import sys
import re
import argparse
-from subprocess import Popen, PIPE
+from subprocess import Popen, PIPE, call
import ipaddr
-class NsupdateError(Exception):
+class ExternalProgramError(RuntimeError):
+ pass
+
+
+class NsupdateError(ExternalProgramError):
+ def __init__(self, returncode):
+ self.returncode = returncode
+
+
+class BlockipError(ExternalProgramError):
def __init__(self, returncode):
self.returncode = returncode
if p.returncode != 0:
raise NsupdateError(p.returncode)
-
def nsupdate_delete(fqdn, ip_family):
"""
:param fqdn: Fully qualified domain name
raise NsupdateError(p.returncode)
+def blockip_whitelist_add(ip):
+ """
+ :param ip: ipv4 address
+ :raises a BlockipError in case of errors."""
+ command = ['iptables', '-I', 'blockip', '-s', str(ip), '-j', 'ACCEPT']
+ p = call(command)
+ if p != 0:
+ raise BlockipError(p)
+
+
+def blockip_whitelist_delete(ip):
+ """
+ :param ip: ipv4 address
+ :raises a BlockipError in case of errors."""
+ command = ['iptables', '-D', 'blockip', '-s', str(ip), '-j', 'ACCEPT']
+ p = call(command)
+ if p != 0:
+ raise BlockipError(p)
+
+
def main(args):
try:
if args.delete:
nsupdate_delete(args.fqdn, 'AAAA')
else:
nsupdate_delete(args.fqdn, ipfamily_by_ip(args.ip))
+ if ipfamily_by_ip(args.ip) == 'A':
+ blockip_whitelist_delete(args.ip)
else:
nsupdate_delete(args.fqdn, ipfamily_by_ip(args.ip))
nsupdate_add(args.fqdn, args.ttl, args.ip)
- except NsupdateError as e:
+ if ipfamily_by_ip(args.ip) == 'A':
+ blockip_whitelist_add(args.ip)
+ except ExternalProgramError as e:
sys.exit(e.returncode)
ToastFreeware / toast / tdyndns.git / blobdiff