def get_custom_config(config): from mmc.plugins.shorewall import get_zones, get_zones_interfaces zones = get_zones('lan') interfaces = get_zones_interfaces(zones) options = [] for interface in interfaces: if_detail = netifaces.ifaddresses(interface[1]) # check interface is configured if netifaces.AF_INET in if_detail: addr = if_detail[netifaces.AF_INET][0]['addr'] netmask = if_detail[netifaces.AF_INET][0]['netmask'] network = str(IP(addr).make_net(netmask).net()) options.append({ 'name': interface[0] + '(' + network + ')', 'value': interface[1] }) config.append({ 'slug': 'mds_samba4', 'name': 'net', 'require': 'yes', 'label': _('Network', 'mds_samba4'), 'help': _('Choose the network for the DNS zone and DHCP.', 'mds_samba4'), 'type': 'options', 'options': options }) return config
def configure_shorewall(): print("Configure shorewall") src = os.path.join(os.getcwd(), 'templates', 'shorewall_macro.Samba4AD') dst = os.path.join('/etc/shorewall/', 'macro.Samba4AD') shutil.copy(src, dst) os.chmod(dst, 0o600) zones = get_zones('lan') for zone in zones: add_rule('Samba4AD/ACCEPT', zone, "fw") shlaunch("systemctl restart shorewall")
def get_custom_config(config): from mmc.plugins.shorewall import get_zones, get_zones_interfaces zones = get_zones('lan') interfaces = get_zones_interfaces(zones) options = [] for interface in interfaces: if_detail = netifaces.ifaddresses(interface[1]) # check interface is configured if netifaces.AF_INET in if_detail: addr = if_detail[netifaces.AF_INET][0]['addr'] netmask = if_detail[netifaces.AF_INET][0]['netmask'] network = str(IP(addr).make_net(netmask).net()) options.append({'name': interface[0] + '(' + network + ')', 'value': interface[1]}) config.append({'slug': 'mds_samba4', 'name': 'net', 'require': 'yes', 'label': _('Network', 'mds_samba4'), 'help': _('Choose the network for the DNS zone and DHCP.', 'mds_samba4'), 'type': 'options', 'options': options}) return config
from mmc.plugins.shorewall import get_zones, get_zones_types, \ ShorewallPolicies, ShorewallRules internal_zones = get_zones(get_zones_types()[0]) external_zones = get_zones(get_zones_types()[1]) policies = ShorewallPolicies() rules = ShorewallRules() last_policy_idx = len(policies.get_conf()) - 1 # insert VPN policies before the last one policies.add_line(['vpn', 'fw', 'DROP'], last_policy_idx) for zone in internal_zones + external_zones: policies.add_line(['vpn', zone, 'DROP'], last_policy_idx) policies.add_line([zone, 'vpn', 'DROP'], last_policy_idx) # duplicate lan -> fw rules to vpn -> fw for rule in rules.get(srcs=internal_zones, dsts=["fw"]): # [('ACCEPT', 'lan3', 'fw', 'tcp', '8000')] rules.add(rule[0], 'vpn', rule[2], rule[3], rule[4]) policies.write() rules.write()