[nanny/win32: 7/75] Add initial Win32WebContentFiltering.py

[Roberto Majadas <telemaco src gnome org>]

commit 7eee08a5599cb43a277b55496731cf675b963107
Author: Roberto Majadas <roberto majadas openshine com>
Date:   Tue Sep 14 20:00:18 2010 +0200

    Add initial Win32WebContentFiltering.py

 daemon/src/Makefile.am                 |    1 +
 daemon/src/QuarterBack.py              |    1 +
 daemon/src/Win32WebContentFiltering.py |  115 ++++++++++++++++++++++++++++++++
 3 files changed, 117 insertions(+), 0 deletions(-)
---
diff --git a/daemon/src/Makefile.am b/daemon/src/Makefile.am
index 7af5690..400ebb4 100644
--- a/daemon/src/Makefile.am
+++ b/daemon/src/Makefile.am
@@ -14,6 +14,7 @@ corelib_PYTHON =	 __init__.py 			\
 			LinuxSessionFiltering.py	\
 			LinuxSessionCKFiltering.py	\
 			Win32Filtering			\
+			Win32WebContentFiltering.py	\
 			Win32UsersManager.py		
 
 if HAS_HACHOIR_REGEX
diff --git a/daemon/src/QuarterBack.py b/daemon/src/QuarterBack.py
index 3fe5be1..9711b8e 100644
--- a/daemon/src/QuarterBack.py
+++ b/daemon/src/QuarterBack.py
@@ -38,6 +38,7 @@ if os.name == "posix" :
     from FilterManager import FilterManager as FilterManager
 elif os.name == "nt" :
     from Win32Filtering import Win32Filtering as FirewallFilter
+    from Win32WebContentFiltering import Win32WebContentFiltering as WebContentFilter
     from Win32UsersManager import Win32UsersManager as UsersManager
 
 from Chrono import Chrono
diff --git a/daemon/src/Win32WebContentFiltering.py b/daemon/src/Win32WebContentFiltering.py
new file mode 100644
index 0000000..31d0d33
--- /dev/null
+++ b/daemon/src/Win32WebContentFiltering.py
@@ -0,0 +1,115 @@
+#!/usr/bin/env python
+
+# Copyright (C) 2009,2010 Junta de Andalucia
+# 
+# Authors:
+#   Roberto Majadas <roberto.majadas at openshine.com>
+#   Cesar Garcia Tapia <cesar.garcia.tapia at openshine.com>
+#   Luis de Bethencourt <luibg at openshine.com>
+#   Pablo Vieytes <pvieytes at openshine.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
+# USA
+
+import gobject
+import os
+
+from twisted.internet import reactor
+from twisted.application import internet, service
+from twisted.web import server
+from twisted.enterprise import adbapi
+
+from nanny.daemon.proxy.TwistedProxy import ReverseProxyResource as ProxyService
+from nanny.daemon.proxy.Controllers import WebDatabase
+
+PORT_START_NUMBER=53000
+WEBDATABASE='webs.db'
+
+def ipt(cmd) :
+    return os.system("/sbin/iptables %s > /dev/null 2>&1" % cmd)
+
+class Win32WebContentFiltering(gobject.GObject) :
+    def __init__(self, quarterback, app) :
+        gobject.GObject.__init__(self)
+        self.quarterback = quarterback
+        self.app = app
+
+        database_exists = False
+        if os.path.exists(WEBDATABASE) :
+            database_exists = True
+        
+        self.dbpool = adbapi.ConnectionPool('sqlite3', WEBDATABASE, check_same_thread=False)
+        self.webdb = WebDatabase(self.dbpool)
+
+        if database_exists == False :
+            self.webdb.create()
+        
+        self.services={}
+        
+        reactor.addSystemEventTrigger("after", "startup", self.start)
+        reactor.addSystemEventTrigger("before", "shutdown", self.stop)
+
+        self.quarterback.connect("add-wcf-to-uid", self.__start_proxy)
+        self.quarterback.connect("remove-wcf-to-uid", self.__stop_proxy)
+        
+    def start(self):
+        print "Start Win32 Web Content Filtering"
+        for uid in self.quarterback.wcf_uid_list :
+            self.__start_proxy(self.quarterback, uid)
+
+    def stop(self):
+        print "Stop Win32 Web Content Filtering"
+        for uid in self.services.keys() :
+            self.__stop_proxy(self.quarterback, uid)
+
+    def __start_proxy(self, quarterback, uid):
+#         if not self.services.has_key(uid) :
+#             root = ProxyService(uid, quarterback.filter_manager)
+#             sc = service.IServiceCollection(self.app)
+#             site = server.Site(root)
+            
+#             for port in range(PORT_START_NUMBER, PORT_START_NUMBER+5000) :
+#                 try:
+#                     i = internet.TCPServer(port, site)
+#                     i.setServiceParent(sc)
+#                 except:
+#                     continue
+                
+#                 self.services[uid]=(i, port)
+#                 self.__add_rule(uid, port)
+#                 return
+        
+    def __stop_proxy(self, quarterback, uid):
+#         if not self.services.has_key(uid) :
+#             return True
+#         else:
+#             i,port = self.services.pop(uid)
+#             i.stopService()
+#             self.__remove_rule(uid, port)
+
+    def __add_rule(self, uid, port):
+        ret = ipt("-t nat -A OUTPUT -p tcp -m owner --uid-owner %s -m tcp --dport 80 --syn -j REDIRECT --to-ports %s" % (uid, port))
+        if ret == 0:
+            print "Redirecting of user (%s) from 80 to %s" % (uid, port)
+
+    def __remove_rule(self, uid, port):
+        ret = ipt("-t nat -D OUTPUT -p tcp -m owner --uid-owner %s -m tcp --dport 80 --syn -j REDIRECT --to-ports %s" % (uid, port))
+        if ret == 0:
+            print "Remove Redirecting of user (%s) from 80 to %s" % (uid, port)
+
+    
+
+
+