def get(self, request, format=None): """ the firewall policy query """ fm = FirewallManger() fire_mode = FirewallManger.firewall_status(fm) return Response(fire_mode, status=status.HTTP_200_OK)
def get(self, request, format=None): """ query the system firewall panic mode """ fm = FirewallManger() panic_mode = fm.get_firewall_panic_mode() return Response(panic_mode, status=status.HTTP_200_OK)
def get(self, request, format=None): """ List the configuration info of the runtime or permanent """ config_type = request.GET.get("config_type", '') fm = FirewallManger() result = fm.get_configuration(config_type) return Response(result, status=status.HTTP_200_OK)
def get(self, request, format=None): fm = FirewallManger() firewall_status = fm.get_firewalld_status() state = {'status': firewall_status} if firewall_status == -1: return Response(state, status=status.HTTP_503_SERVICE_UNAVAILABLE) else: return Response(state, status=status.HTTP_200_OK)
def get(self, request, format=None): """ Get a list of all support services """ fm = FirewallManger() config_type = request.GET.get('config_type', '') services_list = fm.get_service(config_type) services_dic = {'services': services_list} return Response(services_dic, status=status.HTTP_200_OK)
def get(self, request, format=None): """ get a list if all support zones """ config_type = request.GET.get('config_type', '') fm = FirewallManger() zone_list = fm.get_support_zones(config_type) zones_dic = {'zones': zone_list} return Response(zones_dic, status=status.HTTP_200_OK)
def get(self, request, format=None): """ Get a list of all active zones """ fm = FirewallManger() active_list = fm.get_active_zones() zones_dic = {'zones': active_list} return Response(zones_dic, status=status.HTTP_200_OK)
def get(self, request, format=None): """ Get the ports and protocol in a zone """ config_type = request.GET.get('config_type', '') zone_name = request.GET.get('zone_name', '') fm = FirewallManger() result = fm.get_ports(config_type, zone_name) ports_dic = {'ports': result} return Response(ports_dic, status=status.HTTP_200_OK)
def get(self, request, format=None): """ Get the interfaces in a zone """ config_type = request.GET.get("config_type", '') zone_name = request.GET.get("zone_name", '') fm = FirewallManger() interface_list = fm.get_interface(config_type, zone_name) intface_dict = {'interfaces': interface_list} return Response(intface_dict, status=status.HTTP_200_OK)
def get(self, request, format=None): """ Get a list of all default zones. """ fm = FirewallManger() default_zone = fm.get_default_zones()[0] default = {'default_zones': default_zone} if default_zone: return Response(default, status=status.HTTP_200_OK) else: return Response("No default zone in system firewall!", status=status.HTTP_200_OK)
def get(self, request, format=None): """ Get a list of enabled services or query a enabled service in a zone """ config_type = request.GET.get('config_type', '') zone_name = request.GET.get('zone_name', '') service_name = request.GET.get('service_name') if zone_name == '' or service_name == '': return Response('the service name or zone name can not be empty', status=status.HTTP_400_BAD_REQUEST) fm = FirewallManger() result = fm.get_enabled_service(zone_name, service_name, config_type) return Response(result, status=status.HTTP_200_OK)
def post(self, request, format=None): """ Add the interface form a zone """ config_type = request.DATA.get('config_type', '') zone_name = request.DATA.get('zone_name', '') interface = request.DATA.get('interface', '') fm = FirewallManger() message, flag = fm.add_interface(config_type, zone_name, interface) if flag: return Response(message, status=status.HTTP_200_OK) else: return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def put(self, request, format=None): """ Reload the firewall """ is_complete = request.data.get('complete').upper() fm = FirewallManger() result = fm.reload_firewall(is_complete) if result: return Response('Reload success!', status=status.HTTP_200_OK) else: return Response('Reload failed!', status=status.HTTP_400_BAD_REQUEST)
def get(self, request, format=None): """ Get the ICMP """ icmp_list = [] config_type = request.GET.get('config_type') fm = FirewallManger() icmp_list = fm.get_icmp(config_type) if icmp_list: return Response(icmp_list, status=status.HTTP_200_OK) else: return Response('The ICMP list is empty!')
def put(self, request, format=None): """ Change the zone an interface belongs to """ config_type = request.DATA.get('config_type', '') zone_name = request.DATA.get('zone_name', '') interface = request.DATA.get('interface', '') fm = FirewallManger() message, flag = fm.change_interface_zone(config_type, zone_name, interface) if flag: return Response(message, status=status.HTTP_200_OK) else: return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request, format=None): """ Add protocol in a zone """ config_type = request.DATA.get('config_type', '') zone_name = request.DATA.get('zone_name', '') port = request.DATA.get('ports', '') protocol = request.DATA.get('protocol', '') fm = FirewallManger() # return Response(config_type+zone_name+protocol+port) message, flag = fm.add_port(config_type, zone_name, port, protocol) if flag: return Response(message, status=status.HTTP_200_OK) else: return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def delete(self, request, format=None): """ Disable a service of a zone """ config_type = request.DATA.get('config_type', '') zone_name = request.DATA.get('zone_name', '') service_name = request.DATA.get('service_name', '') fm = FirewallManger() message, flag = fm.disable_service(zone_name, service_name, config_type) if flag: return Response(message, status=status.HTTP_200_OK) else: return Response(message, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, format=None): """ set default zone of system firewall """ zone_name = request.data.get('zone_name') fm = FirewallManger() zone_list = fm.get_support_zones('') # if zone_list and zone_name in zone_list: result = fm.set_default_zone(zone_name) if result: return Response('Set default zone success !', status=status.HTTP_200_OK) else: return Response('Set default zone failed !', status=status.HTTP_400_BAD_REQUEST)
def put(self, request, format=None): """ config the firewall panic mode:on or off """ fm = FirewallManger() mode = request.DATA.get('panic_mode') mode_struct = ['on', 'off'] if mode not in mode_struct: return Response('Arguments is not invalid!') else: result = fm.set_panic_mode(mode) if result: return Response("Config Success!", status=status.HTTP_200_OK) else: return Response("Config failed!", status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def delete(self, request, format=None): """ Delete port from a zone """ config_type = request.DATA.get('config_type', '') zone_name = request.DATA.get('zone_name', '') port = request.DATA.get('ports', '') protocol = request.DATA.get('protocol', '') if port == '' or protocol == '': return Response('port or protocol is not empty', status=status.HTTP_400_BAD_REQUEST) fm = FirewallManger() message, flag = fm.remove_port(config_type, zone_name, port, protocol) if flag: return Response(message, status=status.HTTP_200_OK) else: return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def put(self, request, format=None): """ config the firewall mode ex:STATIC,DYNAMIC """ cfm = FirewallManger() _firemode_list = ['STATIC', 'DYNAMIC', 'UNKNOWN'] current_mode = cfm.firewall_status() _fm = request.data.get('policy') if _fm not in _firemode_list: return Response('FIREWALL MODE IS INVALID', status=status.HTTP_400_BAD_REQUEST) elif current_mode == _fm: return Response('FIREWALL MODE IS RUNNING', status=status.HTTP_400_BAD_REQUEST) else: if current_mode == 'UNKNOWN': if _fm == 'STATIC': q1 = cfm.enable_static_firewall() q2 = cfm.start_firewall_service("STATIC") return Response(q2, status=status.HTTP_200_OK) else: cfm.enable_firewalld() cfm.start_firewall_service("DYNAMIC") else: if _fm == 'STATIC': cfm.enable_static_firewall() cfm.stop_firewall_service("DYNAMIC") cfm.start_firewall_service("STATIC") else: cfm.enable_firewalld() cfm.stop_firewall_service("STATIC") cfm.start_firewall_service("DYNAMIC") return Response('CONFIG SUCCESS', status=status.HTTP_200_OK)