def downloadKZorpConfig(instance_name, is_master):
if is_master:
with RuleDownload(instance_name) as rule_download:
messages = []
for service in Globals.services.values():
message = service.buildKZorpMessage()
messages.extend(message)
for dispatch in Globals.dispatches:
messages.append(kzorp.messages.KZorpAddDispatcherMessage(dispatch.session_id, Globals.rules.length))
for rule in Globals.rules:
message = rule.buildKZorpMessage(dispatch.session_id)
messages.extend(message)
rule_download.initial(messages)
with BindDownload(instance_name) as bind_download:
messages = []
for dispatch in Globals.dispatches:
messages.extend(dispatch.buildKZorpBindMessage())
bind_download.initial(messages)
# When a kZorp handle is closed kZorp removes binds which were added
# by messages came on this handle.
#
# This function called when Zorp is started or reloaded.
#
# During the start _kzorp_handle is initialized.
#
# During the reload new Python interpreter is created so _kzorp_handle
# not overwritten, deinit callback closes another kZorp handled which
# had been created by the old Python interpreter.
global _kzorp_handle
_kzorp_handle = bind_download.kzorp_handle
def downloadKZorpConfig(instance_name, is_master):
if is_master:
with RuleDownload(instance_name) as rule_download:
messages = []
for service in Globals.services.values():
message = service.buildKZorpMessage()
messages.extend(message)
for dispatch in Globals.dispatches:
messages.append(
kzorp.messages.KZorpAddDispatcherMessage(
dispatch.session_id, Globals.rules.length))
for rule in Globals.rules:
message = rule.buildKZorpMessage(dispatch.session_id)
messages.extend(message)
rule_download.initial(messages)
with BindDownload(instance_name) as bind_download:
messages = []
for dispatch in Globals.dispatches:
messages.extend(dispatch.buildKZorpBindMessage())
bind_download.initial(messages)
# When a kZorp handle is closed kZorp removes binds which were added
# by messages came on this handle.
#
# This function called when Zorp is started or reloaded.
#
# During the start _kzorp_handle is initialized.
#
# During the reload new Python interpreter is created so _kzorp_handle
# not overwritten, deinit callback closes another kZorp handled which
# had been created by the old Python interpreter.
global _kzorp_handle
_kzorp_handle = bind_download.kzorp_handle
def addNATMappings(messages, nat_type, nat_policy):
if nat_type == NAT_SNAT:
msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage
else:
msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage
if nat_policy:
nat_mappings = nat_policy.getKZorpMapping()
for src_tuple, dst_tuple, map_tuple in nat_mappings:
messages.append(msg_class(self.name, src_tuple, map_tuple, dst_tuple))
def addNATMappings(messages, nat_type, nat_policy):
import kzorp.messages
if nat_type == NAT_SNAT:
msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage
else:
msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage
if nat_policy:
nat_mappings = nat_policy.getKZorpMapping()
for src_tuple, dst_tuple, map_tuple in nat_mappings:
messages.append(
msg_class(self.name, src_tuple, map_tuple, dst_tuple))
def addNATMappings(messages, nat_type, nat_policy):
import kzorp.messages
message_version = 2 if Globals.kzorp_version > (4, 5) else 1
if nat_type == NAT_SNAT:
msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage
else:
msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage
if nat_policy:
nat_mappings = nat_policy.getKZorpMapping()
for src_tuple, dst_tuple, map_tuple in nat_mappings:
messages.append(msg_class(self.name, src_tuple, map_tuple, dst_tuple, version=message_version))
def buildKZorpMessage(self):
"""<method internal="yes">
</method>
"""
def addNATMappings(messages, nat_type, nat_policy):
import kzorp.messages
message_version = 2 if Globals.kzorp_version > (4, 5) else 1
if nat_type == NAT_SNAT:
msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage
else:
msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage
if nat_policy:
nat_mappings = nat_policy.getKZorpMapping()
for src_tuple, dst_tuple, map_tuple in nat_mappings:
messages.append(
msg_class(self.name,
src_tuple,
map_tuple,
dst_tuple,
version=message_version))
import kzorp.messages
flags = kzorp.messages.KZF_SVC_LOGGING
if isinstance(self.router, TransparentRouter):
flags = flags | kzorp.messages.KZF_SVC_TRANSPARENT
router_target_family = None
router_target_ip = None
router_target_port = None
elif isinstance(self.router, DirectedRouter):
if len(self.router.dest_addr) > 1:
raise ValueError, "DirectedRouter with more than one destination address not supported by KZorp"
router_target_family = self.router.dest_addr[0].family
router_target_ip = self.router.dest_addr[0].pack()
router_target_port = self.router.dest_addr[0].port
else:
raise ValueError, "Invalid router type specified for port forwarded service"
if self.router.forge_addr:
flags = flags | kzorp.messages.KZF_SVC_FORGE_ADDR
messages = []
messages.append(kzorp.messages.KZorpAddForwardServiceMessage(self.name, \
flags, 0, router_target_family, router_target_ip, router_target_port))
if self.snat_policy:
addNATMappings(messages, NAT_SNAT, self.snat_policy)
if self.dnat_policy:
addNATMappings(messages, NAT_DNAT, self.dnat_policy)
return messages
def buildKZorpMessage(self):
"""<method internal="yes">
</method>
"""
def addNATMappings(messages, nat_type, nat_policy):
import kzorp.messages
message_version = 2 if Globals.kzorp_version > (4, 5) else 1
if nat_type == NAT_SNAT:
msg_class = kzorp.messages.KZorpAddServiceSourceNATMappingMessage
else:
msg_class = kzorp.messages.KZorpAddServiceDestinationNATMappingMessage
if nat_policy:
nat_mappings = nat_policy.getKZorpMapping()
for src_tuple, dst_tuple, map_tuple in nat_mappings:
messages.append(msg_class(self.name, src_tuple, map_tuple, dst_tuple, version=message_version))
import kzorp.messages
flags = kzorp.messages.KZF_SVC_LOGGING
if isinstance(self.router, TransparentRouter):
flags = flags | kzorp.messages.KZF_SVC_TRANSPARENT
router_target_family = None
router_target_ip = None
router_target_port = None
elif isinstance(self.router, DirectedRouter):
if len(self.router.dest_addr) > 1:
raise ValueError, "DirectedRouter with more than one destination address not supported by KZorp"
router_target_family = self.router.dest_addr[0].family
router_target_ip = self.router.dest_addr[0].pack()
router_target_port = self.router.dest_addr[0].port
else:
raise ValueError, "Invalid router type specified for port forwarded service"
if self.router.forge_addr:
flags = flags | kzorp.messages.KZF_SVC_FORGE_ADDR
messages = []
messages.append(kzorp.messages.KZorpAddForwardServiceMessage(self.name, \
flags, 0, router_target_family, router_target_ip, router_target_port))
if self.snat_policy:
addNATMappings(messages, NAT_SNAT, self.snat_policy)
if self.dnat_policy:
addNATMappings(messages, NAT_DNAT, self.dnat_policy)
return messages
