def handle_src_nat_ip(): global src_nat_ip append_list = src_nat_ip for policy in absorbdict.policy_dict: if policy.get('src') is not None and policy.get( 'src_nat_ip') is not None: data = str(policy['src_nat_ip']) multiple.handle_multiple_ip(policy, append_list, data) elif policy.get('src') is not None and policy.get( 'dip_num') is not None: for dip_c in absorbdict.dip_dict: if policy.get('dip_num') == dip_c['dip_num']: data = str(dip_c['start_ip']) multiple.handle_multiple_ip(policy, append_list, data) elif policy.get('src') is not None: if policy.get('dst') is not None: handle_src_and_dst_nat(policy, append_list) else: for if_zone in absorbdict.if_zone_dict: if policy['dst_zone'] == if_zone['zone_name']: dst_if = if_zone['if_name'] handle_src_nat_ip_is_dst_fw(policy, append_list, dst_if) else: handle_nat_if(policy, append_list) if not flag: data = str("") multiple.handle_multiple_ip(policy, append_list, data)
def handle_implicit_any_ip(policy): global network_address_list dst_ip_list = [] for pre_policy in absorbdict.policy_dict: if policy['src_zone'] == pre_policy['src_zone'] and policy[ 'dst_zone'] == pre_policy['dst_zone']: if len(absorbdict.group_address_dict) >= 2: flag = False for group_address_c in absorbdict.group_address_dict: if pre_policy['dst_ip'] == group_address_c['group_name']: flag = True dst_ip_list += [group_address_c['address_name']] continue else: if not flag: dst_ip_list += [pre_policy['dst_ip']] elif pre_policy['dst_ip'] == '"Any"': continue else: dst_ip_list += [pre_policy['dst_ip']] continue elif policy['policy_id'] == pre_policy['policy_id']: pass else: dst_zone = policy['dst_zone'] # dst_zoneがif_zoneで使用されていないことも想定する # TODO:スキップしないようにする dst_if_route_network_range(policy, dst_zone) if dst_ip_list != []: exclude_dst_ip_list_from_route_network(dst_ip_list, route_network) define_scope_ip(policy, network_address_list) else: append_list = dst_ip data = str("NaN") print( '%sから%sへのポリシーはpolicy_id = %sより前に存在しません' % (policy['src_zone'], policy['dst_zone'], policy['policy_id'])) print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data)
def handle_implicit_any_ip(policy): global network_address_list src_ip_list = [] for pre_policy in absorbdict.policy_dict: if policy['src_zone'] == pre_policy['src_zone'] and policy[ 'dst_zone'] == pre_policy['dst_zone']: if len(absorbdict.group_address_dict) >= 2: flag = False for group_address_c in absorbdict.group_address_dict: if pre_policy['src_ip'] == group_address_c['group_name']: flag = True src_ip_list += [group_address_c['address_name']] continue else: if not flag: src_ip_list += [pre_policy['src_ip']] elif pre_policy['src_ip'] == '"Any"': continue else: src_ip_list += [pre_policy['src_ip']] continue elif policy['policy_id'] == pre_policy['policy_id']: pass else: src_zone = policy['src_zone'] # src_zoneがif_zoneで使用されていないこと(route_networkが返ってこないこと)も想定する src_if_route_network_range(src_zone) if src_ip_list != []: exclude_network_range(src_ip_list, route_network) define_scope_ip(policy, network_address_list) else: append_list = src_ip data = str("NaN") print(policy['src_zone'] + 'から' + policy['dst_zone'] + 'へのポリシーは' + 'policy_id =' + policy['policy_id'] + 'より前に存在しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data)
def handle_protocol_udp(): global protocol_udp append_list = protocol_udp for policy in absorbdict.policy_dict: if policy['protocol'] == '"ANY"': data = str("udp") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"PING"' or policy['protocol'] == '"ICMP-ANY"': data = str("") multiple.handle_multiple_ip(policy, append_list, data) else: flag = False for service_c in absorbdict.service_dict: if policy['protocol'] == service_c['service_name'] and service_c['protocol_name'] == "udp": flag = True data = str("udp") multiple.handle_multiple_ip(policy, append_list, data) else: if not flag: data = str("udp") multiple.handle_multiple_ip(policy, append_list, data)
def handle_protocol_udp(): global protocol_udp append_list = protocol_udp for policy in absorbdict.policy_dict: if policy['protocol'] == '"ANY"': data = str("udp") multiple.handle_multiple_ip(policy, append_list, data) #715 elif policy['protocol'] == '"PING"' or policy[ 'protocol'] == '"ICMP-ANY"': data = str("") multiple.handle_multiple_ip(policy, append_list, data) #6 else: data = str("udp") multiple.handle_multiple_ip(policy, append_list, data) #2627
def handle_dst_nat_ip(): global dst_nat_ip append_list = dst_nat_ip for policy in absorbdict.policy_dict: if policy.get('dst_nat_ip') is not None: for address_c in absorbdict.address_dict: if policy['dst_ip'] == address_c['address_name']: data = str(address_c['ip_address']) multiple.handle_multiple_ip(policy, append_list, data) break elif 'MIP' in policy['dst_ip']: for mip_c in absorbdict.mip_dict: if policy['dst_ip'].strip(')"').split( '(')[1] == mip_c['private_ip']: data = str(mip_c['private_ip']) multiple.handle_multiple_ip(policy, append_list, data) break else: data = str("") multiple.handle_multiple_ip(policy, append_list, data)
def handle_src_fw(): global src_fw append_list = src_fw for policy in absorbdict.policy_dict: for if_zone in absorbdict.if_zone_dict: if "VIP" in policy['src_ip']: for vip_c in absorbdict.vip_dict: if policy['src_ip'].strip(')"').split( '(')[1] == vip_c['global_ip']: longest_match = {} for if_ip_c in absorbdict.route_dict: if ipaddress.ip_address( vip_c['private_ip'] ) in ipaddress.ip_network( if_ip_c['network_address'], strict=False): a = { if_ip_c['if_name']: if_ip_c['network_address'].split('/')[1] } longest_match.update(a) else: continue max_keys = max(longest_match, key=longest_match.get) src_if = [] src_if += [max_keys] for src_if_c in src_if: for if_ip_c in absorbdict.if_ip_dict: if src_if_c.replace( '"', '') == if_ip_c['if_name'].replace( '"', ''): data = str( if_ip_c['ip_address'].split('/')[0]) multiple.handle_multiple_ip( policy, append_list, data) break elif policy['src_ip'].strip(')"').split( '(')[1] == vip_c['if_name'] and vip_c[ 'global_ip'] == "interface-ip": src_if = [] src_if += [policy['src_ip'].strip(')"').split('(')[1]] for src_if_c in src_if: for if_ip_c in absorbdict.if_ip_dict: if src_if_c.replace( '"', '') == if_ip_c['if_name'].replace( '"', ''): data = str( if_ip_c['ip_address'].split('/')[0]) multiple.handle_multiple_ip( policy, append_list, data) break break break elif policy['src_zone'] == if_zone['zone_name']: src_if = [] src_if += [if_zone['if_name']] for src_if_c in src_if: for if_ip_c in absorbdict.if_ip_dict: if src_if_c.replace('"', '') == if_ip_c['if_name'].replace( '"', ''): data = str(if_ip_c['ip_address'].split('/')[0]) multiple.handle_multiple_ip( policy, append_list, data) break else: flag = False for if_zone in absorbdict.if_zone_dict: if policy['src_zone'] == if_zone['zone_name']: flag = True break else: continue else: flag = False for if_zone in absorbdict.if_zone_dict: if policy['src_zone'] == if_zone['zone_name']: flag = True break else: continue else: if not flag: data = str("NaN") print('送信元ゾーンの' + policy['dst_zone'] + 'が割り当てられたIF,またはそのIFにIPがありません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data)
def decide_src_fw(policy, append_list, src_if): for i in absorbdict.ifinfo: if src_if in i['IF_Name']: data = str(i['IP'].split('/')[0]) if data != 'None': multiple.handle_multiple_ip(policy, append_list, data)
def handle_src_nat_ip(): global src_nat_ip append_list = src_nat_ip for policy in absorbdict.policy_dict: if policy.get('src') is not None and policy.get( 'src_nat_ip') is not None: data = str(policy['src_nat_ip']) multiple.handle_multiple_ip(policy, append_list, data) elif policy.get('src') is not None and policy.get( 'dip_num') is not None: for dip_c in absorbdict.dip_dict: if policy.get('dip_num') == dip_c['dip_num']: data = str(dip_c['start_ip']) multiple.handle_multiple_ip(policy, append_list, data) elif policy.get('src') is not None: if policy.get('dst') is not None: address = str(policy['dst_nat_ip']) ip_network = ipaddress.ip_network( ipaddress.ip_address(address), strict=False) for route_c in absorbdict.route_dict: routing_network = ipaddress.ip_network( route_c['network_address']) if ip_network.subnet_of(routing_network) is True: after_dst_if = route_c['if_name'] for if_ip_c in absorbdict.if_ip_dict: if after_dst_if.replace( '"', '') == if_ip_c['if_name'].replace( '"', '') and if_ip_c.get( 'ip_address') is not None: dst_fw = if_ip_c['ip_address'].split('/')[0] data = str(dst_fw) multiple.handle_multiple_ip( policy, append_list, data) else: flag = False for if_zone in absorbdict.if_zone_dict: if policy['dst_zone'] == if_zone['zone_name']: dst_if = if_zone['if_name'] for if_ip_c in absorbdict.if_ip_dict: if dst_if.replace( '"', '') == if_ip_c['if_name'].replace( '"', '') and if_ip_c.get( 'ip_address') is not None: flag = True dst_fw = if_ip_c['ip_address'].split('/')[0] data = str(dst_fw) multiple.handle_multiple_ip( policy, append_list, data) else: flag = False for if_zone in absorbdict.if_zone_dict: if policy['src_zone'] == if_zone['zone_name']: src_if = if_zone['if_name'] for if_nat_c in absorbdict.if_nat_dict: if src_if.replace('"', '') == if_nat_c['if_name'].replace( '"', ''): flag = True for if_zone in absorbdict.if_zone_dict: if policy['dst_zone'] == if_zone['zone_name']: dst_if = if_zone['if_name'] for if_ip_c in absorbdict.if_ip_dict: if dst_if.replace( '"', '' ) == if_ip_c['if_name'].replace( '"', ''): dst_fw = if_ip_c[ 'ip_address'].split('/')[0] data = str(dst_fw) multiple.handle_multiple_ip( policy, append_list, data) else: # TODO:要修正 if policy['protocol'] == '"NTP"' or policy[ 'protocol'] == '"HTTP"': for address_c in absorbdict.address_dict: if policy['src_ip'].replace( '"', '' ) == address_c['address_name'].replace( '"', ''): ip_address = address_c['ip_address'] for mip_c in absorbdict.mip_dict: if ip_address == mip_c['global_ip']: flag = True data = str(mip_c['private_ip']) multiple.handle_multiple_ip( policy, append_list, data) else: if not flag: data = str("") multiple.handle_multiple_ip(policy, append_list, data)
def handle_dst_fw(): global dst_fw append_list = dst_fw for policy in absorbdict.policy_dict: flag = False for i in absorbdict.ifinfo: if policy.get('dst_nat_ip') is not None: flag = True longest_match = {} for if_ip_c in absorbdict.route_dict: if ipaddress.ip_address( policy['dst_nat_ip']) in ipaddress.ip_network( if_ip_c['network_address'], strict=False): a = { if_ip_c['if_name']: if_ip_c['network_address'].split('/')[1] } longest_match.update(a) max_keys = max(longest_match, key=longest_match.get) else: continue dst_if = max_keys.replace('"', '') decide_dst_fw(policy, append_list, dst_if) break elif "VIP(" in policy['dst_ip']: flag = True for vip_c in absorbdict.vip_dict: if policy['dst_ip'].strip(')"').split( '(')[1] == vip_c['global_ip']: longest_match = {} for if_ip_c in absorbdict.route_dict: if ipaddress.ip_address( vip_c['private_ip'] ) in ipaddress.ip_network( if_ip_c['network_address'], strict=False): a = { if_ip_c['if_name']: if_ip_c['network_address'].split('/')[1] } longest_match.update(a) else: continue max_keys = max(longest_match, key=longest_match.get) dst_if = max_keys.replace('"', '') decide_dst_fw(policy, append_list, dst_if) break elif policy['dst_ip'].strip(')"').split( '(')[1] == vip_c['if_name'] and vip_c[ 'global_ip'] == "interface-ip": dst_if = policy['dst_ip'].strip(')"').split( '(')[1].replace('"', '') decide_dst_fw(policy, append_list, dst_if) break break elif policy['dst_zone'] == i['Zone'] and i['IP'] != 'None': flag = True dst_if = i['IF_Name'] decide_dst_fw(policy, append_list, dst_if) else: if not flag: #zoneにIPアドレスが設定されていない場合、テストシナリオのdst-fwにzone名を記載する data = str(policy['dst_zone']) multiple.handle_multiple_ip(policy, append_list, data)
def handle_description(): global description append_list = description for policy in absorbdict.policy_dict: data = str('policy id =%s' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data)
def handle_dst_nat_port(): global dst_nat_port append_list = dst_nat_port for policy in absorbdict.policy_dict: if policy.get('dst_nat_port') is not None: for service_c in absorbdict.service_dict: if policy['protocol'] == '"FTP"': data = str("21") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"HTTP"': data = str("80") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"NTP"': data = str("123") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"DNS"': data = str("53") multiple.handle_multiple_ip(policy, append_list, data) elif service_c['service_name'] == policy['protocol']: data = str(service_c['dst_port_num'].split('-')[0]) multiple.handle_multiple_ip(policy, append_list, data) else: data = str("") multiple.handle_multiple_ip(policy, append_list, data) break else: data = str("") multiple.handle_multiple_ip(policy, append_list, data)
def handle_dst_fw(): global dst_fw append_list = dst_fw for policy in absorbdict.policy_dict: for if_zone_c in absorbdict.if_zone_dict: if policy.get('dst_nat_ip') is not None: longest_match = {} for if_ip_c in absorbdict.route_dict: if ipaddress.ip_address( policy['dst_nat_ip']) in ipaddress.ip_network( if_ip_c['network_address'], strict=False): a = { if_ip_c['if_name']: if_ip_c['network_address'].split('/')[1] } longest_match.update(a) max_keys = max(longest_match, key=longest_match.get) else: continue dst_if = max_keys for if_ip_c in absorbdict.if_ip_dict: if dst_if.replace('"', '') == if_ip_c['if_name'].replace( '"', ''): data = str(if_ip_c['ip_address'].split('/')[0]) multiple.handle_multiple_ip(policy, append_list, data) else: flag = False for if_zone_c in absorbdict.if_zone_dict: if policy['dst_zone'] == if_zone_c['zone_name']: flag = True else: continue break elif "VIP" in policy['dst_ip']: for vip_c in absorbdict.vip_dict: if policy['dst_ip'].strip(')"').split( '(')[1] == vip_c['global_ip']: longest_match = {} for if_ip_c in absorbdict.route_dict: if ipaddress.ip_address( vip_c['private_ip'] ) in ipaddress.ip_network( if_ip_c['network_address'], strict=False): a = { if_ip_c['if_name']: if_ip_c['network_address'].split('/')[1] } longest_match.update(a) else: continue max_keys = max(longest_match, key=longest_match.get) dst_if = max_keys for if_ip_c in absorbdict.if_ip_dict: if dst_if.replace( '"', '') == if_ip_c['if_name'].replace('"', ''): data = str(if_ip_c['ip_address'].split('/')[0]) multiple.handle_multiple_ip( policy, append_list, data) break elif policy['dst_ip'].strip(')"').split( '(')[1] == vip_c['if_name'] and vip_c[ 'global_ip'] == "interface-ip": dst_if = policy['dst_ip'].strip(')"').split('(')[1] for if_ip_c in absorbdict.if_ip_dict: if dst_if.replace( '"', '') == if_ip_c['if_name'].replace('"', ''): data = str(if_ip_c['ip_address'].split('/')[0]) multiple.handle_multiple_ip( policy, append_list, data) break break elif policy['dst_zone'] == if_zone_c['zone_name']: dst_if = if_zone_c['if_name'] for if_ip_c in absorbdict.if_ip_dict: if dst_if.replace('"', '') == if_ip_c['if_name'].replace( '"', ''): data = str(if_ip_c['ip_address'].split('/')[0]) multiple.handle_multiple_ip(policy, append_list, data) else: flag = False for if_zone_c in absorbdict.if_zone_dict: if policy['dst_zone'] == if_zone_c['zone_name']: flag = True else: flag = False for if_zone_c in absorbdict.if_zone_dict: if policy['dst_zone'] == if_zone_c['zone_name']: flag = True break else: continue else: if not flag: data = str("NaN") print('宛先ゾーンの%sが割り当てられたIF,またはそのIFにIPがありません' % policy['dst_zone']) print('policy_id =%sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data)
def handle_dst_port_udp(): global dst_port_udp append_list = dst_port_udp for policy in absorbdict.policy_dict: if policy.get('dst_nat_port') is not None: data = str(policy['dst_nat_port']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"SMTP"': data = str("NaN") print('"SMTP"はudpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"SNMP"': data = str("161") # 162 multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"NBDS"': data = str("138") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"FTP"': data = str("21") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"HTTP"': data = str("NaN") print('"HTTP"はudpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"HTTPS"': data = str("NaN") print('"HTTPS"はudpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"NTP"': data = str("123") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"SYSLOG"': data = str("514") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"DNS"': data = str("53") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"MAIL"': data = str("NaN") print('"MAIL"はudpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"PING"': data = str("NaN") print('"PING"はudpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"ANY"': if policy['src_ip'] == '"Any"' and policy['dst_ip'] == '"Any"': # TODO:Any Any ANYの時の処理を変更する data = str("65535") multiple.handle_multiple_ip(policy, append_list, data) else: data = str("53") multiple.handle_multiple_ip(policy, append_list, data) else: for service_c in absorbdict.service_dict: if service_c['service_name'] == policy[ 'protocol'] and service_c['protocol_name'] == "udp": data = str(service_c['dst_port_num'].split('-')[1]) multiple.handle_multiple_ip(policy, append_list, data) break else: continue else: if len(absorbdict.group_service_dict) >= 2: for group_service_c in absorbdict.group_service_dict: if group_service_c['group_service_name'] == policy[ 'protocol']: service_name = group_service_c['service_name'] for service_c in absorbdict.service_dict: if service_c[ 'service_name'] == service_name and service_c[ 'protocol_name'] == "udp": data = str(service_c['dst_port_num'].split( '-')[1]) multiple.handle_multiple_ip( policy, append_list, data) break else: continue else: # TODO:最初のservice_nameにUDPが使用されていなければデフォが入ってしまい次以降でデフォが使用されていると異なる挙動となる data = str("53") multiple.handle_multiple_ip( policy, append_list, data) break else: data = str("NaN") print('service_nameでudpが使用されていないため出力しませんでした') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) else: data = str("NaN") print('service_nameでudpが使用されていないため出力しませんでした') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data)
def handle_dst_port_icmp(): global dst_port_icmp append_list = dst_port_icmp for policy in absorbdict.policy_dict: if policy.get('dst_nat_port') is not None: data = str(policy['dst_nat_port']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"PING"': data = str("") multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"SMTP"': data = str("NaN") print('"SMTP"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"SNMP"': data = str("NaN") print('"SNMP"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"NBDS"': data = str("NaN") print('"NBDS"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"FTP"': data = str("NaN") print('"FTP"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"HTTP"': data = str("NaN") print('"HTTP"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"HTTPS"': data = str("NaN") print('"HTTPS"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"NTP"': data = str("NaN") print('"NTP"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"SYSLOG"': data = str("NaN") print('"SYSLOG"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"DNS"': data = str("NaN") print('"DNS"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"MAIL"': data = str("NaN") print('"MAIL"はicmpを使用しません') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) elif policy['protocol'] == '"ANY"': # icmpはdstportが存在しない data = str("") multiple.handle_multiple_ip(policy, append_list, data) else: for service_c in absorbdict.service_dict: if service_c['service_name'] == policy[ 'protocol'] and service_c['protocol_name'] == "icmp": data = str(service_c['dst_port_num'].split('-')[1]) multiple.handle_multiple_ip(policy, append_list, data) break else: continue else: if len(absorbdict.group_service_dict) >= 2: service_name = [] for group_service_c in absorbdict.group_service_dict: if group_service_c['group_service_name'] == policy[ 'protocol']: service_name += group_service_c['service_name'] for service_c in absorbdict.service_dict: if service_c[ 'service_name'] == service_name and service_c[ 'protocol_name'] == "icmp": data = str(service_c['dst_port_num'].split( '-')[1]) multiple.handle_multiple_ip( policy, append_list, data) break else: # TODO:最初のservice_nameにICMPが使用されていなければデフォが入ってしまい次以降でデフォが使用されていると異なる挙動となる data = str("") multiple.handle_multiple_ip( policy, append_list, data) break else: data = str("NaN") print('service_nameでicmpが使用されていないため出力しませんでした') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data) else: data = str("NaN") print('service_nameでicmpが使用されていないため出力しませんでした') print('policy_id = %sの出力をスキップしました' % policy['policy_id']) multiple.handle_multiple_ip(policy, append_list, data)