def __str__(self): target_header = [] target = [] for (header, filter_name, terms) in self.ciscoasa_policies: target.append('clear configure access-list %s' % filter_name) # add the p4 tags target.extend( aclgenerator.AddRepositoryTags('access-list %s remark ' % filter_name)) # add a header comment if one exists for comment in header.comment: for line in comment.split('\n'): target.append('access-list %s remark %s' % (filter_name, line)) # now add the terms for term in terms: target.append(str(term)) # end for header, filter_name, filter_type... return '\n'.join(target)
def __str__(self): """Render the output of the PF policy into config.""" target = [] pretty_platform = '%s%s' % (self._PLATFORM[0].upper(), self._PLATFORM[1:]) # Create address table. for name in sorted(self.address_book): entries = ',\\\n'.join(str(x) for x in sorted(self.address_book[name], key=int)) target.append('table <%s> {%s}' % (name, entries)) # pylint: disable=unused-variable for (header, filter_name, filter_type, terms) in self.pf_policies: # Add comments for this filter target.append('# %s %s Policy' % (pretty_platform, header.FilterName(self._PLATFORM))) # reformat long text comments, if needed comments = aclgenerator.WrapWords(header.comment, 70) if comments and comments[0]: for line in comments: target.append('# %s' % line) target.append('#') # add the p4 tags target.extend(aclgenerator.AddRepositoryTags('# ')) target.append('# ' + filter_type) # add the terms for term in terms: term_str = str(term) if term_str: target.append(term_str) target.append('') return '\n'.join(target)
def __str__(self): target_header = [] target = [] # add the p4 tags target.extend(aclgenerator.AddRepositoryTags('! ')) for (header, filter_name, filter_list, terms, obj_target) in self.cisco_policies: for filter_type in filter_list: target.extend( self._AppendTargetByFilterType(filter_name, filter_type)) if filter_type == 'object-group': obj_target.AddName(filter_name) # Add the Perforce Id/Date tags, these must come after # remove/re-create of the filter, otherwise config mode doesn't # know where to place these remarks in the configuration. if filter_type == 'standard' and filter_name.isdigit(): target.extend( aclgenerator.AddRepositoryTags( 'access-list %s remark ' % filter_name, date=False, revision=False)) else: target.extend( aclgenerator.AddRepositoryTags(' remark ', date=False, revision=False)) # add a header comment if one exists for comment in header.comment: for line in comment.split('\n'): target.append(' remark %s' % line) # now add the terms for term in terms: term_str = str(term) if term_str: target.append(term_str) if obj_target.valid: target = [str(obj_target)] + target # ensure that the header is always first target = target_header + target target += ['', 'exit', ''] return '\n'.join(target)
def testAddRepositoryTags(self): # Format print the '$' into the RCS tags in order prevent the tags from # being interpolated here. # Include all tags. self.assertItemsEqual([ '%sId:%s' % ('$', '$'), '%sDate:%s' % ('$', '$'), '%sRevision:%s' % ('$', '$') ], aclgenerator.AddRepositoryTags()) # Remove the revision tag. self.assertItemsEqual( ['%sId:%s' % ('$', '$'), '%sDate:%s' % ('$', '$')], aclgenerator.AddRepositoryTags(revision=False)) # Only include the Id: tag. self.assertItemsEqual(['%sId:%s' % ('$', '$')], aclgenerator.AddRepositoryTags(date=False, revision=False))
def __str__(self): target = [] for term in self.gce_policies: target.extend(term.ConvertToDict()) out = '%s\n%s\n\n' % ( '\n'.join(aclgenerator.AddRepositoryTags('# ')), json.dumps( target, indent=2, separators=(',', ': '), sort_keys=True)) return out
def __str__(self): """Render the output of the JuniperSRX policy into config.""" target = IndentList(self.INDENT) target.append('security {') # ADDRESSBOOK target.extend(self._GenerateAddressBook()) # POLICIES target.IndentAppend(1, '/*') target.extend(aclgenerator.AddRepositoryTags(self.INDENT * 1)) target.IndentAppend(1, '*/') target.IndentAppend(1, 'replace: policies {') for (header, terms, filter_options) in self.srx_policies: target.IndentAppend(2, '/*') target.extend([ self.INDENT * 2 + line for line in aclgenerator.WrapWords( header.comment, self._MAX_HEADER_COMMENT_LENGTH) ]) target.IndentAppend(2, '*/') # ZONE DIRECTION if filter_options[1] == 'all' and filter_options[3] == 'all': target.IndentAppend(2, 'global {') else: target.IndentAppend( 2, 'from-zone ' + filter_options[1] + ' to-zone ' + filter_options[3] + ' {') # GROUPS if header.apply_groups: target.IndentAppend( 3, JunipersrxList('apply-groups', header.apply_groups)) # GROUPS EXCEPT if header.apply_groups_except: target.IndentAppend( 3, JunipersrxList('apply-groups-except', header.apply_groups_except)) for term in terms: str_result = str(term) if str_result: target.append(str_result) target.IndentAppend(2, '}') target.IndentAppend(1, '}') target.append('}') # APPLICATIONS target.extend(self._GenerateApplications()) return '\n'.join(target)
def __str__(self): """Render the output of the Nsxv policy.""" target_header = [] target = [] # add the p4 tags target.append('<!--') target.extend(aclgenerator.AddRepositoryTags(' ')) target.append('-->') for (header, _, _, terms) in self.nsxv_policies: # add a header comment if one exists section_name = '' for comment in header.comment: for line in comment.split('\n'): section_name = '%s %s' % (section_name, line) # getting section id filter_options = header.FilterOptions(self._PLATFORM) section_id = 0 if filter_options is not None and len(filter_options) > 1: section_id = filter_options[1] # check section id value if not section_id or section_id == 0: logging.warn( 'WARNING: Section-id is 0. A new Section is created for%s.' ' If there is any existing section, it will remain ' 'unreferenced and should be removed manually.', section_name) target.append('<section name="%s">' % (section_name.strip(' \t\n\r'))) else: target.append('<section id="%s" name="%s">' % (section_id, section_name.strip(' \t\n\r'))) # now add the terms for term in terms: term_str = str(term) if term_str: target.append(term_str) target.append('\n') # ensure that the header is always first target = target_header + target target.append('%s' % (_XML_TABLE.get('sectionEnd'))) target.append('\n') return '\n'.join(target)
def __str__(self): target = [] pretty_platform = '%s%s' % (self._PLATFORM[0].upper(), self._PLATFORM[1:]) if self._RENDER_PREFIX: target.append(self._RENDER_PREFIX) for (header, filter_name, filter_type, default_action, terms) in self.iptables_policies: # Add comments for this filter target.append('# %s %s Policy' % (pretty_platform, header.FilterName(self._PLATFORM))) # reformat long text comments, if needed comments = aclgenerator.WrapWords(header.comment, 70) if comments and comments[0]: for line in comments: target.append('# %s' % line) target.append('#') # add the p4 tags target.extend(aclgenerator.AddRepositoryTags('# ')) target.append('# ' + filter_type) if filter_name in self._GOOD_FILTERS: if default_action: target.append(self._DEFAULTACTION_FORMAT % (filter_name, default_action)) elif self._PLATFORM == 'speedway': # always specify the default filter states for speedway, # if default action policy not specified for iptables, do nothing. target.append(self._DEFAULTACTION_FORMAT % (filter_name, self._DEFAULT_ACTION)) else: # Custom chains have no concept of default policy. target.append(self._DEFAULTACTION_FORMAT_CUSTOM_CHAIN % filter_name) # add the terms for term in terms: term_str = str(term) if term_str: target.append(term_str) if self._RENDER_SUFFIX: target.append(self._RENDER_SUFFIX) target.append('') return '\n'.join(target)
def __str__(self): target = [] # add the p4 tags target.extend(aclgenerator.AddRepositoryTags('! ')) for filter_name, terms, ip_ver in self.aruba_policies: netdestination = 'netdestination' if ip_ver == 6: netdestination += '6' target.append('no %s %s' % (netdestination, filter_name)) target.append('%s %s' % (netdestination, filter_name)) # now add the terms for term in terms: target.append(str(term)) if target: target.append('') return '\n'.join(target)
def __str__(self): """Render the output of the Nsxv policy.""" target_header = [] target = [] # add the p4 tags target.append('<!--') target.extend(aclgenerator.AddRepositoryTags('\n')) target.append('\n') target.append('-->') for (_, _, _, terms) in self.nsxv_policies: section_name = self._FILTER_OPTIONS_DICT['section_name'] # check section id value section_id = self._FILTER_OPTIONS_DICT['section_id'] if not section_id or section_id == 0: logging.warn( 'WARNING: Section-id is 0. A new Section is created for%s.' ' If there is any existing section, it will remain ' 'unreferenced and should be removed manually.', section_name) target.append('<section name="%s">' % (section_name.strip(' \t\n\r'))) else: target.append('<section id="%s" name="%s">' % (section_id, section_name.strip(' \t\n\r'))) # now add the terms for term in terms: term_str = str(term) if term_str: target.append(term_str) # ensure that the header is always first target = target_header + target target.append('%s' % (_XML_TABLE.get('sectionEnd'))) target.append('\n') target_as_xml = xml.dom.minidom.parseString(''.join(target)) return target_as_xml.toprettyxml(indent=" ", encoding="UTF-8")
def __str__(self): target = [] target.extend(aclgenerator.AddRepositoryTags('%s ' % _COMMENT_MARKER)) for filter_name, terms, _ in self.aruba_policies: netdestinations = [] term_strings = [] for term in terms: term_strings.append(str(term)) netdestinations.extend(term.netdestinations) target.extend(netdestinations) target.append('%s %s' % (self._ACL_LINE_HEADER, filter_name)) target.extend(term_strings) target.extend(_TERMINATOR_MARKER) if target: target.append('') return '\n'.join(target)
def __str__(self): config = Config() for (header, filter_name, filter_type, interface_specific, terms) in self.juniper_policies: # add the header information config.Append('firewall {') config.Append('family %s {' % filter_type) config.Append('replace:') config.Append('/*') # we want the acl to contain id and date tags, but p4 will expand # the tags here when we submit the generator, so we have to trick # p4 into not knowing these words. like taking c-a-n-d-y from a # baby. for line in aclgenerator.AddRepositoryTags('** '): config.Append(line) config.Append('**') for comment in header.comment: for line in comment.split('\n'): config.Append('** ' + line) config.Append('*/') config.Append('filter %s {' % filter_name) if interface_specific: config.Append('interface-specific;') for term in terms: term_str = str(term) if term_str: config.Append(term_str, verbatim=True) config.Append('}') # filter { ... } config.Append('}') # family inet { ... } config.Append('}') # firewall { ... } return str(config) + '\n'
def __str__(self): target = [] pretty_platform = '%s%s' % (self._PLATFORM[0].upper(), self._PLATFORM[1:]) if self._RENDER_PREFIX: target.append(self._RENDER_PREFIX) for (header, filter_name, filter_type, default_action, terms) in self.windows_policies: # Add comments for this filter target.append(': %s %s Policy' % (pretty_platform, header.FilterName(self._PLATFORM))) self._HandlePolicyHeader(header, target) # reformat long text comments, if needed comments = aclgenerator.WrapWords(header.comment, 70) if comments and comments[0]: for line in comments: target.append(': %s' % line) target.append(':') # add the p4 tags target.extend(aclgenerator.AddRepositoryTags(': ')) target.append(': ' + filter_type) if default_action: target.append(self._DEFAULTACTION_FORMAT % (filter_name, default_action)) # add the terms for term in terms: term_str = str(term) if term_str: target.append(term_str) self._HandleTermFooter(header, term, target) target.append('') return '\n'.join(target)