def downloadKZorpConfig(instance_name, is_master): if is_master: with RuleDownload(instance_name) as rule_download: messages = [] for service in Globals.services.values(): message = service.buildKZorpMessage() messages.extend(message) for dispatch in Globals.dispatches: messages.append(kzorp.messages.KZorpAddDispatcherMessage(dispatch.session_id, Globals.rules.length)) for rule in Globals.rules: message = rule.buildKZorpMessage(dispatch.session_id) messages.extend(message) rule_download.initial(messages) with BindDownload(instance_name) as bind_download: messages = [] for dispatch in Globals.dispatches: messages.extend(dispatch.buildKZorpBindMessage()) bind_download.initial(messages) # When a kZorp handle is closed kZorp removes binds which were added # by messages came on this handle. # # This function called when Zorp is started or reloaded. # # During the start _kzorp_handle is initialized. # # During the reload new Python interpreter is created so _kzorp_handle # not overwritten, deinit callback closes another kZorp handled which # had been created by the old Python interpreter. global _kzorp_handle _kzorp_handle = bind_download.kzorp_handle
def downloadKZorpConfig(instance_name, is_master): if is_master: with RuleDownload(instance_name) as rule_download: messages = [] for service in Globals.services.values(): message = service.buildKZorpMessage() messages.extend(message) for dispatch in Globals.dispatches: messages.append( kzorp.messages.KZorpAddDispatcherMessage( dispatch.session_id, Globals.rules.length)) for rule in Globals.rules: message = rule.buildKZorpMessage(dispatch.session_id) messages.extend(message) rule_download.initial(messages) with BindDownload(instance_name) as bind_download: messages = [] for dispatch in Globals.dispatches: messages.extend(dispatch.buildKZorpBindMessage()) bind_download.initial(messages) # When a kZorp handle is closed kZorp removes binds which were added # by messages came on this handle. # # This function called when Zorp is started or reloaded. # # During the start _kzorp_handle is initialized. # # During the reload new Python interpreter is created so _kzorp_handle # not overwritten, deinit callback closes another kZorp handled which # had been created by the old Python interpreter. global _kzorp_handle _kzorp_handle = bind_download.kzorp_handle
def addNATMappings(messages, nat_type, nat_policy): if nat_type == NAT_SNAT: msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage else: msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage if nat_policy: nat_mappings = nat_policy.getKZorpMapping() for src_tuple, dst_tuple, map_tuple in nat_mappings: messages.append(msg_class(self.name, src_tuple, map_tuple, dst_tuple))
def addNATMappings(messages, nat_type, nat_policy): import kzorp.messages if nat_type == NAT_SNAT: msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage else: msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage if nat_policy: nat_mappings = nat_policy.getKZorpMapping() for src_tuple, dst_tuple, map_tuple in nat_mappings: messages.append( msg_class(self.name, src_tuple, map_tuple, dst_tuple))
def addNATMappings(messages, nat_type, nat_policy): import kzorp.messages message_version = 2 if Globals.kzorp_version > (4, 5) else 1 if nat_type == NAT_SNAT: msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage else: msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage if nat_policy: nat_mappings = nat_policy.getKZorpMapping() for src_tuple, dst_tuple, map_tuple in nat_mappings: messages.append(msg_class(self.name, src_tuple, map_tuple, dst_tuple, version=message_version))
def buildKZorpMessage(self): """<method internal="yes"> </method> """ def addNATMappings(messages, nat_type, nat_policy): import kzorp.messages message_version = 2 if Globals.kzorp_version > (4, 5) else 1 if nat_type == NAT_SNAT: msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage else: msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage if nat_policy: nat_mappings = nat_policy.getKZorpMapping() for src_tuple, dst_tuple, map_tuple in nat_mappings: messages.append( msg_class(self.name, src_tuple, map_tuple, dst_tuple, version=message_version)) import kzorp.messages flags = kzorp.messages.KZF_SVC_LOGGING if isinstance(self.router, TransparentRouter): flags = flags | kzorp.messages.KZF_SVC_TRANSPARENT router_target_family = None router_target_ip = None router_target_port = None elif isinstance(self.router, DirectedRouter): if len(self.router.dest_addr) > 1: raise ValueError, "DirectedRouter with more than one destination address not supported by KZorp" router_target_family = self.router.dest_addr[0].family router_target_ip = self.router.dest_addr[0].pack() router_target_port = self.router.dest_addr[0].port else: raise ValueError, "Invalid router type specified for port forwarded service" if self.router.forge_addr: flags = flags | kzorp.messages.KZF_SVC_FORGE_ADDR messages = [] messages.append(kzorp.messages.KZorpAddForwardServiceMessage(self.name, \ flags, 0, router_target_family, router_target_ip, router_target_port)) if self.snat_policy: addNATMappings(messages, NAT_SNAT, self.snat_policy) if self.dnat_policy: addNATMappings(messages, NAT_DNAT, self.dnat_policy) return messages
def buildKZorpMessage(self): """<method internal="yes"> </method> """ def addNATMappings(messages, nat_type, nat_policy): import kzorp.messages message_version = 2 if Globals.kzorp_version > (4, 5) else 1 if nat_type == NAT_SNAT: msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage else: msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage if nat_policy: nat_mappings = nat_policy.getKZorpMapping() for src_tuple, dst_tuple, map_tuple in nat_mappings: messages.append(msg_class(self.name, src_tuple, map_tuple, dst_tuple, version=message_version)) import kzorp.messages flags = kzorp.messages.KZF_SVC_LOGGING if isinstance(self.router, TransparentRouter): flags = flags | kzorp.messages.KZF_SVC_TRANSPARENT router_target_family = None router_target_ip = None router_target_port = None elif isinstance(self.router, DirectedRouter): if len(self.router.dest_addr) > 1: raise ValueError, "DirectedRouter with more than one destination address not supported by KZorp" router_target_family = self.router.dest_addr[0].family router_target_ip = self.router.dest_addr[0].pack() router_target_port = self.router.dest_addr[0].port else: raise ValueError, "Invalid router type specified for port forwarded service" if self.router.forge_addr: flags = flags | kzorp.messages.KZF_SVC_FORGE_ADDR messages = [] messages.append(kzorp.messages.KZorpAddForwardServiceMessage(self.name, \ flags, 0, router_target_family, router_target_ip, router_target_port)) if self.snat_policy: addNATMappings(messages, NAT_SNAT, self.snat_policy) if self.dnat_policy: addNATMappings(messages, NAT_DNAT, self.dnat_policy) return messages