def profile_rule_update(name):
"""Update the rules on the profile"""
try:
profile = client.get_profile(name)
except KeyError:
print "Profile %s not found." % name
sys.exit(1)
# Read in the JSON from standard in.
rules_str = sys.stdin.read()
rules = Rules.from_json(rules_str)
if rules.id != name:
print 'Rules JSON "id"=%s doesn\'t match profile name %s.' % \
(rules.id, name)
sys.exit(1)
profile.rules = rules
client.profile_update_rules(profile)
print "Successfully updated rules on profile %s" % name
def profile_rule_update(name):
"""Update the rules on the profile"""
try:
profile = client.get_profile(name)
except KeyError:
print "Profile %s not found." % name
sys.exit(1)
# Read in the JSON from standard in.
rules_str = sys.stdin.read()
rules = Rules.from_json(rules_str)
if rules.id != name:
print 'Rules JSON "id"=%s doesn\'t match profile name %s.' % \
(rules.id, name)
sys.exit(1)
profile.rules = rules
client.profile_update_rules(profile)
print "Successfully updated rules on profile %s" % name
def update_rules(self):
"""
Update the tags in the profile.
:return:
"""
client.profile_update_rules(self._translate_profile_for_datastore())
def profile_rule_add_remove(operation,
name,
position,
action,
direction,
protocol=None,
icmp_type=None,
icmp_code=None,
src_net=None,
src_tag=None,
src_ports=None,
dst_net=None,
dst_tag=None,
dst_ports=None):
"""
Add or remove a rule from a profile.
Arguments not documented below are passed through to the rule.
:param operation: "add" or "remove".
:param name: Name of the profile.
:param position: Position to insert/remove rule or None for the default.
:param action: Rule action: "allow" or "deny".
:param direction: "inbound" or "outbound".
:return:
"""
if icmp_type is not None:
icmp_type = int(icmp_type)
if icmp_code is not None:
icmp_code = int(icmp_code)
# Convert the input into a Rule.
rule_dict = {
k: v
for (k, v) in locals().iteritems()
if k in Rule.ALLOWED_KEYS and v is not None
}
rule_dict["action"] = action
if (protocol not in ("tcp", "udp")) and (src_ports is not None
or dst_ports is not None):
print "Ports are not valid with protocol %r" % protocol
sys.exit(1)
rule = Rule(**rule_dict)
# Get the profile.
try:
profile = client.get_profile(name)
except KeyError:
print "Profile %s not found." % name
sys.exit(1)
if direction == "inbound":
rules = profile.rules.inbound_rules
else:
rules = profile.rules.outbound_rules
if operation == "add":
if position is None:
# Default to append.
position = len(rules) + 1
if not 0 < position <= len(rules) + 1:
print "Position %s is out-of-range." % position
if rule in rules:
print "Rule already present, skipping."
return
rules.insert(position - 1, rule) # Accepts 0 and len(rules).
else:
# Remove.
if position is not None:
# Position can only be used on its own so no need to examine the
# rule.
if 0 < position <= len(rules): # 1-indexed
rules.pop(position - 1)
else:
print "Rule position out-of-range."
else:
# Attempt to match the rule.
try:
rules.remove(rule)
except ValueError:
print "Rule not found."
sys.exit(1)
client.profile_update_rules(profile)
def profile_rule_add_remove(
operation,
name, position, action, direction,
protocol=None,
icmp_type=None, icmp_code=None,
src_net=None, src_tag=None, src_ports=None,
dst_net=None, dst_tag=None, dst_ports=None):
"""
Add or remove a rule from a profile.
Arguments not documented below are passed through to the rule.
:param operation: "add" or "remove".
:param name: Name of the profile.
:param position: Position to insert/remove rule or None for the default.
:param action: Rule action: "allow" or "deny".
:param direction: "inbound" or "outbound".
:return:
"""
if icmp_type is not None:
icmp_type = int(icmp_type)
if icmp_code is not None:
icmp_code = int(icmp_code)
# Convert the input into a Rule.
rule_dict = {k: v for (k, v) in locals().iteritems()
if k in Rule.ALLOWED_KEYS and v is not None}
rule_dict["action"] = action
if (protocol not in ("tcp", "udp")) and (src_ports is not None or
dst_ports is not None):
print "Ports are not valid with protocol %r" % protocol
sys.exit(1)
rule = Rule(**rule_dict)
# Get the profile.
try:
profile = client.get_profile(name)
except KeyError:
print "Profile %s not found." % name
sys.exit(1)
if direction == "inbound":
rules = profile.rules.inbound_rules
else:
rules = profile.rules.outbound_rules
if operation == "add":
if position is None:
# Default to append.
position = len(rules) + 1
if not 0 < position <= len(rules) + 1:
print "Position %s is out-of-range." % position
if rule in rules:
print "Rule already present, skipping."
return
rules.insert(position - 1, rule) # Accepts 0 and len(rules).
else:
# Remove.
if position is not None:
# Position can only be used on its own so no need to examine the
# rule.
if 0 < position <= len(rules): # 1-indexed
rules.pop(position - 1)
else:
print "Rule position out-of-range."
else:
# Attempt to match the rule.
try:
rules.remove(rule)
except ValueError:
print "Rule not found."
sys.exit(1)
client.profile_update_rules(profile)
def update_rules(self):
"""
Update the tags in the profile.
:return:
"""
client.profile_update_rules(self._translate_profile_for_datastore())
