def test_add_removeRule(self):
self.fw_direct.addRule("ipv4", "filter", "direct_foo1", 0, [ "-m", "tcp", "-p", "tcp", "--dport", "332", "-j", "ACCEPT" ])
self.fw_direct.addRule("ipv4", "filter", "direct_foo1", 0, [ "-m", "tcp", "-p", "tcp", "--dport", "333", "-j", "ACCEPT" ])
self.fw_direct.addRule("ipv4", "filter", "direct_foo1", 1, [ "-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT" ])
self.fw_direct.addRule("ipv4", "filter", "direct_foo1", -5, [ "-m", "tcp", "-p", "tcp", "--dport", "331", "-j", "ACCEPT" ])
self.fw_direct.addRule("ipv4", "filter", "direct_foo1", -10, [ "-m", "tcp", "-p", "tcp", "--dport", "330", "-j", "ACCEPT" ])
self.fw_direct.addRule("ipv4", "filter", "direct_foo1", -5, [ "-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT" ])
# Re-adding
self.assertRaisesRegexp(Exception, 'ALREADY_ENABLED',
self.fw_direct.addRule, "ipv4", "filter", "direct_foo1", -5, [ "-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT" ])
ret = self.fw_direct.queryRule("ipv4", "filter", "direct_foo1", -5, [ "-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT" ])
self.assertFalse(dbus_to_python(ret))
ret = self.fw_direct.getRules("ipv4", "filter", "direct_foo1")
self.assertTrue(len(ret) == 6)
#pprint (dbus_to_python(ret))
self.fw_direct.removeRule("ipv4", "filter", "direct_foo1", -10, [ "-m", "tcp", "-p", "tcp", "--dport", "330", "-j", "ACCEPT" ])
self.fw_direct.removeRule("ipv4", "filter", "direct_foo1", -5, [ "-m", "tcp", "-p", "tcp", "--dport", "331", "-j", "ACCEPT" ])
self.fw_direct.removeRule("ipv4", "filter", "direct_foo1", -5, [ "-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT" ])
self.fw_direct.removeRule("ipv4", "filter", "direct_foo1", 0, [ "-m", "tcp", "-p", "tcp", "--dport", "332", "-j", "ACCEPT" ])
self.fw_direct.removeRule("ipv4", "filter", "direct_foo1", 0, [ "-m", "tcp", "-p", "tcp", "--dport", "333", "-j", "ACCEPT" ])
self.fw_direct.removeRule("ipv4", "filter", "direct_foo1", 1, [ "-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT" ])
# Re-removing
self.assertRaisesRegexp(Exception, 'NOT_ENABLED',
self.fw_direct.removeRule, "ipv4", "filter", "direct_foo1", 1, [ "-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT" ])
ret = self.fw_direct.queryRule("ipv4", "filter", "direct_foo1", 1, [ "-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT" ])
self.assertFalse(dbus_to_python(ret))
ret = self.fw_direct.getRules("ipv4", "filter", "direct_foo1")
self.assertTrue(ret == [])
def Get(self, interface_name, property_name, sender=None):
# get a property
interface_name = dbus_to_python(interface_name)
property_name = dbus_to_python(property_name)
log.debug1("config.service.%d.Get('%s', '%s')", self.id,
interface_name, property_name)
if interface_name != DBUS_INTERFACE_CONFIG_SERVICE:
raise dbus.exceptions.DBusException(
"org.freedesktop.DBus.Error.UnknownInterface: "
"FirewallD does not implement %s" % interface_name)
if property_name == "name":
return self.obj.name
elif property_name == "filename":
return self.obj.filename
elif property_name == "path":
return self.obj.path
elif property_name == "default":
return self.obj.default
elif property_name == "builtin":
return self.config.is_builtin_service(self.obj)
else:
raise dbus.exceptions.DBusException(
"org.freedesktop.DBus.Error.AccessDenied: "
"Property '%s' isn't exported (or may not exist)" % \
property_name)
def queryPassthrough(self, ipv, args, sender=None):
ipv = dbus_to_python(ipv)
args = dbus_to_python(args)
log.debug1("config.direct.queryPassthrough('%s', '%s')" % \
(ipv, "','".join(args)))
idx = (ipv, args)
return idx in self.getSettings()[2]
def queryOption(self, key, value, sender=None): # pylint: disable=W0613
key = dbus_to_python(key, str)
value = dbus_to_python(value, str)
log.debug1("%s.queryOption('%s', '%s')", self._log_prefix, key,
value)
settings = list(self.getSettings())
return (key in settings[4] and settings[4][key] == value)
def PropertiesChanged(self, interface_name, changed_properties,
invalidated_properties):
interface_name = dbus_to_python(interface_name, str)
changed_properties = dbus_to_python(changed_properties)
invalidated_properties = dbus_to_python(invalidated_properties)
log.debug1("%s.PropertiesChanged('%s', '%s', '%s')", self._log_prefix,
interface_name, changed_properties, invalidated_properties)
def queryOption(self, key, value, sender=None):
key = dbus_to_python(key, str)
value = dbus_to_python(value, str)
log.debug1("config.ipset.%d.queryOption('%s', '%s')", self.id, key,
value)
settings = list(self.getSettings())
return (key in settings[4] and settings[4][key] == value)
def queryDestination(self, family, address, sender=None):
family = dbus_to_python(family, str)
address = dbus_to_python(address, str)
log.debug1("config.service.%d.queryDestination('%s', '%s')", self.id,
family, address)
settings = self.getSettings()
return (family in settings[5] and
address == settings[5][family])
def queryChain(self, ipv, table, chain, sender=None):
ipv = dbus_to_python(ipv)
table = dbus_to_python(table)
chain = dbus_to_python(chain)
log.debug1("config.direct.queryChain('%s', '%s', '%s')" % \
(ipv, table, chain))
idx = tuple((ipv, table, chain))
return idx in self.getSettings()[0]
def queryDestination(self, family, address, sender=None): # pylint: disable=W0613
family = dbus_to_python(family, str)
address = dbus_to_python(address, str)
log.debug1("%s.queryDestination('%s', '%s')", self._log_prefix,
family, address)
settings = self.getSettings()
return (family in settings[5] and
address == settings[5][family])
def getChains(self, ipv, table, sender=None):
ipv = dbus_to_python(ipv)
table = dbus_to_python(table)
log.debug1("config.direct.getChains('%s', '%s')" % (ipv, table))
ret = [ ]
for idx in self.getSettings()[0]:
if idx[0] == ipv and idx[1] == table:
ret.append(idx[2])
return ret
def queryForwardPort(self, port, protocol, toport, toaddr, sender=None): # pylint: disable=W0613, R0913
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
toport = dbus_to_python(toport, str)
toaddr = dbus_to_python(toaddr, str)
log.debug1("%s.queryForwardPort('%s', '%s', '%s', '%s')",
self._log_prefix, port, protocol, toport, toaddr)
fwp_id = (port, protocol, str(toport), str(toaddr))
return fwp_id in self.getSettings()[9]
def addIPSet(self, ipset, settings, sender=None):
"""add ipset with given name and settings
"""
ipset = dbus_to_python(ipset, str)
settings = dbus_to_python(settings)
log.debug1("config.addIPSet('%s')", ipset)
self.accessCheck(sender)
obj = self.config.new_ipset(ipset, settings)
config_ipset = self._addIPSet(obj)
return config_ipset
def queryForwardPort(self, port, protocol, toport, toaddr, sender=None):
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
toport = dbus_to_python(toport, str)
toaddr = dbus_to_python(toaddr, str)
log.debug1("config.zone.%d.queryForwardPort('%s', '%s', '%s', '%s')",
self.id, port, protocol, toport, toaddr)
fwp_id = (portStr(port, "-"), protocol, portStr(toport, "-"),
str(toaddr))
return fwp_id in self.getSettings()[9]
def addIcmpType(self, icmptype, settings, sender=None):
"""add icmptype with given name and settings
"""
icmptype = dbus_to_python(icmptype, str)
settings = dbus_to_python(settings)
log.debug1("config.addIcmpType('%s')", icmptype)
self.accessCheck(sender)
obj = self.config.new_icmptype(icmptype, settings)
config_icmptype = self._addIcmpType(obj)
return config_icmptype
def addZone(self, zone, settings, sender=None):
"""add zone with given name and settings
"""
zone = dbus_to_python(zone)
settings = dbus_to_python(settings)
log.debug1("config.addZone('%s')", zone)
self.accessCheck(sender)
obj = self.config.new_zone(zone, settings)
config_zone = self._addZone(obj)
return config_zone
def addService(self, service, settings, sender=None):
"""add service with given name and settings
"""
service = dbus_to_python(service, str)
settings = dbus_to_python(settings)
log.debug1("config.addService('%s')", service)
self.accessCheck(sender)
obj = self.config.new_service(service, settings)
config_service = self._addService(obj)
return config_service
def queryRule(self, ipv, table, chain, priority, args, sender=None):
ipv = dbus_to_python(ipv)
table = dbus_to_python(table)
chain = dbus_to_python(chain)
priority = dbus_to_python(priority)
args = dbus_to_python(args)
log.debug1("config.direct.queryRule('%s', '%s', '%s', %d, '%s')" % \
(ipv, table, chain, priority, "','".join(args)))
idx = (ipv, table, chain, priority, args)
return idx in self.getSettings()[1]
def removeRules(self, ipv, table, chain, sender=None):
ipv = dbus_to_python(ipv)
table = dbus_to_python(table)
chain = dbus_to_python(chain)
log.debug1("config.direct.removeRules('%s', '%s', '%s')" %
(ipv, table, chain, ))
self.accessCheck(sender)
settings = list(self.getSettings())
settings[1] = []
self.update(tuple(settings))
def addOption(self, key, value, sender=None):
key = dbus_to_python(key, str)
value = dbus_to_python(value, str)
log.debug1("config.ipset.%d.addOption('%s', '%s')", self.id, key, value)
self.parent.accessCheck(sender)
settings = list(self.getSettings())
if key in settings[4] and settings[4][key] == value:
raise FirewallError(ALREADY_ENABLED, "'%s': '%s'" % (key, value))
settings[4][key] = value
self.update(settings)
def setDestination(self, family, address, sender=None):
family = dbus_to_python(family, str)
address = dbus_to_python(address, str)
log.debug1("config.service.%d.setDestination('%s', '%s')", self.id,
family, address)
self.parent.accessCheck(sender)
settings = list(self.getSettings())
if family in settings[5]:
raise FirewallError(ALREADY_ENABLED, family)
settings[5][family] = address
self.update(settings)
def removeSourcePort(self, port, protocol, sender=None):
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
log.debug1("%s.removeSourcePort('%s', '%s')", self._log_prefix, port,
protocol)
self.parent.accessCheck(sender)
settings = list(self.getSettings())
if (port,protocol) not in settings[7]:
raise FirewallError(errors.NOT_ENABLED, "%s:%s" % (port, protocol))
settings[7].remove((port,protocol))
self.update(settings)
def removePort(self, port, protocol, sender=None):
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
log.debug1("config.service.%d.removePort('%s', '%s')", self.id, port,
protocol)
self.parent.accessCheck(sender)
settings = list(self.getSettings())
if (port,protocol) not in settings[3]:
raise FirewallError(NOT_ENABLED, "%s:%s" % (port, protocol))
settings[3].remove((port,protocol))
self.update(settings)
def getRules(self, ipv, table, chain, sender=None):
ipv = dbus_to_python(ipv)
table = dbus_to_python(table)
chain = dbus_to_python(chain)
log.debug1("config.direct.getRules('%s', '%s', '%s')" % \
(ipv, table, chain))
ret = [ ]
for idx in self.getSettings()[1]:
if idx[0] == ipv and idx[1] == table and idx[2] == chain:
ret.append((idx[3], idx[4]))
return ret
def addPort(self, port, protocol, sender=None):
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
log.debug1("config.zone.%d.addPort('%s', '%s')", self.id, port,
protocol)
self.parent.accessCheck(sender)
settings = list(self.getSettings())
if (port,protocol) in settings[6]:
raise FirewallError(ALREADY_ENABLED, "%s:%s" % (port, protocol))
settings[6].append((port,protocol))
self.update(settings)
def setDestination(self, family, address, sender=None):
family = dbus_to_python(family, str)
address = dbus_to_python(address, str)
log.debug1("%s.setDestination('%s', '%s')", self._log_prefix,
family, address)
self.parent.accessCheck(sender)
settings = list(self.getSettings())
if family in settings[5] and settings[5][family] == address:
raise FirewallError(errors.ALREADY_ENABLED,
"'%s': '%s'" % (family, address))
settings[5][family] = address
self.update(settings)
def Get(self, interface_name, property_name, sender=None):
# get a property
interface_name = dbus_to_python(interface_name, str)
property_name = dbus_to_python(property_name, str)
log.debug1("config.Get('%s', '%s')", interface_name, property_name)
if interface_name != DBUS_INTERFACE_CONFIG:
raise dbus.exceptions.DBusException(
"org.freedesktop.DBus.Error.UnknownInterface: "
"FirewallD does not implement %s" % interface_name)
return self._get_property(property_name)
def addSourcePort(self, port, protocol, sender=None):
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
log.debug1("%s.addSourcePort('%s', '%s')", self._log_prefix, port,
protocol)
self.parent.accessCheck(sender)
settings = list(self.getSettings())
if (port,protocol) in settings[14]:
raise FirewallError(errors.ALREADY_ENABLED,
"%s:%s" % (port, protocol))
settings[14].append((port,protocol))
self.update(settings)
def Get(self, interface_name, property_name, sender=None): # pylint: disable=W0613
# get a property
interface_name = dbus_to_python(interface_name, str)
property_name = dbus_to_python(property_name, str)
log.debug1("%s.Get('%s', '%s')", self._log_prefix,
interface_name, property_name)
if interface_name != config.dbus.DBUS_INTERFACE_CONFIG_ZONE:
raise dbus.exceptions.DBusException(
"org.freedesktop.DBus.Error.UnknownInterface: "
"Interface '%s' does not exist" % interface_name)
return self._get_property(property_name)
def removePassthrough(self, ipv, args, sender=None):
ipv = dbus_to_python(ipv)
args = dbus_to_python(args)
log.debug1("config.direct.removePassthrough('%s', '%s')" % \
(ipv, "','".join(args)))
self.accessCheck(sender)
idx = (ipv, args)
settings = list(self.getSettings())
if idx not in settings[2]:
raise FirewallError(NOT_ENABLED,
"passthrough '%s', '%s'" % (ipv, args))
settings[2].remove(idx)
self.update(settings)
def removeChain(self, ipv, table, chain, sender=None):
ipv = dbus_to_python(ipv)
table = dbus_to_python(table)
chain = dbus_to_python(chain)
log.debug1("config.direct.removeChain('%s', '%s', '%s')" % \
(ipv, table, chain))
self.accessCheck(sender)
idx = tuple((ipv, table, chain))
settings = list(self.getSettings())
if idx not in settings[0]:
raise FirewallError(NOT_ENABLED,
"chain '%s' is not in '%s:%s'" % (chain, ipv, table))
settings[0].remove(idx)
self.update(settings)
def queryModule(self, module, sender=None):
module = dbus_to_python(module, str)
log.debug1("config.service.%d.queryModule('%s')", self.id, module)
return module in self.getSettings()[4]
def queryInterface(self, interface, sender=None):
interface = dbus_to_python(interface, str)
log.debug1("config.zone.%d.queryInterface('%s')", self.id, interface)
return interface in self.getSettings()[10]
def querySource(self, source, sender=None):
source = dbus_to_python(source, str)
log.debug1("config.zone.%d.querySource('%s')", self.id, source)
return source in self.getSettings()[11]
def queryDestination(self, destination, sender=None): # pylint: disable=W0613
destination = dbus_to_python(destination, str)
log.debug1("%s.queryDestination('%s')", self._log_prefix, destination)
settings = self.getSettings()
# empty means all
return (not settings[3] or destination in settings[3])
def IPSetAdded(self, ipset):
ipset = dbus_to_python(ipset, str)
log.debug1("config.IPSetAdded('%s')" % (ipset))
def queryLockdownWhitelistUid(self, uid, sender=None):
uid = dbus_to_python(uid)
log.debug1("config.policies.queryLockdownWhitelistUid(%d)", uid)
return uid in self.getLockdownWhitelist()[3]
def queryProtocol(self, protocol, sender=None): # pylint: disable=W0613
protocol = dbus_to_python(protocol, str)
log.debug1("%s.queryProtocol(%s')", self._log_prefix, protocol)
return protocol in self.getSettings()[6]
def queryFamily(self, ipv, sender=None): # pylint: disable=W0613
ipv = dbus_to_python(ipv, str)
log.debug1("%s.queryFamily('%s')", self._log_prefix, ipv)
settings = self.getSettings()
return (settings[3] == ipv)
def queryPort(self, port, protocol, sender=None):
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
log.debug1("config.service.%d.queryPort('%s', '%s')", self.id, port,
protocol)
return (port,protocol) in self.getSettings()[3]
def queryLockdownWhitelistContext(self, context, sender=None):
context = dbus_to_python(context)
log.debug1("config.policies.queryLockdownWhitelistContext('%s')",
context)
return context in self.getLockdownWhitelist()[1]
def test_add_removeRule(self):
self.fw_direct.addRule(
"ipv4", "filter", "direct_foo1", 0,
["-m", "tcp", "-p", "tcp", "--dport", "332", "-j", "ACCEPT"])
self.fw_direct.addRule(
"ipv4", "filter", "direct_foo1", 0,
["-m", "tcp", "-p", "tcp", "--dport", "333", "-j", "ACCEPT"])
self.fw_direct.addRule(
"ipv4", "filter", "direct_foo1", 1,
["-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT"])
self.fw_direct.addRule(
"ipv4", "filter", "direct_foo1", -5,
["-m", "tcp", "-p", "tcp", "--dport", "331", "-j", "ACCEPT"])
self.fw_direct.addRule(
"ipv4", "filter", "direct_foo1", -10,
["-m", "tcp", "-p", "tcp", "--dport", "330", "-j", "ACCEPT"])
self.fw_direct.addRule(
"ipv4", "filter", "direct_foo1", -5,
["-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT"])
# Re-adding
self.assertRaisesRegexp(
Exception, 'ALREADY_ENABLED', self.fw_direct.addRule, "ipv4",
"filter", "direct_foo1", -5,
["-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT"])
ret = self.fw_direct.queryRule(
"ipv4", "filter", "direct_foo1", -5,
["-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT"])
self.assertTrue(dbus_to_python(ret))
ret = self.fw_direct.getRules("ipv4", "filter", "direct_foo1")
self.assertTrue(len(ret) == 6)
#pprint (dbus_to_python(ret))
self.fw_direct.removeRule(
"ipv4", "filter", "direct_foo1", -10,
["-m", "tcp", "-p", "tcp", "--dport", "330", "-j", "ACCEPT"])
self.fw_direct.removeRule(
"ipv4", "filter", "direct_foo1", -5,
["-m", "tcp", "-p", "tcp", "--dport", "331", "-j", "ACCEPT"])
self.fw_direct.removeRule(
"ipv4", "filter", "direct_foo1", -5,
["-m", "udp", "-p", "udp", "--dport", "331", "-j", "ACCEPT"])
self.fw_direct.removeRule(
"ipv4", "filter", "direct_foo1", 0,
["-m", "tcp", "-p", "tcp", "--dport", "332", "-j", "ACCEPT"])
self.fw_direct.removeRule(
"ipv4", "filter", "direct_foo1", 0,
["-m", "tcp", "-p", "tcp", "--dport", "333", "-j", "ACCEPT"])
self.fw_direct.removeRule(
"ipv4", "filter", "direct_foo1", 1,
["-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT"])
# Re-removing
self.assertRaisesRegexp(
Exception, 'NOT_ENABLED', self.fw_direct.removeRule, "ipv4",
"filter", "direct_foo1", 1,
["-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT"])
ret = self.fw_direct.queryRule(
"ipv4", "filter", "direct_foo1", 1,
["-m", "tcp", "-p", "tcp", "--dport", "334", "-j", "ACCEPT"])
self.assertFalse(dbus_to_python(ret))
ret = self.fw_direct.getRules("ipv4", "filter", "direct_foo1")
self.assertTrue(ret == [])
def querySource(self, source, sender=None): # pylint: disable=W0613
source = dbus_to_python(source, str)
log.debug1("%s.querySource('%s')", self._log_prefix, source)
return source in self.getSettings()[11]
def queryProtocol(self, protocol, sender=None):
protocol = dbus_to_python(protocol, str)
log.debug1("config.service.%d.queryProtocol(%s')", self.id, protocol)
return protocol in self.getSettings()[6]
def queryModule(self, module, sender=None): # pylint: disable=W0613
module = dbus_to_python(module, str)
log.debug1("%s.queryModule('%s')", self._log_prefix, module)
return module in self.getSettings()[4]
def querySourcePort(self, port, protocol, sender=None): # pylint: disable=W0613
port = dbus_to_python(port, str)
protocol = dbus_to_python(protocol, str)
log.debug1("%s.querySourcePort('%s', '%s')", self._log_prefix, port,
protocol)
return (port,protocol) in self.getSettings()[7]
def queryIcmpBlock(self, icmptype, sender=None): # pylint: disable=W0613
icmptype = dbus_to_python(icmptype, str)
log.debug1("%s.queryIcmpBlock('%s')", self._log_prefix, icmptype)
return icmptype in self.getSettings()[7]
def queryIcmpBlock(self, icmptype, sender=None):
icmptype = dbus_to_python(icmptype, str)
log.debug1("config.zone.%d.removeIcmpBlock('%s')", self.id, icmptype)
return icmptype in self.getSettings()[7]
def queryRichRule(self, rule, sender=None): # pylint: disable=W0613
rule = dbus_to_python(rule, str)
log.debug1("%s.queryRichRule('%s')", self._log_prefix, rule)
rule_str = str(Rich_Rule(rule_str=rule))
return rule_str in self.getSettings()[12]
def queryInterface(self, interface, sender=None): # pylint: disable=W0613
interface = dbus_to_python(interface, str)
log.debug1("%s.queryInterface('%s')", self._log_prefix, interface)
return interface in self.getSettings()[10]
def queryLockdownWhitelistCommand(self, command, sender=None):
command = dbus_to_python(command)
log.debug1("config.policies.queryLockdownWhitelistCommand('%s')",
command)
return command in self.getLockdownWhitelist()[0]
def queryLockdownWhitelistUser(self, user, sender=None):
user = dbus_to_python(user)
log.debug1("config.policies.queryLockdownWhitelistUser('%s')", user)
return user in self.getLockdownWhitelist()[2]
def test_zone_getZones(self):
z = self.fw_zone.getZones()
print("\nZones:")
pprint(dbus_to_python(z))
def queryOption(self, key, value, sender=None): # pylint: disable=W0613
key = dbus_to_python(key, str)
value = dbus_to_python(value, str)
log.debug1("%s.queryOption('%s', '%s')", self._log_prefix, key, value)
settings = list(self.getSettings())
return (key in settings[4] and settings[4][key] == value)
def queryRichRule(self, rule, sender=None):
rule = dbus_to_python(rule, str)
log.debug1("config.zone.%d.queryRichRule('%s')", self.id, rule)
rule_str = str(Rich_Rule(rule_str=rule))
return rule_str in self.getSettings()[12]
def setLockdownWhitelist(self, settings, sender=None):
log.debug1("config.policies.setLockdownWhitelist(...)")
settings = dbus_to_python(settings)
self.config.get_policies().lockdown_whitelist.import_config(settings)
self.config.get_policies().lockdown_whitelist.write()
self.LockdownWhitelistUpdated()
def queryEntry(self, entry, sender=None):
entry = dbus_to_python(entry, str)
log.debug1("config.ipset.%d.queryEntry('%s')", self.id, entry)
return entry in self.getSettings()[5]
