def check_compatibility():
for service in ('local_unbound', 'pf'):
if not output('sysrc', '-n', '%s_enable' % service).strip() == 'YES':
raise CompatibilityException(
"mjail requires {service}\n"
"run:\n"
" sysrc {service}_enable=YES\n".format(service=service))
def pf_conf_path(cls):
try:
return output('sysrc', '-n', 'pf_rules').strip()
except CalledProcessError as exc:
if exc.returncode == 1:
return '/etc/pf.conf'
else:
raise
def pf_conf_path(cls):
try:
return output('sysrc', '-n', 'pf_rules').strip()
except CalledProcessError as exc:
if exc.returncode == 1:
return '/etc/pf.conf'
else:
raise
def get_ext_if():
route_table = output('netstat', '-rn')
try:
return next(line[3]
for line in (l.split() for l in route_table.split('\n'))
if (len(line) >= 4 and line[0] == 'default'
and re.match(r'^%s$' % _ip_reg, line[1])))
except StopIteration:
raise NoDefaultGatewayError
def check_compatibility():
for service in ('local_unbound', 'pf'):
if not output('sysrc', '-n', '%s_enable' % service).strip() == 'YES':
raise CompatibilityException(
"mjail requires {service}\n"
"run:\n"
" sysrc {service}_enable=YES\n"
.format(service = service)
)
def jails_network4():
try:
cloned_if_params = output('sysrc', '-n', 'ifconfig_%s' % cloned_if())
except CalledProcessError:
raise NoIPv4JailNetwork
else:
gd = (re.match(
r'^inet\s+(?P<inet>{ip_reg})\s+netmask\s+(?P<netmask>{ip_reg})'.
format(ip_reg=_ip_reg), cloned_if_params).groupdict())
return IPv4Network((gd['inet'], gd['netmask']), strict=False)
def jails_network6():
try:
cloned_if_params = output('sysrc', '-n',
'ifconfig_%s_ipv6' % cloned_if())
except CalledProcessError:
raise NoIPv6JailNetwork
else:
gd = (re.match(
r'^inet6\s+(?P<inet6>{ip6_reg})\s+prefixlen\s+(?P<prefixlen>\d+)'.
format(ip6_reg=_ip6_reg), cloned_if_params).groupdict())
return IPv6Network(gd['inet6'] + '/' + gd['prefixlen'], strict=False)
def get_ext_if():
route_table = output('netstat', '-rn')
try:
return next(
line[3]
for line in (
l.split() for l in route_table.split('\n')
)
if (
len(line) >= 4
and
line[0] == 'default'
and
re.match(r'^%s$' % _ip_reg, line[1])
)
)
except StopIteration:
raise NoDefaultGatewayError
def external_interface_ip6s():
"""
returns a list of IPv6Address instances: the list of global scope IPv6 addresses
of the external interface
"""
result = []
lines = output('ifconfig', get_ext_if()).split('\n')
for line in lines:
mobj = re.match(r'^\s*inet6\s([0-9a-f:]+)', line)
if mobj:
try:
address = IPv6Address(mobj.group(1))
except AddressValueError:
pass
else:
if address.is_global:
result.append(address)
return result
def local_unbound_enabled():
return output('sysrc', '-n', 'local_unbound_enable').strip() == 'YES'
def current_release(cls):
return output('uname', '-r').split('-RELEASE')[0] + '-RELEASE'
def interface_ip4():
strg = output('sysrc', '-n', 'ifconfig_%s' % cloned_if()).strip()
return re.match(
'^inet\s(?P<ip4>{ip_reg})\s*(netmask {ip_reg})?$'.format(ip_reg = _ip_reg),
strg
).groupdict()['ip4']
def pf_is_running():
return output('service', 'pf', 'status').startswith(
'Status: Enabled'
)
def interface_ip4():
strg = output('sysrc', '-n', 'ifconfig_%s' % cloned_if()).strip()
return re.match(
r'^inet\s(?P<ip4>{ip_reg})\s*(netmask {ip_reg})?$'.format(
ip_reg=_ip_reg), strg).groupdict()['ip4']
def pf_is_running():
return output('service', 'pf', 'status').startswith('Status: Enabled')
def current_release(cls):
return output('uname', '-r').split('-RELEASE')[0] + '-RELEASE'