def __init__(self, logger, config, default_decisions, acls, nats, custom_rules, options, apply_rules): LoggerChild.__init__(self, logger) self.generator = IptablesGenerator(logger, default_decisions, options, config, apply_rules) self.acls = acls self.nats = nats self.custom_rules = custom_rules self.options = options self.keep_files = True self.old_rules = None self.new_rules = None
class WriteIptablesRules(Transaction, LoggerChild): def __init__(self, logger, config, default_decisions, acls, nats, custom_rules, options, apply_rules): LoggerChild.__init__(self, logger) self.generator = IptablesGenerator(logger, default_decisions, options, config, apply_rules) self.acls = acls self.nats = nats self.custom_rules = custom_rules self.options = options self.keep_files = True self.old_rules = None self.new_rules = None def prepare(self): self.info("Create the new iptables rules") umask(0077) filename = self.generator.writeRules(self.acls, self.nats, self.custom_rules) self.new_rules = File(filename, True) def save(self): self.info("Save the current iptables rules") loadKernelModules(self, self.options.ipv6) filename = iptablesSave(self, ipv6=self.options.ipv6) self.old_rules = File(filename, True) def apply(self): pass def rollback(self): self.error("Restore the old iptables rules") # Restore old rules iptablesRestore(self, self.old_rules.filename, ipv6=self.options.ipv6, check_error=False) def cleanup(self): if self.keep_files: return if self.old_rules: self.old_rules.unlink(quiet=True) if self.new_rules: self.new_rules.unlink(quiet=True)