def ports(saved=False):
"""the function returns the ports page when the user is logged in"""
utils = Webutils()
rules = RulesHandler()
if utils.check_login() is True:
payload = utils.get_default_payload("Ports")
payload.tcp = rules.get_rules_for_web("tcp")
payload.udp = rules.get_rules_for_web("udp")
payload.custom = False
if rules.diff_new_current("tcp") is True or rules.diff_new_current(
"udp") is True:
payload.custom = True
payload.saved = saved
return render_template('ports.html', vars=payload)
return login("", None)
def whitelist(saved=False):
"""the function returns the whitelist page when the user is logged in"""
utils = Webutils()
rules = RulesHandler()
if utils.check_login() is True:
payload = utils.get_default_payload("Whitelist")
payload.addresses = rules.get_rules_for_web("whitelist")
payload.custom = rules.diff_new_current("whitelist")
payload.saved = saved
return render_template('whitelist.html', vars=payload)
return login("", None)
def ports(saved: bool = False) -> str:
"""Return the ports page when the user is logged in."""
utils = Webutils()
rules = RulesHandler()
if utils.check_login(request) is True:
payload = utils.get_default_payload("Open Ports")
payload.lead = """
On this page you can open ports for incoming connections.<br />
You can add tcp and udp ports.<br />
Please check whether the entries in the list are needed in the future and
remove old entries if they are no longer needed.<br />
To list all open ports under Linux use the command <code>netstat -ln</code>
"""
payload.tcp = natsorted(rules.get_rules_for_web("tcp"), key=itemgetter(*['port']))
payload.udp = natsorted(rules.get_rules_for_web("udp"), key=itemgetter(*['port']))
payload.custom = False
if rules.diff_new_current("tcp") is True or rules.diff_new_current("udp") is True:
payload.custom = True
payload.saved = saved
return render_template('ports.html', vars=payload)
return login()
def blacklist(saved: bool = False) -> str:
"""the function returns the blacklist page when the user is logged in"""
utils = Webutils()
rules = RulesHandler()
if utils.check_login(request) is True:
payload = utils.get_default_payload("Blacklist")
payload.lead = """
On this page you can list IP addresses that are not allowed to connect to this machine.
<br />
Please check the IP addresses carefully, as they are not checked by easywall.<br />
You can add IPv4 and IPv6 addresses to the list.
"""
payload.addresses = rules.get_rules_for_web("blacklist")
payload.custom = rules.diff_new_current("blacklist")
payload.saved = saved
return render_template('blacklist.html', vars=payload)
return login()
def custom(saved: bool = False) -> str:
"""the function returns the custom rules page when the user is logged in"""
utils = Webutils()
rules = RulesHandler()
if utils.check_login(request) is True:
payload = utils.get_default_payload("Custom")
payload.lead = """
On this page you can add your own firewall rules.<br />
Please check the rules for accuracy, as these are not tested by easywall.<br />
<br />
To add your own rule, simply copy the rule into the text box. One rule per line.<br />
It is important to omit the iptables command.<br />
Example: <code>-P FORWARD DROP</code>
"""
payload.rules = rules.get_rules_for_web("custom")
payload.custom = rules.diff_new_current("custom")
payload.saved = saved
return render_template('custom.html', vars=payload)
return login()
def forwarding(saved: bool = False) -> str:
"""TODO: Doku."""
utils = Webutils()
rules = RulesHandler()
if utils.check_login(request):
payload = utils.get_default_payload("Port Forwarding")
payload.lead = """
This page allows you to forward ports from the local system to ports on the
Internet.<br />
This is especially useful if the port of an application cannot be changed.<br />
Enter the port type, source and destination.<br />
You do not have to release the public port separately, easywall will do that for you.
"""
payload.forwardings = rules.get_rules_for_web("forwarding")
payload.custom = False
if rules.diff_new_current("forwarding"):
payload.custom = True
payload.saved = saved
return render_template('forwarding.html', vars=payload)
return login()
class TestRulesHandler(unittest.TestCase):
"""TODO: Doku."""
def setUp(self) -> None:
"""TODO: Doku."""
self.rules = RulesHandler()
def test_get_current_rules(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.rules.apply_new_rules()
self.assertEqual(self.rules.get_current_rules("tcp"), ports)
def test_get_new_rules(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.assertEqual(self.rules.get_new_rules("tcp"), ports)
def test_backup_current_rules(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.rules.apply_new_rules()
self.rules.backup_current_rules()
self.assertEqual(self.rules.get_backup_rules("tcp"), ports)
def test_apply_new_rules(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", [])
self.rules.apply_new_rules()
self.assertEqual(self.rules.get_current_rules("tcp"), [])
self.rules.save_new_rules("tcp", ports)
self.rules.apply_new_rules()
self.assertEqual(self.rules.get_current_rules("tcp"), ports)
def test_get_rules_for_web(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.rules.apply_new_rules()
self.assertEqual(self.rules.get_rules_for_web("tcp"), ports)
ports = []
entry = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "8080"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.assertEqual(self.rules.get_rules_for_web("tcp"), ports)
def test_rollback_from_backup(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.rules.apply_new_rules()
self.rules.backup_current_rules()
self.rules.save_new_rules("tcp", [])
self.rules.apply_new_rules()
self.assertEqual(self.rules.get_current_rules("tcp"), [])
self.rules.rollback_from_backup()
self.assertEqual(self.rules.get_current_rules("tcp"), ports)
def test_diff_new_current(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "123"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "1234"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.rules.apply_new_rules()
ports = []
entry = {}
entry["description"] = "test"
entry["port"] = "1337"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.assertTrue(self.rules.diff_new_current("tcp"))
self.rules.apply_new_rules()
self.assertFalse(self.rules.diff_new_current("tcp"))
def test_save_new_rules(self) -> None:
"""TODO: Doku."""
ports: list = []
entry: dict = {}
entry["description"] = "test"
entry["port"] = "80"
entry["ssh"] = False
ports.append(entry)
entry = {}
entry["description"] = "test"
entry["port"] = "443"
entry["ssh"] = False
ports.append(entry)
self.rules.save_new_rules("tcp", ports)
self.assertEqual(self.rules.get_new_rules("tcp"), ports)
