def validates_policy(obj): checker = Checker() check = True _ = obj._ checker.errors = [] if not is_param(obj.input, "input_policy"): check = False checker.add_error(_('"%s" is required.') % _("INPUT Chain")) else: check = ( checker.check_firewall_policy(_("INPUT Chain"), obj.input.input_policy, CHECK_EMPTY | CHECK_VALID) and check ) if not is_param(obj.input, "output_policy"): check = False checker.add_error(_('"%s" is required.') % _("OUTPUT Chain")) else: check = ( checker.check_firewall_policy(_("OUTPUT Chain"), obj.input.output_policy, CHECK_EMPTY | CHECK_VALID) and check ) if not is_param(obj.input, "forward_policy"): check = False checker.add_error(_('"%s" is required.') % _("FORWARD Chain")) else: check = ( checker.check_firewall_policy(_("FORWARD Chain"), obj.input.input_policy, CHECK_EMPTY | CHECK_VALID) and check ) obj.view.alert = checker.errors return check
def validates_policy(obj): checker = Checker() check = True _ = obj._ checker.errors = [] if not is_param(obj.input, 'input_policy'): check = False checker.add_error(_('"%s" is required.') % _('INPUT Chain')) else: check = checker.check_firewall_policy( _('INPUT Chain'), obj.input.input_policy, CHECK_EMPTY | CHECK_VALID) and check if not is_param(obj.input, 'output_policy'): check = False checker.add_error(_('"%s" is required.') % _('OUTPUT Chain')) else: check = checker.check_firewall_policy( _('OUTPUT Chain'), obj.input.output_policy, CHECK_EMPTY | CHECK_VALID) and check if not is_param(obj.input, 'forward_policy'): check = False checker.add_error(_('"%s" is required.') % _('FORWARD Chain')) else: check = checker.check_firewall_policy( _('FORWARD Chain'), obj.input.input_policy, CHECK_EMPTY | CHECK_VALID) and check obj.view.alert = checker.errors return check
def validates_rule(obj, is_newrule=False): checker = Checker() check = True _ = obj._ checker.errors = [] obj.view.error_msg = checker.errors if is_newrule: kit = KaresansuiIpTables() rule_id_max_length = 1 if os.path.exists(kit.firewall_xml_file) is False: check = False checker.add_error(_('Has not been initialized. Please initialize.')) else: kit.firewall_xml = kit.read_firewall_xml() rule_id_max_length += len(kit.get_rules()) if not is_param(obj.input, 'rule_id'): check = False checker.add_error(_('"%s" is required.') % _('ID')) else: check = checker.check_number( _('ID'), obj.input.rule_id, CHECK_EMPTY | CHECK_VALID | CHECK_MIN | CHECK_MAX, min = ID_MIN_LENGTH, max = rule_id_max_length, ) and check if not is_param(obj.input, 'target'): check = False checker.add_error(_('"%s" is required.') % _('Target')) else: check = checker.check_firewall_policy( _('Target'), obj.input.target, CHECK_EMPTY | CHECK_VALID, ) and check if not is_param(obj.input, 'protocol'): check = False checker.add_error(_('"%s" is required.') % _('Protocol')) else: check = checker.check_firewall_protocol( _('Protocol'), obj.input.protocol, CHECK_VALID, ) and check if not is_param(obj.input, 'source'): check = False checker.add_error(_('"%s" is required.') % _('Source Address')) else: check = checker.check_ipaddr( _('Source Address'), obj.input.source, CHECK_VALID, ) and check if not is_param(obj.input, 'sport'): check = False checker.add_error(_('"%s" is required.') % _('Source Port')) else: if obj.input.protocol == 'tcp' or obj.input.protocol == 'udp': check = checker.check_number( _('Source Port'), obj.input.sport, CHECK_VALID | CHECK_MIN | CHECK_MAX, min = PORT_MIN_NUMBER, max = PORT_MAX_NUMBER, ) and check if not is_param(obj.input, 'destination'): check = False checker.add_error(_('"%s" is required.') % _('Destination Address')) else: check = checker.check_ipaddr( _('Destination Address'), obj.input.destination, CHECK_VALID, ) and check if not is_param(obj.input, 'dport'): check = False checker.add_error(_('"%s" is required.') % _('Destination Port')) else: if obj.input.protocol == 'tcp' or obj.input.protocol == 'udp': check = checker.check_number( _('Destination Port'), obj.input.dport, CHECK_VALID | CHECK_MIN | CHECK_MAX, min = PORT_MIN_NUMBER, max = PORT_MAX_NUMBER, ) and check if not is_param(obj.input, 'inif'): check = False checker.add_error(_('"%s" is required.') % _('In Interface')) else: check = checker.check_firewall_if( _('In Interface'), obj.input.inif, CHECK_EXIST, ) and check if not is_param(obj.input, 'outif'): check = False checker.add_error(_('"%s" is required.') % _('Out Interface')) else: check = checker.check_firewall_if( _('Out Interface'), obj.input.outif, CHECK_EXIST, ) and check obj.view.alert = checker.errors return check