def __init__(self, component, logger, netcfg, read_only=False, client=None): # Define ruleset attributes if not client: self.client = createLocalClient() else: self.client = client self.name = None self.filename = None self.filetype = "ruleset" self.is_template = False self.read_only = read_only self.input_output_rules = component.input_output_rules self.format_version = RULESET_VERSION self.config = component.config # Create object libraries self.resources = Resources(self) self.protocols = Protocols(self) self.applications = Applications(self) self.periodicities = Periodicities(self) self.operating_systems = OperatingSystems(self) self.user_groups = UserGroups(self) self.durations = Durations(self) self.acls_ipv4 = AclIPv4Rules(self) self.acls_ipv6 = AclIPv6Rules(self) self.nats = NatRules(self) self.rules = { 'acls-ipv4': self.acls_ipv4, 'acls-ipv6': self.acls_ipv6, 'nats': self.nats, } self.platforms = Platforms(self) self.custom_rules = CustomRules(self) self.include_templates = {} # name => IncludeTemplate object # order is cosmetic self._libraries = odict(( ('resources', self.resources), ('protocols', self.protocols), ('platforms', self.platforms), ('applications', self.applications), ('periodicities', self.periodicities), ('operating_systems', self.operating_systems), ('user_groups', self.user_groups), ('durations', self.durations), ('acls_ipv4', self.acls_ipv4), ('acls_ipv6', self.acls_ipv6), ('nats', self.nats), )) self.createBaseObjects(logger, netcfg) # Generic links, fusion and actions attributes self.generic_links = GenericLinks(self) self.generic_links.load() self.fusion = Fusion(self) self.actions = ActionStack(self, UNDO_MAX_SIZE)
class Ruleset: """ A ruleset contains resources, protocols and acls. Attributes: - filename: full path of the last saved version - name: filename without path and without ".xml" suffix, None if the ruleset is not yet saved on the disk - is_modified (bool): True if the ruleset is modified since the last save, always True if the ruleset is not saved yet """ def __init__(self, component, logger, netcfg, read_only=False, client=None): # Define ruleset attributes if not client: self.client = createLocalClient() else: self.client = client self.name = None self.filename = None self.filetype = "ruleset" self.is_template = False self.read_only = read_only self.input_output_rules = component.input_output_rules self.format_version = RULESET_VERSION self.config = component.config # Create object libraries self.resources = Resources(self) self.protocols = Protocols(self) self.applications = Applications(self) self.periodicities = Periodicities(self) self.operating_systems = OperatingSystems(self) self.user_groups = UserGroups(self) self.durations = Durations(self) self.acls_ipv4 = AclIPv4Rules(self) self.acls_ipv6 = AclIPv6Rules(self) self.nats = NatRules(self) self.rules = { 'acls-ipv4': self.acls_ipv4, 'acls-ipv6': self.acls_ipv6, 'nats': self.nats, } self.platforms = Platforms(self) self.custom_rules = CustomRules(self) self.include_templates = {} # name => IncludeTemplate object # order is cosmetic self._libraries = odict(( ('resources', self.resources), ('protocols', self.protocols), ('platforms', self.platforms), ('applications', self.applications), ('periodicities', self.periodicities), ('operating_systems', self.operating_systems), ('user_groups', self.user_groups), ('durations', self.durations), ('acls_ipv4', self.acls_ipv4), ('acls_ipv6', self.acls_ipv6), ('nats', self.nats), )) self.createBaseObjects(logger, netcfg) # Generic links, fusion and actions attributes self.generic_links = GenericLinks(self) self.generic_links.load() self.fusion = Fusion(self) self.actions = ActionStack(self, UNDO_MAX_SIZE) def load(self, logger, filetype, name, filename=None, content=None): self.name = name if filename: self.filename = filename else: self.filename = rulesetFilename(filetype, name) self.filetype = filetype self.is_template = (filetype == "template") loader_context = LoadRulesetContext(logger) # Load an existing ruleset/template self.loadFile(loader_context, self.filetype, self.name, editable=True, filename=self.filename, content=content, ruleset_id=0) self.updateFusion() return self.formatRuleset(loader_context) def create(self, logger, filetype, netcfg, base_template=None): self.name = None self.filename = None self.filetype = filetype self.is_template = (filetype == "template") loader_context = LoadRulesetContext(logger) if base_template: self.loadTemplate(loader_context, base_template, from_template=base_template) if self.filetype == "ruleset": self.createSystemNetworks(logger, netcfg) if not base_template: self.createBuiltinNetworks(logger, netcfg) self.updateFusion() return self.formatRuleset(loader_context) def createBaseObjects(self, logger, netcfg): loader_context = LoadRulesetContext(logger) # Load the standard library (protocols, periodicities, etc.), # and create the firewall object try: self.loadFile(loader_context, "library", u"ufwi_ruleset", # Use invalid identifier just to log with at a different log level ruleset_id=-1) except Exception, err: self.loadError(err, tr('the standard library')) firewall = FirewallResource(self.resources, netcfg) self.resources._create(firewall)