def restore_configuration() -> bool:
"""TODO: Doku."""
rccode = False
if file_exists(EASYWALL_CONFIG_BACKUP_PATH):
rename_file(EASYWALL_CONFIG_BACKUP_PATH, EASYWALL_CONFIG_PATH)
rccode = True
if file_exists(WEB_CONFIG_BACKUP_PATH):
rename_file(WEB_CONFIG_BACKUP_PATH, WEB_CONFIG_PATH)
rccode = True
if file_exists(LOG_CONFIG_BACKUP_PATH):
rename_file(LOG_CONFIG_BACKUP_PATH, LOG_CONFIG_PATH)
rccode = True
return rccode
def rename_backup_file(self) -> None:
"""TODO: Doku."""
old_filename = "{}/{}".format(self.filepath, self.filename)
new_filename = "{}/{}_{}".format(self.filepath, self.date,
self.filename)
if file_exists(old_filename):
rename_file(old_filename, new_filename)
def test_execute_os_command(self):
"""
TODO: Doku
"""
self.assertTrue(execute_os_command("touch testfile"))
self.assertTrue(file_exists("testfile"))
delete_file_if_exists("testfile")
def get_acceptance_status(self) -> str:
"""
get the status of the current acceptance
"""
filepath = ".acceptance_status"
if file_exists(filepath):
return file_get_contents(filepath)
return ""
def restore_configuration() -> bool:
"""
TODO: Doku
"""
if file_exists(CONFIG_BACKUP_PATH):
rename_file(CONFIG_BACKUP_PATH, CONFIG_PATH)
return True
return False
def on_any_event(self, event):
"""
the function overrides the empty event handler for every file change in the given directory
"""
if event.src_path.endswith(".txt"):
info("file modification occured. filename: " + event.src_path)
while file_exists(".running"):
sleep(2)
Easywall()
def read_config_file(self) -> None:
"""TODO: Doku."""
if not file_exists(self.config_file_path):
raise FileNotFoundError("config file '{}' not found".format(self.config_file_path))
try:
self.configlib.read(self.config_file_path)
except ParsingError as exc:
raise ParsingError(
"{} is not readable by RawConfigParser. \n inner exception: {}".format(
self.config_file_path, format_exception(exc)))
def __init__(self, config_file_path: str) -> None:
if not file_exists(config_file_path):
raise FileNotFoundError("config file '{}' not found".format(config_file_path))
self.config_file_path = config_file_path
self.configlib = RawConfigParser()
try:
self.configlib.read(self.config_file_path)
except ParsingError as exc:
raise ParsingError(
"{} is not readable by RawConfigParser. \n inner exception: {}".format(
config_file_path, format_exception(exc)))
def ensure_file_exists(self) -> None:
"""TODO: Doku."""
if not file_exists(self.filepath):
create_file_if_not_exists(self.filepath)
template: dict = {}
for state in self.states:
template[state] = {}
for ruletype in self.types:
template[state][ruletype] = []
self.rules = template
self.save()
def test_file(self):
assert not file_exists("testfile")
create_file_if_not_exists("testfile")
assert file_exists("testfile")
write_into_file("testfile", "testcontent")
assert file_get_contents("testfile") == "testcontent"
assert len(get_abs_path_of_filepath("testfile")) > 0
rename_file("testfile", "testfilenew")
assert not file_exists("testfile")
assert file_exists("testfilenew")
delete_file_if_exists("testfilenew")
assert not file_exists("testfile")
assert not file_exists("testfilenew")
def prepare_configuration() -> None:
"""
TODO: Doku
"""
if file_exists(CONFIG_PATH):
rename_file(CONFIG_PATH, CONFIG_BACKUP_PATH)
content = """[LOG]
level = info
to_files = no
to_stdout = yes
filepath = log
filename = easywall-web.log
[WEB]
username = demo
password = xxx
bindip = 0.0.0.0
bindport = 12227
login_attempts = 10
login_bantime = 1800
[VERSION]
version = 0.0.0
sha = 12345
date = 2020-01-01T00:00:00Z
timestamp = 1234
[uwsgi]
https-socket = 0.0.0.0:12227,easywall.crt,easywall.key
processes = 5
threads = 2
callable = APP
master = false
wsgi-file = easywall_web/__main__.py
need-plugin = python3
"""
create_file_if_not_exists(CONFIG_PATH)
write_into_file(CONFIG_PATH, content)
config = Config(CONFIG_PATH)
config.set_value("VERSION", "timestamp", str(int(time())))
def test_file(self) -> None:
"""TODO: Doku."""
self.assertFalse(file_exists("testfile"))
create_file_if_not_exists("testfile")
self.assertTrue(file_exists("testfile"))
write_into_file("testfile", "testcontent")
self.assertEqual(file_get_contents("testfile"), "testcontent")
self.assertGreater(len(get_abs_path_of_filepath("testfile")), 0)
rename_file("testfile", "testfilenew")
self.assertFalse(file_exists("testfile"))
self.assertTrue(file_exists("testfilenew"))
delete_file_if_exists("testfilenew")
self.assertFalse(file_exists("testfile"))
self.assertFalse(file_exists("testfilenew"))
def test_file(self):
"""
TODO: Doku
"""
assert not file_exists("testfile")
create_file_if_not_exists("testfile")
assert file_exists("testfile")
write_into_file("testfile", "testcontent")
assert file_get_contents("testfile") == "testcontent"
self.assertGreater(len(get_abs_path_of_filepath("testfile")), 0)
rename_file("testfile", "testfilenew")
assert not file_exists("testfile")
assert file_exists("testfilenew")
delete_file_if_exists("testfilenew")
assert not file_exists("testfile")
assert not file_exists("testfilenew")
def setUp(self) -> None:
self.config_backup_path = "config/easywall.ini.backup"
if file_exists(CONFIG_PATH):
rename_file(CONFIG_PATH, self.config_backup_path)
content = """[LOG]
level = info
to_files = false
to_stdout = true
filepath =
filename =
[IPV6]
enabled = true
[ACCEPTANCE]
enabled = false
duration = 120
timestamp =
[EXEC]
iptables = /sbin/iptables
ip6tables = /sbin/ip6tables
iptables-save = /sbin/iptables-save
ip6tables-save = /sbin/ip6tables-save
iptables-restore = /sbin/iptables-restore
ip6tables-restore = /sbin/ip6tables-restore
[BACKUP]
filepath = ./backup
ipv4filename = iptables_v4_backup
ipv6filename = iptables_v6_backup
"""
create_file_if_not_exists(CONFIG_PATH)
write_into_file(CONFIG_PATH, content)
delete_folder_if_exists("rules")
def tearDown(self):
if file_exists(self.config_backup_path):
rename_file(self.config_backup_path, CONFIG_PATH)
def tearDown(self) -> None:
delete_file_if_exists("test.log")
delete_file_if_exists(".acceptance_status")
if file_exists(self.config_backup_path):
rename_file(self.config_backup_path, CONFIG_PATH)
def restore_configuration():
"""
TODO: Doku
"""
if file_exists(CONFIG_BACKUP_PATH):
rename_file(CONFIG_BACKUP_PATH, CONFIG_PATH)
def prepare_configuration() -> None:
"""TODO: Doku."""
if file_exists(EASYWALL_CONFIG_PATH):
rename_file(EASYWALL_CONFIG_PATH, EASYWALL_CONFIG_BACKUP_PATH)
if file_exists(WEB_CONFIG_PATH):
rename_file(WEB_CONFIG_PATH, WEB_CONFIG_BACKUP_PATH)
if file_exists(LOG_CONFIG_PATH):
rename_file(LOG_CONFIG_PATH, LOG_CONFIG_BACKUP_PATH)
content = """[IPTABLES]
log_blocked_connections = yes
log_blocked_connections_log_limit = 60
log_blacklist_connections = yes
log_blacklist_connections_log_limit = 60
drop_broadcast_packets = yes
drop_multicast_packets = yes
drop_anycast_packets = yes
ssh_brute_force_prevention = yes
ssh_brute_force_prevention_log = yes
ssh_brute_force_prevention_connection_limit = 5
ssh_brute_force_prevention_log_limit = 60
icmp_flood_prevention = yes
icmp_flood_prevention_log = yes
icmp_flood_prevention_connection_limit = 5
icmp_flood_prevention_log_limit = 60
drop_invalid_packets = yes
drop_invalid_packets_log = yes
drop_invalid_packets_log_limit = 60
port_scan_prevention = yes
port_scan_prevention_log = yes
port_scan_prevention_log_limit = 60
[IPV6]
enabled = yes
icmp_allow_router_advertisement = yes
icmp_allow_neighbor_advertisement = yes
[ACCEPTANCE]
enabled = yes
duration = 1
timestamp =
[EXEC]
iptables = /sbin/iptables
ip6tables = /sbin/ip6tables
iptables-save = /sbin/iptables-save
ip6tables-save = /sbin/ip6tables-save
iptables-restore = /sbin/iptables-restore
ip6tables-restore = /sbin/ip6tables-restore
"""
create_file_if_not_exists(EASYWALL_CONFIG_PATH)
write_into_file(EASYWALL_CONFIG_PATH, content)
content = """[WEB]
username = demo
password = xxx
bindip = 0.0.0.0
bindport = 12227
login_attempts = 100
login_bantime = 1800
[VERSION]
version = 0.0.0
sha = 12345
date = 2020-01-01T00:00:00Z
timestamp = 1234
[uwsgi]
ssl-option = 268435456
https-socket = 0.0.0.0:12227,ssl/easywall.crt,ssl/easywall.key,HIGH
processes = 5
threads = 2
callable = APP
master = yes
die-on-term = yes
wsgi-file = easywall/web/__main__.py
need-plugin = python3
buffer-size = 16384
"""
create_file_if_not_exists(WEB_CONFIG_PATH)
write_into_file(WEB_CONFIG_PATH, content)
config = Config(WEB_CONFIG_PATH)
config.set_value("VERSION", "timestamp", str(int(time())))
content = """[LOG]
level = info
to_files = no
to_stdout = yes
filepath = /var/log
filename = easywall.log
"""
create_file_if_not_exists(LOG_CONFIG_PATH)
write_into_file(LOG_CONFIG_PATH, content)
