Остання активність 1 month ago

gistfile1.txt Неформатований
1def poll_handshakes():
2 """
3 Poll wg show latest-handshakes periodically.
4 Log a handshake event only when gap > WG_HANDSHAKE_CHECK_SEC (new session).
5 """
6 global _hs_last_logged
7
8 _hs_last_logged = load_hs_cache()
9
10 pubkey_to_name = build_pubkey_to_name()
11 log.info(f"Handshake poller started — {len(pubkey_to_name)} peers, "
12 f"session threshold {WG_HANDSHAKE_CHECK_SEC}s")
13
14 while True:
15 try:
16 result = subprocess.run(
17 ["wg", "show", WG_WG_INTERFACE, "latest-handshakes"],
18 capture_output=True, text=True
19 )
20 for line in result.stdout.strip().splitlines():
21 parts = line.split()
22 if len(parts) != 2:
23 continue
24 pubkey, ts_str = parts
25 try:
26 ts = int(ts_str)
27 except ValueError:
28 continue
29 if ts == 0:
30 continue
31
32 client = pubkey_to_name.get(pubkey)
33 if not client:
34 continue
35
36 last = _hs_last_logged.get(pubkey, 0)
37 gap = ts - last
38
39 # Always update last seen
40 _hs_last_logged[pubkey] = ts
41
42 if gap < WG_HANDSHAKE_CHECK_SEC:
43 continue # keepalive, skip
44
45 # Get endpoint
46 endpoint = get_endpoint(pubkey) or ''
47
48 if not endpoint:
49 try:
50 cache = json.loads(ENDPOINT_CACHE_FILE.read_text())
51 endpoint = cache.get(client, '')
52 except Exception:
53 pass
54
55
56 # New session, log it
57 entry = {
58 "timestamp": datetime.fromtimestamp(ts, tz=timezone.utc).isoformat(),
59 "ip": "",
60 "client": client,
61 "event": "handshake",
62 "endpoint": endpoint,
63 }
64 try:
65 with EVENTS_LOG.open("a") as f:
66 f.write(json.dumps(entry) + "\n")
67 log.info(f"New session: {client} from {endpoint}")
68 except Exception as e:
69 log.error(f"Failed to write handshake event: {e}")
70
71 log.debug(f"Gap for {client}: {gap}s (threshold: {WG_HANDSHAKE_CHECK_SEC}s)")
72 save_hs_cache(_hs_last_logged)
73
74 except Exception as e:
75 log.error(f"Handshake poll error: {e}")
76
77 time.sleep(WG_HANDSHAKE_CHECK_SEC // 2) # poll at half the threshold
78
79# ============================================
80# Packet Handler
81# ============================================
82
83def handle_packet(pkt):
84