class Firewall:
__iptables = None
def __add_zone(self, args):
z = Zone()
z.name = args[0]
z.iface = args[1]
z.cidr = args[2]
self.__iptables.add_zone(z)
def __add_host(self,args):
z = Zone()
z.name = args[0]
z.iface =
def __make_rule(self, args):
r = Rule()
r.source = self.__iptables.lookup_zone(args[0])
r.dest = self.__iptables.lookup_zone(args[1])
r.action = args[2]
if len(args) > 3:
for param in args[3:]:
r.params.append(string.replace(param, "=", " "))
else:
r.params = []
return r
def __add_nat_rule(self, args):
r = self.__make_rule(args)
self.__iptables.add_nat(r)
def __add_rule(self, args):
r = self.__make_rule(args)
self.__iptables.add_rule(r)
def __init__(self):
self.__iptables = IPTables()
def enable(self):
func = { "zone" : self.__add_zone, "rule" : self.__add_rule, "nat" : self.__add_nat_rule }
c = Config("test.conf", func)
c.parse()
self.__iptables.clean()
self.__iptables.setup()
def __init__(self, config, args = []):
self.__config = config
self.__ipt = IPTables()
class Module:
def __init__(self, config, args = []):
self.__config = config
self.__ipt = IPTables()
def __ipt_setup(self):
# Dodajemy strefy
for zone in self.__config.get("zones.conf"):
z = Zone()
z.name = zone[0]
z.iface = zone[1]
z.cidr = zone[2]
self.__ipt.add_zone(z)
for rule in self.__config.get("rules.conf"):
r = Rule()
r.action = rule[0]
r.source = self.__ipt.lookup_zone(rule[1])
r.dest = self.__ipt.lookup_zone(rule[2])
r.params = rule[3:]
self.__ipt.add_rule(r)
for nat in self.__config.get("nat.conf"):
r = Rule()
r.action = nat[0]
r.source = self.__ipt.lookup_zone(nat[1])
r.dest = self.__ipt.lookup_zone(nat[2])
r.params = nat[3:]
self.__ipt.add_nat(r)
self.__ipt.init()
def start(self):
self.__ipt_setup()
return True
def stop(self):
self.__ipt.clean()
return True
def restart(self):
self.__ipt.clean()
self.__ipt_setup()
return True
def __init__(self):
self.__iptables = IPTables()