需求背景:因客戶需要及時知道他們CDN是否被攻擊並自動跳切到高防網路,所以做了一個監控腳本。針對CNAME進行解析監控。把解析結果跟高防IP段做對比,結果爲true,則表示CDN高速節點被打趴,自動跳切高防了。併發出告警;
喝水不忘挖井人,參考鏈接:
判斷解析出來的IP是否屬於某一個IP段 https://blog.csdn.net/hackerie/article/details/80598436
解析並把結果通過郵件發送 https://blog.csdn.net/weixin_33953249/article/details/93126542
運行環境:CentOS7, Python3.6
避免重複造輪子,引用的模塊有:os IPy
os.popen os.system 運行shell命令
address in IPy.IP 判斷IP是否屬於某個網段
腳本源碼如下:
#!/usr/bin/python
# -*- coding: utf-8 -*-
#此腳本用於檢測CNAME是否跳切高防段
import os
import datetime as d
import IPy
#定義cname數組以及郵箱數組
cname = ['ooxx1.cdn-ng.net','ooxx2.cdn-ng.net','ooxx3.cdn-ng.net']
mail = ['[email protected]','[email protected]']
nowtime = d.datetime.now().strftime("%Y.%m.%d-%H:%M:%S")
#print(nowtime)
#'''
#cname解析檢測模塊
def check_domain():
for i in cname:
address = os.popen("nslookup %s | grep -v '#53' | awk -F':' '/^Address/{print $2}' | awk '{print $1}' | head -n 1" % i).read().strip()
judge1 = address in IPy.IP('11.12.13.0/23')
judge2 = address in IPy.IP('111.112.113.0/24')
judge3 = address in IPy.IP('1.2.3.0/22')
alarm = os.popen('cat /root/cname_check/dns_%s' % i).read().strip()
if judge1 == 1 or judge2 == 1 or judge3 == 1 : #解析地址屬於任意一個高防段則爲true
if int(alarm) == 1:
pass
else:
os.system('echo "XXXXCNAME:%s跳切高防! 解析地址爲:%s; 時間:$(date)" >> /root/cname_check/log_%s' % (i,address,i))
os.system('echo "1" > /root/cname_check/dns_%s' % i)
for j in mail:
os.popen("echo 'CNAME:%s跳切高防,解析地址爲:%s; 時間:%s'| mail -s 'CNAME:%s跳切高防' %s" %(i,address,nowtime,i,j))
elif int(alarm) == 1:
os.system('echo "OOOOCNAME:%s跳回高速! 解析地址爲:%s; 時間:$(date)" >> /root/cname_check/log_%s' % (i,address,i))
os.system('echo "0" > /root/cname_check/dns_%s' % i)
for j in mail:
os.popen("echo 'CNAME:%s恢復高速,解析地址爲:%s; 時間:%s' | mail -s 'CNAME:%s恢復高速' %s" %(i,address,nowtime,i,j))
else:
pass
check_domain()
#'''
然後寫入定時任務,每分鐘跑一次。因爲CDN緩存關係,告警靈敏度可能會有2分鐘左右誤差。