @@ -125,29 +135,75 @@ class AutoSSHTunnelMonitor(list): # autossh processes autosshs = self.get_autossh_instances() if autosshs: - logging.debug("Autossh processes: %s" % autosshs) + logging.debug("autossh processes: %s" % autosshs) + + # ssh processes + sshs = self.get_ssh_instances() + if sshs: + logging.debug("ssh processes: %s" % sshs) # ssh connections related to a tunnel autocon,rawcon = self.get_connections() if autocon: logging.debug("SSH connections related to a tunnel: %s" % autocon) + if rawcon: + logging.debug("SSH connections not related to a tunnel: %s" % autocon) # Bind existing connections to autossh processes. # Thus the instance is a list of AutoSSHinstance instances, - # each of those instances having a 'tunnels' key, + # each of those instances having a 'connections' key, # hosting the corresponding list of tunnel connections. - self[:] = self.bind_tunnels(autosshs, autocon) + autop = self.bind_autotunnels(autosshs, autocon) + rawp = self.bind_rawtunnels(sshs, rawcon) + + # Replace with new tunnels + self[:] = autop + + # Add raw tunnels + logging.debug("Add only single raw ssh tunnels") + for p in rawp: + logging.debug("\traw ssh process: %i" % p['pid']) + duplicate = False + for a in autocon: + logging.debug("\t\tautossh connection: ssh_pid=%i, autossh_pid=%i" % (a['ssh_pid'],a['autossh_pid'])) + if p['pid'] == a['ssh_pid']: + duplicate = True + logging.debug("\t\tduplicate") + break + if not duplicate: + logging.debug("\tno duplicate, add as raw") + self.append(p) # sort on a given key self.sort_on( 'local_port') + def bind_autotunnels(self, autosshs, connections): + """Bind autossh process to the related ssh connections, according to the pid""" + for t in connections: + for i in autosshs: + if i['pid'] == t['ssh_pid']: + # add to the list of connections of the TunnelProcess instance + i['connections'].append( t ) + return autosshs + + + def bind_rawtunnels(self, sshs, connections): + """Bind autossh process to the related ssh connections, according to the pid""" + for t in connections: + for i in sshs: + if i['pid'] == t['ssh_pid']: + # add to the list of connections of the TunnelProcess instance + i['connections'].append( t ) + return sshs + + def __repr__(self): - repr = "PID\tINPORT\tVIA\tHOST\tOUTPORT" + repr = "TYPE\tPID\tINPORT\tVIA\t\tTARGET\t\tOUTPORT" # only root can see tunnels connections if os.geteuid() == 0: - repr += "\tTUNNELS" + repr += "\t↳ CONNECTIONS" repr += '\n' @@ -207,13 +263,69 @@ class AutoSSHTunnelMonitor(list): break - auto = AutoSSHprocess( pid, local_port, via_host, target_host, foreign_port ) - logging.debug("Add AutoSSHprocess: %s" % auto) + auto = TunnelProcess( pid, local_port, via_host, target_host, foreign_port, kind='auto' ) + logging.debug("Add TunnelProcess: %s" % auto) autosshs.append( auto ) return autosshs + + def get_ssh_instances(self): + """Gather and parse ssh processes""" + + # call the command + #status = os.popen3( self.ps_cmd ) + + p = subprocess.Popen( self.ps_cmd, shell=True, + stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) + + status = (p.stdin, p.stdout, p.stderr) + + + # list of processes with the "ssh" string + status_list = [ps for ps in status[1].readlines() if b"ssh" in ps] + if status_list: + logging.debug("Processes containing 'ssh': %s" % status_list) + + # split the process line if it contains a "-L" + cmds = [i.split() for i in status_list if '-L' in i.decode()] + + sshs = [] + + for cmd in cmds: + logging.debug("Parse command: %s" % cmd) + + if 'autossh' in cmd[4].decode(): + logging.debug('autossh command, ignore.') + continue + + # split the command in order to obtain arguments to the -L option + args = [i.strip(b'L-') for i in cmd if '-L' in i.decode()][0].split(b':') + logging.debug("Split around -L: %s" % args) + + pid = int(cmd[0]) + local_port = int(args[0]) + target_host = args[1].decode() + foreign_port = int(args[2]) + + # find the hostname where the tunnel goes + via_host = "unknown" + for i in range( len(cmd)-1,0,-1 ): + if chr(cmd[i][0]) != '-': + via_host = cmd[i].decode() + logging.debug("Via host: %s" % via_host) + break + + + auto = TunnelProcess( pid, local_port, via_host, target_host, foreign_port, kind='raw' ) + logging.debug("Add TunnelProcess: %s" % auto) + + sshs.append( auto ) + + return sshs + + def parse_addr_port(self, addr_port): if len(addr_port) == 2: # ipv4 addr = addr_port[0].decode() @@ -260,7 +372,7 @@ class AutoSSHTunnelMonitor(list): foreign = con[4].split(b':') foreign_addr, foreign_port = self.parse_addr_port(foreign) - status = con[5] + status = con[5].decode() logging.debug("Connection status: %s" % status) sshpid = int( con[6].split(b'/')[0] ) @@ -270,7 +382,7 @@ class AutoSSHTunnelMonitor(list): f = open( '/proc/' + str(sshpid) + '/cmdline' ) cmd = f.readlines()[0] f.close() - logging.debug("SSH command: %s" % cmd) + logging.debug("Command: %s" % cmd) # if not an ssh tunnel command if ('-L' not in cmd) or (':' not in cmd): @@ -304,31 +416,20 @@ class AutoSSHTunnelMonitor(list): f.close() logging.debug("Cmd: %s" % content[0]) if not 'autossh' in content[0]: - logging.warning("Tunnel not managed by autossh, ignore.") + logging.warning("Connection not managed by autossh.") # FIXME display those hanging tunnels in some way. - rawtunnels.append( SSHTunnel( local_addr, local_port, foreign_addr, foreign_port, autohost, status, sshpid ) ) + rawtunnels.append( SSHConnection( local_addr, local_port, foreign_addr, foreign_port, status, sshpid ) ) else: autohost = content[0].split(':')[1] logging.debug("Parsed cmd without port: %s" % autohost) # instanciation - autotunnels.append( AutoSSHTunnel( ppid, local_addr, local_port, foreign_addr, foreign_port, autohost, status, sshpid ) ) + autotunnels.append( AutoSSHConnection( ppid, autohost, local_addr, local_port, foreign_addr, foreign_port, status, sshpid ) ) return autotunnels,rawtunnels - def bind_tunnels(self, autosshs, tunnels): - """Bind autossh process to the related ssh connections, according to the pid""" - for t in tunnels: - for i in autosshs: - if i['pid'] == t['autossh_pid']: - # add to the list of tunnels of the AutoSSHprocess instance - i['tunnels'].append( t ) - - return autosshs - - ################################################################################################# # INTERFACES ################################################################################################# @@ -345,7 +446,7 @@ class monitorCurses: self.scr = scr # tunnels monitor - self.tm = AutoSSHTunnelMonitor() + self.tm = TunnelMonitor() # selected line self.cur_line = -1 @@ -361,9 +462,10 @@ class monitorCurses: self.ui_delay = 0.05 # seconds between two screen update # colors - self.colors_autossh = {'pid':0, 'local_port':3, 'via_host':2, 'target_host':2, 'foreign_port':3, 'tunnels_nb':4, 'tunnels_nb_none':1} - self.colors_highlight = {'pid':9, 'local_port':9, 'via_host':9, 'target_host':9, 'foreign_port':9, 'tunnels_nb':9, 'tunnels_nb_none':9} - self.colors_ssh = {'ssh_pid':0, 'status':4, 'status_out':1, 'local_address':2, 'local_port':3, 'foreign_address':2, 'foreign_port':3} + # FIXME different colors for different types of tunnels (auto or raw) + self.colors_tunnel = {'kind':4, 'pid':0, 'local_port':3, 'via_host':2, 'target_host':2, 'foreign_port':3, 'tunnels_nb':4, 'tunnels_nb_none':1} + self.colors_highlight = {'kind':9, 'pid':9, 'local_port':9, 'via_host':9, 'target_host':9, 'foreign_port':9, 'tunnels_nb':9, 'tunnels_nb_none':9} + self.colors_connection = {'ssh_pid':0, 'status':4, 'status_out':1, 'local_address':2, 'local_port':3, 'foreign_address':2, 'foreign_port':3} def __call__(self): @@ -430,9 +532,12 @@ class monitorCurses: # if a pid is selected if self.cur_pid != -1: # send the SIGUSR1 signal - # autossh performs a reload of existing tunnels that it manages - logging.debug("SIGUSR1 on PID: %i" % self.cur_pid) - os.kill( self.cur_pid, signal.SIGUSR1 ) + if self.tm[self.cur_line]['kind'] == 'auto': + # autossh performs a reload of existing tunnels that it manages + logging.debug("SIGUSR1 on PID: %i" % self.cur_pid) + os.kill( self.cur_pid, signal.SIGUSR1 ) + else: + logging.debug("Cannot reload a RAW tunnel") # Kill autossh process elif ch in 'kK': @@ -443,7 +548,17 @@ class monitorCurses: # send a SIGKILL # the related process is stopped # FIXME SIGTERM or SIGKILL ? - logging.debug("SIGKILL on PID: %i" % self.cur_pid) + + # tunnel = self.tm[self.cur_line] + # if tunnel['kind'] == 'auto': + # # FIXME kill SSH first + # logging.debug("SIGKILL on ssh PID: %i" % tunnel['ssh_pid']) + # try: + # os.kill( tunnel['ssh_pid'], signal.SIGKILL ) + # except OSError: + # logging.error("No such process: %i" % tunnel['ssh_pid']) + + logging.debug("SIGKILL on autossh PID: %i" % self.cur_pid) try: os.kill( self.cur_pid, signal.SIGKILL ) except OSError: @@ -495,19 +610,19 @@ class monitorCurses: """Generate the interface screen""" # First line: help - help_msg = "[R]:reload autossh [K]:kill autossh [Q]:quit" + help_msg = "[R]:reload autossh [K]:kill tunnel [Q]:quit" if os.geteuid() == 0: - help_msg += " [T]:show tunnels connections" + help_msg += " [T]:show network connections" help_msg += '\n' self.scr.addstr(0,0, help_msg, curses.color_pair(4) ) self.scr.clrtoeol() # Second line - self.scr.addstr( "Active AutoSSH instances: ", curses.color_pair(6) ) + self.scr.addstr( "Active tunnels: ", curses.color_pair(6) ) self.scr.addstr( str( len(self.tm) ), curses.color_pair(1) ) self.scr.addstr( " / Active connections: ", curses.color_pair(6) ) - self.scr.addstr( str( sum([len(i['tunnels']) for i in self.tm]) ), curses.color_pair(1) ) + self.scr.addstr( str( sum([len(i['connections']) for i in self.tm]) ), curses.color_pair(1) ) self.scr.addstr( '\n', curses.color_pair(1) ) self.scr.clrtoeol() @@ -519,7 +634,7 @@ class monitorCurses: self.cur_pid = -1 # header line - header_msg = "PID \tINPORT\tVIAHOST \tOUTHOST \tOUTPORT" + header_msg = "TYPE\tPID \tINPORT\tVIA \tTARGET \tOUTPORT" if os.geteuid() == 0: header_msg += "\tCONNECTIONS" self.scr.addstr( header_msg, curses.color_pair(color) ) @@ -532,40 +647,40 @@ class monitorCurses: # if one want to show connections if self.show_tunnels and os.getuid() == 0: - self.add_tunnel( l ) + self.add_connection( l ) self.scr.clrtobot() - def add_tunnel(self, line ): + def add_connection(self, line ): """Add lines for each connections related to the l-th autossh process""" - colors = self.colors_ssh + colors = self.colors_connection # for each connections related to te line-th autossh process - for t in self.tm[line]['tunnels']: + for t in self.tm[line]['connections']: # FIXME fail if the screen's height is too small. - self.scr.addstr( '\n\t* ' ) + self.scr.addstr( '\n\t+ ' ) - self.scr.addstr( str( t['ssh_pid'] ), curses.color_pair(colors['ssh_pid'] ) ) - self.scr.addstr( '\t' ) + # self.scr.addstr( str( t['ssh_pid'] ), curses.color_pair(colors['ssh_pid'] ) ) + # self.scr.addstr( '\t' ) self.scr.addstr( str( t['local_address'] ) , curses.color_pair(colors['local_address'] )) self.scr.addstr( ':' ) self.scr.addstr( str( t['local_port'] ) , curses.color_pair(colors['local_port'] )) - self.scr.addstr( '->' ) + self.scr.addstr( ' -> ' ) self.scr.addstr( str( t['foreign_address'] ) , curses.color_pair(colors['foreign_address'] )) self.scr.addstr( ':' ) self.scr.addstr( str( t['foreign_port'] ) , curses.color_pair(colors['foreign_port'] )) self.scr.addstr( '\t' ) - color = self.colors_ssh['status'] + color = self.colors_connection['status'] # if the connections is established # TODO avoid hard-coded constants - if t['status'].decode() != 'ESTABLISHED': - color = self.colors_ssh['status_out'] + if t['status'] != 'ESTABLISHED': + color = self.colors_connection['status_out'] - self.scr.addstr( t['status'].decode(), curses.color_pair( color ) ) + self.scr.addstr( t['status'], curses.color_pair( color ) ) self.scr.clrtoeol() @@ -573,34 +688,35 @@ class monitorCurses: def add_autossh(self, line): """Add line corresponding to the line-th autossh process""" self.scr.addstr( '\n' ) + self.add_autossh_info('kind', line) self.add_autossh_info('pid', line) self.add_autossh_info('local_port', line) self.add_autossh_info('via_host', line) self.add_autossh_info('target_host', line) self.add_autossh_info('foreign_port', line) - nb = len(self.tm[line]['tunnels'] ) + nb = len(self.tm[line]['connections'] ) if nb > 0: # for each connection related to this process - for i in self.tm[line]['tunnels']: + for i in self.tm[line]['connections']: # add a vertical bar | # the color change according to the status of the connection - if i['status'].decode() == 'ESTABLISHED': - self.scr.addstr( '|', curses.color_pair(self.colors_ssh['status']) ) + if i['status'] == 'ESTABLISHED': + self.scr.addstr( '|', curses.color_pair(self.colors_connection['status']) ) else: - self.scr.addstr( '|', curses.color_pair(self.colors_ssh['status_out']) ) + self.scr.addstr( '|', curses.color_pair(self.colors_connection['status_out']) ) else: if os.geteuid() == 0: # if there is no connection, display a "None" - self.scr.addstr( 'None', curses.color_pair(self.colors_autossh['tunnels_nb_none']) ) + self.scr.addstr( 'None', curses.color_pair(self.colors_tunnel['tunnels_nb_none']) ) self.scr.clrtoeol() def add_autossh_info( self, key, line ): """Add an information of an autossh process, in the configured color""" - colors = self.colors_autossh + colors = self.colors_tunnel # if the line is selected if self.cur_line == line: # set the color to the highlight one @@ -741,20 +857,23 @@ if __name__ == "__main__": elif asked_for.connections: logging.debug("Entering connections mode") - tm = AutoSSHTunnelMonitor() + tm = TunnelMonitor() # do not call update() but only get connections logging.debug("UID: %i." % os.geteuid()) if os.geteuid() == 0: con,raw = tm.get_connections() for c in con: - print(con) + print(c) + for c in raw: + print(c) + else: logging.error("Only root can see SSH tunnels connections.") elif asked_for.autossh: logging.debug("Entering autossh mode") - tm = AutoSSHTunnelMonitor() + tm = TunnelMonitor() # do not call update() bu only get autossh processes auto = tm.get_autossh_instances() for i in auto: @@ -763,7 +882,7 @@ if __name__ == "__main__": else: logging.debug("Entering default mode") - tm = AutoSSHTunnelMonitor() + tm = TunnelMonitor() # call update tm.update() # call the default __repr__