added several nrl services updated to config service format

daemon/core/configservices/utilservices/services.py

@@ -0,0 +1,300 @@
+from typing import Any, Dict
+
+import netaddr
+
+from core import utils
+from core.configservice.base import ConfigService, ConfigServiceMode
+
+GROUP_NAME = "Utility"
+
+
+class DefaultRouteService(ConfigService):
+    name = "DefaultRoute"
+    group = GROUP_NAME
+    directories = []
+    files = ["defaultroute.sh"]
+    executables = ["ip"]
+    dependencies = []
+    startup = ["sh defaultroute.sh"]
+    validate = []
+    shutdown = []
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        addresses = []
+        for netif in self.node.netifs():
+            if getattr(netif, "control", False):
+                continue
+            for addr in netif.addrlist:
+                net = netaddr.IPNetwork(addr)
+                if net[1] != net[-2]:
+                    addresses.append(net[1])
+        return dict(addresses=addresses)
+
+
+class DefaultMulticastRouteService(ConfigService):
+    name = "DefaultMulticastRoute"
+    group = GROUP_NAME
+    directories = []
+    files = ["defaultmroute.sh"]
+    executables = []
+    dependencies = []
+    startup = ["sh defaultmroute.sh"]
+    validate = []
+    shutdown = []
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        ifname = None
+        for ifc in self.node.netifs():
+            if hasattr(ifc, "control") and ifc.control is True:
+                continue
+            ifname = ifc.name
+            break
+        return dict(ifname=ifname)
+
+
+class StaticRouteService(ConfigService):
+    name = "StaticRoute"
+    group = GROUP_NAME
+    directories = []
+    files = ["staticroute.sh"]
+    executables = []
+    dependencies = []
+    startup = ["sh staticroute.sh"]
+    validate = []
+    shutdown = []
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        routes = []
+        for ifc in self.node.netifs():
+            if hasattr(ifc, "control") and ifc.control is True:
+                continue
+            for x in ifc.addrlist:
+                addr = x.split("/")[0]
+                if netaddr.valid_ipv6(addr):
+                    dst = "3ffe:4::/64"
+                else:
+                    dst = "10.9.8.0/24"
+                net = netaddr.IPNetwork(x)
+                if net[-2] != net[1]:
+                    routes.append((dst, net[1]))
+        return dict(routes=routes)
+
+
+class IpForwardService(ConfigService):
+    name = "IPForward"
+    group = GROUP_NAME
+    directories = []
+    files = ["ipforward.sh"]
+    executables = ["sysctl"]
+    dependencies = []
+    startup = ["sh ipforward.sh"]
+    validate = []
+    shutdown = []
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        devnames = []
+        for ifc in self.node.netifs():
+            devname = utils.sysctl_devname(ifc.name)
+            devnames.append(devname)
+        return dict(devnames=devnames)
+
+
+class SshService(ConfigService):
+    name = "SSH"
+    group = GROUP_NAME
+    directories = ["/etc/ssh", "/var/run/sshd"]
+    files = ["startsshd.sh", "/etc/ssh/sshd_config"]
+    executables = ["sshd"]
+    dependencies = []
+    startup = ["sh startsshd.sh"]
+    validate = []
+    shutdown = ["killall sshd"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        return dict(
+            sshcfgdir=self.directories[0],
+            sshstatedir=self.directories[1],
+            sshlibdir="/usr/lib/openssh",
+        )
+
+
+class DhcpService(ConfigService):
+    name = "DHCP"
+    group = GROUP_NAME
+    directories = ["/etc/dhcp", "/var/lib/dhcp"]
+    files = ["/etc/dhcp/dhcpd.conf"]
+    executables = ["dhcpd"]
+    dependencies = []
+    startup = ["touch /var/lib/dhcp/dhcpd.leases", "dhcpd"]
+    validate = ["pidof dhcpd"]
+    shutdown = ["killall dhcpd"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        subnets = []
+        for ifc in self.node.netifs():
+            if hasattr(ifc, "control") and ifc.control is True:
+                continue
+            for x in ifc.addrlist:
+                addr = x.split("/")[0]
+                if netaddr.valid_ipv4(addr):
+                    net = netaddr.IPNetwork(x)
+                    # divide the address space in half
+                    index = (net.size - 2) / 2
+                    rangelow = net[index]
+                    rangehigh = net[-2]
+                    subnets.append((net.ip, net.netmask, rangelow, rangehigh, addr))
+        return dict(subnets=subnets)
+
+
+class DhcpClientService(ConfigService):
+    name = "DHCPClient"
+    group = GROUP_NAME
+    directories = []
+    files = ["startdhcpclient.sh"]
+    executables = ["dhclient"]
+    dependencies = []
+    startup = ["sh startdhcpclient.sh"]
+    validate = ["pidof dhclient"]
+    shutdown = ["killall dhclient"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        ifnames = []
+        for ifc in self.node.netifs():
+            if hasattr(ifc, "control") and ifc.control is True:
+                continue
+            ifnames.append(ifc.name)
+        return dict(ifnames=ifnames)
+
+
+class FtpService(ConfigService):
+    name = "FTP"
+    group = GROUP_NAME
+    directories = ["/var/run/vsftpd/empty", "/var/ftp"]
+    files = ["vsftpd.conf"]
+    executables = ["vsftpd"]
+    dependencies = []
+    startup = ["vsftpd ./vsftpd.conf"]
+    validate = ["pidof vsftpd"]
+    shutdown = ["killall vsftpd"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+
+class PcapService(ConfigService):
+    name = "pcap"
+    group = GROUP_NAME
+    directories = []
+    files = ["pcap.sh"]
+    executables = ["tcpdump"]
+    dependencies = []
+    startup = ["sh pcap.sh start"]
+    validate = ["pidof tcpdump"]
+    shutdown = ["sh pcap.sh stop"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        ifnames = []
+        for ifc in self.node.netifs():
+            if hasattr(ifc, "control") and ifc.control is True:
+                continue
+            ifnames.append(ifc.name)
+        return dict()
+
+
+class RadvdService(ConfigService):
+    name = "radvd"
+    group = GROUP_NAME
+    directories = ["/etc/radvd"]
+    files = ["/etc/radvd/radvd.conf"]
+    executables = ["radvd"]
+    dependencies = []
+    startup = ["radvd -C /etc/radvd/radvd.conf -m logfile -l /var/log/radvd.log"]
+    validate = ["pidof radvd"]
+    shutdown = ["pkill radvd"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        interfaces = []
+        for ifc in self.node.netifs():
+            if hasattr(ifc, "control") and ifc.control is True:
+                continue
+            prefixes = []
+            for x in ifc.addrlist:
+                addr = x.split("/")[0]
+                if netaddr.valid_ipv6(addr):
+                    prefixes.append(x)
+            if not prefixes:
+                continue
+            interfaces.append((ifc.name, prefixes))
+        return dict(interfaces=interfaces)
+
+
+class AtdService(ConfigService):
+    name = "atd"
+    group = GROUP_NAME
+    directories = ["/var/spool/cron/atjobs", "/var/spool/cron/atspool"]
+    files = ["startatd.sh"]
+    executables = ["atd"]
+    dependencies = []
+    startup = ["sh startatd.sh"]
+    validate = ["pidof atd"]
+    shutdown = ["pkill atd"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+
+class HttpService(ConfigService):
+    name = "HTTP"
+    group = GROUP_NAME
+    directories = [
+        "/etc/apache2",
+        "/var/run/apache2",
+        "/var/log/apache2",
+        "/run/lock",
+        "/var/lock/apache2",
+        "/var/www",
+    ]
+    files = ["/etc/apache2/apache2.conf", "/etc/apache2/envvars", "/var/www/index.html"]
+    executables = ["apache2ctl"]
+    dependencies = []
+    startup = ["chown www-data /var/lock/apache2", "apache2ctl start"]
+    validate = ["pidof apache2"]
+    shutdown = ["apache2ctl stop"]
+    validation_mode = ConfigServiceMode.BLOCKING
+    default_configs = []
+    modes = {}
+
+    def data(self) -> Dict[str, Any]:
+        interfaces = []
+        for ifc in self.node.netifs():
+            if hasattr(ifc, "control") and ifc.control is True:
+                continue
+            interfaces.append(ifc)
+        return dict(interfaces=interfaces)

daemon/core/configservices/utilservices/templates/apache2.conf

@@ -0,0 +1,102 @@
+# apache2.conf generated by utility.py:HttpService
+Mutex file:$APACHE_LOCK_DIR default
+
+PidFile $APACHE_PID_FILE
+Timeout 300
+KeepAlive On
+MaxKeepAliveRequests 100
+KeepAliveTimeout 5
+
+LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
+
+<IfModule mpm_prefork_module>
+    StartServers          5
+    MinSpareServers       5
+    MaxSpareServers      10
+    MaxClients          150
+    MaxRequestsPerChild   0
+</IfModule>
+
+<IfModule mpm_worker_module>
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          150
+    MaxRequestsPerChild   0
+</IfModule>
+
+<IfModule mpm_event_module>
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          150
+    MaxRequestsPerChild   0
+</IfModule>
+
+User $APACHE_RUN_USER
+Group $APACHE_RUN_GROUP
+
+AccessFileName .htaccess
+
+<Files ~ "^\\.ht">
+    Require all denied
+</Files>
+
+DefaultType None
+
+HostnameLookups Off
+
+ErrorLog $APACHE_LOG_DIR/error.log
+LogLevel warn
+
+#Include mods-enabled/*.load
+#Include mods-enabled/*.conf
+LoadModule alias_module /usr/lib/apache2/modules/mod_alias.so
+LoadModule auth_basic_module /usr/lib/apache2/modules/mod_auth_basic.so
+LoadModule authz_core_module /usr/lib/apache2/modules/mod_authz_core.so
+LoadModule authz_host_module /usr/lib/apache2/modules/mod_authz_host.so
+LoadModule authz_user_module /usr/lib/apache2/modules/mod_authz_user.so
+LoadModule autoindex_module /usr/lib/apache2/modules/mod_autoindex.so
+LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so
+LoadModule env_module /usr/lib/apache2/modules/mod_env.so
+
+NameVirtualHost *:80
+Listen 80
+
+<IfModule mod_ssl.c>
+    Listen 443
+</IfModule>
+<IfModule mod_gnutls.c>
+    Listen 443
+</IfModule>
+
+LogFormat "%v:%p %h %l %u %t \\"%r\\" %>s %O \\"%{Referer}i\\" \\"%{User-Agent}i\\"" vhost_combined
+LogFormat "%h %l %u %t \\"%r\\" %>s %O \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined
+LogFormat "%h %l %u %t \\"%r\\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+ServerTokens OS
+ServerSignature On
+TraceEnable Off
+
+<VirtualHost *:80>
+    ServerAdmin webmaster@localhost
+    DocumentRoot /var/www
+    <Directory />
+        Options FollowSymLinks
+        AllowOverride None
+    </Directory>
+    <Directory /var/www/>
+        Options Indexes FollowSymLinks MultiViews
+        AllowOverride None
+        Require all granted
+    </Directory>
+    ErrorLog $APACHE_LOG_DIR/error.log
+    LogLevel warn
+    CustomLog $APACHE_LOG_DIR/access.log combined
+</VirtualHost>

daemon/core/configservices/utilservices/templates/defaultmroute.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+# auto-generated by DefaultMulticastRoute service (utility.py)
+# the first interface is chosen below; please change it as needed
+ip route add 224.0.0.0/4 dev ${ifname}

daemon/core/configservices/utilservices/templates/defaultroute.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+# auto-generated by DefaultRoute service
+% for address in addresses:
+ip route add default via ${address}
+% endfor

daemon/core/configservices/utilservices/templates/dhcpd.conf

@@ -0,0 +1,22 @@
+# auto-generated by DHCP service (utility.py)
+# NOTE: move these option lines into the desired pool { } block(s) below
+#option domain-name "test.com";
+#option domain-name-servers 10.0.0.1;
+#option routers 10.0.0.1;
+
+log-facility local6;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+ddns-update-style none;
+
+% for subnet, netmask, rangelow, rangehigh, addr in subnets:
+subnet ${subnet} netmask ${netmask} {
+  pool {
+    range ${rangelow} ${rangehigh};
+    default-lease-time 600;
+    option routers ${addr};
+  }
+}
+% endfor

daemon/core/configservices/utilservices/templates/envvars

@@ -0,0 +1,10 @@
+# this file is used by apache2ctl - generated by utility.py:HttpService
+# these settings come from a default Ubuntu apache2 installation
+export APACHE_RUN_USER=www-data
+export APACHE_RUN_GROUP=www-data
+export APACHE_PID_FILE=/var/run/apache2.pid
+export APACHE_RUN_DIR=/var/run/apache2
+export APACHE_LOCK_DIR=/var/lock/apache2
+export APACHE_LOG_DIR=/var/log/apache2
+export LANG=C
+export LANG

daemon/core/configservices/utilservices/templates/index.html

@@ -0,0 +1,13 @@
+<!-- generated by utility.py:HttpService -->
+<html>
+<body>
+<h1>${node.name} web server</h1>
+<p>This is the default web page for this server.</p>
+<p>The web server software is running but no content has been added, yet.</p>
+<ul>
+% for ifc in interfaces:
+    <li>${ifc.name} - ${ifc.addrlist}</li>
+% endfor
+</ul>
+</body>
+</html>

daemon/core/configservices/utilservices/templates/ipforward.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+# auto-generated by IPForward service (utility.py)
+sysctl -w net.ipv4.conf.all.forwarding=1
+sysctl -w net.ipv4.conf.default.forwarding=1
+sysctl -w net.ipv6.conf.all.forwarding=1
+sysctl -w net.ipv6.conf.default.forwarding=1
+sysctl -w net.ipv4.conf.all.send_redirects=0
+sysctl -w net.ipv4.conf.default.send_redirects=0
+sysctl -w net.ipv4.conf.all.rp_filter=0
+sysctl -w net.ipv4.conf.default.rp_filter=0
+# setup forwarding for node interfaces
+% for devname in devnames:
+sysctl -w net.ipv4.conf.${devname}.forwarding=1
+sysctl -w net.ipv4.conf.${devname}.send_redirects=0
+sysctl -w net.ipv4.conf.${devname}.rp_filter=0
+% endfor

daemon/core/configservices/utilservices/templates/pcap.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+# set tcpdump options here (see 'man tcpdump' for help)
+# (-s snap length, -C limit pcap file length, -n disable name resolution)
+if [ "x$1" = "xstart" ]; then
+% for ifname in ifnames:
+    tcpdump -s 12288 -C 10 -n -w ${node.name}.${ifname}.pcap -i ${ifname} < /dev/null &
+% endfor
+elif [ "x$1" = "xstop" ]; then
+    mkdir -p $SESSION_DIR/pcap
+    mv *.pcap $SESSION_DIR/pcap
+fi;

daemon/core/configservices/utilservices/templates/radvd.conf

@@ -0,0 +1,19 @@
+# auto-generated by RADVD service (utility.py)
+% for ifname, prefixes in values:
+interface ${ifname}
+{
+        AdvSendAdvert on;
+        MinRtrAdvInterval 3;
+        MaxRtrAdvInterval 10;
+        AdvDefaultPreference low;
+        AdvHomeAgentFlag off;
+% for prefix in prefixes:
+        prefix ${prefix}
+        {
+                AdvOnLink on;
+                AdvAutonomous on;
+                AdvRouterAddr on;
+        };
+% endfor
+};
+% endfor

daemon/core/configservices/utilservices/templates/sshd_config

@@ -0,0 +1,37 @@
+# auto-generated by SSH service (utility.py)
+Port 22
+Protocol 2
+HostKey ${sshcfgdir}/ssh_host_rsa_key
+UsePrivilegeSeparation yes
+PidFile ${sshstatedir}/sshd.pid
+
+KeyRegenerationInterval 3600
+ServerKeyBits 768
+
+SyslogFacility AUTH
+LogLevel INFO
+
+LoginGraceTime 120
+PermitRootLogin yes
+StrictModes yes
+
+RSAAuthentication yes
+PubkeyAuthentication yes
+
+IgnoreRhosts yes
+RhostsRSAAuthentication no
+HostbasedAuthentication no
+
+PermitEmptyPasswords no
+ChallengeResponseAuthentication no
+
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+
+AcceptEnv LANG LC_*
+Subsystem sftp ${sshlibdir}/sftp-server
+UsePAM yes
+UseDNS no

daemon/core/configservices/utilservices/templates/startatd.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+echo 00001 > /var/spool/cron/atjobs/.SEQ
+chown -R daemon /var/spool/cron/*
+chmod -R 700 /var/spool/cron/*
+atd

daemon/core/configservices/utilservices/templates/startdhcpclient.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+# auto-generated by DHCPClient service (utility.py)
+# uncomment this mkdir line and symlink line to enable client-side DNS\n# resolution based on the DHCP server response.
+#mkdir -p /var/run/resolvconf/interface
+% for ifname in ifnames:
+#ln -s /var/run/resolvconf/interface/${ifname}.dhclient /var/run/resolvconf/resolv.conf
+dhclient -nw -pf /var/run/dhclient-${ifname}.pid -lf /var/run/dhclient-${ifname}.lease ${ifname}
+% endfor

daemon/core/configservices/utilservices/templates/startsshd.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+# auto-generated by SSH service (utility.py)
+ssh-keygen -q -t rsa -N "" -f ${sshcfgdir}/ssh_host_rsa_key
+chmod 655 ${sshstatedir}
+# wait until RSA host key has been generated to launch sshd
+$(which sshd) -f ${sshcfgdir}/sshd_config

daemon/core/configservices/utilservices/templates/staticroute.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+# auto-generated by StaticRoute service (utility.py)
+# NOTE: this service must be customized to be of any use
+#       Below are samples that you can uncomment and edit.
+% for dest, addr in routes:
+#ip route add ${dest} via ${addr}
+% endfor

daemon/core/configservices/utilservices/templates/vsftpd.conf

@@ -0,0 +1,12 @@
+# vsftpd.conf auto-generated by FTP service (utility.py)
+listen=YES
+anonymous_enable=YES
+local_enable=YES
+dirmessage_enable=YES
+use_localtime=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_file=/var/log/vsftpd.log
+ftpd_banner=Welcome to the CORE FTP service
+secure_chroot_dir=/var/run/vsftpd/empty
+anon_root=/var/ftp