def delete_chain(chain_id): chain = flush_chain(chain_id) cmd = nft_utils.nft_command('delete chain {family} {tableName} {name}'.format(**chain)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) chain['id'] = '{family}:{tableName}:{name}'.format(**chain) return chain else: raise NFTError(Error(cmd.stdout.readlines()))
def delete_rule(rule_id): rule = {} rule['family'], rule['tableName'], rule['chainName'], rule['handle'] = rule_id.split(':') cmd = nft_utils.nft_command('delete rule {family} {tableName} {chainName} handle {handle}'.format(**rule)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) return None else: raise NFTError(Error(cmd.stdout.readlines()))
def flush_table(table_id): table = get_table(table_id) cmd = nft_utils.nft_command('flush table {family} {name}'.format(**table)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) table['id'] = '{family}:{name}'.format(**table) return table else: raise NFTError(Error(cmd.stdout.readlines()))
def delete_chain(chain_id): chain = flush_chain(chain_id) cmd = nft_utils.nft_command( 'delete chain {family} {tableName} {name}'.format(**chain)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) chain['id'] = '{family}:{tableName}:{name}'.format(**chain) return chain else: raise NFTError(Error(cmd.stdout.readlines()))
def flush_chain(chain_id): chain = get_chain(chain_id) chain['family'], chain['tableName'] = chain['table'].split(':') cmd = nft_utils.nft_command('flush chain {family} {tableName} {name}'.format(**chain)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) chain['id'] = '{family}:{tableName}:{name}'.format(**chain) return chain else: raise NFTError(Error(cmd.stdout.readlines()))
def create_table(table_json): cmd = nft_utils.nft_command('add table {family} {name}'.format(**table_json)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) table = table_json table['id'] = '{family}:{name}'.format(**table) table['chains'], table['sets'], table['dictionaries'] = ([],[],[]) return table else: raise NFTError(Error(cmd.stdout.readlines()))
def delete_table(table_id): table = flush_table(table_id) for chain_id in table['chains']: chain_wrapper.delete_chain(chain_id) cmd = nft_utils.nft_command('delete table {family} {name}'.format(**table)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) table['id'] = '{family}:{name}'.format(**table) return table else: raise NFTError(Error(cmd.stdout.readlines()))
def flush_chain(chain_id): chain = get_chain(chain_id) chain['family'], chain['tableName'] = chain['table'].split(':') cmd = nft_utils.nft_command( 'flush chain {family} {tableName} {name}'.format(**chain)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) chain['id'] = '{family}:{tableName}:{name}'.format(**chain) return chain else: raise NFTError(Error(cmd.stdout.readlines()))
def create_table(table_json): cmd = nft_utils.nft_command( 'add table {family} {name}'.format(**table_json)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) table = table_json table['id'] = '{family}:{name}'.format(**table) table['chains'], table['sets'], table['dictionaries'] = ([], [], []) return table else: raise NFTError(Error(cmd.stdout.readlines()))
def delete_rule(rule_id): rule = {} rule['family'], rule['tableName'], rule['chainName'], rule[ 'handle'] = rule_id.split(':') cmd = nft_utils.nft_command( 'delete rule {family} {tableName} {chainName} handle {handle}'.format( **rule)) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) return None else: raise NFTError(Error(cmd.stdout.readlines()))
def create_set(set_json): set_json['family'], set_json['table'] = set_json['table'].split(':') cmd_string = 'add set {family} {table} {name} {{ type {dataType}; }}'.format(**set_json) cmd = nft_utils.nft_command(cmd_string) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) set = set_json set['id'] = '{family}:{table}:{name}'.format(**set_json) set['items'] = set['items'] if set['items'] else None set['table'] = set['family'] + ':' + set['table'] return set else: raise NFTError(Error(cmd.stdout.readlines()))
def create_chain(chain_json): chain_json['family'], chain_json['tableName'] = chain_json['table'].split(':') cmd_string = 'add chain {family} {tableName} {name}'.format(**chain_json) if chain_json['hook'] and chain_json['type'] and not chain_json['priority'] == None: cmd_string += ' {{ type {type} hook {hook} priority {priority} ; }}'.format(**chain_json) cmd = nft_utils.nft_command(cmd_string) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) chain = chain_json chain['id'] = '{family}:{tableName}:{name}'.format(**chain_json) return chain else: raise NFTError(Error(cmd.stdout.readlines()))
def update_set(set_json): set_json['family'], set_json['table'] = set_json['table'].split(':') if set_json['items']: cmd_string = 'add element {family} {table} {name} {{ {items} }}'.format(**set_json) cmd = nft_utils.nft_command(cmd_string) cmd_result = cmd.wait() else: cmd_result = 0 if cmd_result == 0: nft_utils.close_nft_command(cmd) set = set_json set['table'] = set['family'] + ':' + set['table'] return set else: raise NFTError(Error(cmd.stdout.readlines()))
def restore_backup(): ''' POST: Receive a backup file and load it into the system ''' with tempfile.NamedTemporaryFile(suffix='.nft', delete=False) as tf: backup = request.files['file'].read() tf.write(backup) cmd = nft_utils.nft_command('-f ' + tf.name) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) os.remove(tf.name) return make_response('Backup restored') else: return abort(500, NFTError(Error(cmd.stdout.read())))
def create_rule(rule_json): rule_json['family'], rule_json['tableName'], rule_json['chainName'] = rule_json['chain'].split(':') cmd_string = 'add rule {family} {tableName} {chainName} '.format(**rule_json) cmd_string += '{expression} {key} '.format(**rule_json) cmd_string += nft_utils.statements_to_str(rule_json['statements']) cmd = nft_utils.nft_command(cmd_string) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) from wrappers import chain_wrapper rule = rule_json # Get handle from last rule added rule['handle'] = chain_wrapper.get_chain(rule['chain'])['rules'][-1].split(':')[3] rule['id'] = rule['chain'] + ':' + rule['handle'] return rule else: raise NFTError(Error(cmd.stdout.readlines()))
def create_chain(chain_json): chain_json['family'], chain_json['tableName'] = chain_json['table'].split( ':') cmd_string = 'add chain {family} {tableName} {name}'.format(**chain_json) if chain_json['hook'] and chain_json[ 'type'] and not chain_json['priority'] == None: cmd_string += ' {{ type {type} hook {hook} priority {priority} ; }}'.format( **chain_json) cmd = nft_utils.nft_command(cmd_string) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) chain = chain_json chain['id'] = '{family}:{tableName}:{name}'.format(**chain_json) return chain else: raise NFTError(Error(cmd.stdout.readlines()))
def create_rule(rule_json): rule_json['family'], rule_json['tableName'], rule_json[ 'chainName'] = rule_json['chain'].split(':') cmd_string = 'add rule {family} {tableName} {chainName} '.format( **rule_json) cmd_string += '{expression} {key} '.format(**rule_json) cmd_string += nft_utils.statements_to_str(rule_json['statements']) cmd = nft_utils.nft_command(cmd_string) cmd_result = cmd.wait() if cmd_result == 0: nft_utils.close_nft_command(cmd) from wrappers import chain_wrapper rule = rule_json # Get handle from last rule added rule['handle'] = chain_wrapper.get_chain( rule['chain'])['rules'][-1].split(':')[3] rule['id'] = rule['chain'] + ':' + rule['handle'] return rule else: raise NFTError(Error(cmd.stdout.readlines()))
def tearDown(self): cmd = nft_utils.nft_command('flush ruleset') nft_utils.close_nft_command(cmd)