#!/usr/bin/env python3 import json import ovh import sys def err(*args, **kwargs): print(*args, file=sys.stderr, **kwargs) sys.exit(1) if len(sys.argv) != 4: err("expected 3 arguments") with open("ovh-mitigation.json") as config: config = json.load(config) system = sys.argv[1] action = sys.argv[2] ip = sys.argv[3] client = ovh.Client( endpoint=config["endpoint"], application_key=config["application_key"], application_secret=config["application_secret"], consumer_key=config["consumer_key"], ) if system == "mitigation": if action == "status": result = client.get(f"/ip/{ip}/mitigation") if len(result) == 0: print("mitigation disabled") elif len(result) == 1: result = client.get(f"/ip/{ip}/mitigation/{result[0]}") print("automatic: " + str(result["auto"])) print("permanent: " + str(result["permanent"])) print("state: " + result["state"]) else: err("expected single result") elif action == "enable": result = client.post(f'/ip/{ip}/mitigation', ipOnMitigation=ip) if result["permanent"] is True and result["state"] == "creationPending": print("enabling permanent mitigation") else: err(json.dumps(result, indent=4) + "\nunexpected result") elif action == "disable": result = client.delete(f"/ip/{ip}/mitigation/{ip}") if result["permanent"] is True and result["state"] == "removalPending": print("disabling permanent mitigation") else: err(json.dumps(result, indent=4) + "\nunexpected result") else: err("unknown action: " + action) elif system == "firewall": if action == "status": result = client.get(f"/ip/{ip}/firewall/{ip}") print("enabled: " + str(result["enabled"])) print("state: " + result["state"]) elif action == "enable": client.put(f'/ip/{ip}/firewall/{ip}', enabled=True) elif action == "disable": client.put(f"/ip/{ip}/firewall/{ip}", enabled=False) else: err("unknown action: " + action) else: err("unknown system: " + system)