def finish():
my_parser = IptablesParser()
# select the 3 main nodes
input_node = my_parser.get_node("INPUT")
output_node = my_parser.get_node("OUTPUT")
forward_node = my_parser.get_node("FORWARD")
# create every path from the 3 nodes
input_path_list = my_parser.create_all_path_from_node(input_node)
output_path_list = my_parser.create_all_path_from_node(output_node)
forward_path_list = my_parser.create_all_path_from_node(forward_node)
# create the rules which correspond to the path list
input_rules = my_parser.get_rules_from_path_list(input_path_list)
output_rules = my_parser.get_rules_from_path_list(output_path_list)
forward_rules = my_parser.get_rules_from_path_list(forward_path_list)
# add the rule for default drop or accept
input_rules.append(my_parser.get_general_rule(input_node))
output_rules.append(my_parser.get_general_rule(output_node))
forward_rules.append(my_parser.get_general_rule(forward_node))
# create the fw
acl_input = ACL("INPUT")
acl_input.rules = input_rules
acl_output = ACL("OUTPUT")
acl_output.rules = output_rules
acl_forward = ACL("FORWARD")
acl_forward.rules = forward_rules
new_fw = Firewall()
new_fw.acl = [acl_input, acl_output, acl_forward]
new_fw.hostname = my_parser.instance.filename
new_fw.name = my_parser.instance.filename
my_parser.instance.fw.append(new_fw)
def finish():
my_parser = IptablesParser()
# select the 3 main nodes
input_node = my_parser.get_node("INPUT")
output_node = my_parser.get_node("OUTPUT")
forward_node = my_parser.get_node("FORWARD")
# create every path from the 3 nodes
input_path_list = my_parser.create_all_path_from_node(input_node)
output_path_list = my_parser.create_all_path_from_node(output_node)
forward_path_list = my_parser.create_all_path_from_node(forward_node)
# create the rules which correspond to the path list
input_rules = my_parser.get_rules_from_path_list(input_path_list)
output_rules = my_parser.get_rules_from_path_list(output_path_list)
forward_rules = my_parser.get_rules_from_path_list(forward_path_list)
# add the rule for default drop or accept
input_rules.append(my_parser.get_general_rule(input_node))
output_rules.append(my_parser.get_general_rule(output_node))
forward_rules.append(my_parser.get_general_rule(forward_node))
# create the fw
acl_input = ACL("INPUT")
acl_input.rules = input_rules
acl_output = ACL("OUTPUT")
acl_output.rules = output_rules
acl_forward = ACL("FORWARD")
acl_forward.rules = forward_rules
new_fw = Firewall()
new_fw.acl = [acl_input, acl_output, acl_forward]
new_fw.hostname = my_parser.instance.filename
new_fw.name = my_parser.instance.filename
new_fw.type = "Iptables"
my_parser.instance.fw.append(new_fw)
def get_acl_by_name_2(firewall, acl_name):
acl = firewall.get_acl_by_name(acl_name)
if acl == None:
acl = ACL(acl_name)
for rule in firewall.unbounded_rules:
print rule.name, acl_name
acl.rules = [rule for rule in firewall.unbounded_rules if rule.name == acl_name]
acl.firewall = firewall
return acl
else:
return acl
def finish_fw(acls):
for fw in firewalls:
p_info['firewall'] = Firewall()
p_info['firewall'].name = p_info['name']
p_info['firewall'].hostname = fw['name']
p_info['firewall'].type = 'CheckPoint'
p_info['firewall'].unused_objects = set(unused_objects)
p_info['firewall'].dictionnary = dict(nd)
if fw['ifaces']:
for iface in fw['ifaces']:
p_info['firewall'].interfaces.append(Interface(iface['name'], Ip(iface['ipaddr'], iface['netmask']),
iface['index']))
for name, acl in acls.iteritems():
if name == p_info['firewall'].hostname:
newAcl = ACL(name)
newAcl.rules = acl
p_info['firewall'].acl.append(newAcl)
p_info['firewall_list'].append(p_info['firewall'])
def finish_fw(acls):
for fw in firewalls:
p_info['firewall'] = Firewall()
p_info['firewall'].name = p_info['name']
p_info['firewall'].hostname = fw['name']
p_info['firewall'].type = 'CheckPoint'
p_info['firewall'].unused_objects = set(unused_objects)
p_info['firewall'].dictionnary = dict(nd)
if fw['ifaces']:
for iface in fw['ifaces']:
p_info['firewall'].interfaces.append(
Interface(iface['name'],
Ip(iface['ipaddr'], iface['netmask']),
iface['index']))
for name, acl in acls.iteritems():
if name == p_info['firewall'].hostname:
newAcl = ACL(name)
newAcl.rules = acl
p_info['firewall'].acl.append(newAcl)
p_info['firewall_list'].append(p_info['firewall'])