def _GET(self, *param, **params): host_id = self.chk_hostby1(param) if host_id is None: return web.notfound() self.view.host_id = host_id kit = KaresansuiIpTables() if os.path.exists(kit.firewall_xml_file) is False: self.view.have_config = False else: kit.firewall_xml = kit.read_firewall_xml() self.view.base_policy = 'ACCEPT' self.view.rules = kit.get_rules() self.view.have_config = True return True
def validates_rule(obj, is_newrule=False): checker = Checker() check = True _ = obj._ checker.errors = [] obj.view.error_msg = checker.errors if is_newrule: kit = KaresansuiIpTables() rule_id_max_length = 1 if os.path.exists(kit.firewall_xml_file) is False: check = False checker.add_error(_('Has not been initialized. Please initialize.')) else: kit.firewall_xml = kit.read_firewall_xml() rule_id_max_length += len(kit.get_rules()) if not is_param(obj.input, 'rule_id'): check = False checker.add_error(_('"%s" is required.') % _('ID')) else: check = checker.check_number( _('ID'), obj.input.rule_id, CHECK_EMPTY | CHECK_VALID | CHECK_MIN | CHECK_MAX, min = ID_MIN_LENGTH, max = rule_id_max_length, ) and check if not is_param(obj.input, 'target'): check = False checker.add_error(_('"%s" is required.') % _('Target')) else: check = checker.check_firewall_policy( _('Target'), obj.input.target, CHECK_EMPTY | CHECK_VALID, ) and check if not is_param(obj.input, 'protocol'): check = False checker.add_error(_('"%s" is required.') % _('Protocol')) else: check = checker.check_firewall_protocol( _('Protocol'), obj.input.protocol, CHECK_VALID, ) and check if not is_param(obj.input, 'source'): check = False checker.add_error(_('"%s" is required.') % _('Source Address')) else: check = checker.check_ipaddr( _('Source Address'), obj.input.source, CHECK_VALID, ) and check if not is_param(obj.input, 'sport'): check = False checker.add_error(_('"%s" is required.') % _('Source Port')) else: if obj.input.protocol == 'tcp' or obj.input.protocol == 'udp': check = checker.check_number( _('Source Port'), obj.input.sport, CHECK_VALID | CHECK_MIN | CHECK_MAX, min = PORT_MIN_NUMBER, max = PORT_MAX_NUMBER, ) and check if not is_param(obj.input, 'destination'): check = False checker.add_error(_('"%s" is required.') % _('Destination Address')) else: check = checker.check_ipaddr( _('Destination Address'), obj.input.destination, CHECK_VALID, ) and check if not is_param(obj.input, 'dport'): check = False checker.add_error(_('"%s" is required.') % _('Destination Port')) else: if obj.input.protocol == 'tcp' or obj.input.protocol == 'udp': check = checker.check_number( _('Destination Port'), obj.input.dport, CHECK_VALID | CHECK_MIN | CHECK_MAX, min = PORT_MIN_NUMBER, max = PORT_MAX_NUMBER, ) and check if not is_param(obj.input, 'inif'): check = False checker.add_error(_('"%s" is required.') % _('In Interface')) else: check = checker.check_firewall_if( _('In Interface'), obj.input.inif, CHECK_EXIST, ) and check if not is_param(obj.input, 'outif'): check = False checker.add_error(_('"%s" is required.') % _('Out Interface')) else: check = checker.check_firewall_if( _('Out Interface'), obj.input.outif, CHECK_EXIST, ) and check obj.view.alert = checker.errors return check
def _GET(self, *param, **params): host_id = self.chk_hostby1(param) if host_id is None: return web.notfound() self.view.host_id = host_id kit = KaresansuiIpTables() if os.path.exists(kit.firewall_xml_file) is False: self.view.have_config = False else: kit.firewall_xml = kit.read_firewall_xml() # -- self.view.iptables = Storage( is_running=kit.is_running(), is_configured=kit.is_configured(), ) self.view.have_config = True if self.is_mode_input() is True: self.view.default_rule_id = len(kit.get_rules()) + 1 self.view.targets = kit.basic_targets['filter'] self.view.protocols = kit.chain_protos devtype_regexs = { "phy":"^(lo|eth)", "vir":"^(xenbr|virbr|vif|veth)", } devtype_phy_regex = re.compile(r"%s" % devtype_regexs['phy']) devtype_vir_regex = re.compile(r"%s" % devtype_regexs['vir']) devs = {} devs['phy'] = [] devs['vir'] = [] devs['oth'] = [] cidrs = [] ips = [] for dev,dev_info in get_ifconfig_info().iteritems(): try: if devtype_phy_regex.match(dev): devs['phy'].append(dev) elif devtype_vir_regex.match(dev): devs['vir'].append(dev) else: devs['oth'].append(dev) if dev_info['ipaddr'] is not None: if not dev_info['ipaddr'] in ips: ips.append(dev_info['ipaddr']) if dev_info['cidr'] is not None: if not dev_info['cidr'] in cidrs: cidrs.append(dev_info['cidr']) except: pass devs['phy'].sort() devs['vir'].sort() devs['oth'].sort() self.view.devs = [{'Physical' : devs['phy']}, {'Virtual' : devs['vir']}, {'Other' : devs['oth']}, ] self.view.cidrs = cidrs self.view.ips = ips # -- return True
def _GET(self, *param, **params): host_id = self.chk_hostby1(param) if host_id is None: return web.notfound() rule_id = param[1] if not validates_param_id(self, rule_id): return web.notfound(self.view.alert) kit = KaresansuiIpTables() kit.firewall_xml = kit.read_firewall_xml() rules = kit.get_rules() cnt = 1 for rule in rules: if cnt == int(rule_id): self.view.rule = rule break cnt = cnt + 1 if self.is_mode_input(): self.view.targets = kit.basic_targets['filter'] self.view.protocols = kit.chain_protos self.view.netinfo = get_ifconfig_info() devtype_regexs = { "phy":"^(lo|eth)", "vir":"^(xenbr|virbr|vif|veth)", } devtype_phy_regex = re.compile(r"%s" % devtype_regexs['phy']) devtype_vir_regex = re.compile(r"%s" % devtype_regexs['vir']) devs = {} devs['phy'] = [] devs['vir'] = [] devs['oth'] = [] cidrs = [] ips = [] for dev,dev_info in get_ifconfig_info().iteritems(): try: if devtype_phy_regex.match(dev): devs['phy'].append(dev) elif devtype_vir_regex.match(dev): devs['vir'].append(dev) else: devs['oth'].append(dev) if dev_info['ipaddr'] is not None: if not dev_info['ipaddr'] in ips: ips.append(dev_info['ipaddr']) if dev_info['cidr'] is not None: if not dev_info['cidr'] in cidrs: cidrs.append(dev_info['cidr']) except: pass devs['phy'].sort() devs['vir'].sort() devs['oth'].sort() self.view.devs = [{'Physical' : devs['phy']}, {'Virtual' : devs['vir']}, {'Other' : devs['oth']}, ] self.view.cidrs = cidrs self.view.ips = ips return True else: return web.nomethod()
def _GET(self, *param, **params): host_id = self.chk_hostby1(param) if host_id is None: return web.notfound() self.view.host_id = host_id kit = KaresansuiIpTables() if os.path.exists(kit.firewall_xml_file) is False: self.view.have_config = False else: kit.firewall_xml = kit.read_firewall_xml() # -- self.view.iptables = Storage( is_running=kit.is_running(), is_configured=kit.is_configured(), ) self.view.have_config = True if self.is_mode_input() is True: self.view.default_rule_id = len(kit.get_rules()) + 1 self.view.targets = kit.basic_targets['filter'] self.view.protocols = kit.chain_protos devtype_regexs = { "phy": "^(lo|eth)", "vir": "^(xenbr|virbr|vif|veth)", } devtype_phy_regex = re.compile(r"%s" % devtype_regexs['phy']) devtype_vir_regex = re.compile(r"%s" % devtype_regexs['vir']) devs = {} devs['phy'] = [] devs['vir'] = [] devs['oth'] = [] cidrs = [] ips = [] for dev, dev_info in get_ifconfig_info().iteritems(): try: if devtype_phy_regex.match(dev): devs['phy'].append(dev) elif devtype_vir_regex.match(dev): devs['vir'].append(dev) else: devs['oth'].append(dev) if dev_info['ipaddr'] is not None: if not dev_info['ipaddr'] in ips: ips.append(dev_info['ipaddr']) if dev_info['cidr'] is not None: if not dev_info['cidr'] in cidrs: cidrs.append(dev_info['cidr']) except: pass devs['phy'].sort() devs['vir'].sort() devs['oth'].sort() self.view.devs = [ { 'Physical': devs['phy'] }, { 'Virtual': devs['vir'] }, { 'Other': devs['oth'] }, ] self.view.cidrs = cidrs self.view.ips = ips # -- return True
def _GET(self, *param, **params): host_id = self.chk_hostby1(param) if host_id is None: return web.notfound() rule_id = param[1] if not validates_param_id(self, rule_id): return web.notfound(self.view.alert) kit = KaresansuiIpTables() kit.firewall_xml = kit.read_firewall_xml() rules = kit.get_rules() cnt = 1 for rule in rules: if cnt == int(rule_id): self.view.rule = rule break cnt = cnt + 1 if self.is_mode_input(): self.view.targets = kit.basic_targets['filter'] self.view.protocols = kit.chain_protos self.view.netinfo = get_ifconfig_info() devtype_regexs = { "phy":"^(lo|eth)", "vir":"^(xenbr|virbr|vif|veth)", } devtype_phy_regex = re.compile(r"%s" % devtype_regexs['phy']) devtype_vir_regex = re.compile(r"%s" % devtype_regexs['vir']) devs = {} devs['phy'] = [] devs['vir'] = [] devs['oth'] = [] cidrs = [] ips = [] for dev,dev_info in get_ifconfig_info().iteritems(): try: if devtype_phy_regex.match(dev): devs['phy'].append(dev) elif devtype_vir_regex.match(dev): devs['vir'].append(dev) else: devs['oth'].append(dev) if dev_info['ipaddr'] is not None: if not dev_info['ipaddr'] in ips: ips.append(dev_info['ipaddr']) if dev_info['cidr'] is not None: if not dev_info['cidr'] in cidrs: cidrs.append(dev_info['cidr']) except: pass devs['phy'].sort() devs['vir'].sort() devs['oth'].sort() self.view.devs = [{'Physical' : devs['phy']}, {'Virtual' : devs['vir']}, {'Other' : devs['oth']}, ] self.view.cidrs = cidrs self.view.ips = ips return True else: return web.nomethod()