def put(self):
"""
Update the firewall configuration
"""
try:
firewallController = FirewallController()
json_data = json.loads(request.data.decode())
firewallController.set_configuration(json_data)
return Response(status=202)
except Exception as err:
return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def get(self):
"""
Gets the status of the firewall
"""
try:
firewallController = FirewallController()
json_data = json.dumps(firewallController.get_full_status())
resp = Response(json_data, status=200, mimetype="application/json")
return resp
except Exception as err:
return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def post(self):
"""
Configure an interface
"""
try:
firewallController = FirewallController()
json_data = json.loads(request.data.decode())
firewallController.configure_interface(json_data)
return Response(status=202)
except Exception as err:
return Response(json.dumps(str(err)),
status=500,
mimetype="application/json")
def delete(self, id):
"""
Remove the configuration of an interface
"""
try:
firewallController = FirewallController()
firewallController.reset_interface(id)
return Response(status=202)
except ValueError as ve:
return Response(json.dumps(str(ve)),
status=404,
mimetype="application/json")
except Exception as err:
return Response(json.dumps(str(err)),
status=500,
mimetype="application/json")
def __init__(self, tenant_id, graph_id, vnf_id):
self.firewallController = FirewallController()
self.interfaceController = InterfaceController()
self.policyController = PolicyController()
self.blacklistController = BlacklistController()
self.whitelistController = WhitelistController()
self.tenant_id = tenant_id
self.graph_id = graph_id
self.vnf_id = vnf_id
self.configuration_interface = None
self.interfacesMonitor = None
self.policiesMonitor = None
self.blacklistMonitor = None
self.whitelistMonitor = None
def put(self, id):
"""
Update the configuration of an interface
"""
try:
firewallController = FirewallController()
json_data = json.loads(request.data.decode())
firewallController.update_interface(id, json_data)
return Response(status=202)
except ValueError as ve:
return Response(json.dumps(str(ve)),
status=404,
mimetype="application/json")
except Exception as err:
return Response(json.dumps(str(err)),
status=500,
mimetype="application/json")
def put(self, id):
"""
Update the default gw of an interface
"""
try:
firewallController = FirewallController()
default_gw = request.data.decode()
firewallController.update_interface_ipv4Configuration_default_gw(
id, default_gw)
return Response(status=202)
except ValueError as ve:
return Response(json.dumps(str(ve)),
status=404,
mimetype="application/json")
except Exception as err:
return Response(json.dumps(str(err)),
status=500,
mimetype="application/json")
def get(self, id):
"""
Get the netmask of an interface
"""
try:
firewallController = FirewallController()
json_data = json.dumps(
firewallController.get_interface_ipv4Configuration_netmask(id))
resp = Response(json_data, status=200, mimetype="application/json")
return resp
except ValueError as ve:
return Response(json.dumps(str(ve)),
status=404,
mimetype="application/json")
except Exception as err:
return Response(json.dumps(str(err)),
status=500,
mimetype="application/json")
def get(self, id=None):
"""
Get the configuration of an interface
"""
try:
firewallController = FirewallController()
if id is None:
json_data = json.dumps(firewallController.get_interfaces())
else:
json_data = json.dumps(firewallController.get_interface(id))
resp = Response(json_data, status=200, mimetype="application/json")
return resp
except ValueError as ve:
return Response(json.dumps(str(ve)),
status=404,
mimetype="application/json")
except Exception as err:
return Response(json.dumps(str(err)),
status=500,
mimetype="application/json")
from flask import request, Response
from flask_restplus import Resource
import json
import logging
from firewall.firewall_controller import FirewallController
from firewall.rest_api.api import api
blacklist_ns = api.namespace('firewall', 'Blacklist Resource')
firewallController = FirewallController()
@blacklist_ns.route('/blacklist', methods=['GET','POST'])
@blacklist_ns.route('/blacklist/<id>', methods=['DELETE'])
class Blacklist(Resource):
@blacklist_ns.param("Url", "Url to add", "body", type="string", required=True)
@blacklist_ns.response(202, 'Url correctly added.')
@blacklist_ns.response(400, 'Bad request.')
@blacklist_ns.response(500, 'Internal Error.')
def post(self):
"""
Add an url to the blacklist
"""
try:
json_data = json.loads(request.data.decode())
firewallController.add_blacklist_url(json_data)
return Response(status=202)
except Exception as err:
return Response(json.dumps(str(err)), status=500, mimetype="application/json")
@blacklist_ns.response(200, 'Url retrieved.')
class FirewallMonitor():
def __init__(self, tenant_id, graph_id, vnf_id):
self.firewallController = FirewallController()
self.interfaceController = InterfaceController()
self.policyController = PolicyController()
self.blacklistController = BlacklistController()
self.whitelistController = WhitelistController()
self.tenant_id = tenant_id
self.graph_id = graph_id
self.vnf_id = vnf_id
self.configuration_interface = None
self.interfacesMonitor = None
self.policiesMonitor = None
self.blacklistMonitor = None
self.whitelistMonitor = None
def set_initial_configuration(self, initial_configuration):
curr_interfaces = self.interfaceController.get_interfaces()
self.interfacesMonitor = InterfacesMonitor(self, curr_interfaces)
self.firewallController.clear_policy_repo()
curr_policies = self.firewallController.get_policies()
self.policiesMonitor = PoliciesMonitor(self, curr_policies)
curr_blacklist = self.blacklistController.get_blacklist()
self.blacklistMonitor = BlacklistMonitor(self, curr_blacklist)
curr_whitelist = self.whitelistController.get_whitelist()
self.whitelistMonitor = WhitelistMonitor(self, curr_whitelist)
logging.debug("Setting initial configuration...")
self.firewallController.set_configuration(initial_configuration)
logging.debug("Setting initial configuration...done!")
def get_address_of_configuration_interface(self, configuration_interface):
self.configuration_interface = configuration_interface
return self.firewallController.get_interface_ipv4Configuration_address(
configuration_interface)
def start(self):
threads = []
threads.append(
Thread(target=self.interfacesMonitor.start_monitoring, args=()))
threads.append(
Thread(target=self.policiesMonitor.start_monitoring, args=()))
#threads.append(Thread(target=self.blacklistMonitor.start_monitoring, args=()))
#threads.append(Thread(target=self.whitelistMonitor.start_monitoring, args=()))
# Start all threads
for t in threads:
t.start()
# Wait for all of them to finish
for t in threads:
t.join()
def publish_on_bus(self, url, method, data):
msg = self.tenant_id + "." + self.graph_id + "." + self.vnf_id + "/" + url
body = {}
if method is not None:
body['event'] = method.upper()
else:
body['event'] = "PERIODIC"
body['timestamp'] = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
body['data'] = data
MessageBusController().publish_on_bus(
msg, json.dumps(body, indent=4, sort_keys=True))
