def firewall(zones=None, interfaces=None, policy=None, rules=None,
routestopped=None, masq=None):
"""
Ensure that a firewall is configured.
Example::
from fabtools.shorewall import *
from fabtools import require
# We need a firewall with some custom rules
require.shorewall.firewall(
rules=[
Ping(),
SSH(),
HTTP(),
HTTPS(),
SMTP(),
rule(port=1234, source=hosts(['example.com'])),
]
)
"""
family = distrib_family()
if family != 'debian':
raise UnsupportedFamily(supported=['debian'])
require_deb_package('shorewall')
with watch(CONFIG_FILES) as config:
_zone_config(zones)
_interfaces_config(interfaces)
_policy_config(policy)
_rules_config(rules)
_routestopped_config(routestopped)
_masq_config(masq)
if config.changed:
puts("Shorewall configuration changed")
if is_started():
restart('shorewall')
with settings(hide('running'), shell_env()):
sed('/etc/default/shorewall', 'startup=0', 'startup=1', use_sudo=True)
def firewall(zones=None, interfaces=None, policy=None, rules=None, routestopped=None, masq=None):
"""
Ensure that a firewall is configured.
Example::
from fabtools.shorewall import *
from fabtools import require
# We need a firewall with some custom rules
require.shorewall.firewall(
rules=[
Ping(),
SSH(),
HTTP(),
HTTPS(),
SMTP(),
rule(port=1234, source=hosts(['example.com'])),
]
)
"""
family = distrib_family()
if family != "debian":
raise UnsupportedFamily(supported=["debian"])
require_deb_package("shorewall")
with watch(CONFIG_FILES) as config:
_zone_config(zones)
_interfaces_config(interfaces)
_policy_config(policy)
_rules_config(rules)
_routestopped_config(routestopped)
_masq_config(masq)
if config.changed:
puts("Shorewall configuration changed")
if is_started():
restart("shorewall")
with settings(hide("running"), shell_env()):
sed("/etc/default/shorewall", "startup=0", "startup=1", use_sudo=True)
def firewall(zones=None, interfaces=None, policy=None, rules=None,
routestopped=None, masq=None):
"""
Ensure that a firewall is configured.
Example::
from fabtools.shorewall import *
from fabtools import require
# We need a firewall with some custom rules
require.shorewall.firewall(
rules=[
Ping(),
SSH(),
HTTP(),
HTTPS(),
SMTP(),
rule(port=1234, source=hosts(['example.com'])),
]
)
"""
package('shorewall')
with watch(CONFIG_FILES) as config:
_zone_config(zones)
_interfaces_config(interfaces)
_policy_config(policy)
_rules_config(rules)
_routestopped_config(routestopped)
_masq_config(masq)
if config.changed:
puts("Shorewall configuration changed")
if is_started():
restart('shorewall')
with settings(hide('running'), shell_env()):
sed('/etc/default/shorewall', 'startup=0', 'startup=1', use_sudo=True)
def started():
"""
Ensure that the firewall is started.
"""
if not is_started():
start('shorewall')
def started():
"""
Ensure that the firewall is started.
"""
if not is_started():
start('shorewall')
def test_require_firewall_started(firewall):
from fabtools.require.shorewall import started
from fabtools.shorewall import is_started
started()
assert is_started()
def test_require_firewall_started(firewall):
from fabtools.require.shorewall import started
from fabtools.shorewall import is_started
started()
assert is_started()