def put(self): """ Update the firewall configuration """ try: firewallController = FirewallController() json_data = json.loads(request.data.decode()) firewallController.set_configuration(json_data) return Response(status=202) except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def get(self): """ Gets the status of the firewall """ try: firewallController = FirewallController() json_data = json.dumps(firewallController.get_full_status()) resp = Response(json_data, status=200, mimetype="application/json") return resp except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def post(self): """ Configure an interface """ try: firewallController = FirewallController() json_data = json.loads(request.data.decode()) firewallController.configure_interface(json_data) return Response(status=202) except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def delete(self, id): """ Remove the configuration of an interface """ try: firewallController = FirewallController() firewallController.reset_interface(id) return Response(status=202) except ValueError as ve: return Response(json.dumps(str(ve)), status=404, mimetype="application/json") except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def __init__(self, tenant_id, graph_id, vnf_id): self.firewallController = FirewallController() self.interfaceController = InterfaceController() self.policyController = PolicyController() self.blacklistController = BlacklistController() self.whitelistController = WhitelistController() self.tenant_id = tenant_id self.graph_id = graph_id self.vnf_id = vnf_id self.configuration_interface = None self.interfacesMonitor = None self.policiesMonitor = None self.blacklistMonitor = None self.whitelistMonitor = None
def put(self, id): """ Update the configuration of an interface """ try: firewallController = FirewallController() json_data = json.loads(request.data.decode()) firewallController.update_interface(id, json_data) return Response(status=202) except ValueError as ve: return Response(json.dumps(str(ve)), status=404, mimetype="application/json") except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def put(self, id): """ Update the default gw of an interface """ try: firewallController = FirewallController() default_gw = request.data.decode() firewallController.update_interface_ipv4Configuration_default_gw( id, default_gw) return Response(status=202) except ValueError as ve: return Response(json.dumps(str(ve)), status=404, mimetype="application/json") except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def get(self, id): """ Get the netmask of an interface """ try: firewallController = FirewallController() json_data = json.dumps( firewallController.get_interface_ipv4Configuration_netmask(id)) resp = Response(json_data, status=200, mimetype="application/json") return resp except ValueError as ve: return Response(json.dumps(str(ve)), status=404, mimetype="application/json") except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
def get(self, id=None): """ Get the configuration of an interface """ try: firewallController = FirewallController() if id is None: json_data = json.dumps(firewallController.get_interfaces()) else: json_data = json.dumps(firewallController.get_interface(id)) resp = Response(json_data, status=200, mimetype="application/json") return resp except ValueError as ve: return Response(json.dumps(str(ve)), status=404, mimetype="application/json") except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json")
from flask import request, Response from flask_restplus import Resource import json import logging from firewall.firewall_controller import FirewallController from firewall.rest_api.api import api blacklist_ns = api.namespace('firewall', 'Blacklist Resource') firewallController = FirewallController() @blacklist_ns.route('/blacklist', methods=['GET','POST']) @blacklist_ns.route('/blacklist/<id>', methods=['DELETE']) class Blacklist(Resource): @blacklist_ns.param("Url", "Url to add", "body", type="string", required=True) @blacklist_ns.response(202, 'Url correctly added.') @blacklist_ns.response(400, 'Bad request.') @blacklist_ns.response(500, 'Internal Error.') def post(self): """ Add an url to the blacklist """ try: json_data = json.loads(request.data.decode()) firewallController.add_blacklist_url(json_data) return Response(status=202) except Exception as err: return Response(json.dumps(str(err)), status=500, mimetype="application/json") @blacklist_ns.response(200, 'Url retrieved.')
class FirewallMonitor(): def __init__(self, tenant_id, graph_id, vnf_id): self.firewallController = FirewallController() self.interfaceController = InterfaceController() self.policyController = PolicyController() self.blacklistController = BlacklistController() self.whitelistController = WhitelistController() self.tenant_id = tenant_id self.graph_id = graph_id self.vnf_id = vnf_id self.configuration_interface = None self.interfacesMonitor = None self.policiesMonitor = None self.blacklistMonitor = None self.whitelistMonitor = None def set_initial_configuration(self, initial_configuration): curr_interfaces = self.interfaceController.get_interfaces() self.interfacesMonitor = InterfacesMonitor(self, curr_interfaces) self.firewallController.clear_policy_repo() curr_policies = self.firewallController.get_policies() self.policiesMonitor = PoliciesMonitor(self, curr_policies) curr_blacklist = self.blacklistController.get_blacklist() self.blacklistMonitor = BlacklistMonitor(self, curr_blacklist) curr_whitelist = self.whitelistController.get_whitelist() self.whitelistMonitor = WhitelistMonitor(self, curr_whitelist) logging.debug("Setting initial configuration...") self.firewallController.set_configuration(initial_configuration) logging.debug("Setting initial configuration...done!") def get_address_of_configuration_interface(self, configuration_interface): self.configuration_interface = configuration_interface return self.firewallController.get_interface_ipv4Configuration_address( configuration_interface) def start(self): threads = [] threads.append( Thread(target=self.interfacesMonitor.start_monitoring, args=())) threads.append( Thread(target=self.policiesMonitor.start_monitoring, args=())) #threads.append(Thread(target=self.blacklistMonitor.start_monitoring, args=())) #threads.append(Thread(target=self.whitelistMonitor.start_monitoring, args=())) # Start all threads for t in threads: t.start() # Wait for all of them to finish for t in threads: t.join() def publish_on_bus(self, url, method, data): msg = self.tenant_id + "." + self.graph_id + "." + self.vnf_id + "/" + url body = {} if method is not None: body['event'] = method.upper() else: body['event'] = "PERIODIC" body['timestamp'] = datetime.now().strftime('%Y-%m-%d %H:%M:%S') body['data'] = data MessageBusController().publish_on_bus( msg, json.dumps(body, indent=4, sort_keys=True))