外网屏蔽admin页面

Aries/Aries/settings.py

@@ -306,3 +306,8 @@
 POLL_TIME = 600
 import sumSpace
 sumSpace.run(POLL_TIME)
+
+#admin页面白名单IP
+PERMISSION_SETTINGS = SETTINGS['PERMISSION']
+PERMISSION_IP_1 = PERMISSION_SETTINGS['PERMISSION_IP_1']
+PERMISSION_IP_2 = PERMISSION_SETTINGS['PERMISSION_IP_2']

Aries/Aries/urls.py

@@ -7,7 +7,8 @@
 admin.autodiscover()
 import views
 urlpatterns = [
-    url(r'^admin/', include(admin.site.urls)),
+    #url(r'^admin/', include(admin.site.urls)),
+    url(r'^admin/', views.permission_check),
     url(r'^v1/user_auth/', include('user_auth.urls')),
     url(r'^v1/hdfs/', include('hdfs.urls')),
     url(r'^v1/codis/', include('codis.urls')),

Aries/Aries/views.py

@@ -9,6 +9,7 @@
 from user_auth.models import *
 from ldap_client import ldap_get_vaild
 from django.views.decorators.csrf import ensure_csrf_cookie
+from django.conf import settings
 
 def is_admin(account,cur_space_in):
     is_supper = 0
@@ -170,3 +171,17 @@ def index(request):
         user = ""
     user = json.dumps(user)
     return render_to_response('index/index.html',locals())
+
+def permission_check(request):
+    from django.contrib import admin
+    from django.conf.urls import patterns,url,include
+    import urls
+    admin.autodiscover()
+    if request.META.has_key('HTTP_X_FORWARDED_FOR'):
+        ip =  request.META['HTTP_X_FORWARDED_FOR']
+    else:
+        ip = request.META['REMOTE_ADDR']
+    if not ip.startswith(settings.PERMISSION_IP_1) and not ip.startswith(settings.PERMISSION_IP_2):
+        return HttpResponse('<h2>Outer Net Is Not Allowed</h2>')
+    else:
+        urls.urlpatterns[0] =  url(r'^admin/', include(admin.site.urls))

sbin/Aries.yaml

@@ -72,3 +72,6 @@ OPENSTACK:
   IP_CINDER:  "192.168.190.11"
   PORT_CINDER: 8776
 
+PERMISSION:
+  PERMISSION_IP_1: "192."
+  PERMISSION_IP_2: "10."