Navigation

← Previous Changeset
Next Changeset →

Changeset 126

Timestamp:

06/16/05 03:26:22 (3 years ago)

Author:

athomas

Message:

Closes #10, #2
<eol> is now always GROUP 10010
Miscellaneous changes.

Files:

fwc/trunk/Config.py (modified) (3 diffs)
fwc/trunk/Engine.py (modified) (14 diffs)
fwc/trunk/Firewall.py (modified) (2 diffs)
fwc/trunk/LinuxIPTables.py (modified) (1 diff)
fwc/trunk/util.py (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

fwc/trunk/Config.py

r125	r126
35	35	def __getattr__(self, name):
36	36	return self.__store[name].value
37
38	37	__getitem__ = __getattr__
39	38
…	…
45	44	if not re.match(v.constraint, value): raise Config.InvalidValue('Invalid value "%s" for "%s"' % (value, name))
46	45	v.value = value
47
48	46	__setitem__ = __setattr__
49	47
…	…
51	49	return iter(self.__store)
52	50
53		def __del__(self, key):
	51	def __delattr__(self, key):
54	52	del(self.__store[key])
55
56		__delitem__ = __del__
	53	__delitem__ = __delattr__
57	54
58	55	def iteritems(self):

fwc/trunk/Engine.py

r125	r126
203	203	JUMP : 'commands',
204	204	JUMP_TO : 'source',
205		GROUP : 20,
	205	GROUP : 5,
206	206	'port' : {
207	207	GROUP : 20,
…	…
223	223	GROUP : 20,
224	224	PORT : {
	225	GROUP : 5,
225	226	HELP : help_port,
226	227	LABEL : 'sports',
…	…
247	248	UNLESS_VAR : [ 'dport', 'destination' ],
248	249	NETWORK : {
249		GROUP : 20,
	250	GROUP : 5,
250	251	LABEL : 'destination',
251	252	VAR : 'destination',
…	…
255	256	GROUP : 20,
256	257	PORT : {
	258	GROUP : 5,
257	259	LABEL : 'dport',
258	260	VAR : 'dport',
…	…
269	271	GROUP : 20,
270	272	PORT : {
	273	GROUP : 5,
271	274	LABEL : 'dports',
272	275	VAR : 'dport',
…	…
380	383	's\|'.join(Resolver.get_object_types()) + 's\|all' : {
381	384	ORDER : 10,
	385	GROUP : 10,
382	386	VAR : 'type',
383	387	HELP : lambda ctx: [(x + 's', 'List %s objects' % x) for x in Resolver.get_object_types()] + [ ('all', 'All object types.') ],
…	…
390	394	},
391	395	'.+' : {
	396	GROUP : 20,
392	397	ORDER : 20,
393	398	VAR : 'filter',
…	…
450	455	},
451	456	},
452		'unset' : {
453		GROUP : 10,
454		HELP : 'Unset a firewall setting.',
455		IF : have_firewall,
456		lambda ctx, setting: setting in self.firewall.config and not self.firewall.config.readonly(setting): {
457		VAR : 'setting',
458		HELP : lambda ctx: [ (v, 'Unset ' + self.firewall.config.help(v)) for v in self.firewall.config if not self.firewall.config.readonly(v) ],
459		ACTION : self.__firewall_unset,
460		}
461		},
	457	# We probably don't want to let firewall settings be unset
	458	# 'unset' : {
	459	# GROUP : 10,
	460	# HELP : 'Unset a firewall setting.',
	461	# IF : have_firewall,
	462	# lambda ctx, setting: setting in self.firewall.config and not self.firewall.config.readonly(setting): {
	463	# VAR : 'setting',
	464	# HELP : lambda ctx: [ (v, 'Unset ' + self.firewall.config.help(v)) for v in self.firewall.config if not self.firewall.config.readonly(v) ],
	465	# ACTION : self.__firewall_unset,
	466	# }
	467	# },
462	468	'acquire' : {
463	469	HELP : 'Acquire a firewall for management.',
…	…
523	529
524	530	def __list_firewalls(self, ctx):
525		for fw in sorted(self.__firewalls.values(), lambda a, b: cmp(a.~~name, b~~.name)):
	531	for fw in sorted(self.__firewalls.values(), lambda a, b: cmp(a.config.name, b.config.name)):
526	532	if self.firewall == fw:
527	533	out = '^B*^B '
…	…
530	536	out += '^B%s^B ^B%s^B ^B%s^B' % (fw.config.name, fw.config.type, fw.config.ip)
531	537	if fw.config.description:
532		out += ~~' description ^B"%s"^B'~~ % fw.config.description
	538	out += " description ^B'%s'^B" % fw.config.description
533	539	cprint(out)
534	540
…	…
603	609	source = source, sport = sport, in_if = in_if,
604	610	destination = destination, dport = dport, out_if = out_if,
	611	log = log,
605	612	**argd),
606	613	where, index)
…	…
669	676
670	677	def check_port_protocol(ctx):
671		return 'protocol' in ctx and c~~ontext~~['protocol'] in [ 'tcp', 'udp' ]
	678	return 'protocol' in ctx and ctx['protocol'] in [ 'tcp', 'udp' ]
672	679
673	680	def have_firewall(ctx):
…	…
715	722	help = {}
716	723	for name, fw in Engine()._Engine__firewalls.iteritems():
717		if fw.description:
718		help[name] = fw.description
	724	if fw.config.description:
	725	help[name] = fw.config.description
719	726	else:
720		help[name] = "Firewall %s" % fw.name
	727	help[name] = "Firewall %s" % fw.config.name
721	728	if Engine().firewall == fw:
722	729	help[name] += ' ^B(current)^B'
…	…
748	755	def PORT_RANGE(ctx, str):
749	756	range = str.split('-')
750		return PORT(ctx, range[0]) and (len(range) < 2 or len(range) > 1 and PORT(c~~ontext~~, range[1]))
	757	return PORT(ctx, range[0]) and (len(range) < 2 or len(range) > 1 and PORT(ctx, range[1]))
751	758
752	759	def RULE(ctx, str):

fwc/trunk/Firewall.py

r125	r126
3	3	from Object import Object
4	4	from util import *
5		import re
	5	import textwrap
6	6
7	7	class Firewall:
…	…
104	104
105	105	def describe_rule(self, rule, pretty = True):
106		~~description = "^B%s^B" % rule.action~~
	106	out = [ "^B%s^B" % rule.action ]
107	107	if rule.protocol:
108	108	try:
109		~~description += ' protocol ^B%s^B' % int(rule.protocol~~)
	109	out.append('protocol ^B%s^B' % int(rule.protocol))
110	110	except:
111		~~description += " ^B" + rule.protocol + "^B"~~
	111	out.append("^B%s^B" % rule.protocol)
112	112	if rule.source or rule.sport:
113		~~description += "~~ from"
	113	text = "from"
114	114	if rule.source:
115		~~description~~ += " ^B" + ' '.join(rule.source) + "^B"
	115	text += " ^B" + ' '.join(rule.source) + "^B"
116	116	if rule.sport:
117		description += " port ^B" + ' '.join(rule.sport) + "^B"
	117	text += " port ^B" + ' '.join(rule.sport) + "^B"
	118	out.append(text)
118	119	if rule.in_if:
119		~~description += " in ^B%s^B" % ' '.join(rule.in_if~~)
	120	out.append("in ^B%s^B" % ' '.join(rule.in_if))
120	121	if rule.destination or rule.dport:
121		~~description += "~~ to"
	122	text = "to"
122	123	if rule.destination:
123		~~description~~ += " ^B" + ' '.join(rule.destination) + "^B"
	124	text += " ^B" + ' '.join(rule.destination) + "^B"
124	125	if rule.dport:
125		description += " port ^B" + ' '.join(rule.dport) + "^B"
	126	text += " port ^B" + ' '.join(rule.dport) + "^B"
	127	out.append(text)
126	128	if rule.out_if:
127		~~description += " out ^B%s^B" % ' '.join(rule.out_if~~)
	129	out.append("out ^B%s^B" % ' '.join(rule.out_if))
128	130	if rule.reject_type:
129		~~description += "~~ with ^B%s^B" % rule.reject_type
	131	text = "with ^B%s^B" % rule.reject_type
130	132	if rule.reject_subtype:
131		description += " ^B%s^B" % rule.reject_subtype
	133	text += " ^B%s^B" % rule.reject_subtype
	134	out.append(text)
132	135	if rule.log:
133		~~description += "~~ log"
	136	text = "log"
134	137	if type(rule.log) is str:
135		description += " message ^B'%s'^B" % rule.log
	138	text += " message ^B^6'%s'^N" % rule.log
	139	out.append(text)
136	140	if rule.description:
137		~~description += " description ^B'%s'^B" % rule.description~~
	141	out.append("description ^B^6'%s'^N" % rule.description)
138	142	if not pretty:
139		~~description = re.sub(r'\^.', '', description)~~
140		return ~~description~~
	143	out = [cprintstrip(x) for x in out]
	144	return out
141	145
142	146	def list_rules(self):
	147	if 'COLS' in os.environ:
	148	cols = os.environ['COLS']
	149	else:
	150	cols = 80
143	151	for ruleno, rule in enumerate(self.__rules):
144		cprint("^B%3i:^B %s" % (ruleno, self.describe_rule(rule)))
	152	prefix = '^B%3i:^B' % ruleno
	153	text = ''
	154	length = 0
	155	for e in self.describe_rule(rule):
	156	length += clen(str(e)) + 1
	157	if text and length + 4 >= cols:
	158	cprint(prefix + text + ' ^B^4\\^N')
	159	prefix = ' ' * 6
	160	text = ''
	161	length = 6 + clen(str(e)) + 1
	162	text += ' ' + str(e)
	163	if text:
	164	cprint(prefix + text)
145	165
146	166	def get_rules(self):

fwc/trunk/LinuxIPTables.py

r125	r126
63	63	self.resolver.add_object(Object(Object.INTERFACE, self.config.name, allifs, 'All interfaces on %s' % self.config.name))
64	64	self.resolver.add_object(Object(Object.NETWORK, self.config.name, allifs, 'All IP addresses on %s' % self.config.name))
65		info("Added interface and network objects: %s" % ', '.join(allifs + [self.config.name]))
	65	info("Added interface and network objects: ^B%s^B" % ', '.join(allifs + [self.config.name]))
66	66
67	67	def describe_rule(self, rule, pretty = True):
68		~~description~~ = Firewall.describe_rule(self, rule, pretty)
	68	out = Firewall.describe_rule(self, rule, pretty)
69	69	if rule.state:
70		~~description += ' state ^B' + ' '.join(rule.state) + '^B'~~
71		return ~~description~~
	70	out.append('state ^B' + ' '.join(rule.state) + '^B')
	71	return out

fwc/trunk/util.py

r125	r126
673	673	(If you want different formats in different columns, don't use
674	674	print_table.) sep is the separator between columns."""
675		if table:
676		justs = [if_(isnumber(x), 'rjust', 'ljust') for x in table[0]]
677		elif header:
678		justs = ['ljust' for x in header]
679		else:
680		justs = []
	675	justs = [if_(isnumber(x), 'rjust', 'ljust') for x in table[0]]
681	676	if header:
682	677	table = [header] + table
…	…
803	798	cwrite(sys.stdout, *(args + ('\n',)))
804	799
	800	def cprintstrip(*args):
	801	return __cprint_strip.sub('', ' '.join(map(str, args)))
	802
	803	def clen(arg):
	804	return len(cprintstrip(arg))
805	805
806	806	def error(*args):
…	…
842	842	process = Popen4(command)
843	843	rc = process.wait()
	844	if rc != os.EX_OK: return (rc, None)
844	845	return (rc, process.fromchild.readlines())
845	846

Navigation

Changeset 126

Legend:

fwc/trunk/Config.py

fwc/trunk/Engine.py

fwc/trunk/Firewall.py

fwc/trunk/LinuxIPTables.py

fwc/trunk/util.py

Download in other formats: