def render_content(self, ctx, data):
Utils.log.msg('%s opened Tools/Webserver' % (self.avatarId.username))
H = self.sysconf.General.get('http', {})
hosts = []
#hosts.append(('[default]', H.get('defaults',{}).get('DocumentRoot', "/var/www/localhost/htdocs/")))
for host, v in H.get('vhosts', {}).items():
hosts.append((host, v.get('DocumentRoot', '<Misconfigured>'),
tags.a(href="Edit/%s/" % host)["Edit"]))
return ctx.tag[
tags.h3[tags.img(src="/images/networking_section.png"),
" Webserver"],
PageHelpers.TabSwitcher((
('Webserver Vhosts', 'panelVhost'),
('Webserver Default', 'panelDefault'),
)),
tags.div(id="panelVhost", _class="tabPane")[
tags.h3["Webserver Vhosts"],
PageHelpers.dataTable(
["Domain", "Content Directory", ''], hosts, sortable=True),
tags.h3["Add Vhost"],
tags.directive('form addVhost')],
tags.div(id="panelDefault", _class="tabPane")[
tags.h3["Default vhost"], ],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
return ctx.tag[tags.h3[tags.img(src="/images/netdrive.png"),
" System Policy"],
PageHelpers.TabSwitcher(
(('Internet Policy', 'panelInetpol'), )),
tags.div(id="panelInetpol", _class="tabPane")[
tags.h3["Internet Policy"],
tags.directive('form inetPol')],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
records = []
if not self.sysconf.General['zones'][self.domain]['records']:
records = self.parseZone()
for rec in self.sysconf.General['zones'][self.domain]['records']:
# Ditch duplicates automatically
if rec not in records:
records.append(rec)
# Save parsed records
G = self.sysconf.General
G['zones'][self.domain]['records'] = records
self.sysconf.General = G
# Make the table
rnum = 0
nrecords = []
for r in records:
l = r.split()
if len(l)>3 and "MX" in r:
# Has MX
thisRec = [l[0], l[1], l[3], l[2]]
else:
thisRec = l
thisRec.append("")
thisRec.append(tags.a(href="Delete/%s/"%rnum)["Delete"])
rnum += 1
nrecords.append(thisRec)
return ctx.tag[
tags.h3[tags.img(src="/images/networking_section.png"), " Editing zone %s" % self.domain],
PageHelpers.TabSwitcher((
('Records', 'panelDNSRecs'),
('Add Record', 'panelDNSAdd'),
('Edit Options', 'panelDNSOpt'),
)),
tags.div(id="panelDNSRecs", _class="tabPane")[
PageHelpers.dataTable(["Host", "Type", "Data", "Priority", ""],
nrecords, sortable = True
),
],
tags.div(id="panelDNSAdd", _class="tabPane")[
tags.h3["Add new record"],
tags.directive('form addRecord'),
],
tags.div(id="panelDNSOpt", _class="tabPane")[
tags.h3["Edit zone options"],
tags.directive('form editZone')
],
PageHelpers.LoadTabSwitcher()
]
def render_editContent(self, ctx, data):
return ctx.tag[tags.h2[self.text.userHeadingAddUser, self.domain],
PageHelpers.TabSwitcher([(self.text.userTabSettings,
'addForm-userSettings'),
(self.text.userTabPermissions,
'addForm-userPermissions'),
(self.text.userTabMail,
'addForm-mailSettings'),
(self.text.userTabAccess,
'addForm-userAccess')]),
tags.directive('form addForm'),
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
blacklist = []
j = 0
for i in self.sysconf.Mail.get('blacklist', []):
blacklist.append([
i,
tags.
a(href=url.root.child("Mailserver").child("BDelete").child(j),
onclick="return confirm('%s');" %
self.text.eximConfirmDelete)[tags.img(src="/images/ex.png")]
])
j += 1
whitelist = []
j = 0
for i in self.sysconf.Mail.get('whitelist', []):
whitelist.append([
i,
tags.
a(href=url.root.child("Mailserver").child("WDelete").child(j),
onclick="return confirm('%s');" %
self.text.eximConfirmDelete)[tags.img(src="/images/ex.png")]
])
j += 1
return ctx.tag[
tags.h2[tags.img(src="/images/mailsrv.png"),
" Email Server Config"],
PageHelpers.TabSwitcher(
((self.text.eximTabMail, 'panelMail'), (self.text.eximTabRelay,
'panelRelay'),
(self.text.eximTabHubbed,
'panelHubbed'), (self.text.eximTabLocal, 'panelLocal'),
(self.text.eximTabBlocked,
'panelBlack'), (self.text.eximTabWhitelist, 'panelWhite'))),
tags.div(id="panelMail", _class="tabPane"
)[tags.directive('form mailConfig')],
tags.div(id="panelRelay", _class="tabPane"
)[tags.directive('form mailRelay')],
tags.div(id="panelHubbed", _class="tabPane"
)[tags.directive('form mailHubbed')],
tags.div(id="panelLocal", _class="tabPane"
)[tags.directive('form mailLocal')],
tags.div(id="panelBlack", _class="tabPane")[
PageHelpers.dataTable([self.text.eximAddr, ''], blacklist),
tags.h3[self.text.eximAddBlacklist],
tags.directive('form mailBlacklist')],
tags.div(id="panelWhite", _class="tabPane")[
PageHelpers.dataTable([self.text.eximAddrOrHost, ''], whitelist
), tags.h3[self.text.eximAddWhitelist],
tags.directive('form mailWhitelist')],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
heading = " Configure cluster relationship with %s" % self.ip
return ctx.tag[tags.h3[tags.img(src="/images/networking_section.png"),
heading],
PageHelpers.TabSwitcher([('Topology',
'config-topology'),
('Failover',
'config-failover'),
('Load Sharing',
'config-loadbalance')]),
tags.directive('form config'),
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
return ctx.tag[tags.h3[tags.img(src="/images/dhcp.png"),
" Edit Zone %s" % self.zone],
PageHelpers.TabSwitcher((
('Settings', 'panelConfig'),
('Members', 'panelMembers'),
),
id="zones"),
tags.div(id="panelConfig", _class="tabPane"
)[tags.directive("form confZone")],
tags.div(id="panelMembers", _class="tabPane"
)[self.interfaceList.applyTable(self)],
PageHelpers.LoadTabSwitcher(id="zones")]
def render_content(self, ctx, data):
keys = [i for i in os.listdir('/etc/openvpn/keys/') if 'key' in i]
keys.sort()
for key in ['vpn.key', 'ca.key']:
try:
keys.remove(key)
except:
pass
return ctx.tag[
tags.h2[tags.img(src="/images/vpn.png"), self.text.vpnConfig],
PageHelpers.TabSwitcher((
(self.text.vpnTabWindows, 'panelWindows'),
(self.text.vpnTabTCS, 'panelOpenVPN'),
(self.text.vpnTabUsers, 'panelVPNUsers')
)),
tags.div(id="panelWindows", _class="tabPane")[
tags.h3[self.text.vpnHeadingWindows],
tags.directive('form winForm'),
],
tags.div(id="panelOpenVPN", _class="tabPane")[
tags.h3[self.text.vpnHeadingTCS],
tags.directive('form vpnForm'), tags.br,
],
tags.div(id="panelVPNUsers", _class="tabPane")[
tags.h3[self.text.vpnHeadingTCSUsers],
tags.table(cellspacing=0, _class='listing')[
tags.thead(background="/images/gradMB.png")[
tags.tr[
tags.th[self.text.vpnCertificateName],
tags.th[""],
]
],
tags.tbody[
[
tags.tr[
tags.td['.'.join(i.split('.')[:-1])],
tags.td[tags.a(href="Revoke/%s/" % '.'.join(i.split('.')[:-1]), onclick="return confirm('%s');" % self.text.vpnConfirmRevoke)[
tags.img(src="/images/ex.png")]
]
]
for i in keys],
]
], tags.br,
tags.h3[self.text.vpnHeadingAddUser],
tags.directive('form addUser')
],
PageHelpers.LoadTabSwitcher()
]
def render_content(self, ctx, data):
return ctx.tag[
PageHelpers.TabSwitcher(
(('Configuration', 'panelConf'), ('Mapping', 'panelMap'),
('Computers', 'panelComp'))),
tags.div(id="panelConf", _class="tabPane")[
tags.h3[tags.img(src="/images/sharefold.png"),
" Domain configuration"],
tags.directive('form configSamba')],
tags.div(id="panelMap", _class="tabPane")[tags.invisible(
render=tags.directive('drives'))],
tags.div(id="panelComp", _class="tabPane")[tags.invisible(
render=tags.directive('computers'))],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
return ctx.tag[
tags.h3[tags.img(src="/images/networking_section.png"),
" Cluster"],
PageHelpers.TabSwitcher([('Configuration', 'config-me'),
('Cluster', 'config-cluster')]),
tags.div(id='config-me', _class='tabPane')[
tags.h3["Cluster port"],
tags.directive('form clusterPort'),
tags.h3["Generate access key"],
tags.directive('form genKey'), tags.h3["Master key"],
tags.directive('form masterKey')],
tags.div(id='config-cluster', _class='tabPane')[tags.div[
tags.invisible(render=tags.directive('thisFragment')),
tags.a(href="Sync/")['Synchronise Cluster']]],
PageHelpers.LoadTabSwitcher()]
def render_editContent(self, ctx, data):
if not self.avatarId.checkDomainPermissions(self.domain):
return ctx.tag["Nice try"]
if Settings.sambaDN and self.domain == Settings.defaultDomain:
sambaGroups = tags.a(
_class="noUnderline",
href=url.root.child("Users").child('Groups').child(
self.domain).child(self.cid))[
tags.img(src="/images/groupsm.png", align="absmiddle"),
self.text.userLinkEditMembership]
PBXTab = PBXUtils.enabled()
else:
sambaGroups = ""
PBXTab = False
notice = ""
if self.cid == "root" and Settings.sambaDN:
notice = tags.strong[tags.p(
style="color:#f00")[self.text.userWarningEditRoot]]
if self.returns == 'Completed':
notice = tags.img(src='/images/modsuccess.png')
elif self.returns == 'Failed':
notice = tags.h1['Edit Failed!']
tabs = [(self.text.userTabSettings, 'editForm-userSettings'),
(self.text.userTabPermissions, 'editForm-userPermissions'),
(self.text.userTabMail, 'editForm-mailSettings'),
(self.text.userTabAccess, 'editForm-userAccess')]
if PBXTab:
tabs.append(
(self.text.userFormUserExtension, 'editForm-userExtension'))
tabs.append((self.text.userFormUserFKeys, 'editForm-userFKeys'))
return ctx.tag[
notice, tags.h3[self.text.userHeadingEditUser, self.cid],
tags.a(_class="noUnderline",
href=url.root.child('Users').child('Delete').
child(str(self.domain)).child(str(self.cid)),
onclick="return confirm('%s');" %
self.text.userConfirmDelete)[
tags.img(src="/images/ex-wbg.png", align="absmiddle"),
self.text.userLinkDeleteUser], sambaGroups,
PageHelpers.TabSwitcher(tabs),
tags.directive('form editForm'),
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
options = []
if self.domain == "DEFAULT":
zn = self.sysconf.General['http']['defaults']
else:
zn = self.sysconf.General['http']['vhosts'][self.domain]
for opt, val in zn.items():
if isinstance(val, list):
options.append((opt, [[i, tags.br] for i in val], ''))
elif isinstance(val, dict):
options.append((opt, '', ''))
else:
options.append((opt, val, ''))
return ctx.tag[tags.h3[tags.img(src="/images/networking_section.png"),
" Editing virtual host %s" % self.domain],
PageHelpers.TabSwitcher(
(('Location', 'pannelLoc'), ('Proxy', 'pannelProx'),
('Rewrite', 'pannelRewrite'), ('Authentication',
'pannelAuth'),
('Directories', 'pannelDir'), ('Logging',
'pannelLog'))),
tags.div(id="pannelLoc", _class="tabPane"
)[tags.directive('form location')],
tags.div(id="pannelProx", _class="tabPane")[
tags.h3["Add Reverse Proxy"],
#tags.directive('form addProxy')
],
tags.div(id="pannelRewrite", _class="tabPane")[
tags.h3["Add Rewrite Rule"],
#tags.directive('form addRewrite')
],
tags.div(id="pannelAuth", _class="tabPane")[
tags.h3["Add Authentication"],
#tags.directive('form addAuth')
],
tags.div(id="pannelDir", _class="tabPane")[
tags.h3["Add Directory"],
#tags.directive('form addDir')
],
tags.div(id="pannelLog", _class="tabPane")[""],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
return ctx.tag[
tags.h3[tags.img(src="/images/netdrive.png"), " Network Setup"],
PageHelpers.TabSwitcher((
('Static Routes', 'panelStatic'),
('BGP', 'panelBGP'),
('IPv6 Tunnel', 'panelTunnel')
)),
tags.div(id="panelStatic", _class="tabPane")[
],
tags.div(id="panelBGP", _class="tabPane")[
],
tags.div(id="panelTunnel", _class="tabPane")[
tags.h3["Configure IPv6 Tunnel"],
tags.directive('form tunnelConf')
],
PageHelpers.LoadTabSwitcher(),
]
def renderer(ps):
for k, v in xen.items():
if v['lva']:
disk = "%sGB in %s/%s-disk" % (v['disk'], v['lva'], k)
else:
disk = "%sGB in %s" % (
v['disk'],
os.path.join(xenconf.get('home', '/home/xen/'),
'domains', k, 'disk.img'))
if k in doms:
status = "Running"
else:
if k in ps:
status = "Building..."
else:
status = "Stopped"
xenServers.append(
(k, status, v['memory'], disk, v['dist'], v['ip']
or 'DHCP', tags.a(href="Edit/%s/" % k)["Edit"]))
return ctx.tag[
tags.h3[tags.img(src="/images/networking_section.png"),
" Xen"],
PageHelpers.TabSwitcher((
('Xen Servers', 'panelXenServ'),
('Xen Configuration', 'panelXenConf'),
)),
tags.div(id="panelXenServ", _class="tabPane")
[tags.h3["Xen Servers"],
PageHelpers.dataTable([
'Name', 'Status', 'Memory', 'Disk', 'Distribution', 'IP',
''
],
xenServers,
sortable=True),
tags.h3["Create new image"],
tags.directive('form newXen'), tags.
p["Note that images will take a long time to create. The status will read 'Building...' until it is completed"]],
tags.div(id="panelXenConf", _class="tabPane")[
tags.h3["Xen Configuration"],
tags.directive('form xenConf')],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
leases = self.sysconf.DHCP.get('leases', {})
statics = []
for ip, hostmac in leases.items():
statics.append((ip, hostmac[0], hostmac[1]))
statics.sort()
sharenets = []
for sharenet, defin in self.sysconf.DHCP.get('sharenets', {}).items():
sharenets.append(
(sharenet, defin['domain'],
self.sysconf.EthernetDevices[sharenet]['ip'],
tags.a(href="Delnet/%s/" %
sharenet)[tags.img(src="/images/ex.png")]))
return ctx.tag[
tags.h3[tags.img(src="/images/netdrive.png"), " DHCP"],
PageHelpers.TabSwitcher((
('DHCP Settings', 'panelSettings'),
('Static Leases', 'panelLeases'),
('Shared Networks', 'panelAltnet'),
)),
tags.div(id="panelLeases", _class="tabPane")[
tags.table(cellspacing=0, _class='listing')[tags.thead(
background="/images/gradMB.png")[tags.tr[
tags.th["IP Address"], tags.th["Hostname"],
tags.th["MAC Address"], tags.th[""], ]], tags.tbody[[
tags.tr[tags.td[i[0]], tags.td[i[1]],
tags.td[i[2]], tags.td[tags.a(
href="Delete/%s/" %
i[0])[tags.img(src="/images/ex.png")]]]
for i in statics
], ]], tags.br, tags.h3["Add Static Lease"],
tags.directive('form addStatic')],
tags.div(id="panelSettings", _class="tabPane"
)[tags.directive('form confDhcp')],
tags.div(id="panelAltnet", _class="tabPane")[
PageHelpers.dataTable(
("Interface", "Domain", "Network", ""), sharenets),
tags.h3["Add DHCP Network"],
tags.directive('form addNet')],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
mappings = []
for user, userMappings in self.sysconf.Reporting.get(
'userMappings', {}).items():
for uMap in userMappings:
mappings.append([user, uMap, ''])
return ctx.tag[tags.h3[tags.img(src="/images/networking_section.png"),
" Reporting Configuration"],
PageHelpers.TabSwitcher((
('General Configuration', 'panelGenConfig'),
('User Mappings', 'panelUserMappings'),
)),
tags.div(id="panelGenConfig", _class="tabPane")[
tags.h3["Configuration"],
tags.directive('form generalConfig')],
tags.div(id="panelUserMappings", _class="tabPane")[
tags.h3["User Mapping"],
PageHelpers.
dataTable(["User", "Mac Address or IP Address", ''],
mappings,
sortable=True), tags.h3["Add Mapping"],
tags.directive('form createMapping')],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
squidData = self.getData()
return ctx.tag[tags.h2[tags.img(src='/images/proxy.png'),
" Web Proxy"],
PageHelpers.TabSwitcher((
('Proxy setup', 'panelProxySetup'),
('Allowed Domains', 'panelAdom'),
('Blocked Domains', 'panelBdom'),
('Allowed Destination', 'panelAdest'),
('Allowed Computers', 'panelAcomp'),
)),
tags.div(id="panelProxySetup", _class="tabPane")[
tags.h3["Proxy setup"],
tags.directive('form authentication'), ],
tags.div(id="panelAdom", _class="tabPane")[
tags.h3["Allowed Domains"],
PageHelpers.dataTable(['Domain', ''], squidData[0]),
tags.h3["Add Domain"],
tags.directive('form addDomain'), ],
tags.div(id="panelBdom", _class="tabPane")[
tags.h3["Blocked Domains"],
PageHelpers.dataTable(['Domain', ''], squidData[3]),
tags.h3["Add Domain"],
tags.directive('form addBlock'), ],
tags.div(id="panelAdest", _class="tabPane")[
tags.h3["Allowed Destination Networks"],
PageHelpers.
dataTable(['IP Address/Network', ''], squidData[1]),
tags.h3["Add IP address or network"],
tags.directive('form addDest'), ],
tags.div(id="panelAcomp", _class="tabPane")[
tags.h3["Allowed Computers"],
PageHelpers.
dataTable(['IP Address/Network', ''], squidData[2]),
tags.h3["Add IP address or network"],
tags.directive('form addHost'), ],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
if self.sysconf.Mail.get('branches'):
branchTopology = [
tags.
p["Any mail loops or duplicates will be flagged in red. If any addresses appear red below, click on the image for a larger view."],
tags.a(href="/auth/branchTopologyGraph",
target="_blank")[tags.img(
src="/auth/branchTopologyGraph?size=5,5!")]
]
else:
#Should not be undefined
branchTopology = [tags.p["No branches defined"]]
return ctx.tag[
tags.h3[tags.img(src="/images/mailsrv.png"),
" Email Server Config"],
PageHelpers.TabSwitcher((
(self.text.eximTabMail, 'panelMail'),
("Domains", "panelDomains"),
(self.text.eximTabBlocked, 'panelBlack'),
(self.text.eximTabWhitelist, 'panelWhite'),
("Catch-all", "panelCatch"),
("Branches", "panelBranch"),
("Disclaimer", "panelDisclaimer"),
),
id="mail"),
tags.div(id="panelMail", _class="tabPane"
)[tags.directive('form mailConfig')],
tags.div(id="panelDisclaimer", _class="tabPane"
)[tags.directive('form mailDisclaimer')],
tags.div(id="panelBranch", _class="tabPane")
[tags.h3['Branch servers'], tags.
p['Branch servers allow you to create a self-organising branch configuration.',
'Each branch server must have every other branch server added to this section, ',
'the servers will then update from one-another on a 15 minute basis. The discovered ',
'hierarchy will be displayed at the bottom of this page. ',
tags.strong[
'This system does NOT interoperate with Exchange environments.']],
self.addBranch.applyTable(self), branchTopology, ],
tags.div(id="panelDomains", _class="tabPane")[
PageHelpers.TabSwitcher((
(self.text.eximTabRelay, 'panelRelay'),
(self.text.eximTabHubbed, 'panelHubbed'),
(self.text.eximTabLocal, 'panelLocal'),
("Senders", 'panelSenders'),
("Rewrite", 'panelRewrite'),
),
id="domainss"),
tags.div(id="panelRelay", _class="tabPane")[self.addRelay.
applyTable(self)],
tags.div(id="panelHubbed", _class="tabPane")[self.addHubbed.
applyTable(self)],
tags.div(id="panelLocal", _class="tabPane")[self.addLocal.
applyTable(self)],
tags.div(
id="panelRewrite", _class="tabPane"
)[tags
.p(_class="helpText")
["Add domain rewrite rules here. When the domain appears in",
" the To, From, CC or BCC fields it will be rewriten to the required domain.",
" Note that this occurs pre-delivery and the mail routing rules will apply to the final result.",
], tags.br,
PageHelpers.dataTable(['From', 'To', 'Flags', ''], [
(fromm, to, flags,
tags.a(href=url.root.child("Mailserver").
child("ReDelete").child(fromm),
onclick="return confirm('%s');" %
self.text.eximConfirmDelete)[tags.img(
src="/images/ex.png")])
for fromm, to, flags in self.sysconf.Mail.
get('rewrites', [])
],
sortable=True),
tags.h3["Add mail rewrite"],
tags.directive('form mailRewrite')],
tags.div(id="panelSenders", _class="tabPane")[tags.p(
_class="helpText"
)["Add email addresses here to allow them from the internal network"],
self.addSender.
applyTable(self
), ],
PageHelpers.LoadTabSwitcher(id="domainss")],
tags.div(id="panelBlack", _class="tabPane")[
PageHelpers.TabSwitcher((
('Addresses', 'panelAddrs'),
('Subscriptions', 'panelSubs'),
),
id="blacklistpane"),
tags.div(id="panelSubs", _class="tabPane")[self.addSub.
applyTable(self)],
tags.div(id="panelAddrs", _class="tabPane")[self.addBlacklist.
applyTable(self)],
PageHelpers.LoadTabSwitcher(id="blacklistpane")],
tags.div(id="panelWhite", _class="tabPane")[self.addWhitelist.
applyTable(self)],
tags.div(id="panelCatch", _class="tabPane")
[tags.h3["Catch-all Domains"],
self.addCatchall.applyTable(self), tags.
p["Enabling Catchall Domains allows a domain to catch mails addressed to non-existant users in a single account.",
" Each domain where this will be used must have an account named 'catchall' created."]],
PageHelpers.LoadTabSwitcher(id="mail")]
class Page(Tools.Page):
addSlash = True
def __init__(self, *a, **kw):
PageHelpers.DefaultPage.__init__(self, *a, **kw)
self.addStatic = StaticAddress(self, 'Static', 'Static address')
def form_confDhcp(self, data):
form = formal.Form()
ifaces = []
for i, defin in self.sysconf.EthernetDevices.items():
if defin.get('dhcpserver', False):
ifaces.append((i, i))
form.addField('interface',
formal.String(required=True),
formal.widgetFactory(formal.SelectChoice,
options=ifaces),
description="DHCP Interface",
label="Interface")
createForm(form)
#form.data = DHCP.get_dhcp_config(self.sysconf)
form.data['domain'] = self.sysconf.Domain
form.data['netmask'] = '255.255.255.0'
form.addAction(self.confDhcp)
return form
def confDhcp(self, c, f, data):
Utils.log.msg('%s changed DHCP configuration %s' %
(self.avatarId.username, repr(data)))
iface = data['interface'].encode("ascii", "replace")
del data['interface']
return DHCP.set_dhcp_config(
self.sysconf, data,
iface).addBoth(lambda _: url.root.child('Dhcp'))
def render_content(self, ctx, data):
Utils.log.msg('%s opened Tools/DHCP' % (self.avatarId.username))
leases = self.sysconf.DHCP.get('leases', {})
nets = []
for i, defin in self.sysconf.EthernetDevices.items():
if defin.get('dhcpserver'):
data = DHCP.get_dhcp_config(self.sysconf, i)
if not data:
continue
ips = '.'.join(data['network'].split('.')[:3])
range = "%s.%s - %s.%s" % (ips, data['rangeStart'], ips,
data['rangeEnd'])
if '.' in data['rangeStart']:
range = "%s - %s" % (data['rangeStart'], data['rangeEnd'])
nets.append((i, data['network'], data['domain'],
data['gateway'], data['nameserver'], range, [
tags.a(href="Delnet/%s/" %
i)[tags.img(src="/images/ex.png")],
entities.nbsp,
tags.a(href="Edit/%s/" %
i)[tags.img(src="/images/edit.png")]
]))
cleases = []
try:
lfile = open('/var/lib/dhcp3/dhcpd.leases')
except:
lfile = None
if lfile:
leaseIP = ""
currentInfo = {'hostname': "", 'state': ""}
for l in lfile:
try:
ln = l.strip('\n').strip(';').strip()
if (not ln) or (ln[0] == "#"):
continue
if ("lease" in ln) and (ln[-1] == "{"):
leaseIP = ln.split()[1]
continue
if leaseIP:
if ("binding state" in ln) and ("next" not in ln):
currentInfo['state'] = ln.split()[-1]
if "client-hostname" in ln:
currentInfo['hostname'] = ln.split()[-1].replace(
'"', '')
if "hardware ethernet" in ln:
currentInfo['mac'] = ln.split()[-1]
if "}" in ln:
if currentInfo['hostname']:
hostname = currentInfo['hostname']
else:
hostname = "E" + currentInfo.get(
'mac', '').replace(':', '')
ifdet = Utils.locateIp(self.sysconf, leaseIP)
iface = "?"
if ifdet:
iface = ifdet[0]
cleases.append((
iface, leaseIP, currentInfo.get('mac', ''),
currentInfo['hostname'], currentInfo['state'],
tags.a(href=url.root.child('Dhcp').child(
'CreateLease').child(currentInfo['mac']).child(
leaseIP).child(hostname))["Make Static"]))
leaseIP = ""
currentInfo = {'hostname': "", 'state': ""}
except Exception, e:
print "Error parsing leases. Likely that file is currently being written", e
return ctx.tag[tags.h3[tags.img(src="/images/dhcp.png"), " DHCP"],
PageHelpers.TabSwitcher(
(('DHCP Settings', 'panelSettings'),
('Static Leases', 'panelLeases'),
('Current Leases', 'panelCurrent'))),
tags.div(id="panelLeases", _class="tabPane"
)[self.addStatic.applyTable(self)],
tags.div(id="panelSettings", _class="tabPane")[
PageHelpers.dataTable(
("Interface", "Network", "Domain", "Gateway",
"DNS", "Range", ""),
nets,
sortable=True),
tags.h3["Add DHCP Configuration"],
tags.directive('form confDhcp')],
tags.div(id="panelCurrent", _class="tabPane")[
PageHelpers.dataTable(("Interface", "IP", "MAC",
"Hostname", "State", ""),
cleases,
sortable=True), ],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
Utils.log.msg('%s opened Tools/Firewall' % (self.avatarId.username))
rules = self.rules.read()
### Read SNAT rules
snat = self.sysconf.Shorewall.get('snat', [])
snatRules = []
n = 0
for ru in snat:
l = ru.split()
l.append(
tags.
a(href="Delete/SNAT/%s/" % n,
onclick=
"return confirm('Are you sure you want to delete this SNAT rule?');",
title="Delete this SNAT rule.")[tags.img(
src="/images/ex.png")])
snatRules.append(l)
n += 1
### Read MASQ rules
masq = self.sysconf.Shorewall.get('masq', {})
natRules = []
for k, mas in masq.items():
runum = 0
for v in mas:
if type(v) == list:
l = [k]
l.extend([i.replace('-', 'Any') for i in v])
l.append(
tags.
a(href="Delete/NAT/%s/%s/" % (k, runum),
onclick=
"return confirm('Are you sure you want to delete this NAT rule?');",
title="Delete this NAT rule.")[tags.img(
src="/images/ex.png")])
natRules.append(l)
else:
natRules.append([
k, 'Any', v, 'Any', 'Any', 'Any', 'Any',
tags.
a(href="Delete/NAT/%s/%s/" % (k, runum),
onclick=
"return confirm('Are you sure you want to delete this NAT rule?');",
title="Delete this NAT rule.")[tags.img(
src="/images/ex.png")]
])
runum += 1
# QOS
toss = {
'16': 'Minimize Delay',
'8': 'Maximize Throughput',
'4': 'Maximize Reliability',
'2': 'Minimize Cost',
'0': 'Normal Service'
}
qosRules = []
l = 0
for port, proto, tos in self.sysconf.Shorewall.get('qos', []):
qosRules.append([
port, proto, toss[tos],
tags.
a(href=url.root.child("Qos").child("Delete").child(l),
onclick=
"return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]
])
l += 1
### Check if shorewall is broken
if os.path.exists('/usr/local/tcs/tums/shorewallBroken'):
check = tags.div(style="color: #F00")[tags.br, tags.strong[
"The firewall configuration appears to be broken, please test the settings to see any errors and correct them"],
tags.br]
else:
check = ""
fwtable, securityViolation = getFirewallRules(self.rules)
if securityViolation:
secError = [
tags.table(width="70%", style="border:2px solid #ff5555")[
tags.tr[tags.td[tags.img(src="/images/securityhz.png")],
tags.td[tags.h1["Security Violation!"],
securityViolation]]], tags.br, tags.br
]
else:
secError = ""
### Return the page stanza
return ctx.tag[
tags.h3[tags.img(src="/images/firewall.png"),
" Firewall"], check, secError,
tags.img(src="/images/start.png"), " ",
tags.a(href="Test",
style="font-size:11pt;",
title="Test the firewall. (This may take some time!)"
)[tags.strong(
style="font-family:arial,verdana,helvetica,sans-serif;"
)["Test Settings"]], tags.br,
tags.img(src="/images/refresh.png"), " ",
tags.
a(href="Restart",
style="font-size:11pt;",
title=
"Restart the firewall and apply the changes. Changes are only activated after this is clicked."
)[tags.strong(
style="font-family:arial,verdana,helvetica,sans-serif"
)["Apply Changes"]],
PageHelpers.TabSwitcher(
(
('Rules', 'panelRules'),
#('Allow Ports' , 'panelAllowPort'),
('NAT', 'panelNATTab'),
('QoS', 'panelQos'),
('Policy', 'panelPolicy'),
('Zones', 'panelZones'),
('Connections', 'panelCurrent'),
),
id="firewall"),
tags.div(id="panelNATTab", _class="tabPane")[
PageHelpers.TabSwitcher(
(('Forwarding', 'panelForwardPort'),
('Redirection', 'panelTransparentProxy'),
('NAT', 'panelNAT'), ('Source NAT', 'panelSNAT')),
id="firewallNAT"),
tags.div(id="panelForwardPort", _class="tabPane")
[tags.h3["Port Forwarding"],
PageHelpers.
dataTable([
'Source Zone', 'Source IP', 'Forward To',
'Destination Zone', 'Protocol', 'Port', 'Destination IP', ''
], [
r[:-1] + [
tags.
a(href="Delete/dnat/%s/" % (r[-1]),
title="Delete this port forwarding rule",
onclick=
"return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]
] for i, r in enumerate(rules['FORWARD'])
]), tags.h3["Add Forwarding Rule"],
tags.directive('form forwardPort'), ],
tags.div(id="panelTransparentProxy", _class="tabPane")
[tags.h3["Port Redirection (Transparent Proxy)"],
PageHelpers.
dataTable([
'Source Zone', 'Source Network', 'Destination Port',
'Source Port', 'Protocol', 'Destination Network', ''
], [
r[:-1] + [
tags.
a(href="Delete/redirect/%s/" % (r[-1]),
title="Delete this transparent redirection rule",
onclick=
"return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]
] for i, r in enumerate(rules['PROXY'])
]), tags.h3["Add Redirection Rule"],
tags.directive('form transProxy'), ],
tags.div(id="panelNAT", _class="tabPane")[
tags.h3["Nework Address Translation (Masquerading)"],
PageHelpers.dataTable([
'Destination Interface', 'Destination Network',
'Source Interface', 'Source Network', 'NAT IP',
'Protocol', 'Port', ''
], natRules), tags.h3['Add NAT Rule'],
tags.directive('form addNAT')],
tags.div(id="panelSNAT", _class="tabPane")[
tags.h3["Source NAT"],
PageHelpers.dataTable([
'Source IP', 'External Interface', 'Internal IP',
'Any Interface', 'Use Internal'
], snatRules), tags.h3['Add SNAT Rule'],
tags.directive('form addSNAT')],
PageHelpers.LoadTabSwitcher(id="firewallNAT")],
tags.div(id="panelPolicy", _class="tabPane")[
tags.h3["General firewall policy"],
tags.directive('form inetPol')],
tags.div(id="panelQos", _class="tabPane")[
tags.h3[tags.img(src="/images/compress.png"),
"QOS"],
PageHelpers.
dataTable(['Port', 'Protocol', 'Type of service', ''], qosRules
), tags.h3["Add Rule"],
tags.directive('form addQos'), ],
tags.div(id="panelRules", _class="tabPane")[
tags.h3["Firewall Rules"],
tags.invisible(render=tags.directive('tableWidget')), tags.br,
#fwtable,
tags.a(name="addRule")[''], tags.h3["Add rule"],
tags.directive('form allowRange'), ],
tags.div(id="panelZones", _class="tabPane")
[tags.h3["Zones"],
PageHelpers.dataTable(
['Zone Name', 'Policy', 'Log target', 'Interfaces', ''], [[
zone, zd['policy'], zd['log'],
[[i, tags.br] for i in zd['interfaces']],
[
tags.
a(href="Delete/Zone/%s/" % (zone),
title="Delete this firewall zone",
onclick=
"return confirm('Are you sure you want to delete this zone?');"
)[tags.img(src="/images/ex.png")],
tags.a(href="EditZone/%s/" %
zone)[tags.img(src="/images/edit.png")]
]
] for zone, zd in self.sysconf.Shorewall.get('zones', {}
).items()]),
tags.h3['Add Firewall Zone'],
tags.directive('form addZone')],
tags.div(id="panelCurrent", _class="tabPane")[
tags.h3["Current Connections"],
tags.invisible(render=tags.directive('connections'))],
PageHelpers.LoadTabSwitcher(id="firewall")]
def render_content(self, ctx, data):
routes = []
i = 0
for iface, vals in self.sysconf.EthernetDevices.items():
for ro in vals.get('routes', []):
i+= 1
routes.append((ro[0], ro[1], tags.a(href="Delete/%s" % i)[tags.img(src="/images/ex.png")]))
balances = []
zones = []
num = 0
for bal in self.sysconf.ShorewallBalance:
if "-" in bal[1]:
gateway = "" # Detect gateway
else:
gateway = bal[1]
zones.append(bal[0])
balances.append([
bal[0],
gateway,
'balance' in bal[2],
'track' in bal[2],
'loose' in bal[2],
tags.a(href="DeleteBalance/%s" % num)[tags.img(src="/images/ex.png")]
])
num += 1
sourceroutes = []
num = 0
for src in self.sysconf.ShaperRules:
rules = src.split()
print rules, zones
try:
zone = zones[int(rules[0].split(':')[0])-1] # Read the zone from the mark
except:
zone = "Mark "+ rules[0].split(':')[0]
source = rules[1]
if rules[2] == "0.0.0.0/0":
dest = "any"
else:
dest = rules[2]
protocol = rules[3]
port = rules[4]
sourceroutes.append([
zone,
source,
dest,
protocol,
port,
tags.a(href="DeleteSource/%s" % num)[tags.img(src="/images/ex.png")]
])
num += 1
return ctx.tag[
tags.table(width="100%")[
tags.tr[
tags.td(align="left")[tags.h3[tags.img(src="/images/netflow.png"), " IP Routing"]],
tags.td(align='right')[tags.a(id="advBtn", href="#", onclick="setAdvanced('routing', true);")["Advanced"]]
]
],
PageHelpers.TabSwitcher((
('Static Routes', 'panelStatic'),
('BGP', 'panelBGP'),
('RIP', 'panelRIP'),
('Connections', 'panelBalance'),
('Policy Routing', 'panelSource'),
('Proxy ARP', 'panelParp'),
('Routing Table', 'panelTable'),
#('IPv6 Tunnel', 'panelTunnel')
)),
tags.div(id="panelTable", _class="tabPane")[
tags.h3["Routing Table"],
tags.invisible(render=tags.directive('routingTable'))
],
tags.div(id="panelBalance", _class="tabPane")[
tags.h3["Load Balancing"],
PageHelpers.dataTable(['Zone', 'Gateway', 'Load Balance', 'Tracking', 'Soft Routes', ''], balances, sortable=True),
tags.h3["Add Connection"],
tags.directive('form balance')
],
tags.div(id="panelSource", _class="tabPane")[
tags.h3["Policy Routes"],
PageHelpers.dataTable(['Zone', 'Source', 'Destination', 'Protocol', 'Port/SubService', ''], sourceroutes, sortable=True),
tags.h3["Add source route"],
tags.directive('form source')
],
tags.div(id="panelStatic", _class="tabPane")[
tags.h3["Static Routes"],
PageHelpers.dataTable(['Destination', 'Gateway', ''], routes, sortable=True),
tags.h3["Add route"],
tags.directive('form statroutes')
],
tags.div(id="panelParp", _class="tabPane")[
tags.h3["Proxy ARP"],
tags.p[
"Proxy ARP allows you to forward external IP addresses to internal machines as ",
"if they were routable. This server will respond to ARP requests for all interfaces",
"on all interfaces and those listed here. You should use this if your ISP allocates ",
"you a subnet of IP addresses and you wish to make use of one on a machine in a DMZ",
"or local LAN from this gateway. Use a DNAT block in the firewall if you wish to simply forward ports."
],
PageHelpers.dataTable(['IP', 'External', 'Internal', ''], [
[
i[0],
i[2],
i[1],
tags.a(href="Delparp/%s/" % i[0])[tags.img(src="/images/ex.png")]
]
for i in self.sysconf.Shorewall.get('proxyarp', {})
], sortable=True),
tags.h3["Add Proxy ARP"],
tags.directive('form parp')
],
tags.div(id="panelRIP", _class="tabPane")[
tags.h3["RIP"],
tags.strong["Interfaces"],
self.ripInterface.applyTable(self),
tags.strong["Networks"],
self.ripPrefix.applyTable(self)
],
tags.div(id="panelBGP", _class="tabPane")[
[
[
tags.h3["AS ",asn],
tags.a(href="Delas/%s/%s" % (asn, i))[tags.img(src="/images/ex.png"), " Delete Router AS ", asn],
tags.br, tags.br,
tags.table(valign="top")[
tags.tr(valign="top")[
tags.td["ID: "], tags.td[det['router-id']]
],
tags.tr(valign="top")[
tags.td["Neighbors: "], tags.td[
PageHelpers.dataTable(['Remote', 'AS', 'Multi-hop','Next-Hop', ''],
[
[
i,
negh.get('as', asn),
negh.get('multihop', False) and 'Yes' or 'No',
negh.get('nexthop', False) or 'Peer',
tags.a(href="Delneigh/%s/%s" % (asn, i))[tags.img(src="/images/ex.png")]
] for i,negh in det.get('neighbors', {}).items()],
sortable=True),
tags.a(href="AddNeigh/%s/" % asn)["Add Neighbor"],
tags.br,
]
],
tags.tr(valign="top")[
tags.td["Networks: "], tags.td[
PageHelpers.dataTable(['Netmask', ''],
[[
i,
tags.a(href="Delnet/%s/%s" % (asn, i.replace('/','+')))[tags.img(src="/images/ex.png")],
] for i in det.get('networks', [])], sortable=True),
tags.a(href="AddNet/%s/" % asn)["Add Network"]
]
]
]
]
for asn,det in self.sysconf.BGP.items()],
tags.h3["Add AS"],
tags.directive('form bgp')
],
#tags.div(id="panelTunnel", _class="tabPane")[
# tags.h3["Configure IPv6 Tunnel"],
# tags.directive('form tunnelConf')
#],
PageHelpers.LoadTabSwitcher(),
]
def gotDetails(dlcache, totals):
cache = {
'linux': dlcache[0][1],
'microsoft': dlcache[1][1],
}
update = {}
print totals
data = [
("Linux", 1 + int(totals.get('linux', [0, 1000])[1]) / 1000),
("Windows",
1 + int(totals.get('microsoft', [0, 1000])[1]) / 1000),
]
pie = tags.img(
src="/chart?type=pie&width=500&height=250&%s" %
('&'.join(["lables=%s&data=%s" % (l, d) for l, d in data])))
def statSet(type):
saving = 0
for t, n, hit, size in cache[type]:
h = hit or 0
s = size or 0
saving += (h * s)
return [
tags.strong["Hits vs Downloads"], tags.br,
tags.img(
src=
'/chart?type=pie&width=500&height=250&lables=Downloads&data=%s&lables=Hits&data=%s'
% (len(cache[type]) or 1, totals[type][0] or 1)),
tags.br, tags.strong["Efficiency ratio: "],
"%.2f" % (len(cache[type]) / float(totals[type][0] + 1)),
tags.br, tags.strong["Saving: "],
Utils.intToH(saving), tags.br, tags.br
]
def overallSavings():
savings = {}
totalSaving = 1
for i in ['microsoft', 'linux']:
saving = 1
for t, n, hit, size in cache[i]:
h = hit or 0
s = size or 0
saving += (h * s)
savings[i] = saving
totalSaving += saving
savingCon = []
for i in ['microsoft', 'linux']:
size = Utils.intToH(savings[i])
savingCon.append(
("%s%%20[%s]" % (i.capitalize(), size), savings[i]))
l = '&'.join(
["lables=%s&data=%s" % (i, j) for i, j in savingCon])
return tags.img(src='/chart?type=pie&width=500&height=250&%s' %
l)
tabCols = [
('str', 'Filename'),
#('isodate', 'Last Accessed'),
#('isodate', 'First Downloaded'),
('int', 'Hits'),
('int', 'Size'),
]
return ctx.tag[
PageHelpers.TabSwitcher(
(
('Stats', 'panelStats'),
('Windows', 'panelWindows'),
('Linux', 'panelLinux'),
#('AntiVirus', 'panelAntivirus')
),
id="update"),
tags.div(id='panelStats', _class='tabPane')[
tags.h3["Stats"], tags.strong["Disk utilisation"], tags.br,
pie, tags.br, tags.strong["Overall savings"], tags.br,
overallSavings(), tags.br, tags.strong["Total Use:"],
Utils.intToH(totals['total'][1])],
tags.div(id='panelWindows', _class='tabPane')[
tags.h3[tags.img(src="/images/windows.png"),
"Windows update cache"],
statSet('microsoft'), tags.h3["Most signficant updates"],
PageHelpers.dataTable(tabCols, [(
i[1],
i[2] or 0,
Utils.intToH(i[3] or 0),
) for i in cache.get('microsoft', [])[-10:]],
sortable=True)],
tags.div(id='panelLinux', _class='tabPane')[
tags.h3[tags.img(src="/images/penguin.png"),
"Linux update cache"],
statSet('linux'), tags.h3["Most signficant updates"],
PageHelpers.dataTable(tabCols, [(
i[1],
i[2] or 0,
Utils.intToH(i[3] or 0),
) for i in cache.get('linux', [])[-10:]],
sortable=True)],
#tags.div(id='panelAntivirus', _class='tabPane')[
# ""
#],
PageHelpers.LoadTabSwitcher(id="update")]
class Page(Tools.Page):
addSlash = True
childPages = {
'Edit': EditDNS,
}
def __init__(self, *a, **kw):
Tools.Page.__init__(self, *a, **kw)
self.DynDNS = DyndnsEntry(self, 'DynDNS', 'dynamic DNS entry')
def childFactory(self, ctx, seg):
if seg in self.childPages.keys():
return self.childPages[seg](self.avatarId, self.db)
else:
return PageHelpers.DefaultPage.childFactory(self, ctx, seg)
def locateChild(self, ctx, segs):
if segs[0] == "Delete":
G = self.sysconf.General
print self.avatarId.username, " deleting zone ", segs[1]
del G['zones'][segs[1]]
self.sysconf.General = G
def null(_):
return url.root.child('DNS'), ()
return WebUtils.restartService('bind').addCallbacks(null, null)
return PageHelpers.DefaultPage.locateChild(self, ctx, segs)
def form_nameservers(self, data):
form = formal.Form()
form.addField(
'forward',
formal.String(),
label="DNS Forward",
description=
"DNS forwarders (comma separated) that the Vulani internal DNS server should use for non-authoritive requests. This is usualy your upstream DNS"
)
form.addField(
'sysresolv',
formal.String(),
label="DNS Servers",
description=
"The DNS server which this server should perform it's own lookups from. This is usualy itself (127.0.0.1) or if the internal DNS is unused then it is the upstream DNS servers"
)
form.data['forward'] = ','.join(self.sysconf.ForwardingNameservers)
if self.sysconf.General.get('sysresolv', []):
form.data['sysresolv'] = ','.join(
self.sysconf.General['sysresolv'])
else:
form.data['sysresolv'] = '127.0.0.1'
form.addAction(self.submitNSForm)
return form
def submitNSForm(self, ctx, form, data):
Utils.log.msg('%s changed forwarding nameservers %s' %
(self.avatarId.username, repr(data)))
forward = data['forward'].replace(' ', '').replace('\n', '').replace(
'\r', '').split(',')
self.sysconf.ForwardingNameservers = forward
gen = self.sysconf.General
sysresolv = data['sysresolv'].replace(' ',
'').replace('\n', '').replace(
'\r', '').split(',')
gen['sysresolv'] = sysresolv
self.sysconf.General = gen
def res(_):
return url.root.child('DNS')
return WebUtils.restartService('bind').addCallbacks(res, res)
def form_addZone(self, data):
form = formal.Form()
form.addField('zone', formal.String(required=True), label="Domain")
form.addField('master', formal.Boolean(), label="Master")
form.addField(
'update',
formal.String(),
label="Update",
description=
"If this server is not the master, enter the master servers IP here"
)
form.addField(
'forward',
formal.String(),
label="Forward",
description="Forward requests for this zone to another server")
form.data['master'] = True
form.addAction(self.submitZone)
return form
def submitZone(self, ctx, form, data):
D = self.sysconf.General
type = data['master'] and "master" or "slave"
options = ['type %s' % type, 'notify no']
if data['forward']:
type = 'forward'
options = ['type %s' % type]
if data['update']:
update = ['127.0.0.1', data['update'].encode()]
else:
update = ['127.0.0.1']
defaultZone = {
'update': update,
'options': options,
'ns': [self.sysconf.ExternalName],
'records': [],
'forward': data['forward']
}
if D.get('zones'):
D['zones'][data['zone'].encode()] = defaultZone
else:
D['zones'] = {data['zone'].encode(): defaultZone}
self.sysconf.General = D
def next(_):
return url.root.child('DNS')
return WebUtils.restartService('bind').addBoth(next)
def render_content(self, ctx, data):
Utils.log.msg('%s opened Tools/DNS' % (self.avatarId.username))
# Try fix up our zones
ourBase = self.sysconf.Domain
if ourBase not in self.sysconf.General.get('zones', {}).keys():
try:
sc = self.sysconf.General.get('zones', {})
sc[ourBase] = {
'update': ['127.0.0.1'],
'options': ['type master', 'notify no'],
'ns': ["%s.%s" % (self.sysconf.Hostname, ourBase)],
'records': []
}
fi = open('/etc/bind/pri/%s.zone' % ourBase)
for i in fi:
n = i.strip().split()
if n[0] == "A" and i[0] == " ":
sc[ourBase]['records'].append(
"%s. %s" % (ourBase, i.strip().strip('\n')))
continue
if " CNAME " in i:
sc[ourBase]['records'].append(i.strip('\n').strip())
if " A " in i:
sc[ourBase]['records'].append(i.strip('\n').strip())
G = self.sysconf.General
G['zones'] = sc
self.sysconf.General = G
except Exception, e:
print "Error parsing zone", e
return ctx.tag[
tags.h3[tags.img(src="/images/networking_section.png"), " DNS"],
PageHelpers.TabSwitcher((
('DNS Servers', 'panelDNSServ'),
('DNS Zones', 'panelDNSZone'),
('Dynamic DNS', 'panelDynDNS'),
)),
tags.div(id="panelDynDNS", _class="tabPane")[
tags.h3["Dynamic DNS"],
self.DynDNS.applyTable(self)],
tags.div(id="panelDNSServ", _class="tabPane")[
tags.h3["DNS Servers"],
tags.directive('form nameservers')],
tags.div(id="panelDNSZone", _class="tabPane")
[tags.h3["DNS Zones"],
PageHelpers.dataTable(["Zone", "Master", "NS", ''], [[
i, "type master" in self.sysconf.General['zones'][i].
get('options', []), self.sysconf.General['zones'][i]['ns'][0],
[
tags.a(href="Edit/%s/" % i)["Edit"], " ",
tags.
a(href="Delete/%s/" % (i, ),
onclick=
"return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]
]
] for i in self.sysconf.General.get('zones', {}).keys()],
sortable=True), tags.h3["Add Zone"],
tags.directive('form addZone')],
PageHelpers.LoadTabSwitcher()]
def render_content(self, ctx, data):
Utils.log.msg('%s opened Tools/Firewall' % (self.avatarId.username))
rules = self.rules.read()
rows = []
bg = True
### Read SNAT rules
snat = self.sysconf.Shorewall.get('snat', [])
snatRules = []
n = 0
for ru in snat:
l = ru.split()
l.append(
tags.a(
href="Delete/SNAT/%s/" % n,
onclick="return confirm('Are you sure you want to delete this SNAT rule?');",
title="Delete this SNAT rule."
)[tags.img(src="/images/ex.png")]
)
snatRules.append(l)
n += 1
### Read MASQ rules
masq = self.sysconf.Shorewall.get('masq', {})
natRules = []
for k,mas in masq.items():
runum = 0
for v in mas:
if type(v) == list:
l = [k]
l.extend([i.replace('-', 'Any') for i in v])
l.append(
tags.a(
href="Delete/NAT/%s/%s/"%(k, runum),
onclick="return confirm('Are you sure you want to delete this NAT rule?');",
title="Delete this NAT rule."
)[tags.img(src="/images/ex.png")]
)
natRules.append(l)
else:
natRules.append([
k, 'Any', v, 'Any', 'Any', 'Any', 'Any',
tags.a(
href="Delete/NAT/%s/%s/"%(k, runum),
onclick="return confirm('Are you sure you want to delete this NAT rule?');",
title="Delete this NAT rule."
)[tags.img(src="/images/ex.png")]
])
runum += 1
securityViolation = None
### Read firewall rules table
try:
lastrule = rules['AIP'][0][8]
except:
lastrule = 0
for i,ru in enumerate(rules['AIP']):
bg = not bg
this = bg and "#F5F5EB" or "#eee"
try:
nextrule = rules['AIP'][i+1][8]
except:
nextrule = ru[8]
# Check for security violations
print "Port, source", ru[7], ru[2]
# SSH and Vulani access violation
if ru[7] in ["22", "9682"]:
if (ru[2] == "Any") and ((ru[1] in ["net", "Any", "dsl", "ppp", "wan", "net2"]) or (ru[4] == "fw")):
securityViolation = "Inbound SSH and/or Vulani administrative access should not be unrestricted! "
securityViolation += "Your system security has been seriously compromised. Please remove this "
securityViolation += "rule and restrict the source IP or make use of the VPN to administer the server remotely"
this = "#ff5555"
r = [
tags.tr(style="background: %s" % this)[
tags.td(rowspan=2)[ru[0]],
tags.td[tags.strong['Source ']],
tags.td[ru[1]], # Source zone
tags.td[ru[3].replace('-', 'Any')], # Source port
tags.td[ru[2]], # Source IP
tags.td(rowspan=2)[ru[6].replace('-', 'Any')],
tags.td(rowspan=2)[
tags.a(
href="Swap/%s/%s/" % (ru[8], nextrule),
title = "Move this rule down"
)[tags.img(src="/images/arrowdown.png")],
" ",
tags.a(
href="Swap/%s/%s/" % (ru[8], lastrule),
title = "Move this rule up"
)[tags.img(src="/images/arrowup.png")],
" ",
tags.a(
href="Delete/AIP/%s/"%(ru[8]),
onclick="return confirm('Are you sure you want to delete this rule?');",
title="Delete this firewall rule."
)[tags.img(src="/images/ex.png")]
]
],
tags.tr(style="background: %s" % this)[
tags.td[tags.strong['Destination ']],
#tags.td(align='right')[' Zone: '],
tags.td[ru[4]], # Zone
#tags.td( align='right')[' Port/Type: '],
tags.td[ru[7].replace('-', 'Any')], #Port
#tags.td( align='right')[' IP: '],
tags.td[ru[5]], # IP
],
]
rows.append(r)
lastrule = ru[8]
self.largestRule = lastrule
fwtable = tags.table(cellspacing=0, _class='listing')[
tags.thead(background="/images/gradMB.png")[
tags.tr[
tags.th['Rule'],
tags.th[''],
#tags.th[''],
tags.th['Zone'],
#tags.th[''],
tags.th['Port'],
#tags.th[''],
tags.th['IP'],
tags.th['Protocol'],
tags.th[''],
],
],
tags.tbody[
rows
]
]
toss = {
'16':'Minimize Delay',
'8':'Maximize Throughput',
'4':'Maximize Reliability',
'2':'Minimize Cost',
'0':'Normal Service'
}
qosRules = []
l = 0
for port, proto, tos in self.sysconf.Shorewall.get('qos', []):
qosRules.append([
port,
proto,
toss[tos],
tags.a(href=url.root.child("Qos").child("Delete").child(l), onclick="return confirm('Are you sure you want to delete this entry?');")[tags.img(src="/images/ex.png")]
])
l += 1
### Check if shorewall is broken
if os.path.exists('/usr/local/tcs/tums/shorewallBroken'):
check = tags.div(style="color: #F00")[
tags.br,
tags.strong[
"The firewall configuration appears to be broken, please test the settings to see any errors and correct them"
],
tags.br
]
else:
check = ""
if securityViolation:
secError = [tags.table(width="70%", style="border:2px solid #ff5555")[tags.tr[
tags.td[tags.img(src="/images/securityhz.png")],
tags.td[
tags.h1["Security Violation!"],
securityViolation
]
]], tags.br, tags.br]
else:
secError = ""
### Return the page stanza
return ctx.tag[
tags.h3[tags.img(src="/images/firewall.png"), " Firewall"],
check,
secError,
tags.img(src="/images/start.png"), " ",
tags.a(
href="Test",
style="font-size:11pt;",
title="Test the firewall. (This may take some time!)"
)[tags.strong(style="font-family:arial,verdana,helvetica,sans-serif;")["Test Settings"]],
tags.br,
tags.img(src="/images/refresh.png"), " ",
tags.a(
href="Restart",
style="font-size:11pt;",
title="Restart the firewall and apply the changes. Changes are only activated after this is clicked."
)[tags.strong(style="font-family:arial,verdana,helvetica,sans-serif")["Apply Changes"]],
PageHelpers.TabSwitcher((
('Rules' , 'panelRules'),
#('Allow Ports' , 'panelAllowPort'),
('NAT', 'panelNATTab'),
('QoS', 'panelQos'),
('Policy', 'panelPolicy'),
('Zones' , 'panelZones'),
('Connections', 'panelCurrent'),
), id = "firewall"),
tags.div(id="panelNATTab", _class="tabPane")[
PageHelpers.TabSwitcher((
('Forwarding', 'panelForwardPort'),
('Redirection', 'panelTransparentProxy'),
('NAT', 'panelNAT'),
('Source NAT', 'panelSNAT')
), id ="firewallNAT"),
tags.div(id="panelForwardPort", _class="tabPane")[
tags.h3["Port Forwarding"],
PageHelpers.dataTable(['Source Zone', 'Source IP', 'Forward To', 'Destination Zone', 'Protocol', 'Port', 'Destination IP', ''], [
r[:-1] + [tags.a(
href="Delete/AIP/%s/"%(r[-1]),
title="Delete this port forwarding rule",
onclick="return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]]
for i,r in enumerate(rules['FORWARD'])]),
tags.h3["Add Forwarding Rule"],
tags.directive('form forwardPort'),
],
tags.div(id="panelTransparentProxy", _class="tabPane")[
tags.h3["Destination NAT (Transparent Proxy)"],
PageHelpers.dataTable(['Source Zone', 'Source Network', 'Destination Port', 'Source Port', 'Protocol', 'Destination Network', ''], [
r[:-1] + [tags.a(
href="Delete/AIP/%s/"%(r[-1]),
title="Delete this transparent redirection rule",
onclick="return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]]
for i,r in enumerate(rules['PROXY'])]),
tags.h3["Add DNAT Rule"],
tags.directive('form transProxy'),
],
tags.div(id="panelNAT", _class="tabPane")[
tags.h3["Nework Address Translation (Masquerading)"],
PageHelpers.dataTable(
['Destination Interface', 'Destination Network', 'Source Network', 'Source Interface', 'NAT IP', 'Protocol', 'Port', ''],
natRules
),
tags.h3['Add NAT Rule'],
tags.directive('form addNAT')
],
tags.div(id="panelSNAT", _class="tabPane")[
tags.h3["Source NAT"],
PageHelpers.dataTable(
['Source IP', 'External Interface', 'Internal IP', 'Any Interface', 'Use Internal'],
snatRules
),
tags.h3['Add SNAT Rule'],
tags.directive('form addSNAT')
],
PageHelpers.LoadTabSwitcher(id="firewallNAT")
],
tags.div(id="panelPolicy", _class="tabPane")[
tags.h3["General firewall policy"],
tags.directive('form inetPol')
],
tags.div(id="panelQos", _class="tabPane")[
tags.h3[tags.img(src="/images/compress.png"), "QOS"],
PageHelpers.dataTable(['Port', 'Protocol', 'Type of service', ''], qosRules),
tags.h3["Add Rule"],
tags.directive('form addQos'),
],
tags.div(id="panelRules", _class="tabPane")[
tags.h3["Firewall Rules"],
#PageHelpers.dataTable(
# [
# 'Action', '', 'Protocol',''
# ],
fwtable,
#),
tags.a(name="addRule")[''],
tags.h3["Add rule"],
tags.directive('form allowRange'),
],
tags.div(id="panelZones", _class="tabPane")[
tags.h3["Zones"],
PageHelpers.dataTable(['Zone Name', 'Policy', 'Log target', 'Interfaces', ''],
[
[
zone, zd['policy'], zd['log'], [[i, tags.br] for i in zd['interfaces']],
[
tags.a(
href="Delete/Zone/%s/"%(zone),
title="Delete this firewall zone",
onclick="return confirm('Are you sure you want to delete this zone?');"
)[tags.img(src="/images/ex.png")],
tags.a(href="EditZone/%s/" % zone)[tags.img(src="/images/edit.png")]
]
]
for zone, zd in self.sysconf.Shorewall.get('zones', {}).items()]
),
tags.h3['Add Firewall Zone'],
tags.directive('form addZone')
],
tags.div(id="panelCurrent", _class="tabPane")[
tags.h3["Current Connections"],
tags.invisible(render=tags.directive('connections'))
],
PageHelpers.LoadTabSwitcher(id="firewall")
]
def render_content(self, ctx, data):
interfaces = Utils.getInterfaces() + self.sysconf.EthernetDevices.keys(
)
params = Utils.parseNet()
d = {}
vlans = []
routes = {}
types = {}
vali = []
traffic = {}
da = datetime.datetime.now()
today = "%s%s%s" % (da.day, da.month, da.year)
for i in interfaces:
if 'tap' not in i and 'eth' not in i and 'ppp' not in i and 'vlan' not in i:
continue
if not "vlan" in i:
if i in d.keys():
pass
if i in params.keys():
types[i] = params[i]['type']
routes[i] = [params[i].get('network', '')]
if params[i]['type'] == 'static':
d[i] = params[i]['ip']
if params[i]['type'] == 'manual':
d[i] = "Manual"
else:
d[i] = "DHCP"
else:
types[i] = ""
routes[i] = ""
d[i] = ""
else:
vlans.append((i, params[i]['ip'],
tags.a(title="Edit Interface %s" % i,
href="Edit/%s" %
i)[tags.img(src="/images/edit.png")]))
# Read the traffic counters
try:
p = open('/usr/local/tcs/tums/rrd/iface_%s_%stotal.nid' %
(i, today)).read().split(':')
traffic[i] = (float(p[0]), float(p[1]))
except:
traffic[i] = (0, 0)
return ctx.tag[
tags.h3[tags.img(src="/images/stock-disconnect.png"),
self.text.toolsMenuNetconf],
PageHelpers.TabSwitcher((
('Interface Configuration', 'panelIface'),
('VLAN Configuration', 'panelVlan'),
('IPv6 Tunnel', 'panelTunnel'),
('Advanced', 'panelAdvanced'),
)),
tags.div(id="panelIface", _class="tabPane")[
tags.h3["Interfaces"],
tags.table(width="95%")[[
tags.tr[[
tags.td[self.roundedBlock(j, [
tags.img(src="/images/graphs/iface-%sFS.png" %
j), tags.
table[tags.tr(valign="top")[
tags.td[tags.strong["Traffic Out (24h): "]],
tags.td[Utils.intToH(traffic[j][1])]],
tags.tr(
valign="top"
)[tags.td[tags.strong["Traffic In (24h): "]],
tags.td[Utils.intToH(traffic[j][0])]],
tags.tr(valign="top")[
tags.td[tags.
strong["Configuration Type: "]],
tags.td[types[j] == 'dhcp' and 'DHCP'
or 'Static']],
tags.tr(valign="top")[
tags.td[tags.
strong["Associated Routes: "]],
tags.td[[[k, tags.br] for k in routes.
get(j, ["None"])]]],
tags.tr(
valign="top"
)[tags.td[tags.a(title="Edit Interface %s" %
j,
href="Edit/%s" %
j)[tags.img(
src="/images/edit.png"),
" Edit Settings"]],
tags.td[""]]]
])] for j in i if j
]] for i in WebUtils.runIter(1, d.keys())
]], tags.br,
#tags.h3["Add interface"],
#tags.directive('form addInterface')
],
tags.div(id="panelVlan", _class="tabPane")[
tags.h3["Configured VLAN Interfaces"],
PageHelpers.dataTable(('Interface', 'IP', ''), vlans), tags.br,
tags.h3["Add VLAN"],
tags.directive('form addVLAN')],
tags.div(id="panelTunnel", _class="tabPane")[
tags.h3["Configure IPv6 Tunnel"],
tags.directive('form tunnelConf')],
tags.div(id="panelAdvanced", _class="tabPane")
[tags.h3["Advanced Settings"], tags.
p["If you are unsure of any of these settings you should almost certainly not change them"],
tags.directive('form advanced')],
PageHelpers.LoadTabSwitcher(), ]
def render_content(self, ctx, data):
keys = [i for i in os.listdir('/etc/openvpn/keys/') if '.key' in i]
keys.sort()
for key in ['vpn.key', 'ca.key']:
try:
keys.remove(key)
except:
pass
# Build a list of tunnels
types={}
# reprocess the configuration
for name, conf in self.sysconf.Tunnel.items():
if name == "ipv6":
continue
cnf = conf
cnf['name'] = str(name)
if types.get(str(cnf['type'])):
types[str(cnf['type'])].append(cnf)
else:
types[str(cnf['type'])] = [cnf]
# Check vpn is configured
if os.path.exists('/etc/openvpn/vpn.conf'):
userForm = tags.directive('form addUser')
else:
userForm = tags.strong["Please configure the VPN in order to add new users"]
tuns = []
# Call the handler functions with the stores
ifs = Utils.getInterfaces()
for k,v in types.items():
if v:
v.sort()
for c,tun in enumerate(v):
status = tags.a(href='Start/%s/' % tun['name'])["Disconnected"]
if k == 'openvpn':
# Hunt TAP interfaces
if 'tap%s' % (c+1) in ifs:
status = tags.a(href='Stop/%s/' % tun['name'])["Connected"]
tuns.append((
status,
tun['name'],
tun['type'],
tun['endpoint'],
tags.a(href="Delete/%s/" % (tun['name']))["Delete"]
))
return ctx.tag[
tags.h3[tags.img(src="/images/vpn.png"), self.text.vpnConfig],
PageHelpers.TabSwitcher((
(self.text.vpnTabWindows, 'panelWindows'),
(self.text.vpnTabTCS, 'panelOpenVPN'),
(self.text.vpnTabUsers, 'panelVPNUsers'),
(self.text.vpnTabTun, 'panelTun')
)),
tags.div(id="panelWindows", _class="tabPane")[
tags.h3[self.text.vpnHeadingWindows],
tags.directive('form winForm'),
],
tags.div(id="panelTun", _class="tabPane")[
tags.h3["Tunnels"],
PageHelpers.dataTable(['Status', 'Name', 'Type', 'Endpoint', ''], tuns),
tags.h3["Add tunnel"],
tags.directive('form addTun'), tags.br,
],
tags.div(id="panelOpenVPN", _class="tabPane")[
tags.h3[self.text.vpnHeadingTCS],
tags.directive('form vpnForm'), tags.br,
],
tags.div(id="panelVPNUsers", _class="tabPane")[
tags.h3[self.text.vpnHeadingTCSUsers],
tags.table(cellspacing=0, _class='sortable')[
tags.thead(background="/images/gradMB.png")[
tags.tr[
tags.th(colformat="str")[self.text.vpnCertificateName],
tags.th[""],
]
],
tags.tbody[
[
tags.tr[
tags.td['.'.join(i.split('.')[:-1])],
tags.td[
tags.a(
href="Revoke/%s/" % '.'.join(i.split('.')[:-1]),
onclick="return confirm('%s');" % self.text.vpnConfirmRevoke
)[
tags.img(src="/images/ex.png")
]
]
]
for i in keys],
]
], tags.br,
tags.h3[self.text.vpnHeadingAddUser],
userForm
],
PageHelpers.LoadTabSwitcher()
]
def render_content(self, ctx, data):
interfaces = Utils.getInterfaces() + self.sysconf.EthernetDevices.keys(
)
params = Utils.parseNet()
d = {}
vlans = []
routes = {}
types = {}
vali = []
for i in interfaces:
if not "vlan" in i:
if i in d.keys():
pass
if i in params.keys():
types[i] = params[i]['type']
routes[i] = [params[i].get('network', '')]
if params[i]['type'] == 'static':
d[i] = params[i]['ip']
if params[i]['type'] == 'manual':
d[i] = "Manual"
else:
d[i] = "DHCP"
else:
types[i] = ""
routes[i] = ""
d[i] = ""
else:
vlans.append((i, params[i]['ip'],
tags.a(title="Edit Interface %s" % i,
href="Edit/%s" %
i)[tags.img(src="/images/edit.png")]))
return ctx.tag[
tags.h3[tags.img(src="/images/netdrive.png"), " Network Setup"],
PageHelpers.TabSwitcher((('Interface Configuration', 'panelIface'),
('VLAN Configuration', 'panelVlan'),
('IPv6 Tunnel', 'panelTunnel'))),
tags.div(id="panelIface", _class="tabPane")[
tags.h3["Configured Interfaces"],
tags.table(cellspacing="0", _class="listing")[tags.thead(
background="/images/gradMB.png")[tags.tr[
tags.th['Interface'], tags.th['DHCP'], tags.th['IP'],
tags.th['Associated Routes'],
tags.th[''], ]], tags.tbody[[
tags.tr[tags.td[i.replace('eth', 'Port ')],
tags.td[types[i] == 'dhcp'], tags.td[d[i]],
tags.td[[[k, tags.br] for k in routes.
get(i, ["None"])]], tags.
td[tags.a(title="Edit Interface %s" % i,
href="Edit/%s" % i)[tags.img(
src="/images/edit.png")]], ]
for i in d.keys() if not i == "lo"
]]], tags.br, tags.h3["Add interface"],
tags.directive('form addInterface')],
tags.div(id="panelVlan", _class="tabPane")[
tags.h3["Configured VLAN Interfaces"],
PageHelpers.dataTable(('Interface', 'IP', ''), vlans), tags.br,
tags.h3["Add VLAN"],
tags.directive('form addVLAN')],
tags.div(id="panelTunnel", _class="tabPane")[
tags.h3["Configure IPv6 Tunnel"],
tags.directive('form tunnelConf')],
PageHelpers.LoadTabSwitcher(), ]
def render_content(self, ctx, data):
squidData = self.getData()
tabs = [
('Setup', 'panelProxySetup'),
('Active Directory', 'panelAuth'),
('Content', 'panelContent'),
('Allow', 'panelAllows'),
('Block Domain', 'panelBdom'),
('Access times', 'panelAtime'),
('ACL Routing', 'panelRouting'),
]
updatePanel = ""
k = self.sysconf.ProxyConfig
if k.get('updates'):
if k['updates'].get('enabled'):
tabs.append(('Updates', 'panelUpdate'))
updatePanel = tags.div(id="panelUpdate", _class="tabPane")[
tags.h3["Updates Cache"],
tags.invisible(render=tags.directive('updateCache'))]
return ctx.tag[
tags.h3[tags.img(src='/images/proxy.png'), " Web Proxy"],
PageHelpers.TabSwitcher((tabs), id="proxy"),
tags.div(id="panelContent", _class="tabPane")[
PageHelpers.TabSwitcher((('Content filters', 'panelCFilter'),
('Site Whitelist', 'panelWlist'),
('Host Whitelist', 'panelHWlist')),
id="pcfilter"),
tags.div(id="panelCFilter", _class="tabPane")[
tags.h3["Blocked content"],
tags.directive('form contentFilter'), ],
tags.div(id="panelWlist", _class="tabPane")[
tags.h3["Site Whitelist"],
self.cfilterSWL.applyTable(self)],
tags.div(id="panelHWlist", _class="tabPane")[
tags.h3["Host Whitelist"],
self.cfilterHWL.applyTable(self)],
PageHelpers.LoadTabSwitcher(id="pcfilter")],
tags.div(id="panelProxySetup", _class="tabPane")[
tags.h3["Proxy setup"],
tags.directive('form squidConf'), ],
tags.div(id="panelAuth", _class="tabPane")[
tags.h3["Proxy setup"],
tags.directive('form authentication'), ],
tags.div(id="panelAllows", _class="tabPane"
)[PageHelpers.TabSwitcher(
(
('Allow Domain', 'panelAdom'),
('Allow Destination', 'panelAdest'),
('Allow Computer', 'panelAcomp'),
),
id="allows"),
tags.div(id="panelAdom", _class="tabPane")[
tags.h3["Allowed Domains"],
self.addDom.applyTable(self)],
tags.div(id="panelAdest", _class="tabPane")[
tags.h3["Allowed Destination Networks"],
self.addDest.applyTable(self)],
tags.div(id="panelAcomp", _class="tabPane")[
tags.h3["Allowed Computers"],
self.addComp.applyTable(self)],
PageHelpers.LoadTabSwitcher(id="allows")],
tags.div(id="panelAtime", _class="tabPane")[
tags.h3["Access times"],
PageHelpers.
dataTable(['Permission', 'Days', 'Time', 'Domain', 'ACL', ''],
squidData[4],
sortable=True), tags.h3["Add time range"],
tags.directive('form addTime'), ],
tags.div(id="panelRouting", _class="tabPane")[
PageHelpers.TabSwitcher((
('User ACL', 'panelACLU'),
('Source ACL', 'panelACLS'),
('Active Directory ACL', 'panelACLAD'),
('Domain ACL', 'panelACLD'),
('ACL Gateway', 'panelACLG'),
('Permission ACL', 'panelACLP'),
),
id="acls"),
tags.div(id="panelACLU", _class="tabPane")
[tags.h3["User ACL"], tags.
p["Manage username ACL's. These ACL's can then be used for timed access or source routing"],
self.userACL.applyTable(self), ],
tags.div(id="panelACLS", _class="tabPane")
[tags.h3["Source ACL"], tags.
p["Manage source IP ACL's. These ACL's can then be used for timed access or source routing"],
self.routingACL.applyTable(self), ],
tags.div(id="panelACLAD", _class="tabPane")
[tags.h3["Active Directory ACL"], tags.
p["Manage active directory group bindings to Vulani ACLS. These ACL's can then be used for timed access or source routing"],
self.activeDirectoryACL.applyTable(self)],
tags.div(id="panelACLD", _class="tabPane")
[tags.h3["Domain ACL"], tags.
p["Manage destination domain ACL's. These ACL's can then be used for timed access or source routing"],
self.domainACL.applyTable(self), ],
tags.div(id="panelACLG", _class="tabPane")[
tags.h3["ACL routes"],
self.routingGateway.applyTable(self)],
tags.div(id="panelACLP", _class="tabPane")[
tags.h3["ACL permissions"],
self.permissionACL.applyTable(self)],
PageHelpers.LoadTabSwitcher(id="acls")],
tags.div(id="panelBdom", _class="tabPane")[
tags.h3["Blocked Domains"],
self.addBlock.applyTable(self)], updatePanel,
PageHelpers.LoadTabSwitcher(id="proxy")]
def render_content(self, ctx, data):
rules = self.rules.read()
return ctx.tag[
tags.h2[tags.img(src="/images/firewall.png"), " Firewall"],
tags.img(src="/images/refresh.png"),
tags.
a(href="Restart",
style="font-size:12pt;",
title=
"Restart the firewall and apply the changes. Changes are only activated after this is clicked."
)[tags.strong["Apply Changes"]],
PageHelpers.TabSwitcher((
('Allow IP', 'panelAllowIP'),
('Allow Ports', 'panelAllowPort'),
('Forward Ports', 'panelForwardPort'),
('Transparent Proxy', 'panelTransparentProxy'),
('Firewall Zones', 'panelZones'),
)),
tags.div(id="panelAllowIP", _class="tabPane")
[tags.h3["Allowed IP addresses and networks"],
PageHelpers.dataTable(['Network Zone', 'Source IP', ''], [
r + [
tags.
a(href="Delete/AIP/%s/" % (i),
onclick=
"return confirm('Are you sure you want to delete this entry?');",
title="Delete this allowed IP range")[tags.img(
src="/images/ex.png")]
] for i, r in enumerate(rules['AIP'])
]), tags.h3["Add rule"],
tags.directive('form allowRange'), ],
tags.div(id="panelAllowPort", _class="tabPane")
[tags.h3["Allowed ports"],
PageHelpers.dataTable([
'Network Zone', 'Protocol', 'Port', 'Destination IP', ''
], [
r +
[
tags
.a(href="Delete/APORT/%s/" % (i),
title="Delete this allowed port",
onclick=
"return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]
] for i, r in enumerate(rules['APORT'])
]), tags.h3["Add port rule"],
tags.directive('form allowPort'), ],
tags.div(id="panelForwardPort", _class="tabPane")
[tags.h3["Forwarded ports"],
PageHelpers.dataTable(
['Forward To', 'Protocol', 'Port', 'Destination IP', ''], [
r + [
tags.
a(href="Delete/FORWARD/%s/" % (i),
title="Delete this port forwarding rule",
onclick=
"return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]
] for i, r in enumerate(rules['FORWARD'])
]), tags.h3["Add port forward"],
tags.directive('form forwardPort'), ],
tags.div(id="panelTransparentProxy", _class="tabPane")
[tags.h3["Transparent Proxies"],
PageHelpers.dataTable([
'Source Network', 'Destination Port', 'Source Port',
'Protocol', 'Destination Network', ''
], [
r + [
tags.
a(href="Delete/PROXY/%s/" % (i),
title="Delete this transparent redirection rule",
onclick=
"return confirm('Are you sure you want to delete this entry?');"
)[tags.img(src="/images/ex.png")]
] for i, r in enumerate(rules['PROXY'])
]), tags.h3["Add proxy"],
tags.directive('form transProxy'), ],
tags.div(id="panelZones", _class="tabPane")
[tags.h3["Zones"],
PageHelpers.dataTable(
['Zone Name', 'Policy', 'Log target', 'Interfaces', ''], [[
zone, zd['policy'], zd['log'],
[[i, tags.br] for i in zd['interfaces']],
tags.
a(href="Delete/Zone/%s/" % (zone),
title="Delete this firewall zone",
onclick=
"return confirm('Are you sure you want to delete this zone?');"
)[tags.img(src="/images/ex.png")]
] for zone, zd in self.sysconf.Shorewall.get('zones', {}
).items()]),
tags.h3['Add zone'],
tags.directive('form addZone')],
PageHelpers.LoadTabSwitcher()]
