def _parse_trap_server(self, args):
self.trap_servers = list()
s_dict = dict()
s_dict["MemberId"] = args.member_id
s_dict["Enabled"] = (("Enabled" == args.server_enabled)
if args.server_enabled is not None else None)
s_dict["TrapServerPort"] = None
if args.server_port is not None:
if args.server_port < 1 or args.server_port > 65535:
err = ("Argument: invalid choice: %s "
"(choose from 1 to 65535)" % args.server_port)
self.err_list.append(err)
raise FailException(*self.err_list)
else:
s_dict["TrapServerPort"] = args.server_port
if args.server_address:
if (is_ipv4(args.server_address) or
is_ipv6(args.server_address) or
is_domain(args.server_address)):
s_dict["TrapServerAddress"] = args.server_address
else:
err = ("Argument: invalid choice: %s "
"(the server address is invalid)" %
args.server_address)
self.err_list.append(err)
raise FailException(*self.err_list)
self.trap_servers.append(s_dict)
def package_trap_server(self, trap_str):
trap_server_list = list()
try:
if trap_str[0] != "[" or trap_str[-1] != "]":
return None
trap_str = trap_str[1:-1]
server_list = trap_str.split("_")
for number in server_list:
s_dict = dict()
member_id, enable, port, address, = number.split("-")
if member_id not in {"1", "2", "3", "4"}:
err = ("Argument: invalid choice: %s "
"(choose from 1, 2, 3, 4)" % member_id)
self.err_list.append(err)
raise FailException(*self.err_list)
if enable not in {"0", "1"}:
err = ("Argument: invalid choice: %s "
"(choose from 0, 1)" % enable)
self.err_list.append(err)
raise FailException(*self.err_list)
s_dict["MemberId"] = member_id
s_dict["Enabled"] = (int(enable) == 1)
try:
s_dict["TrapServerPort"] = int(port)
except ValueError:
err = ("Argument: invalid choice: %s "
"(choose from 1 to 65535)" % port)
self.err_list.append(err)
raise FailException(*self.err_list)
if (s_dict["TrapServerPort"] < 1 or s_dict["TrapServerPort"]
> 65535):
err = ("Argument: invalid choice: %s "
"(choose from 1 to 65535)" % port)
self.err_list.append(err)
raise FailException(*self.err_list)
if (is_ipv4(address) or
is_ipv6(address) or
is_domain(address)):
s_dict["TrapServerAddress"] = address
else:
err = ("Argument: invalid choice: %s "
"(the server address is invalid)" % address)
self.err_list.append(err)
raise FailException(*self.err_list)
trap_server_list.append(s_dict)
except (OSError, TypeError, ValueError, KeyError, SyntaxError, IOError):
return None
return trap_server_list
def _parse_args(self, args):
self.enable = args.enable
if "0" == args.enable:
return
args_dict = {
"encryption_type": "encryption type",
"common_name_type": "LDAP server address type",
"server_address": "LDAP Server string",
"ldap_port": "the port number",
"bind_dn": "LDAP administrator user DN",
"search_base": "search base DN",
"user_login_attribute": "user login properties"
}
for key, value in args_dict.items():
if args.__dict__.get(key, None) is None:
self.err_list.append("Argument: %s needed" % value)
raise FailException(*self.err_list)
self.__dict__[key] = args.__dict__.get(key, None)
if ((self.common_name_type == "ip" and not (is_ipv4(
self.server_address) or is_ipv6(self.server_address)))
or (self.common_name_type == "fqdn"
and not is_domain(self.server_address))):
self.err_list.append("Argument: invalid server address")
raise FailException(*self.err_list)
if args.ldap_port < 1 or args.ldap_port > 65535:
self.err_list.append("Argument: invalid port number(1-65535)")
raise FailException(*self.err_list)
if len(self.bind_dn) > 255:
self.err_list.append(
"Argument: invalid bind dn(Less than 255 bytes)")
raise FailException(*self.err_list)
if len(self.search_base) > 255:
self.err_list.append(
"Argument: invalid search base(Less than 255 bytes)")
raise FailException(*self.err_list)
if args.ldap_password is not None:
self.password = args.ldap_password
def _check_args(self, args):
flag = False
ipv4 = "4"
if "mode" in args and "DHCP" == args.mode:
flag = True
if (("address" in args and args.address) or
("gateway" in args and args.gateway) or
("mask_prefix" in args and args.mask_prefix)):
err_info = "Argument: parameter is not available in DHCP mode"
self.err_list.append(err_info)
raise FailException(*self.err_list)
if "version" in args and args.version:
if ipv4 == args.version:
self.ipv4_dhcp_enable = 1
else:
self.ipv6_dhcp_enable = 1
if "version" in args and args.version:
if ipv4 == args.version:
if "address" in args and args.address:
flag = True
if not is_ipv4(args.address):
err_info = ("Argument: invalid choice: %s "
"(the ipv4 address format is incorrect)" %
args.address)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_address = args.address
if "gateway" in args and args.gateway:
flag = True
if not is_ipv4(args.gateway):
err_info = ("Argument: invalid choice: %s "
"(the ipv4 gateway format is incorrect)" %
args.gateway)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_gateway = args.gateway
if "mask_prefix" in args and args.mask_prefix:
flag = True
if not is_ipv4(args.mask_prefix):
err_info = ("Argument: invalid choice: %s "
"(the ipv4 subnetmask format is incorrect)"
% args.mask_prefix)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_subnet = args.mask_prefix
if "mode" in args and "Static" == args.mode:
flag = True
self.ipv4_dhcp_enable = 0
else:
if "address" in args and args.address:
flag = True
if not is_ipv6(args.address):
err_info = ("Argument: invalid choice: %s "
"(the ipv6 address format is incorrect)" %
args.address)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv6_address = args.address
if "gateway" in args and args.gateway:
flag = True
if not is_ipv6(args.gateway):
err_info = ("Argument: invalid choice: %s "
"(the ipv6 gateway format is incorrect)" %
args.gateway)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv6_gateway = args.gateway
if "mask_prefix" in args and args.mask_prefix:
flag = True
try:
self.ipv6_prefix = int(args.mask_prefix)
if self.ipv6_prefix <= 0 or self.ipv6_prefix > 127:
err_info = ("Argument: invalid choice: %s "
"(the ipv6 prefix length is incorrect)"
% args.mask_prefix)
self.err_list.append(err_info)
raise FailException(*self.err_list)
except ValueError:
err_info = ("Argument: invalid choice: %s "
"(the ipv6 prefix length is incorrect)" %
args.mask_prefix)
self.err_list.append(err_info)
raise FailException(*self.err_list)
if "mode" in args and "Static" == args.mode:
flag = True
self.ipv6_dhcp_enable = 0
if "network_port_id" in args and args.network_port_id:
self.network_port_id = args.network_port_id
if "ipv4_enable" in args and "Disabled" == args.ipv4_enable:
flag = True
if (("ipv4_mode" in args and args.ipv4_mode) or
("ipv4_address" in args and args.ipv4_address) or
("ipv4_gateway" in args and args.ipv4_gateway) or
("ipv4_subnet" in args and args.ipv4_subnet)):
err_info = "Parameter is not available in IPv4 disable mode"
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_enable = 0
elif "ipv4_enable" in args and "Enabled" == args.ipv4_enable:
flag = True
self.ipv4_enable = 1
if "ipv6_enable" in args and "Disabled" == args.ipv6_enable:
flag = True
if (("ipv6_mode" in args and args.ipv6_mode) or
("ipv6_address" in args and args.ipv6_address) or
("ipv6_gateway" in args and args.ipv6_gateway) or
("ipv6_prefix" in args and args.ipv6_prefix)):
err_info = (
"Argument: parameter is not available in IPv6 disable mode")
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv6_enable = 0
elif "ipv6_enable" in args and "Enabled" == args.ipv6_enable:
flag = True
self.ipv6_enable = 1
if "ipv4_mode" in args and "DHCP" == args.ipv4_mode:
flag = True
if (("ipv4_address" in args and args.ipv4_address) or
("ipv4_gateway" in args and args.ipv4_gateway) or
("ipv4_subnet" in args and args.ipv4_subnet)):
err_info = "Argument: parameter is not available in DHCP mode"
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_dhcp_enable = 1
elif "ipv4_mode" in args and "Static" == args.ipv4_mode:
flag = True
self.ipv4_dhcp_enable = 0
if "ipv6_mode" in args and "DHCP" == args.ipv6_mode:
flag = True
if (("ipv6_address" in args and args.ipv6_address) or
("ipv6_gateway" in args and args.ipv6_gateway) or
("ipv6_prefix" in args and args.ipv6_prefix)):
err_info = "Argument: parameter is not available in DHCP mode"
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv6_dhcp_enable = 1
elif "ipv6_mode" in args and "Static" == args.ipv6_mode:
flag = True
self.ipv6_dhcp_enable = 0
if "ipv4_address" in args and args.ipv4_address:
flag = True
if not is_ipv4(args.ipv4_address):
err_info = ("Argument: invalid choice: %s "
"(the ipv4 address format is incorrect)" %
args.ipv4_address)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_address = args.ipv4_address
if "ipv4_gateway" in args and args.ipv4_gateway:
flag = True
if not is_ipv4(args.ipv4_gateway):
err_info = ("Argument: invalid choice: %s "
"(the ipv4 gateway format is incorrect)" %
args.ipv4_gateway)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_gateway = args.ipv4_gateway
if "ipv4_subnet" in args and args.ipv4_subnet:
flag = True
if not is_ipv4(args.ipv4_subnet):
err_info = ("Argument: invalid choice: %s "
"(the ipv4 subnetmask format is incorrect)" %
args.ipv4_subnet)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv4_subnet = args.ipv4_subnet
if "ipv6_address" in args and args.ipv6_address:
flag = True
if not is_ipv6(args.ipv6_address):
err_info = ("Argument: invalid choice: %s "
"(the ipv6 address format is incorrect)" %
args.ipv6_address)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv6_address = args.ipv6_address
if "ipv6_gateway" in args and args.ipv6_gateway:
flag = True
if not is_ipv6(args.ipv6_gateway):
err_info = ("Argument: invalid choice: %s "
"(the ipv6 gateway format is incorrect)" %
args.ipv6_gateway)
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
self.ipv6_gateway = args.ipv6_gateway
if "ipv6_prefix" in args and args.ipv6_prefix is not None:
flag = True
self.ipv6_prefix = args.ipv6_prefix
if self.ipv6_prefix <= 0 or self.ipv6_prefix > 127:
err_info = ("Argument: invalid choice: %d "
"(the ipv6 prefix length is incorrect)" %
args.ipv6_prefix)
self.err_list.append(err_info)
raise FailException(*self.err_list)
if "vlan_enable" in args and args.vlan_enable:
flag = True
if "Enabled" == args.vlan_enable:
self.vlan_enable = 1
if "vlan_id" in args and args.vlan_id is None:
err = "Argument: VLAN enablement needs to specify VLAN ID"
self.err_list.append(err)
raise FailException(*self.err_list)
else:
self.vlan_enable = 0
if "vlan_id" in args and args.vlan_id is not None:
flag = True
self.vlan_id = args.vlan_id
if ("vlan_id" in args and args.vlan_id is not None
and (args.vlan_id < 2 or args.vlan_id > 4094)):
err = ("Argument: invalid parameter: "
"VLAN ID ranges from 2 to 4094")
self.err_list.append(err)
raise FailException(*self.err_list)
if "vlan_priority" in args and args.vlan_priority is not None:
flag = True
self.vlan_priority = args.vlan_priority
if not flag:
err_info = "Argument: at least one parameter must be specified"
self.err_list.append(err_info)
raise FailException(*self.err_list)
def is_parameter_legal(domain):
return is_ipv4(domain) or is_ipv6(domain) or is_domain(domain)
def construct_request_parameters(self, args):
payload = dict()
url = ("/api/settings/firewall-ip-mac-rule-forbid"
if args.rule == "Block" else
"/api/settings/firewall-ip-mac-rule-allow")
if ((args.ip_start and args.ip_start == "0.0.0.0")
or (args.ip_end and args.ip_end == "0.0.0.0") or
((args.ip_start and (not (is_ipv4(args.ip_start) or
is_ipv6(args.ip_start)))) or
(args.ip_end and (not (is_ipv4(args.ip_end) or
is_ipv6(args.ip_end)))))):
err_info = ("Argument: invalid choice(the ipv4/ipv6 "
"format is incorrect).")
self.err_list.append(err_info)
raise FailException(*self.err_list)
if args.ip_start and args.ip_end:
if ((is_ipv4(args.ip_start) and
(not is_ipv4(args.ip_end) and
is_ipv6(args.ip_end))) or
(is_ipv6(args.ip_start) and
not is_ipv6(args.ip_end) and
is_ipv4(args.ip_end))):
err_info = "Argument: invalid choice: different IP protocols"
self.err_list.append(err_info)
raise FailException(*self.err_list)
payload["operation"] = 1 if args.operator == 'Add' else 3
payload["ip_address_from"] = args.ip_start
payload["ip_address_to"] = (args.ip_end if args.ip_end else "")
if args.mac_address:
if is_mac(args.mac_address):
payload["mac_address"] = args.mac_address
else:
err_info = "Argument: invalid choice (mac address is invalid)"
self.err_list.append(err_info)
raise FailException(*self.err_list)
else:
payload["mac_address"] = ""
if not (args.start_time or args.end_time):
payload["timeout_status"] = 0
payload["date_from_yy"] = 0
payload["date_from_mm"] = 0
payload["date_from_dd"] = 0
payload["time_from_hh"] = 0
payload["time_from_mm"] = 0
payload["date_to_yy"] = 0
payload["date_to_mm"] = 0
payload["date_to_dd"] = 0
payload["time_to_hh"] = 0
payload["time_to_mm"] = 0
payload["timeout_status"] = 0
elif args.start_time and args.end_time:
try:
st = time.strptime(args.start_time, "%Y-%m-%dT%H:%M")
et = time.strptime(args.end_time, "%Y-%m-%dT%H:%M")
except (ValueError, Exception) as err:
self.err_list.append(str(err))
raise FailException(*self.err_list)
st_stamp = int(time.mktime(st))
et_stamp = int(time.mktime(et))
if st_stamp >= et_stamp:
err_info = "Argument: end time must be greater than start time"
self.err_list.append(err_info)
raise FailException(*self.err_list)
payload["timeout_status"] = st.tm_year
payload["date_from_yy"] = st.tm_year
payload["date_from_mm"] = st.tm_mon
payload["date_from_dd"] = st.tm_mday
payload["time_from_hh"] = st.tm_hour
payload["time_from_mm"] = st.tm_min
payload["date_to_yy"] = et.tm_year
payload["date_to_mm"] = et.tm_mon
payload["date_to_dd"] = et.tm_mday
payload["time_to_hh"] = et.tm_hour
payload["time_to_mm"] = et.tm_min
payload['timeout_status'] = 1
else:
err_info = "Argument: start time and end time must appear in pairs"
self.err_list.append(err_info)
raise FailException(*self.err_list)
return url, payload
def is_parameter_legal(str_):
return is_ipv4(str_) or is_ipv6(str_) or is_domain(str_)