def validates_staticroute(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, 'target'):
check = False
checker.add_error(_('Specify target address for the route.'))
else:
check = checker.check_ipaddr(
_('Target'),
obj.input.target,
CHECK_EMPTY | CHECK_VALID,
) and check
if not is_param(obj.input, 'gateway'):
check = False
checker.add_error(_('Specify gateway address for the route.'))
else:
check = checker.check_ipaddr(
_('Gateway'),
obj.input.gateway,
CHECK_VALID,
) and check
obj.view.alert = checker.errors
return check
def validates_staticroute(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, 'target'):
check = False
checker.add_error(_('Specify target address for the route.'))
else:
check = checker.check_ipaddr(
_('Target'),
obj.input.target,
CHECK_EMPTY | CHECK_VALID,
) and check
if not is_param(obj.input, 'gateway'):
check = False
checker.add_error(_('Specify gateway address for the route.'))
else:
check = checker.check_ipaddr(
_('Gateway'),
obj.input.gateway,
CHECK_VALID,
) and check
obj.view.alert = checker.errors
return check
def validates_general(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if is_param(obj.input, 'gateway'):
check = checker.check_ipaddr(
_('Default Gateway'),
obj.input.gateway,
CHECK_EMPTY | CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') % _('Default Gateway'))
if is_param(obj.input, 'fqdn'):
check = checker.check_domainname(
_('FQDN'),
obj.input.fqdn,
CHECK_EMPTY | CHECK_VALID | CHECK_LENGTH,
FQDN_MIN_LENGTH,
FQDN_MAX_LENGTH,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') % _('FQDN'))
if is_param(obj.input, 'nameserver'):
nameservers = obj.input.nameserver.strip().split()
if len(nameservers) != 0:
for name_server in nameservers:
if name_server == "":
continue
check = checker.check_ipaddr(
_('Nameserver'),
name_server,
CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') % _('Nameserver'))
else:
check = False
checker.add_error(_('"%s" is required.') % _('Nameserver'))
obj.view.alert = checker.errors
return check
def validates_nic(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if is_param(obj.input, 'bootproto'):
if obj.input.bootproto == "static":
if is_param(obj.input, 'ipaddr'):
check = checker.check_ipaddr(
_('IP Address'),
obj.input.ipaddr,
CHECK_EMPTY | CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') % _('IP Address'))
if is_param(obj.input, 'netmask'):
check = checker.check_netmask(
_('Netmask'),
obj.input.netmask,
CHECK_EMPTY | CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') % _('Netmask'))
else:
if is_param(obj.input, 'ipaddr'):
check = checker.check_ipaddr(
_('IP Address'),
obj.input.ipaddr,
CHECK_VALID,
) and check
if is_param(obj.input, 'netmask'):
check = checker.check_netmask(
_('Netmask'),
obj.input.netmask,
CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') % _('Boot-time Protocol'))
obj.view.alert = checker.errors
return check
def validates_mail(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, 'hostname'):
check = False
checker.add_error(_('"%s" is required.') % _('Server Name'))
else:
check_server = checker.check_domainname(_('Server Name'),
obj.input.hostname,
CHECK_VALID,
) or \
checker.check_ipaddr(_('Server Name'),
obj.input.hostname,
CHECK_VALID,
)
check = check_server and check
if not is_param(obj.input, 'port'):
check = False
checker.add_error(_('"%s" is required.') % _('Port Number'))
else:
check = checker.check_number(_('Port Number'),
obj.input.port,
CHECK_VALID | CHECK_MIN | CHECK_MAX,
PORT_MIN_NUMBER,
PORT_MAX_NUMBER,
) and check
obj.view.alert = checker.errors
return check
def validates_mail(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, 'hostname'):
check = False
checker.add_error(_('"%s" is required.') % _('Server Name'))
else:
check_server = checker.check_domainname(_('Server Name'),
obj.input.hostname,
CHECK_VALID,
) or \
checker.check_ipaddr(_('Server Name'),
obj.input.hostname,
CHECK_VALID,
)
check = check_server and check
if not is_param(obj.input, 'port'):
check = False
checker.add_error(_('"%s" is required.') % _('Port Number'))
else:
check = checker.check_number(
_('Port Number'),
obj.input.port,
CHECK_VALID | CHECK_MIN | CHECK_MAX,
PORT_MIN_NUMBER,
PORT_MAX_NUMBER,
) and check
obj.view.alert = checker.errors
return check
def validates_general(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if is_param(obj.input, 'gateway'):
check = checker.check_ipaddr(_('Default Gateway'),
obj.input.gateway,
CHECK_EMPTY | CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') %_('Default Gateway'))
if is_param(obj.input, 'fqdn'):
check = checker.check_domainname(_('FQDN'),
obj.input.fqdn,
CHECK_EMPTY | CHECK_VALID | CHECK_LENGTH,
FQDN_MIN_LENGTH,
FQDN_MAX_LENGTH,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') %_('FQDN'))
if is_param(obj.input, 'nameserver'):
nameservers = obj.input.nameserver.strip().split()
if len(nameservers) != 0:
for name_server in nameservers:
if name_server == "":
continue
check = checker.check_ipaddr(_('Nameserver'),
name_server,
CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') %_('Nameserver'))
else:
check = False
checker.add_error(_('"%s" is required.') %_('Nameserver'))
obj.view.alert = checker.errors
return check
def validates_nic(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if is_param(obj.input, 'bootproto'):
if obj.input.bootproto == "static":
if is_param(obj.input, 'ipaddr'):
check = checker.check_ipaddr(_('IP Address'),
obj.input.ipaddr,
CHECK_EMPTY | CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') %_('IP Address'))
if is_param(obj.input, 'netmask'):
check = checker.check_netmask(_('Netmask'),
obj.input.netmask,
CHECK_EMPTY | CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') %_('Netmask'))
else:
if is_param(obj.input, 'ipaddr'):
check = checker.check_ipaddr(_('IP Address'),
obj.input.ipaddr,
CHECK_VALID,
) and check
if is_param(obj.input, 'netmask'):
check = checker.check_netmask(_('Netmask'),
obj.input.netmask,
CHECK_VALID,
) and check
else:
check = False
checker.add_error(_('"%s" is required.') %_('Boot-time Protocol'))
obj.view.alert = checker.errors
return check
def validates_mail(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, 'server'):
check = False
checker.add_error(_('"%s" is required.') % _('Mail Server Name'))
else:
check_server = checker.check_domainname(_('Mail Server Name'),
obj.input.server,
CHECK_EMPTY | CHECK_VALID,
) or \
checker.check_ipaddr(_('Mail Server Name'),
obj.input.server,
CHECK_EMPTY | CHECK_VALID,
)
check = check_server and check
if not is_param(obj.input, 'port'):
check = False
checker.add_error(_('"%s" is required.') % _('Port Number'))
else:
check = checker.check_number(_('Port Number'),
obj.input.port,
CHECK_EMPTY | CHECK_VALID | CHECK_MIN | CHECK_MAX,
PORT_MIN_NUMBER,
PORT_MAX_NUMBER,
) and check
if not is_param(obj.input, 'email'):
check = False
checker.add_error(_('"%s" is required.') % _('Recipient Mail Address'))
else:
check = checker.check_mailaddress(_('Recipient Mail Address'),
obj.input.email,
CHECK_EMPTY | CHECK_VALID | CHECK_LENGTH,
min = EMAIL_MIN_LENGTH,
max = EMAIL_MAX_LENGTH
) and check
obj.view.alert = checker.errors
return check
def validates_mail(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, 'server'):
check = False
checker.add_error(_('"%s" is required.') % _('Mail Server Name'))
else:
check_server = checker.check_domainname(_('Mail Server Name'),
obj.input.server,
CHECK_EMPTY | CHECK_VALID,
) or \
checker.check_ipaddr(_('Mail Server Name'),
obj.input.server,
CHECK_EMPTY | CHECK_VALID,
)
check = check_server and check
if not is_param(obj.input, 'port'):
check = False
checker.add_error(_('"%s" is required.') % _('Port Number'))
else:
check = checker.check_number(_('Port Number'),
obj.input.port,
CHECK_EMPTY | CHECK_VALID | CHECK_MIN | CHECK_MAX,
PORT_MIN_NUMBER,
PORT_MAX_NUMBER,
) and check
if not is_param(obj.input, 'email'):
check = False
checker.add_error(_('"%s" is required.') % _('Recipient Mail Address'))
else:
check = checker.check_mailaddress(_('Recipient Mail Address'),
obj.input.email,
CHECK_EMPTY | CHECK_VALID | CHECK_LENGTH,
min = EMAIL_MIN_LENGTH,
max = EMAIL_MAX_LENGTH
) and check
obj.view.alert = checker.errors
return check
def validates_rule(obj, is_newrule=False):
checker = Checker()
check = True
_ = obj._
checker.errors = []
obj.view.error_msg = checker.errors
if is_newrule:
kit = KaresansuiIpTables()
rule_id_max_length = 1
if os.path.exists(kit.firewall_xml_file) is False:
check = False
checker.add_error(_('Has not been initialized. Please initialize.'))
else:
kit.firewall_xml = kit.read_firewall_xml()
rule_id_max_length += len(kit.get_rules())
if not is_param(obj.input, 'rule_id'):
check = False
checker.add_error(_('"%s" is required.') % _('ID'))
else:
check = checker.check_number(
_('ID'),
obj.input.rule_id,
CHECK_EMPTY | CHECK_VALID | CHECK_MIN | CHECK_MAX,
min = ID_MIN_LENGTH,
max = rule_id_max_length,
) and check
if not is_param(obj.input, 'target'):
check = False
checker.add_error(_('"%s" is required.') % _('Target'))
else:
check = checker.check_firewall_policy(
_('Target'),
obj.input.target,
CHECK_EMPTY | CHECK_VALID,
) and check
if not is_param(obj.input, 'protocol'):
check = False
checker.add_error(_('"%s" is required.') % _('Protocol'))
else:
check = checker.check_firewall_protocol(
_('Protocol'),
obj.input.protocol,
CHECK_VALID,
) and check
if not is_param(obj.input, 'source'):
check = False
checker.add_error(_('"%s" is required.') % _('Source Address'))
else:
check = checker.check_ipaddr(
_('Source Address'),
obj.input.source,
CHECK_VALID,
) and check
if not is_param(obj.input, 'sport'):
check = False
checker.add_error(_('"%s" is required.') % _('Source Port'))
else:
if obj.input.protocol == 'tcp' or obj.input.protocol == 'udp':
check = checker.check_number(
_('Source Port'),
obj.input.sport,
CHECK_VALID | CHECK_MIN | CHECK_MAX,
min = PORT_MIN_NUMBER,
max = PORT_MAX_NUMBER,
) and check
if not is_param(obj.input, 'destination'):
check = False
checker.add_error(_('"%s" is required.') % _('Destination Address'))
else:
check = checker.check_ipaddr(
_('Destination Address'),
obj.input.destination,
CHECK_VALID,
) and check
if not is_param(obj.input, 'dport'):
check = False
checker.add_error(_('"%s" is required.') % _('Destination Port'))
else:
if obj.input.protocol == 'tcp' or obj.input.protocol == 'udp':
check = checker.check_number(
_('Destination Port'),
obj.input.dport,
CHECK_VALID | CHECK_MIN | CHECK_MAX,
min = PORT_MIN_NUMBER,
max = PORT_MAX_NUMBER,
) and check
if not is_param(obj.input, 'inif'):
check = False
checker.add_error(_('"%s" is required.') % _('In Interface'))
else:
check = checker.check_firewall_if(
_('In Interface'),
obj.input.inif,
CHECK_EXIST,
) and check
if not is_param(obj.input, 'outif'):
check = False
checker.add_error(_('"%s" is required.') % _('Out Interface'))
else:
check = checker.check_firewall_if(
_('Out Interface'),
obj.input.outif,
CHECK_EXIST,
) and check
obj.view.alert = checker.errors
return check
def validates_network(obj, network_name=None):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not network_name:
check = False
checker.add_error(_('Specify network name.'))
if not is_param(obj.input, 'cidr'):
check = False
checker.add_error(_('Specify bridge IP address for the network.'))
else:
check = checker.check_ipaddr(
_('Bridge IP Address/Netmask'),
obj.input.cidr,
CHECK_EMPTY | CHECK_VALID,
) and check
if not is_param(obj.input, 'bridge'):
check = False
checker.add_error(_('Specify bridge name to create for the network.'))
else:
check = checker.check_netdev_name(
_('Bridge Device Name'),
obj.input.bridge,
CHECK_EMPTY | CHECK_VALID,
) and check
A = is_param(obj.input, 'dhcp_start')
B = is_param(obj.input, 'dhcp_end')
#if not ( ((not A) and (not B)) or (A and B)):
if not (A and B):
check = False
checker.add_error(
_('Specify both %s and %s') %
(_('DHCP Start Address'), _('DHCP End Address')))
if is_param(obj.input, 'dhcp_start'):
check = checker.check_ipaddr(
_('DHCP Start Address'),
obj.input.dhcp_start,
CHECK_EMPTY | CHECK_ONLYSPACE | CHECK_VALID,
) and check
if is_param(obj.input, 'dhcp_end'):
check = checker.check_ipaddr(
_('DHCP End Address'),
obj.input.dhcp_end,
CHECK_EMPTY | CHECK_ONLYSPACE | CHECK_VALID,
) and check
check = checker.check_if_ips_are_in_network([
_('DHCP Start Address'),
_('DHCP End Address'),
_('Bridge IP Address/Netmask')
], [obj.input.dhcp_start, obj.input.dhcp_end], obj.input.cidr, CHECK_VALID
| CHECK_UNIQUE) and check
check = checker.check_ip_range([
_('DHCP Start Address'),
_('DHCP End Address'),
_('Bridge IP Address/Netmask')
], [obj.input.dhcp_start, obj.input.dhcp_end, obj.input.cidr],
CHECK_VALID) and check
check = checker.check_virt_network_address_conflict(
_('Bridge IP Address/Netmask'),
obj.input.cidr,
[network_name], # names to ignore
CHECK_VALID) and check
if is_param(obj.input, 'forward_mode'):
check = checker.check_forward_mode(
_('Forward Mode'),
obj.input.forward_mode,
CHECK_VALID,
) and check
obj.view.alert = checker.errors
return check
def validates_network(obj, network_name=None):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not network_name:
check = False
checker.add_error(_('Specify network name.'))
if not is_param(obj.input, 'cidr'):
check = False
checker.add_error(_('Specify bridge IP address for the network.'))
else:
check = checker.check_ipaddr(
_('Bridge IP Address/Netmask'),
obj.input.cidr,
CHECK_EMPTY | CHECK_VALID,
) and check
if not is_param(obj.input, 'bridge'):
check = False
checker.add_error(_('Specify bridge name to create for the network.'))
else:
check = checker.check_netdev_name(
_('Bridge Device Name'),
obj.input.bridge,
CHECK_EMPTY | CHECK_VALID,
) and check
A = is_param(obj.input, 'dhcp_start')
B = is_param(obj.input, 'dhcp_end')
#if not ( ((not A) and (not B)) or (A and B)):
if not (A and B):
check = False
checker.add_error(_('Specify both %s and %s') % (_('DHCP Start Address'), _('DHCP End Address')))
if is_param(obj.input, 'dhcp_start'):
check = checker.check_ipaddr(
_('DHCP Start Address'),
obj.input.dhcp_start,
CHECK_EMPTY | CHECK_ONLYSPACE | CHECK_VALID,
) and check
if is_param(obj.input, 'dhcp_end'):
check = checker.check_ipaddr(
_('DHCP End Address'),
obj.input.dhcp_end,
CHECK_EMPTY | CHECK_ONLYSPACE | CHECK_VALID,
) and check
check = checker.check_if_ips_are_in_network(
[ _('DHCP Start Address'), _('DHCP End Address'), _('Bridge IP Address/Netmask')],
[obj.input.dhcp_start, obj.input.dhcp_end],
obj.input.cidr,
CHECK_VALID | CHECK_UNIQUE) and check
check = checker.check_ip_range(
[ _('DHCP Start Address'), _('DHCP End Address'), _('Bridge IP Address/Netmask')],
[obj.input.dhcp_start, obj.input.dhcp_end, obj.input.cidr],
CHECK_VALID) and check
check = checker.check_virt_network_address_conflict(
_('Bridge IP Address/Netmask'),
obj.input.cidr,
[network_name], # names to ignore
CHECK_VALID) and check
if is_param(obj.input, 'forward_mode'):
check = checker.check_forward_mode(
_('Forward Mode'),
obj.input.forward_mode,
CHECK_VALID,
) and check
obj.view.alert = checker.errors
return check
def validates_server(obj):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, "uniqkey"):
check = False
checker.add_error(_('"%s" is required.') % _("Unique Key"))
else:
check = checker.check_unique_key(_("Unique Key"), obj.input.uniqkey, CHECK_EMPTY | CHECK_VALID) and check
if not is_param(obj.input, "port"):
check = False
checker.add_error(_('"%s" is required.') % _("Port Number"))
else:
check = (
checker.check_number(
_("Port Number"),
obj.input.port,
CHECK_EMPTY | CHECK_VALID | CHECK_MIN | CHECK_MAX,
PORT_MIN_NUMBER,
PORT_MAX_NUMBER,
)
and check
)
if not is_param(obj.input, "access"):
check = False
checker.add_error(_('"%s" is required.') % _("Access Policy"))
else:
if obj.input.access == "all":
check = True and check
elif obj.input.access == "network":
if not obj.input.has_key("network"):
check = False
checker.add_error(_('"%s" is required.') % _("Permit access from same network"))
else:
check = (
checker.check_cidr(
_("Permit Access From Same Network"), obj.input.network, CHECK_EMPTY | CHECK_VALID
)
and check
)
elif obj.input.access == "ipaddress":
if not obj.input.has_key("access_ipaddress"):
check = False
checker.add_error(_('"%s" is required.') % _("Permit access from specified IP address"))
else:
obj.input.ip_list = obj.input.access_ipaddress.split()
obj.input.ip_list = get_no_overlap_list(obj.input.ip_list)
if len(obj.input.ip_list) == 0:
check = False
checker.add_error(_('"%s" is required.') % _("IP Address"))
for input_ip in obj.input.ip_list:
check = (
checker.check_ipaddr(_("Permit specified IP address"), input_ip, CHECK_EMPTY | CHECK_VALID)
and check
)
else:
check = False
if not is_param(obj.input, "ssl_status"):
check = False
checker.add_error(_('"%s" is required.') % _("SSL Settings"))
else:
if obj.input.ssl_status == "enable":
check = True and check
elif obj.input.ssl_status == "disable":
check = True and check
else:
check = False
obj.view.alert = checker.errors
return check
def validates_network(obj, network_name=None):
checker = Checker()
check = True
_ = obj._
checker.errors = []
if not is_param(obj.input, "name"):
check = False
checker.add_error(_("Specify network name."))
else:
check = checker.check_network_name(_("Network Name"), obj.input.name, CHECK_EMPTY | CHECK_VALID) and check
if not is_param(obj.input, "cidr"):
check = False
checker.add_error(_("Specify bridge IP address for the network."))
else:
check = (
checker.check_ipaddr(_("Bridge IP Address/Netmask"), obj.input.cidr, CHECK_EMPTY | CHECK_VALID) and check
)
if not is_param(obj.input, "bridge"):
check = False
checker.add_error(_("Specify bridge name to create for the network."))
else:
check = (
checker.check_netdev_name(_("Bridge Device Name"), obj.input.bridge, CHECK_EMPTY | CHECK_VALID) and check
)
A = is_param(obj.input, "dhcp_start")
B = is_param(obj.input, "dhcp_end")
# if not ( ((not A) and (not B)) or (A and B)):
if not (A and B):
check = False
checker.add_error(_("Specify both %s and %s") % (_("DHCP Start Address"), _("DHCP End Address")))
if is_param(obj.input, "dhcp_start"):
check = (
checker.check_ipaddr(
_("DHCP Start Address"), obj.input.dhcp_start, CHECK_EMPTY | CHECK_ONLYSPACE | CHECK_VALID
)
and check
)
if is_param(obj.input, "dhcp_end"):
check = (
checker.check_ipaddr(_("DHCP End Address"), obj.input.dhcp_end, CHECK_EMPTY | CHECK_ONLYSPACE | CHECK_VALID)
and check
)
check = (
checker.check_if_ips_are_in_network(
[_("DHCP Start Address"), _("DHCP End Address"), _("Bridge IP Address/Netmask")],
[obj.input.dhcp_start, obj.input.dhcp_end],
obj.input.cidr,
CHECK_VALID | CHECK_UNIQUE,
)
and check
)
check = (
checker.check_ip_range(
[_("DHCP Start Address"), _("DHCP End Address"), _("Bridge IP Address/Netmask")],
[obj.input.dhcp_start, obj.input.dhcp_end, obj.input.cidr],
CHECK_VALID,
)
and check
)
check = (
checker.check_virt_network_address_conflict(
_("Bridge IP Address/Netmask"), obj.input.cidr, [network_name], CHECK_VALID # names to ignore
)
and check
)
if is_param(obj.input, "forward_mode"):
check = checker.check_forward_mode(_("Forward Mode"), obj.input.forward_mode, CHECK_VALID) and check
obj.view.alert = checker.errors
return check
