def form_addSNAT(self, data):
form = formal.Form()
ifs = []
for i in Utils.getInterfaces():
if 'eth' in i or 'tap' in i: # Only allow tap and eth binds...
ifs.append((i, i))
form.addField('dstif', formal.String(required=True), formal.widgetFactory(formal.SelectChoice, options = ifs), label = "External Interface",
description = "The interface to which this traffic will be NATed. (Generaly the outside/internet interface)")
form.addField('dstip', formal.String(required=True, validators=[PageHelpers.IPValidator()]), label = "External IP",
description = "The IP to which this traffic will be NATed")
form.addField('srcip', formal.String(required=True, strip=True, validators=[PageHelpers.IPValidator()]), label = "Source IP", description = ["The source IP you would like to NAT to and from."])
form.addField('all', formal.Boolean(), label = "Any Interface",
description = "Tick this if the rule should apply to all interfaces and not just the External Interface.")
form.addField('local', formal.Boolean(), label = "Use Internal", description = "Apply this NAT rule to this servers traffic as well.")
form.data['local'] = False
form.data['all'] = False
form.addAction(self.submitSNAT)
return form
def createForm(form):
form.addField('domain',
formal.String(strip=True),
label="Domain",
description="Domain name")
form.addField(
'netbios',
formal.String(strip=True, validators=[PageHelpers.IPValidator()]),
label="Windows Server",
description="A windows server (if any) to delegate for WINS and Netbios"
)
form.addField('nameserver',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="DNS Server",
description="DNS server")
form.addField('network',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="Network address")
form.addField('netmask',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="Subnet mask")
form.addField('rangeStart', formal.String(), label="Start IP")
form.addField('rangeEnd', formal.String(), label="End IP")
form.addField('gateway',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="Default gateway")
def form_forwardPort(self, data):
form = formal.Form()
form.addField(
'szone',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice, options=self.getZones()),
label="Source Zone",
description="Source zone from which this rule will catch packets. "
)
form.addField(
'dzone',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice, options=self.getZones()),
label="Destination Zone",
description=
"Destination Zone to which this rule will forward packets.")
form.addField(
'port',
formal.String(strip=True,
validators=[PageHelpers.PortRangeValidator()]),
label="Port",
description=
"TCP/UDP port to forward. Blank for protocol forward (like PPTP). Use separate ranges with a colon."
)
form.addField('destip',
formal.String(required=True,
strip=True,
validators=[PageHelpers.IPValidator()]),
label="Forward To",
description="Destination IP address to forward to")
form.addField(
'dstport',
formal.String(strip=True,
validators=[PageHelpers.PortValidator()]),
label="Forward To:Port",
description="TCP/UDP port to forward to. Blank for the same port.")
form.addField('sourceip',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="Destination IP",
description="External IP to forward from")
form.addField('source',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="Source IP",
description="External IP to accept connections from")
form.addField('proto',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice,
options=self.protocols),
label="Protocol")
form.data['proto'] = 'tcp'
form.data['szone'] = 'net'
form.data['dzone'] = 'loc'
form.addAction(self.submitForwardPort)
return form
def form_vpnForm(self, data):
""" OpenVPN (Vulani VPN) form"""
form = formal.Form()
form.addField('openvpn', formal.Boolean(), label = self.text.vpnLabelOpenvpn, description=self.text.vpnDescripOpenvpn)
form.addField('iprange1', formal.String(required=True), label = self.text.vpnRangeStart)
form.addField('iprange2', formal.String(required=True), label = self.text.vpnRangeTo)
form.addField('mtu', formal.String(), label = self.text.vpnMTU)
form.addField('WINS', formal.String(strip=True, validators=[PageHelpers.IPValidator()]), label = self.text.vpnWINSServer)
form.addField('DNS', formal.String(), label = self.text.vpnDNSServer)
form.addField('DOMAIN', formal.String(), label = self.text.vpnDomain)
form.addField('tcp', formal.Boolean(), label = "Use TCP", description = "Use TCP instead of UDP for connections. Not recommended, but helps with connection issues from high packet-loss sites like GPRS or 3G, at the expense of performance. TCP port 1194 needs to be opened in the firewall for this to be successful")
def returnForm(result):
print result
conf, routes = result
form.addField(
'routes', formal.Sequence(formal.String()),
formal.widgetFactory(formal.CheckboxMultiChoice, [(i,i) for i in routes]),
label = self.text.vpnRoutesPush
)
form.data = conf
form.addAction(self.submitForm)
return form
return VPN.get_openvpn_settings(self.sysconf).addBoth(returnForm)
def form_addVLAN(self, data):
form = formal.Form()
form.addField('interface',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice,
options=[
(i, i)
for i in Utils.getInterfaces()
if not i == "lo"
]),
label="Attached Interface")
form.addField('vlan', formal.Integer(), label="VLAN Number")
form.addField('ip',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="IP Address")
form.addField('netmask',
formal.String(),
label="Netmask",
description="Netmask or CIDR bitmask for this range")
form.addField('dhcpserver',
formal.Boolean(),
label="DHCP Server",
description="Serve DHCP on this interface")
form.addAction(self.submitVlan)
return form
def form_parp(self, data):
form = formal.Form()
ifs = []
for i in Utils.getInterfaces():
if 'eth' in i or 'tap' in i: # Only allow tap and eth binds...
ifs.append((i, i))
form.addField('ip',
formal.String(required=True,
strip=True,
validators=[PageHelpers.IPValidator()]),
label="IP Address")
form.addField(
'extif',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice, options=ifs),
label="External Interface",
description=
"The interface where this server will advertise availability of this IP address"
)
form.addField(
'intif',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice, options=ifs),
label="Internal Interface",
description=
"The interface to which this IP address will be routed (Where the server binding this IP address is)"
)
form.addAction(self.submitProxyARP)
return form
def form_neigh(self, data):
form = formal.Form()
form.addField('ip',
formal.String(required=True,
validators=[PageHelpers.IPValidator()]),
label="Remote IP")
form.addField(
'asn',
formal.String(),
label="Remote AS",
description=
"Remote AS number of peer. Leave blank for the same AS as this router"
)
#form.addField('hold', formal.Integer(required=True), label = "Hold time", description="Override the Hold timer for this peer (default 120)")
#form.data['hold'] = 120
form.addField(
'multihop',
formal.Boolean(),
label="EBGP Multihop",
description="Set this if the peer is more than 1 hop away")
form.addField(
'nexthop',
formal.String(),
label="Next-Hop",
description=
"Set this to an IP if you want to rewrite the next-hop of routes coming in from this peer. This is useful for route servers."
)
form.addAction(self.submitNeigh)
return form
def form_statroutes(self, data):
form = formal.Form()
form.addField(
'dest',
formal.String(required=True,
strip=True,
validators=[PageHelpers.IPMaskValidator()]),
label="Destination network",
description=
"Destination network in CIDR or '0.0.0.0/0' for the default route."
)
form.addField('gate',
formal.String(validators=[PageHelpers.IPValidator()]),
label="Gateway",
description="Gateway to forward this network to")
ifs = []
for i in Utils.getInterfaces():
if 'eth' or 'ppp': # Only allow ppp and eth binds...
ifs.append((i, i))
form.addField(
'device',
formal.String(),
formal.widgetFactory(formal.SelectChoice, options=ifs),
label="Device",
description=
"Device to forward this traffic to, or the interface to assign this route to"
)
form.addAction(self.submitRoute)
return form
def form_editDomain(self, data):
form = formal.Form()
form.addField('name',
formal.String(required=True),
label="Server name",
description="Server Name")
form.addField(
'memory',
formal.Integer(),
label="Memory",
description=
"Amount of reserved memory in MB (swap is always equal to this)")
form.addField('ip',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="IP",
description="IP address (leave blank to use DHCP).")
form.data = self.sysconf.General.get('xen',
{}).get('images',
{}).get(self.name, {})
form.data['name'] = self.name
form.addAction(self.submitDomain)
return form
def form_bgp(self, data):
form = formal.Form()
form.addField('as', formal.String(required=True), label = "AS Number")
form.addField('id', formal.String(required=True, strip=True, validators=[PageHelpers.IPValidator()]), label = "Router ID", description = "IP that is used to peered with this router")
form.addAction(self.submitAS)
return form
def form_newXen(self, data):
form = formal.Form()
if os.path.exists("/usr/lib/xen-tools"):
tools = os.listdir("/usr/lib/xen-tools/")
dists = ['hvm']
for n in tools:
if n[-2:] == '.d':
dists.append(n.split('.')[0])
distSelect = [(i, i.capitalize()) for i in dists]
else:
distSelect = [("ERROR", "Xen not active!")]
form.addField('name',
formal.String(required=True),
label="Server name",
description="Server Name")
#form.addField('lva', formal.String(), label = "Volume Group", description = "The LVM VG to use (blank to use an image)")
form.addField('distribution',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice,
options=distSelect),
label="Distribution",
description="Xen image type")
form.addField(
'memory',
formal.Integer(required=True),
label="Memory",
description=
"Amount of reserved memory in MB (swap is always equal to this)")
form.addField('disk',
formal.Integer(required=True),
label="Disk",
description="Amount of disk space in GB")
form.addField('ip',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="IP",
description="IP address (leave blank to use DHCP).")
form.addField(
'password',
formal.String(),
label="Password",
description="A root password for the machine (leave blank on HVM)."
)
form.data['distribution'] = 'etch'
form.addAction(self.submitNewXen)
return form
def form_addUser(self, data):
""" Form for adding a user"""
form = formal.Form()
form.addField('name', formal.String(required=True), label = self.text.vpnName)
form.addField('mail', formal.String(), label = self.text.vpnMail)
form.addField('ip', formal.String(strip=True, validators=[PageHelpers.IPValidator()]), label = self.text.vpnStaticIP)
form.addField('mailKey', formal.Boolean(), label = self.text.vpnMailQuestion)
form.addAction(self.newCert)
return form
def form_addInterface(self, data):
form = formal.Form()
form.addField('interface',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice,
options=[
(i, i)
for i in Utils.getInterfaces()
if not i == "lo"
]),
label="Interface")
form.addField(
'dhcp',
formal.Boolean(),
label="DHCP",
description="Use DHCP to discover an IP address for this interface"
)
form.addField('ip',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="IP Address")
try:
if Settings.capabilities.get('ipv6', False):
form.addField('ipv6',
formal.String(),
label="IPv6 Address",
description="IPv6 address for this interface")
form.addField('ipv6adv',
formal.Boolean(),
label="Announce prefix",
description="Announce prefix on this interface")
except:
pass
form.addField('netmask',
formal.String(),
label="Netmask",
description="Netmask or CIDR bitmask for this range")
form.addField(
'mtu',
formal.Integer(),
label="MTU",
description=
"Set this interfaces MTU. Value must be between 1200 and 1500.")
form.addField('dhcpserver',
formal.Boolean(),
label="DHCP Server",
description="Serve DHCP on this interface")
form.addAction(self.submitForm)
return form
def form_tunnelConf(self, data):
form = formal.Form()
form.addField('remoteip',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="Remote IPv4 address")
form.addField('localip',
formal.String(strip=True,
validators=[PageHelpers.IPValidator()]),
label="Local IPv4 address")
form.addField('localv6', formal.String(), label="IPv6 address")
form.addAction(self.submitTunnel)
if self.sysconf.Tunnel.get('ipv6', False):
form.data['remoteip'] = self.sysconf.Tunnel['ipv6'].get(
'remoteip', '')
form.data['localip'] = self.sysconf.Tunnel['ipv6'].get(
'localip', '')
form.data['localv6'] = self.sysconf.Tunnel['ipv6'].get(
'localv6', '')
return form
def addForm(self, form):
form.addField('server',
formal.String(required=True,
strip=True,
validators=[PageHelpers.IPValidator()]),
label="Server IP",
description="IP address of branch server.")
form.addField(
'relays',
formal.String(),
label="Relay servers",
description=
"A comma separated list of servers to relay this mail to. If left blank, the server IP will be used"
)
def addForm(self, form):
form.addField('hostname',
formal.String(required=True),
label="Hostname")
form.addField(
'mac',
formal.String(required=True),
label="Mac address",
description="Hardware address of host. Must be colon (:) delimited."
)
form.addField('ip',
formal.String(required=True,
strip=True,
validators=[PageHelpers.IPValidator()]),
label="IP Address")
def form_statroutes(self, data):
form = formal.Form()
form.addField('dest', formal.String(required=True, strip=True, validators=[PageHelpers.IPMaskValidator()]), label = "Destination network", description = "Destination network in CIDR")
form.addField('gate', formal.String(validators=[PageHelpers.IPValidator()]), label = "Gateway", description = "Gateway to forward this network to")
ifs = [(i,i) for i in self.sysconf.WANDevices.keys()]
form.addField('device', formal.String(),
formal.widgetFactory(formal.SelectChoice, options = ifs), label = "Device",
description = "Device to forward this traffic to - do not specify a gateway as well as this field")
form.addAction(self.submitRoute)
return form
def form_addTun(self, data):
form = formal.Form()
form.addField('name', formal.String(required=True), label = "Tunnel name")
form.addField('endpoint', formal.String(strip=True, validators=[PageHelpers.IPValidator()]), label = "Tunnel endpoint",
description = "IP address or hostname of the remote computer")
form.addField('type', formal.String(required=True), formal.widgetFactory(formal.SelectChoice, options = [
('openvpn','OpenVPN'),
('l2tp', 'L2TP'),
#('pptp', 'PPTP'),
#('sit', 'SIT'),
#('gre', 'GRE'),
]), label = "Type",
description = "The type of tunnel to use")
form.data['type'] = 'openvpn'
form.addField('default', formal.Boolean(), label = "Default route",
description = "If set will route all traffic over the link once it is established. If you only need specific routes then add them with the Routing tool.")
# JS will enable these for pptp or l2tp
form.addField('username', formal.String(), label = "Username")
form.addField('password', formal.String(), label = "Password")
# JS will enable these for OpenVPN
form.addField('proto', formal.String(required=True), formal.widgetFactory(formal.SelectChoice, options = [
('udp', 'UDP'),
('tcp', 'TCP')
]), label = "Protocol", description="The layer 3 protocol to use for this connection. Usuauly UDP")
form.data['proto'] = 'udp'
form.addField('CA', formal.File(), formal.FileUploadWidget, label = "Remote CA")
form.addField('crt', formal.File(), formal.FileUploadWidget, label = "Local certificate")
form.addField('key', formal.File(), formal.FileUploadWidget, label = "Local key")
form.addAction(self.submitTunnel)
return form
def form_modInterface(self, data):
form = formal.Form()
form.addField('dhcp', formal.Boolean(), label="DHCP")
form.addField(
'interior',
formal.Boolean(),
label="Interior",
description=
"Tick this if the interface in question is an interior LAN interface"
)
form.addField(
'ip',
formal.String(strip=True,
validators=[PageHelpers.IPMaskValidator()]),
label="IP Address",
description="IP address for this interface as CIDR (x.x.x.x/y)")
try:
if Settings.capabilities.get('ipv6', False):
form.addField('ipv6',
formal.String(),
label="IPv6 Address",
description="IPv6 address for this interface")
form.addField('ipv6adv',
formal.Boolean(),
label="Announce prefix",
description="Announce prefix on this interface")
except:
# No capability setting
pass
form.addField(
'gateway',
formal.String(strip=True, validators=[PageHelpers.IPValidator()]),
label="Default Gateway",
description=
"IP Address that should be used to route default traffic from this server. This will over-write any other default gateways configured in this profile."
)
form.addField(
'netmask',
formal.String(strip=True,
validators=[PageHelpers.IPMaskValidator()]),
label="Network Address",
description=
"Network address for this interface (Required if DHCP selected)")
form.addField(
'ipAlias',
formal.String(),
label="IP Alias",
description=
"Alias for this interface as CIDR (x.x.x.x/y). Separate multiple aliases with a comma"
)
form.addField(
'mtu',
formal.Integer(),
label="MTU",
description=
"Set this interfaces MTU. Value must be between 1200 and 1500.")
form.addField('dhcpserver',
formal.Boolean(),
label="DHCP Server",
description="Serve DHCP on this interface")
form.addField('firewallPolicy',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice,
options=[('ACCEPT', 'Accept All'),
('DROP', 'Deny All')]),
label="Default firewall policy")
form.addField('firewallZone',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice,
options=self.getZones()),
label="Firewall Zone")
form.data = {}
lp = self.sysconf.LANPrimary
if self.iface in lp:
form.data['interior'] = True
ifDetail = self.sysconf.EthernetDevices.get(self.iface, {})
print ifDetail
if ifDetail.get('type', '') == "dhcp":
form.data['dhcp'] = True
form.data['dhcpserver'] = ifDetail.get('dhcpserver', False)
if ifDetail.get('ip', False):
form.data['ip'] = ifDetail.get('ip', '')
if ifDetail.get('network', False):
form.data['netmask'] = ifDetail.get('network', '')
if ifDetail.get('routes', False):
routes = ifDetail.get('routes', False)
for dest, gw in routes:
if dest == "default":
form.data['gateway'] = gw
break
if ifDetail.get('aliases', False):
form.data['ipAlias'] = ', '.join(ifDetail['aliases'])
try:
if Settings.capabilities.get('ipv6', False):
if ifDetail.get('ipv6', False):
form.data['ipv6'] = ifDetail['ipv6']
if ifDetail.get('ipv6adv', False):
form.data['ipv6adv'] = True
except:
pass
wallZones = self.sysconf.Shorewall['zones']
for i, v in wallZones.items():
for k in v['interfaces']:
if self.iface in k:
form.data['firewallZone'] = i
form.data['firewallPolicy'] = wallZones[i]['policy']
form.addAction(self.submitForm)
return form
