def __init__(self, name, nat, cacheable=TRUE):
"""
<method maturity="stable">
<summary>
Constructor to initialize a NAT policy.
</summary>
<description>
<para>
This contructor initializes a NAT policy.
</para>
</description>
<metainfo>
<arguments>
<argument>
<name>name</name>
<type>
<string/>
</type>
<description>Name identifying the NAT policy.</description>
</argument>
<argument>
<name>nat</name>
<type>
<class filter="nat" instance="yes"/>
</type>
<description>NAT object which performs address translation.</description>
</argument>
<argument>
<name>cacheable</name>
<type>
<boolean/>
</type>
<default>TRUE</default>
<description>Enable this parameter to cache the NAT decisions.</description>
</argument>
</arguments>
</metainfo>
</method>
"""
self.name = name
self.nat = nat
self.cacheable = cacheable
if self.cacheable:
self.nat_cache = ShiftCache('nat(%s)' % name, 1000)
if Globals.nat_policies.has_key(name):
raise ValueError, "Duplicate NATPolicy name: %s" % name
Globals.nat_policies[name] = self
def __init__(self, bindto=None, services=None, **kw):
"""
<method maturity="stable">
<summary>Constructor to initialize a ZoneDispatcher instance.</summary>
<description>
<para>
This constructor initializes a ZoneDispatcher instance and sets
its initial attributes based on arguments.
</para>
</description>
<metainfo>
<arguments>
<argument maturity="stable">
<name>bindto</name>
<type></type>
<description>bind to this address</description>
</argument>
<argument maturity="stable">
<name>services</name>
<type></type>
<description>a mapping between zone names and services</description>
</argument>
<argument maturity="stable">
<name>follow_parent</name>
<type></type>
<description>whether to follow the administrative hieararchy when finding the correct service</description>
</argument>
</arguments>
</metainfo>
</method>
"""
if (ZoneDispatcher.deprecated_warning):
ZoneDispatcher.deprecated_warning = False
log(
None, CORE_DEBUG, 3,
"Use of ZoneDispatcher class is deprecated, Rule should be used instead."
)
self.follow_parent = kw.pop('follow_parent', FALSE)
super(ZoneDispatcher, self).__init__(bindto, None, **kw)
self.services = services
self.cache = ShiftCache('sdispatch(%s)' % str(bindto),
config.options.zone_dispatcher_shift_threshold)
def __init__(self, bindto=None, services=None, **kw):
"""
<method maturity="stable">
<summary>Constructor to initialize a CSZoneDispatcher instance.</summary>
<description>
<para>
This constructor initializes a CSZoneDispatcher instance and sets
its initial attributes based on arguments.
</para>
</description>
<metainfo>
<arguments>
<argument maturity="stable">
<name>bindto</name>
<type>
<sockaddr existing="yes"/>
</type>
<description>An existing <link linkend="python.SockAddr">socket address</link> containing the IP address and port number where the Dispatcher accepts connections.</description>
</argument>
<argument maturity="stable">
<name>services</name>
<type>
<hash>
<key>
<tuple>
<zone/>
<zone/>
</tuple>
</key>
<value>
<service/>
</value>
</hash>
</type>
<guitype>HASH;STRING_zone,STRING_zone;STRING_service</guitype>
<description>Client zone - server zone - service name pairs
using the <parameter>(("client_zone","server_zone"):"service")</parameter>
format; specifying the service to start when the dispatcher
accepts a connection from the given
client zone that targets the server zone.</description>
</argument>
<argument maturity="stable">
<name>follow_parent</name>
<type>
<boolean/>
</type>
<description>Set this parameter to <parameter>TRUE</parameter>
if the dispatcher handles also the connections coming from
the child zones of the selected client zones. Otherwise,
the dispatcher accepts traffic only from the explicitly
listed client zones.</description>
</argument>
</arguments>
</metainfo>
</method>
"""
self.follow_parent = kw.pop('follow_parent', FALSE)
super(CSZoneDispatcher, self).__init__(bindto, None, **kw)
self.services = services
self.cache = ShiftCache('csdispatch(%s)' % str(self.bindto),
config.options.zone_dispatcher_shift_threshold)
(for example, the IP addresses and zone of the server and the client,
and the username and group memberships of the user when authentication is used).
Other components of Zorp refer to this data
when making various policy-based decisions.
</para>
</description>
<metainfo/>
</module>
"""
import Zorp
from Zorp import *
from Zone import root_zone
from Cache import ShiftCache
inbound_cache = ShiftCache('inbound_cache', config.options.inbound_service_cache_threshold)
outbound_cache = ShiftCache('outbound_cache', config.options.outbound_service_cache_threshold)
class AbstractSession:
"""
<class maturity="stable" abstract="yes" internal="yes">
<summary>
Class encapsulating an abstract session for different types (master, or stacked).
</summary>
<description>
<para>
Abstract base class for different session types (master, or stacked),
both MasterSession and StackedSession are derived from this class.
</para>
</description>
<metainfo>
