def render_link_maybe(self, ctx, data): from codebay.l2tpserver import interfacehelper from nevow.flat.ten import flatten have_network_connection = False try: ifname = 'eth0' # XXX: hardcoded in livecd ifaces = interfacehelper.get_interfaces() iface = ifaces.get_interface_by_name(ifname) if iface is not None: addr = iface.get_current_ipv4_address_info() if addr is not None: have_network_connection = True except: _log.exception( 'livecd cannot determine whether we have a network connection or not' ) if have_network_connection: return ctx.tag else: # XXX: ugly hack, but without this markup would need heavier elements txt = flatten(ctx.tag.children) return T.strong(_class='cb-strong')[txt]
def render_error_or_pass(self, context, data): if isinstance(data, ErrorWrapper): return context.tag.clear() \ [ tags.strong(style="color: red;") \ [ _('An error occurred: '), data.value.getErrorMessage(), ] ] else: return context.tag
def data_new_root(self, ctx, data): """ Template function to display the new root form. """ request = inevow.IRequest(ctx) requestData = protocol.OpenIDRequest(request) current_root = requestData.get('openid.trust_root', None) if(current_root): return tags.div(_class="trustable")[[ tags.small()["click 'approve new root' to verify access to this URL:"], tags.br(), tags.strong()[current_root], tags.input(type="submit", name="submit", value="approve new root"), ]] else: return tags.div(_class="trustable")[[ tags.small()["enter a new root here and click 'approve new root':"], tags.br(), tags.input(type='text', size="60", name='openid.trust_root', value=''), tags.input(type="submit", name="submit", value="approve new root"), ]]
def render_link_maybe(self, ctx, data): from codebay.l2tpserver import interfacehelper from nevow.flat.ten import flatten have_network_connection = False try: ifname = 'eth0' # XXX: hardcoded in livecd ifaces = interfacehelper.get_interfaces() iface = ifaces.get_interface_by_name(ifname) if iface is not None: addr = iface.get_current_ipv4_address_info() if addr is not None: have_network_connection = True except: _log.exception('livecd cannot determine whether we have a network connection or not') if have_network_connection: return ctx.tag else: # XXX: ugly hack, but without this markup would need heavier elements txt = flatten(ctx.tag.children) return T.strong(_class='cb-strong')[txt]
def render_content(self, ctx, data): Utils.log.msg('%s opened Tools/Firewall' % (self.avatarId.username)) rules = self.rules.read() ### Read SNAT rules snat = self.sysconf.Shorewall.get('snat', []) snatRules = [] n = 0 for ru in snat: l = ru.split() l.append( tags. a(href="Delete/SNAT/%s/" % n, onclick= "return confirm('Are you sure you want to delete this SNAT rule?');", title="Delete this SNAT rule.")[tags.img( src="/images/ex.png")]) snatRules.append(l) n += 1 ### Read MASQ rules masq = self.sysconf.Shorewall.get('masq', {}) natRules = [] for k, mas in masq.items(): runum = 0 for v in mas: if type(v) == list: l = [k] l.extend([i.replace('-', 'Any') for i in v]) l.append( tags. a(href="Delete/NAT/%s/%s/" % (k, runum), onclick= "return confirm('Are you sure you want to delete this NAT rule?');", title="Delete this NAT rule.")[tags.img( src="/images/ex.png")]) natRules.append(l) else: natRules.append([ k, 'Any', v, 'Any', 'Any', 'Any', 'Any', tags. a(href="Delete/NAT/%s/%s/" % (k, runum), onclick= "return confirm('Are you sure you want to delete this NAT rule?');", title="Delete this NAT rule.")[tags.img( src="/images/ex.png")] ]) runum += 1 # QOS toss = { '16': 'Minimize Delay', '8': 'Maximize Throughput', '4': 'Maximize Reliability', '2': 'Minimize Cost', '0': 'Normal Service' } qosRules = [] l = 0 for port, proto, tos in self.sysconf.Shorewall.get('qos', []): qosRules.append([ port, proto, toss[tos], tags. a(href=url.root.child("Qos").child("Delete").child(l), onclick= "return confirm('Are you sure you want to delete this entry?');" )[tags.img(src="/images/ex.png")] ]) l += 1 ### Check if shorewall is broken if os.path.exists('/usr/local/tcs/tums/shorewallBroken'): check = tags.div(style="color: #F00")[tags.br, tags.strong[ "The firewall configuration appears to be broken, please test the settings to see any errors and correct them"], tags.br] else: check = "" fwtable, securityViolation = getFirewallRules(self.rules) if securityViolation: secError = [ tags.table(width="70%", style="border:2px solid #ff5555")[ tags.tr[tags.td[tags.img(src="/images/securityhz.png")], tags.td[tags.h1["Security Violation!"], securityViolation]]], tags.br, tags.br ] else: secError = "" ### Return the page stanza return ctx.tag[ tags.h3[tags.img(src="/images/firewall.png"), " Firewall"], check, secError, tags.img(src="/images/start.png"), " ", tags.a(href="Test", style="font-size:11pt;", title="Test the firewall. (This may take some time!)" )[tags.strong( style="font-family:arial,verdana,helvetica,sans-serif;" )["Test Settings"]], tags.br, tags.img(src="/images/refresh.png"), " ", tags. a(href="Restart", style="font-size:11pt;", title= "Restart the firewall and apply the changes. Changes are only activated after this is clicked." )[tags.strong( style="font-family:arial,verdana,helvetica,sans-serif" )["Apply Changes"]], PageHelpers.TabSwitcher( ( ('Rules', 'panelRules'), #('Allow Ports' , 'panelAllowPort'), ('NAT', 'panelNATTab'), ('QoS', 'panelQos'), ('Policy', 'panelPolicy'), ('Zones', 'panelZones'), ('Connections', 'panelCurrent'), ), id="firewall"), tags.div(id="panelNATTab", _class="tabPane")[ PageHelpers.TabSwitcher( (('Forwarding', 'panelForwardPort'), ('Redirection', 'panelTransparentProxy'), ('NAT', 'panelNAT'), ('Source NAT', 'panelSNAT')), id="firewallNAT"), tags.div(id="panelForwardPort", _class="tabPane") [tags.h3["Port Forwarding"], PageHelpers. dataTable([ 'Source Zone', 'Source IP', 'Forward To', 'Destination Zone', 'Protocol', 'Port', 'Destination IP', '' ], [ r[:-1] + [ tags. a(href="Delete/dnat/%s/" % (r[-1]), title="Delete this port forwarding rule", onclick= "return confirm('Are you sure you want to delete this entry?');" )[tags.img(src="/images/ex.png")] ] for i, r in enumerate(rules['FORWARD']) ]), tags.h3["Add Forwarding Rule"], tags.directive('form forwardPort'), ], tags.div(id="panelTransparentProxy", _class="tabPane") [tags.h3["Port Redirection (Transparent Proxy)"], PageHelpers. dataTable([ 'Source Zone', 'Source Network', 'Destination Port', 'Source Port', 'Protocol', 'Destination Network', '' ], [ r[:-1] + [ tags. a(href="Delete/redirect/%s/" % (r[-1]), title="Delete this transparent redirection rule", onclick= "return confirm('Are you sure you want to delete this entry?');" )[tags.img(src="/images/ex.png")] ] for i, r in enumerate(rules['PROXY']) ]), tags.h3["Add Redirection Rule"], tags.directive('form transProxy'), ], tags.div(id="panelNAT", _class="tabPane")[ tags.h3["Nework Address Translation (Masquerading)"], PageHelpers.dataTable([ 'Destination Interface', 'Destination Network', 'Source Interface', 'Source Network', 'NAT IP', 'Protocol', 'Port', '' ], natRules), tags.h3['Add NAT Rule'], tags.directive('form addNAT')], tags.div(id="panelSNAT", _class="tabPane")[ tags.h3["Source NAT"], PageHelpers.dataTable([ 'Source IP', 'External Interface', 'Internal IP', 'Any Interface', 'Use Internal' ], snatRules), tags.h3['Add SNAT Rule'], tags.directive('form addSNAT')], PageHelpers.LoadTabSwitcher(id="firewallNAT")], tags.div(id="panelPolicy", _class="tabPane")[ tags.h3["General firewall policy"], tags.directive('form inetPol')], tags.div(id="panelQos", _class="tabPane")[ tags.h3[tags.img(src="/images/compress.png"), "QOS"], PageHelpers. dataTable(['Port', 'Protocol', 'Type of service', ''], qosRules ), tags.h3["Add Rule"], tags.directive('form addQos'), ], tags.div(id="panelRules", _class="tabPane")[ tags.h3["Firewall Rules"], tags.invisible(render=tags.directive('tableWidget')), tags.br, #fwtable, tags.a(name="addRule")[''], tags.h3["Add rule"], tags.directive('form allowRange'), ], tags.div(id="panelZones", _class="tabPane") [tags.h3["Zones"], PageHelpers.dataTable( ['Zone Name', 'Policy', 'Log target', 'Interfaces', ''], [[ zone, zd['policy'], zd['log'], [[i, tags.br] for i in zd['interfaces']], [ tags. a(href="Delete/Zone/%s/" % (zone), title="Delete this firewall zone", onclick= "return confirm('Are you sure you want to delete this zone?');" )[tags.img(src="/images/ex.png")], tags.a(href="EditZone/%s/" % zone)[tags.img(src="/images/edit.png")] ] ] for zone, zd in self.sysconf.Shorewall.get('zones', {} ).items()]), tags.h3['Add Firewall Zone'], tags.directive('form addZone')], tags.div(id="panelCurrent", _class="tabPane")[ tags.h3["Current Connections"], tags.invisible(render=tags.directive('connections'))], PageHelpers.LoadTabSwitcher(id="firewall")]
def render_content(self, ctx, data): Utils.log.msg('%s opened Tools/Firewall' % (self.avatarId.username)) rules = self.rules.read() rows = [] bg = True ### Read SNAT rules snat = self.sysconf.Shorewall.get('snat', []) snatRules = [] n = 0 for ru in snat: l = ru.split() l.append( tags.a( href="Delete/SNAT/%s/" % n, onclick="return confirm('Are you sure you want to delete this SNAT rule?');", title="Delete this SNAT rule." )[tags.img(src="/images/ex.png")] ) snatRules.append(l) n += 1 ### Read MASQ rules masq = self.sysconf.Shorewall.get('masq', {}) natRules = [] for k,mas in masq.items(): runum = 0 for v in mas: if type(v) == list: l = [k] l.extend([i.replace('-', 'Any') for i in v]) l.append( tags.a( href="Delete/NAT/%s/%s/"%(k, runum), onclick="return confirm('Are you sure you want to delete this NAT rule?');", title="Delete this NAT rule." )[tags.img(src="/images/ex.png")] ) natRules.append(l) else: natRules.append([ k, 'Any', v, 'Any', 'Any', 'Any', 'Any', tags.a( href="Delete/NAT/%s/%s/"%(k, runum), onclick="return confirm('Are you sure you want to delete this NAT rule?');", title="Delete this NAT rule." )[tags.img(src="/images/ex.png")] ]) runum += 1 securityViolation = None ### Read firewall rules table try: lastrule = rules['AIP'][0][8] except: lastrule = 0 for i,ru in enumerate(rules['AIP']): bg = not bg this = bg and "#F5F5EB" or "#eee" try: nextrule = rules['AIP'][i+1][8] except: nextrule = ru[8] # Check for security violations print "Port, source", ru[7], ru[2] # SSH and Vulani access violation if ru[7] in ["22", "9682"]: if (ru[2] == "Any") and ((ru[1] in ["net", "Any", "dsl", "ppp", "wan", "net2"]) or (ru[4] == "fw")): securityViolation = "Inbound SSH and/or Vulani administrative access should not be unrestricted! " securityViolation += "Your system security has been seriously compromised. Please remove this " securityViolation += "rule and restrict the source IP or make use of the VPN to administer the server remotely" this = "#ff5555" r = [ tags.tr(style="background: %s" % this)[ tags.td(rowspan=2)[ru[0]], tags.td[tags.strong['Source ']], tags.td[ru[1]], # Source zone tags.td[ru[3].replace('-', 'Any')], # Source port tags.td[ru[2]], # Source IP tags.td(rowspan=2)[ru[6].replace('-', 'Any')], tags.td(rowspan=2)[ tags.a( href="Swap/%s/%s/" % (ru[8], nextrule), title = "Move this rule down" )[tags.img(src="/images/arrowdown.png")], " ", tags.a( href="Swap/%s/%s/" % (ru[8], lastrule), title = "Move this rule up" )[tags.img(src="/images/arrowup.png")], " ", tags.a( href="Delete/AIP/%s/"%(ru[8]), onclick="return confirm('Are you sure you want to delete this rule?');", title="Delete this firewall rule." )[tags.img(src="/images/ex.png")] ] ], tags.tr(style="background: %s" % this)[ tags.td[tags.strong['Destination ']], #tags.td(align='right')[' Zone: '], tags.td[ru[4]], # Zone #tags.td( align='right')[' Port/Type: '], tags.td[ru[7].replace('-', 'Any')], #Port #tags.td( align='right')[' IP: '], tags.td[ru[5]], # IP ], ] rows.append(r) lastrule = ru[8] self.largestRule = lastrule fwtable = tags.table(cellspacing=0, _class='listing')[ tags.thead(background="/images/gradMB.png")[ tags.tr[ tags.th['Rule'], tags.th[''], #tags.th[''], tags.th['Zone'], #tags.th[''], tags.th['Port'], #tags.th[''], tags.th['IP'], tags.th['Protocol'], tags.th[''], ], ], tags.tbody[ rows ] ] toss = { '16':'Minimize Delay', '8':'Maximize Throughput', '4':'Maximize Reliability', '2':'Minimize Cost', '0':'Normal Service' } qosRules = [] l = 0 for port, proto, tos in self.sysconf.Shorewall.get('qos', []): qosRules.append([ port, proto, toss[tos], tags.a(href=url.root.child("Qos").child("Delete").child(l), onclick="return confirm('Are you sure you want to delete this entry?');")[tags.img(src="/images/ex.png")] ]) l += 1 ### Check if shorewall is broken if os.path.exists('/usr/local/tcs/tums/shorewallBroken'): check = tags.div(style="color: #F00")[ tags.br, tags.strong[ "The firewall configuration appears to be broken, please test the settings to see any errors and correct them" ], tags.br ] else: check = "" if securityViolation: secError = [tags.table(width="70%", style="border:2px solid #ff5555")[tags.tr[ tags.td[tags.img(src="/images/securityhz.png")], tags.td[ tags.h1["Security Violation!"], securityViolation ] ]], tags.br, tags.br] else: secError = "" ### Return the page stanza return ctx.tag[ tags.h3[tags.img(src="/images/firewall.png"), " Firewall"], check, secError, tags.img(src="/images/start.png"), " ", tags.a( href="Test", style="font-size:11pt;", title="Test the firewall. (This may take some time!)" )[tags.strong(style="font-family:arial,verdana,helvetica,sans-serif;")["Test Settings"]], tags.br, tags.img(src="/images/refresh.png"), " ", tags.a( href="Restart", style="font-size:11pt;", title="Restart the firewall and apply the changes. Changes are only activated after this is clicked." )[tags.strong(style="font-family:arial,verdana,helvetica,sans-serif")["Apply Changes"]], PageHelpers.TabSwitcher(( ('Rules' , 'panelRules'), #('Allow Ports' , 'panelAllowPort'), ('NAT', 'panelNATTab'), ('QoS', 'panelQos'), ('Policy', 'panelPolicy'), ('Zones' , 'panelZones'), ('Connections', 'panelCurrent'), ), id = "firewall"), tags.div(id="panelNATTab", _class="tabPane")[ PageHelpers.TabSwitcher(( ('Forwarding', 'panelForwardPort'), ('Redirection', 'panelTransparentProxy'), ('NAT', 'panelNAT'), ('Source NAT', 'panelSNAT') ), id ="firewallNAT"), tags.div(id="panelForwardPort", _class="tabPane")[ tags.h3["Port Forwarding"], PageHelpers.dataTable(['Source Zone', 'Source IP', 'Forward To', 'Destination Zone', 'Protocol', 'Port', 'Destination IP', ''], [ r[:-1] + [tags.a( href="Delete/AIP/%s/"%(r[-1]), title="Delete this port forwarding rule", onclick="return confirm('Are you sure you want to delete this entry?');" )[tags.img(src="/images/ex.png")]] for i,r in enumerate(rules['FORWARD'])]), tags.h3["Add Forwarding Rule"], tags.directive('form forwardPort'), ], tags.div(id="panelTransparentProxy", _class="tabPane")[ tags.h3["Destination NAT (Transparent Proxy)"], PageHelpers.dataTable(['Source Zone', 'Source Network', 'Destination Port', 'Source Port', 'Protocol', 'Destination Network', ''], [ r[:-1] + [tags.a( href="Delete/AIP/%s/"%(r[-1]), title="Delete this transparent redirection rule", onclick="return confirm('Are you sure you want to delete this entry?');" )[tags.img(src="/images/ex.png")]] for i,r in enumerate(rules['PROXY'])]), tags.h3["Add DNAT Rule"], tags.directive('form transProxy'), ], tags.div(id="panelNAT", _class="tabPane")[ tags.h3["Nework Address Translation (Masquerading)"], PageHelpers.dataTable( ['Destination Interface', 'Destination Network', 'Source Network', 'Source Interface', 'NAT IP', 'Protocol', 'Port', ''], natRules ), tags.h3['Add NAT Rule'], tags.directive('form addNAT') ], tags.div(id="panelSNAT", _class="tabPane")[ tags.h3["Source NAT"], PageHelpers.dataTable( ['Source IP', 'External Interface', 'Internal IP', 'Any Interface', 'Use Internal'], snatRules ), tags.h3['Add SNAT Rule'], tags.directive('form addSNAT') ], PageHelpers.LoadTabSwitcher(id="firewallNAT") ], tags.div(id="panelPolicy", _class="tabPane")[ tags.h3["General firewall policy"], tags.directive('form inetPol') ], tags.div(id="panelQos", _class="tabPane")[ tags.h3[tags.img(src="/images/compress.png"), "QOS"], PageHelpers.dataTable(['Port', 'Protocol', 'Type of service', ''], qosRules), tags.h3["Add Rule"], tags.directive('form addQos'), ], tags.div(id="panelRules", _class="tabPane")[ tags.h3["Firewall Rules"], #PageHelpers.dataTable( # [ # 'Action', '', 'Protocol','' # ], fwtable, #), tags.a(name="addRule")[''], tags.h3["Add rule"], tags.directive('form allowRange'), ], tags.div(id="panelZones", _class="tabPane")[ tags.h3["Zones"], PageHelpers.dataTable(['Zone Name', 'Policy', 'Log target', 'Interfaces', ''], [ [ zone, zd['policy'], zd['log'], [[i, tags.br] for i in zd['interfaces']], [ tags.a( href="Delete/Zone/%s/"%(zone), title="Delete this firewall zone", onclick="return confirm('Are you sure you want to delete this zone?');" )[tags.img(src="/images/ex.png")], tags.a(href="EditZone/%s/" % zone)[tags.img(src="/images/edit.png")] ] ] for zone, zd in self.sysconf.Shorewall.get('zones', {}).items()] ), tags.h3['Add Firewall Zone'], tags.directive('form addZone') ], tags.div(id="panelCurrent", _class="tabPane")[ tags.h3["Current Connections"], tags.invisible(render=tags.directive('connections')) ], PageHelpers.LoadTabSwitcher(id="firewall") ]
def formatFailure(myFailure): if not isinstance(myFailure, failure.Failure): return t.pre[str(myFailure)] stackTrace = t.div(_class="stackTrace") failureOverview = t.p(_class="error")[str(myFailure.type), ": ", str(myFailure.value)] result = [ t.style(type="text/css")[stylesheet, ], t.a(href="#tracebackEnd")[failureOverview], stackTrace, t.a(name="tracebackEnd")[failureOverview] ] first = 1 for method, filename, lineno, localVars, globalVars in myFailure.frames: # It's better to have a line number than nothing at all. #if filename == '<string>': # continue if first: frame = t.div(_class="firstFrame") first = 0 else: frame = t.div(_class="frame") stackTrace[frame] snippet = t.div(_class="snippet") frame[t.div(_class="location")[filename, ", line ", lineno, " in ", t.span(_class="function")[method]], snippet, ] textSnippet = '' for snipLineNo in range(lineno - 2, lineno + 2): snipLine = linecache.getline(filename, snipLineNo) textSnippet += snipLine if snipLineNo == lineno: snippetClass = "snippetHighlightLine" else: snippetClass = "snippetLine" snippet[t.div(_class=snippetClass)[t.span( _class="lineno")[snipLineNo], t.pre(_class="code")[snipLine]]] # Instance variables for name, var in localVars: if name == 'self' and hasattr(var, '__dict__'): usedVars = [(key, value) for (key, value) in var.__dict__.items() if re.search(r'\Wself.%s\W' % (re.escape(key), ), textSnippet)] if usedVars: frame[t.div(_class="variables")[t.strong( _class="variableClass")["Self"], varTable(usedVars)]] break # Local and global vars for nm, varList in ('Locals', localVars), ('Globals', globalVars): usedVars = [ (name, var) for (name, var) in varList if re.search(r'\W%s\W' % (re.escape(name), ), textSnippet) ] if usedVars: frame[t.div(_class="variables")[t.strong( _class="variableClass")[nm]], varTable(usedVars)] return result
def formatFailure(myFailure): if not isinstance(myFailure, failure.Failure): return t.pre[ str(myFailure) ] stackTrace = t.div(_class="stackTrace") failureOverview = t.p(_class="error")[ str(myFailure.type), ": ", str(myFailure.value) ] result = [ t.style(type="text/css")[ stylesheet, ], t.a(href="#tracebackEnd")[ failureOverview ], stackTrace, t.a(name="tracebackEnd")[ failureOverview ] ] first = 1 for method, filename, lineno, localVars, globalVars in myFailure.frames: # It's better to have a line number than nothing at all. #if filename == '<string>': # continue if first: frame = t.div(_class="firstFrame") first = 0 else: frame = t.div(_class="frame") stackTrace[ frame ] snippet = t.div(_class="snippet") frame[ t.div(_class="location")[ filename, ", line ", lineno, " in ", t.span(_class="function")[ method ] ], snippet, ] textSnippet = '' for snipLineNo in range(lineno-2, lineno+2): snipLine = linecache.getline(filename, snipLineNo) textSnippet += snipLine if snipLineNo == lineno: snippetClass = "snippetHighlightLine" else: snippetClass = "snippetLine" snippet[ t.div(_class=snippetClass)[ t.span(_class="lineno")[ snipLineNo ], t.pre(_class="code")[ snipLine ] ] ] # Instance variables for name, var in localVars: if name == 'self' and hasattr(var, '__dict__'): usedVars = [ (key, value) for (key, value) in var.__dict__.items() if re.search(r'\Wself.%s\W' % (re.escape(key),), textSnippet) ] if usedVars: frame[ t.div(_class="variables")[ t.strong(_class="variableClass")[ "Self" ], varTable(usedVars) ] ] break # Local and global vars for nm, varList in ('Locals', localVars), ('Globals', globalVars): usedVars = [ (name, var) for (name, var) in varList if re.search(r'\W%s\W' % (re.escape(name),), textSnippet) ] if usedVars: frame[ t.div(_class="variables")[ t.strong(_class="variableClass")[ nm ] ], varTable(usedVars) ] return result