Beispiel #1
0
 def __init__(self, resources, netcfg, loader_context=None):
     attr = {
         'id': u'Firewall',
         'editable': False,
     }
     Resource.__init__(self, resources, resources, self, attr, loader_context)
     self.allow_child = False
     self.address_types = set((INTERFACE_ADDRESS, IPV4_ADDRESS, IPV6_ADDRESS))
     self.addresses = list(netcfg.iterAddresses())
Beispiel #2
0
 def setAttributes(self, attr, is_modify):
     if 'address_type' not in attr:
         address = parseIPAddress(attr['address'])
         attr['address_type'] = adresssType(address)
     Resource.setAttributes(self, attr, is_modify)
     if self.address is None:
         self.type = self.TEMPLATE_TYPE
     else:
         self.type = self.TYPE
Beispiel #3
0
 def checkUnicity(self, new_resource, loader_context=None):
     if isinstance(new_resource, HostnameResource) and new_resource.hostname == self.hostname:
         message = tr('The "%s" hostname (%s) already exists: hostname "%s"!')
         args = (new_resource.hostname, new_resource.formatID(), self.formatID())
         if loader_context is not None:
             loader_context.warning(message, args)
         else:
             raise RulesetError(message, *args)
     Resource.checkUnicity(self, new_resource, loader_context)
Beispiel #4
0
 def _removeTemplate(self, action, template_name):
     Resource._removeTemplate(self, action, template_name)
     if self.isGeneric():
         self.ruleset.generic_links.removeTemplateAction(
             action,
             template_name,
             "interfaces",
             self,
             tr('Unable to delete the template "%s": the generic interface %s is not defined'),
         )
Beispiel #5
0
 def checkUnicity(self, new_resource, loader_context=None):
     Resource.checkUnicity(self, new_resource, loader_context)
     if self.hasAddresses() \
     and new_resource.hasAddresses() \
     and self.address in new_resource.getAddresses():
         message = tr('The "%s" address (%s) already exists: network %s!')
         args = (unicode(new_resource.address), new_resource.formatID(),
                 self.formatID())
         if loader_context is not None:
             loader_context.warning(message, args)
         else:
             raise RulesetError(message, *args)
Beispiel #6
0
 def setAttributes(self, attr, is_modify):
     if "address_type" not in attr:
         families = self.parent.getAddressTypes()
         if len(families) != 1:
             raise RulesetError(
                 tr("The %s network has multiple address families: %s!"),
                 self.parent.formatID(),
                 formatAddressTypes(families),
             )
         attr["address_type"] = list(families)[0]
     Resource.setAttributes(self, attr, is_modify)
     if is_modify or (not self.addresses):
         self.addresses = set(self.resolveHostname())
Beispiel #7
0
    def checkResource(self, new_resource, loader_context=None):
        Resource.checkResource(self, new_resource, loader_context)
        if self.isGeneric() or new_resource.hasAddresses():
            # Don't check template networks
            return

        for address in new_resource.getAddresses():
            if self.address in address:
                raise RulesetError(
                    tr('The %s network (%s) is larger than the network %s (%s)!'),
                    new_resource.formatID(), unicode(address),
                    self.formatID(), unicode(self.address))

            if address not in self.address:
                raise RulesetError(
                    tr('The %s address (%s) is not part of the %s network (%s)!'),
                    unicode(address), new_resource.formatID(),
                    self.formatID(), unicode(self.address))
Beispiel #8
0
 def __init__(self, resources, attr, loader_context=None):
     Resource.__init__(self, resources, resources, self, attr, loader_context)
Beispiel #9
0
 def checkConsistency(self, loader_context=None):
     Resource.checkConsistency(self, loader_context)
     if not self.addresses:
         raise RulesetError(tr("The %s hostname have no address"), self.formatID())
Beispiel #10
0
 def _removeTemplate(self, action, template_name):
     Resource._removeTemplate(self, action, template_name)
     if self.isGeneric():
         self.ruleset.generic_links.removeTemplateAction(
             action, template_name, 'networks', self,
             tr('Unable to delete the template "%s": the generic network %s is not defined'))
Beispiel #11
0
 def __init__(self, parent, attr, loader_context=None):
     Resource.__init__(self, parent.resources, parent, parent.interface,
         attr, loader_context)
Beispiel #12
0
            prefixlen = child.address.prefixlen()
            low_mask = 2 ** (size - self.address.prefixlen()) - 1
            high_mask = 2 ** size - 1
            high_mask &= ~low_mask
            address = self.address.int() & high_mask
            address |= child.address.int() & low_mask
            if prefixlen != size:
                child.address = IP("%s/%s" % (child.address, prefixlen))
            else:
                child.address = IP(address)

    def onModifyAction(self, action, old_attr):
        for child in self._modifyChildren(old_attr):
            action.addBothUpdate(child.createUpdate())

Resource.registerSubclass(NetworkResource)

class IPsecNetworkResource(NetworkResource):
    XML_TAG = 'ipsec_network'
    TYPE = IPSEC_NETWORK_RESTYPE
    TEMPLATE_TYPE = None   # there are no generic IPsec network

    gateway = Address(optional=True)

    def hasAddresses(self):
        return True

    def checkConsistency(self, loader_context=None):
        NetworkResource.checkConsistency(self, loader_context)
        if (self.gateway is not None) \
        and (self.address.version() != self.gateway.version()):
Beispiel #13
0
 def setAttributes(self, attr, is_modify):
     Resource.setAttributes(self, attr, is_modify)
     if self.name is None:
         self.type = GENERIC_INTERFACE_RESTYPE
     else:
         self.type = INTERFACE_RESTYPE
Beispiel #14
0
 def checkResource(self, new_resource, loader_context=None):
     if not isinstance(new_resource, (NetworkResource, NetworkGroup)):
         raise RulesetError(
             tr("The %s network can not be added to the %s interface!"), new_resource.formatID(), self.formatID()
         )
     Resource.checkResource(self, new_resource, loader_context)
Beispiel #15
0
        if self.address_type == IPV6_ADDRESS:
            family = AF_INET6
        else:
            family = AF_INET
        addresses = set()
        try:
            for family, socktype, proto, canonname, sockaddr in getaddrinfo(self.hostname, None, family):
                address = parseIPAddress(sockaddr[0])
                addresses.add(address)
        except gaierror, err:
            message = toUnicode(err.args[1])
            raise RulesetError(tr('Unable to get the address of the hostname "%s": %s!'), self.hostname, message)
        return addresses

    def exportXML(self, parent):
        if self.from_template:
            return None
        return Resource.exportXML(self, parent)

    def _matchResource(self, other):
        try:
            if other.isGeneric():
                return False
            other_addresses = other.getAddresses()
        except NotImplementedError:
            return False
        return matchAddresses(self.addresses, other_addresses)


Resource.registerSubclass(HostnameResource)
Beispiel #16
0
 def importXMLChildren(self, root, context, action):
     Resource.importXMLChildren(self, root, context, action)
     for node in root.findall(NetworkGroup.XML_TAG):
         NetworkGroup.importXML(self, node, context, action)
Beispiel #17
0
 def __init__(self, parent, attr, loader_context=None):
     Resource.__init__(self, parent.resources, parent, parent.interface, attr, loader_context)
     self.allow_child = False
Beispiel #18
0
 def exportXML(self, parent):
     if self.from_template:
         return None
     return Resource.exportXML(self, parent)