def __init__(self):
self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF)
self.ip4tables_backend = ipXtables.ip4tables(self)
self.ip4tables_enabled = True
self.ip4tables_supported_icmp_types = []
self.ip6tables_backend = ipXtables.ip6tables(self)
self.ip6tables_enabled = True
self.ip6tables_supported_icmp_types = []
self.ebtables_backend = ebtables.ebtables()
self.ebtables_enabled = True
self.ipset_backend = ipset.ipset()
self.ipset_enabled = True
self.ipset_supported_types = []
self.nftables_backend = nftables.nftables(self)
self.nftables_enabled = True
self.modules_backend = modules.modules()
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.ipset = FirewallIPSet(self)
self.helper = FirewallHelper(self)
self.__init_vars()
def __init__(self):
self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF)
self.ip4tables_backend = ipXtables.ip4tables()
self.ip4tables_enabled = True
self.ip6tables_backend = ipXtables.ip6tables()
self.ip6tables_enabled = True
self.ebtables_backend = ebtables.ebtables()
self.ebtables_enabled = True
self.ipset_backend = ipset.ipset()
self.ipset_enabled = True
self.ipset_supported_types = []
self.available_tables = {}
self.available_tables[
"ipv4"] = self.ip4tables_backend.available_tables()
self.available_tables[
"ipv6"] = self.ip6tables_backend.available_tables()
self.available_tables["eb"] = self.ebtables_backend.available_tables()
self.modules_backend = modules.modules()
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.ipset = FirewallIPSet(self)
self.__init_vars()
def __init__(self):
self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF)
self.ip4tables_backend = ipXtables.ip4tables()
self.ip4tables_enabled = True
self.ip6tables_backend = ipXtables.ip6tables()
self.ip6tables_enabled = True
self.ebtables_backend = ebtables.ebtables()
self.ebtables_enabled = True
self.ipset_backend = ipset.ipset()
self.ipset_enabled = True
self.ipset_supported_types = [ ]
self.available_tables = { }
self.available_tables["ipv4"] = self.ip4tables_backend.available_tables()
self.available_tables["ipv6"] = self.ip6tables_backend.available_tables()
self.available_tables["eb"] = self.ebtables_backend.available_tables()
self.modules_backend = modules.modules()
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.ipset = FirewallIPSet(self)
self.helper = FirewallHelper(self)
self.__init_vars()
def __init__(self):
self._firewalld_conf = firewalld_conf(FIREWALLD_CONF)
self.ip4tables_enabled = False
self.ip6tables_enabled = False
self.ebtables_enabled = False
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.__init_vars()
def __init__(self):
self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF)
self.ip4tables_enabled = False
self.ip6tables_enabled = False
self.ebtables_enabled = False
self.ipset_enabled = False
self.ipset_supported_types = IPSET_TYPES
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.ipset = FirewallIPSet(self)
self.helper = FirewallHelper(self)
self.__init_vars()
def __init__(self):
self._firewalld_conf = firewalld_conf(FIREWALLD_CONF)
self._ip4tables = ipXtables.ip4tables()
self.ip4tables_enabled = True
self._ip6tables = ipXtables.ip6tables()
self.ip6tables_enabled = True
self._ebtables = ebtables.ebtables()
self.ebtables_enabled = True
self._ipset = ipset.ipset()
self.ipset_enabled = True
self._modules = modules.modules()
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.ipset = FirewallIPSet(self)
self.__init_vars()
def __init__(self):
self._firewalld_conf = firewalld_conf(FIREWALLD_CONF)
self._ip4tables = ipXtables.ip4tables()
self.ip4tables_enabled = True
self._ip6tables = ipXtables.ip6tables()
self.ip6tables_enabled = True
self._ebtables = ebtables.ebtables()
self.ebtables_enabled = True
self._ipset = ipset.ipset()
self.ipset_enabled = True
self._modules = modules.modules()
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.ipset = FirewallIPSet(self)
self.__init_vars()
def __init__(self):
self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF)
self.ip4tables_enabled = False
self.ip6tables_enabled = False
self.ebtables_enabled = False
self.ipset_enabled = False
self.ipset_supported_types = IPSET_TYPES
self.available_tables = { }
self.available_tables["ipv4"] = [ ]
self.available_tables["ipv6"] = [ ]
self.available_tables["eb"] = [ ]
self.icmptype = FirewallIcmpType(self)
self.service = FirewallService(self)
self.zone = FirewallZone(self)
self.direct = FirewallDirect(self)
self.config = FirewallConfig(self)
self.policies = FirewallPolicies()
self.ipset = FirewallIPSet(self)
self.__init_vars()
def check_config(fw):
fw_config = FirewallConfig(fw)
readers = {
"ipset": {
"reader": ipset_reader,
"add": fw_config.add_ipset,
"dirs": [config.FIREWALLD_IPSETS, config.ETC_FIREWALLD_IPSETS],
},
"helper": {
"reader": helper_reader,
"add": fw_config.add_helper,
"dirs": [config.FIREWALLD_HELPERS, config.ETC_FIREWALLD_HELPERS],
},
"icmptype": {
"reader": icmptype_reader,
"add": fw_config.add_icmptype,
"dirs":
[config.FIREWALLD_ICMPTYPES, config.ETC_FIREWALLD_ICMPTYPES],
},
"service": {
"reader": service_reader,
"add": fw_config.add_service,
"dirs": [config.FIREWALLD_SERVICES, config.ETC_FIREWALLD_SERVICES],
},
"zone": {
"reader": zone_reader,
"add": fw_config.add_zone,
"dirs": [config.FIREWALLD_ZONES, config.ETC_FIREWALLD_ZONES],
},
"policy": {
"reader": policy_reader,
"add": fw_config.add_policy_object,
"dirs": [config.FIREWALLD_POLICIES, config.ETC_FIREWALLD_POLICIES],
},
}
for reader in readers.keys():
for _dir in readers[reader]["dirs"]:
if not os.path.isdir(_dir):
continue
for file in sorted(os.listdir(_dir)):
if file.endswith(".xml"):
try:
obj = readers[reader]["reader"](file, _dir)
if reader in ["zone", "policy"]:
obj.fw_config = fw_config
obj.check_config(obj.export_config())
readers[reader]["add"](obj)
except FirewallError as error:
raise FirewallError(error.code,
"'%s': %s" % (file, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (file, msg))
if os.path.isfile(config.FIREWALLD_DIRECT):
try:
obj = Direct(config.FIREWALLD_DIRECT)
obj.read()
obj.check_config(obj.export_config())
except FirewallError as error:
raise FirewallError(
error.code, "'%s': %s" % (config.FIREWALLD_DIRECT, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (config.FIREWALLD_DIRECT, msg))
if os.path.isfile(config.LOCKDOWN_WHITELIST):
try:
obj = LockdownWhitelist(config.LOCKDOWN_WHITELIST)
obj.read()
obj.check_config(obj.export_config())
except FirewallError as error:
raise FirewallError(
error.code,
"'%s': %s" % (config.LOCKDOWN_WHITELIST, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (config.LOCKDOWN_WHITELIST, msg))
if os.path.isfile(config.FIREWALLD_CONF):
try:
obj = firewalld_conf(config.FIREWALLD_CONF)
obj.read()
except FirewallError as error:
raise FirewallError(
error.code, "'%s': %s" % (config.FIREWALLD_CONF, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (config.FIREWALLD_CONF, msg))
def check_config(fw=None):
readers = {
"ipset":
(ipset_reader, [config.FIREWALLD_IPSETS, config.ETC_FIREWALLD_IPSETS]),
"helper": (helper_reader,
[config.FIREWALLD_HELPERS, config.ETC_FIREWALLD_HELPERS]),
"icmptype":
(icmptype_reader,
[config.FIREWALLD_ICMPTYPES, config.ETC_FIREWALLD_ICMPTYPES]),
"service": (service_reader,
[config.FIREWALLD_SERVICES,
config.ETC_FIREWALLD_SERVICES]),
"zone":
(zone_reader, [config.FIREWALLD_ZONES, config.ETC_FIREWALLD_ZONES]),
}
for reader in readers.keys():
for dir in readers[reader][1]:
if not os.path.isdir(dir):
continue
for file in sorted(os.listdir(dir)):
if file.endswith(".xml"):
try:
obj = readers[reader][0](file, dir)
if fw and reader == "zone":
obj.fw_config = fw.config
obj.check_config(obj.export_config())
except FirewallError as error:
raise FirewallError(error.code,
"'%s': %s" % (file, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (file, msg))
if os.path.isfile(config.FIREWALLD_DIRECT):
try:
obj = Direct(config.FIREWALLD_DIRECT)
obj.read()
obj.check_config(obj.export_config())
except FirewallError as error:
raise FirewallError(
error.code, "'%s': %s" % (config.FIREWALLD_DIRECT, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (config.FIREWALLD_DIRECT, msg))
if os.path.isfile(config.LOCKDOWN_WHITELIST):
try:
obj = LockdownWhitelist(config.LOCKDOWN_WHITELIST)
obj.read()
obj.check_config(obj.export_config())
except FirewallError as error:
raise FirewallError(
error.code,
"'%s': %s" % (config.LOCKDOWN_WHITELIST, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (config.LOCKDOWN_WHITELIST, msg))
if os.path.isfile(config.FIREWALLD_CONF):
try:
obj = firewalld_conf(config.FIREWALLD_CONF)
obj.read()
except FirewallError as error:
raise FirewallError(
error.code, "'%s': %s" % (config.FIREWALLD_CONF, error.msg))
except Exception as msg:
raise Exception("'%s': %s" % (config.FIREWALLD_CONF, msg))
