def batch_delete_chains(table, chains, ipv6=False): """ Delete multiple chains of a table """ iptc_table = _batch_begin_table(table, ipv6) for chain in chains: if iptc_table.is_chain(chain): iptc_chain = Chain(iptc_table, chain) iptc_chain.flush() iptc_table.delete_chain(chain) _batch_end_table(table, ipv6)
def batch_add_chains(table, chains, ipv6=False, flush=True): """ Add multiple chains to a table """ iptc_table = _batch_begin_table(table, ipv6) for chain in chains: if iptc_table.is_chain(chain): iptc_chain = Chain(iptc_table, chain) else: iptc_chain = iptc_table.create_chain(chain) if flush: iptc_chain.flush() _batch_end_table(table, ipv6)
def batch_delete_rules(table, batch_rules, ipv6=False, raise_exc=True): """ Delete multiple rules from table with format (chain, rule_d) """ try: iptc_table = _batch_begin_table(table, ipv6) for (chain, rule_d) in batch_rules: iptc_chain = Chain(iptc_table, chain) iptc_rule = encode_iptc_rule(rule_d, ipv6) iptc_chain.delete_rule(iptc_rule) _batch_end_table(table, ipv6) except Exception: if raise_exc: raise
def _iptc_getchain(table, chain, ipv6=False, raise_exc=True): """ Return an iptc_chain of an updated table """ try: iptc_table = _iptc_gettable(table, ipv6) if not iptc_table.is_chain(chain): raise AttributeError('Table <{}> has no chain <{}>'.format(table, chain)) return Chain(iptc_table, chain) except Exception: if raise_exc: raise
def batch_add_rules(table, batch_rules, ipv6=False): """ Add multiple rules to a table with format (chain, rule_d, position) """ iptc_table = _batch_begin_table(table, ipv6) for (chain, rule_d, position) in batch_rules: iptc_chain = Chain(iptc_table, chain) iptc_rule = encode_iptc_rule(rule_d, ipv6) if position == 0: # Insert rule in last position -> append iptc_chain.append_rule(iptc_rule) elif position > 0: # Insert rule in given position -> adjusted as iptables CLI iptc_chain.insert_rule(iptc_rule, position - 1) elif position < 0: # Insert rule in given position starting from bottom -> not available in iptables CLI nof_rules = len(iptc_chain.rules) iptc_chain.insert_rule(iptc_rule, position + nof_rules) _batch_end_table(table, ipv6)