自动放行nginx后台访问ip

由于公司外网地址是动态变化的，但又必须做到仅公司能访问，以下是实现方式

获取公司外网ip

#!/usr/local/bin/python3
# coding:utf-8


# ====================================================
# Author: chang - EMail:changbo@hmg100.com
# Last modified: 2017-04-28
# Filename: getoutip.py
# Description: get out ip,base requests ,json, time, pymysql, socket
# blog:http://www.cnblogs.com/changbo
# ====================================================

# import socket
# import requests
# import json
import time
import pymysql
import socket


port = xxxx
host = 'x.x.x.x'


def getOut():
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((host, port))
    data = 'hi'
    s.send(str(data).encode('utf-8'))
    results = s.recv(1024)
    getip = str(results, 'utf-8')
    s.close()

    nowtime = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))
    db = pymysql.connect('x.x.x.x', 'root', 'xxxxx', 'yunwei')
    # print(nowtime)
    # url = "https://ipinfo.io"
    
    iplist = []
    # r = requests.get(url)
    # getip = json.loads(r.text)
    
    sql1 = 'select ip from wan_ip'
    sql2 = "INSERT INTO wan_ip(ip, time) VALUES('%s', '%s')" % (getip, nowtime)
    cursor = db.cursor()
    cursor.execute(sql1)
    datad = cursor.fetchall()
    for i in datad:
        iplist.append(i[0])
    
    if getip not in iplist:
        cursor.execute(sql2)
        db.commit()
        db.close()
      
def getOutwan():
    time.sleep(120)
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((host, port))
    data = 'hi'
    s.send(str(data).encode('utf-8'))
    results = s.recv(1024)
    getip = str(results, 'utf-8')
    s.close()

    nowtime = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))
    db = pymysql.connect('x.x.x.x', 'xxxx', 'xxxx', 'yunwei')
    # print(nowtime)
    # url = "https://ipinfo.io"

    iplist = []
    # r = requests.get(url)
    # getip = json.loads(r.text)

    sql1 = 'select ip from wan_ip'
    sql2 = "INSERT INTO wan_ip(ip, time) VALUES('%s', '%s')" % (getip, nowtime)
    cursor = db.cursor()
    cursor.execute(sql1)
    datad = cursor.fetchall()
    for i in datad:
        iplist.append(i[0])

    if getip not in iplist:
        cursor.execute(sql2)
        db.commit()
        db.close()

if __name__ == '__main__':
    getOut()
    getOutwan()

发送公网外网ip

#!/usr/local/bin/python3

import socket
import threading

# ====================================================
# Author: chang - EMail:changbo@hmg100.com
# Last modified: 2017-04-28
# Filename: sendoutip.py
# Description: send u out ip ,base socket
# blog:http://www.cnblogs.com/changbo
# ====================================================

port = xxxx
host = 'x.x.x.x'


def sendOut():
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.bind((host, port))
    s.listen(5)

    while True:
        connection, address = s.accept()
        ip, _ = address
        ip = (str(ip)).encode('utf-8')
        while True:
            try:
                data = connection.recv(1024)
                if not data:
                    break
                connection.send(ip)
            except Exception as e:
                pass
            # s.close()
        connection.close()
        continue
    s.close()

if __name__ == '__main__':
   t = threading.Thread(target=sendOut)
   t.start()    

自动修改nginx可访问ip

#!/usr/local/bin/python3
# coding:utf-8

# ====================================================
# Author: chang - EMail:changbo@hmg100.com
# Last modified: 2017-04-28
# Filename: changehoutaiip.py
# Description: change nginx access web ip,base re ,pymysql, subprocess
# blog:http://www.cnblogs.com/changbo
# ====================================================

import re
import pymysql
import subprocess

def GetNginxAddr():
    with open('/var/openresty/nginx/conf/nginx.conf') as f:
        lines = f.readlines()
        for line in lines:
            temline = line.split(')')
            if '$remote_addr !~* ' in temline[0] and '#' not in temline[0]:
                ipadd = re.findall(r'\d+.\d+.\d+.\d+', temline[0])
                return ipadd[0]


# print(GetNginxAddr())


def GetNowWanAddr():
    db = pymysql.connect('x.x.x.x', 'xxxx', 'xxxx', 'yunwei')
    sql1 = 'select ip from wan_ip ORDER by id desc limit 1'

    cursor = db.cursor()
    cursor.execute(sql1)
    datad = cursor.fetchone()
    datad = '%s' % datad
    return datad


# print(GetNowWanAddr())

oldip = GetNginxAddr()
newip = GetNowWanAddr()


# print(oldip, newip)


def alter(file, oldstr, newstr):
    file_data = ""
    if oldstr != newstr:
        with open(file) as f:
            lines = f.readlines()
            for line in lines:
                temline = line.split(')')
                if '$remote_addr !~* ' in temline[0] and '#' not in temline[0]:
                    line = line.replace("if ($remote_addr !~* '" + oldip + "'){",
                                        "if ($remote_addr !~* '" + newip + "'){")
                file_data += line
        with open(file, "w") as f:
            f.write(file_data)
        subprocess.Popen("/var/openresty/nginx/sbin/nginx -s reload", shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
    else:
        pass

alter("/var/openresty/nginx/conf/nginx.conf", oldip, newip)

END!