def __init__(self, logger, config, default_decisions, acls, nats, custom_rules,
options, apply_rules):
LoggerChild.__init__(self, logger)
self.generator = IptablesGenerator(logger, default_decisions, options, config, apply_rules)
self.acls = acls
self.nats = nats
self.custom_rules = custom_rules
self.options = options
self.keep_files = True
self.old_rules = None
self.new_rules = None
class WriteIptablesRules(Transaction, LoggerChild):
def __init__(self, logger, config, default_decisions, acls, nats, custom_rules,
options, apply_rules):
LoggerChild.__init__(self, logger)
self.generator = IptablesGenerator(logger, default_decisions, options, config, apply_rules)
self.acls = acls
self.nats = nats
self.custom_rules = custom_rules
self.options = options
self.keep_files = True
self.old_rules = None
self.new_rules = None
def prepare(self):
self.info("Create the new iptables rules")
umask(0077)
filename = self.generator.writeRules(self.acls, self.nats, self.custom_rules)
self.new_rules = File(filename, True)
def save(self):
self.info("Save the current iptables rules")
loadKernelModules(self, self.options.ipv6)
filename = iptablesSave(self, ipv6=self.options.ipv6)
self.old_rules = File(filename, True)
def apply(self):
pass
def rollback(self):
self.error("Restore the old iptables rules")
# Restore old rules
iptablesRestore(self, self.old_rules.filename, ipv6=self.options.ipv6, check_error=False)
def cleanup(self):
if self.keep_files:
return
if self.old_rules:
self.old_rules.unlink(quiet=True)
if self.new_rules:
self.new_rules.unlink(quiet=True)
