def _GenerateAddrStatement(self, addrs, exclude_addrs):
addrlist = []
for d in nacaddr.CollapseAddrListRecursive(addrs):
if d != 'any' and str(d) != '::/0':
addrlist.append('dst net %s' % (d))
excludes = []
if exclude_addrs:
for d in nacaddr.CollapseAddrListRecursive(exclude_addrs):
if d != 'any' and str(d) != '::/0':
excludes.append('not dst net %s' % (d))
else:
# excluding 'any' doesn't really make sense ...
return ''
if excludes:
return Term.JoinConditionals(
[Term.JoinConditionals(addrlist, 'or'),
Term.JoinConditionals(excludes, 'or')], 'and not')
else:
return Term.JoinConditionals(addrlist, 'or')
def _GenerateAddressBook(self):
"""Creates address book."""
target = IndentList(self.INDENT)
# create address books if address-book-type set to global
if self.addr_book_type_global:
global_address_book = collections.defaultdict(list)
target.IndentAppend(1, 'replace: address-book {')
target.IndentAppend(2, 'global {')
for zone in self.addressbook:
for group in self.addressbook[zone]:
for address in self.addressbook[zone][group]:
global_address_book[group].append(address)
names = sorted(global_address_book.keys())
for name in names:
counter = 0
ips = nacaddr.SortAddrList(global_address_book[name])
ips = nacaddr.CollapseAddrListRecursive(ips)
global_address_book[name] = ips
for ip in ips:
target.IndentAppend(
4, 'address ' + name + '_' + str(counter) + ' ' +
str(ip) + ';')
counter += 1
for group in sorted(global_address_book.keys()):
target.IndentAppend(4, 'address-set ' + group + ' {')
counter = 0
for unused_addr in global_address_book[group]:
target.IndentAppend(
5, 'address ' + group + '_' + str(counter) + ';')
counter += 1
target.IndentAppend(4, '}')
target.IndentAppend(2, '}')
target.IndentAppend(1, '}')
else:
target.IndentAppend(1, 'zones {')
for zone in self.addressbook:
target.IndentAppend(2, 'security-zone ' + zone + ' {')
target.IndentAppend(3, 'replace: address-book {')
# building individual addresses
groups = sorted(self.addressbook[zone])
for group in groups:
ips = nacaddr.SortAddrList(self.addressbook[zone][group])
ips = nacaddr.CollapseAddrListRecursive(ips)
self.addressbook[zone][group] = ips
count = 0
for address in self.addressbook[zone][group]:
target.IndentAppend(
4, 'address ' + group + '_' + str(count) + ' ' +
str(address) + ';')
count += 1
# building address-sets
for group in groups:
target.IndentAppend(4, 'address-set ' + group + ' {')
count = 0
for address in self.addressbook[zone][group]:
target.IndentAppend(
5, 'address ' + group + '_' + str(count) + ';')
count += 1
target.IndentAppend(4, '}')
target.IndentAppend(3, '}')
target.IndentAppend(2, '}')
target.IndentAppend(1, '}')
return target
