def initializeIPTables():
"""
Initializes IPTables.
"""
# Active rules
rules_active = netfilterutils.parseConf(netfilterutils.getRules())
# Compare rules
for chain, rules in IPTABLES_RULES.iteritems():
if chain not in rules_active or len(set(rules) - set(rules_active[chain])):
# At least one different rule, need re-initialization
netfilterutils.clear()
conf = netfilterutils.makeConf(IPTABLES_RULES)
netfilterutils.restoreRules(conf)
break
def initializeIPTables():
"""
Initializes IPTables.
"""
# Active rules
rules_active = netfilterutils.parseConf(netfilterutils.getRules())
# Compare rules
for chain, rules in IPTABLES_RULES.iteritems():
if chain not in rules_active or len(
set(rules) - set(rules_active[chain])):
# At least one different rule, need re-initialization
netfilterutils.clear()
conf = netfilterutils.makeConf(IPTABLES_RULES)
netfilterutils.restoreRules(conf)
break
def start():
# Clear chains & rules
iptables.clear()
# Load rules
profile_file = "/var/lib/iptables/rules"
if os.path.exists(profile_file):
rules = readFile(profile_file)
iptables.restoreRules(rules)
# Create lock file
writeFile(LOCK_FILE, "")
# Initialize Network.Firewall, if necessary
startNetworkFirewall()
# Notify clients
notify("System.Service", "Changed", (script(), "started"))
def start():
# Clear chains & rules
iptables.clear()
# Load rules
profile_file = "/var/lib/iptables/rules"
if os.path.exists(profile_file):
rules = readFile(profile_file)
iptables.restoreRules(rules)
# Create lock file
writeFile(LOCK_FILE, "")
# Initialize Network.Firewall, if necessary
startNetworkFirewall()
# Notify clients
notify("System.Service", "Changed", (script(), "started"))
def start():
# Clear chains & rules
iptables.clear()
# Load rules
profile, save_filter, save_nat, save_mangle, save_raw = getProfile()
save = {
"filter": save_filter,
"nat": save_nat,
"mangle": save_mangle,
"raw": save_raw,
}
profile_file = os.path.join('/var/lib/iptables', profile)
profile_changes = '%s.diff' % profile_file
base = {}
changes = {}
allowed_chains = {}
for table in iptables.chains:
allowed_chains[table] = save[table].split()
# Load base rules
if os.path.isfile(profile_file):
rules = file(profile_file).read()
base = iptables.parseConf(rules)
iptables.restoreRules(rules)
# Load allowed changes done in previous session
if os.path.isfile(profile_changes):
rules = file(profile_changes).read()
changes = iptables.parseConf(rules)
diff = iptables.filterDict(iptables.diffDict(changes, base),
allowed_chains)
iptables.restoreRules(iptables.makeConf(diff), flush=False)
# Create lock file
writeFile(lock_file, '')
def start():
# Clear chains & rules
iptables.clear()
# Load rules
profile, save_filter, save_nat, save_mangle, save_raw = getProfile()
save = {
"filter": save_filter,
"nat": save_nat,
"mangle": save_mangle,
"raw": save_raw,
}
profile_file = os.path.join('/var/lib/iptables', profile)
profile_changes = '%s.diff' % profile_file
base = {}
changes = {}
allowed_chains = {}
for table in iptables.chains:
allowed_chains[table] = save[table].split()
# Load base rules
if os.path.isfile(profile_file):
rules = file(profile_file).read()
base = iptables.parseConf(rules)
iptables.restoreRules(rules)
# Load allowed changes done in previous session
if os.path.isfile(profile_changes):
rules = file(profile_changes).read()
changes = iptables.parseConf(rules)
diff = iptables.filterDict(iptables.diffDict(changes, base), allowed_chains)
iptables.restoreRules(iptables.makeConf(diff), flush=False)
# Create lock file
writeFile(lock_file, '')
