def iptable_route_from_data(self, data):
if data[0] == "default":
ip_route = Ip("0.0.0.0")
mask_route = Ip("0.0.0.0", "0.0.0.0")
interface_name = data[4]
id = len(self.routes)
gw = Ip(data[2])
tmp = Route(id, interface_name, ip_route, mask_route, gw)
self.routes.append(tmp)
else:
print data[0]
if '/' in data[0]:
ip_route = Ip(data[0].split('/')[0])
mask_route = Ip(
"0.0.0.0", self.fromDec2Dotted(int(data[0].split('/')[1])))
else:
ip_route = Ip(data[0])
mask_route = Ip("0.0.0.0")
interface_name = data[2]
iface = None
for interface in self.fw.interfaces:
if interface.nameif == interface_name:
iface = interface
break
if iface is not None:
id = len(self.routes)
tmp = Route(id, iface, ip_route, mask_route, iface.network)
self.routes.append(tmp)
return self.routes
def p_route_line(p):
'''route_line : ROUTE item IP_ADDR IP_ADDR IP_ADDR NUMBER'''
#for i in p : print i
iface = p_info['firewall'].get_interface_by_name(str(p[2]))
route = Route(p_info['index_route'], iface, Ip(p[3]), Ip(p[4]), Ip(p[5]), int(p[6]))
p_info['route_list'].append(route)
p_info['index_route'] += 1
print route.to_string()
print ('okk')
print 'pb instanticiation de la route'
def p_route_line(p):
'''route_line : ROUTE item IP_ADDR IP_ADDR IP_ADDR NUMBER'''
#for i in p : print i
iface = p_info['firewall'].get_interface_by_name(str(p[2]))
route = Route(p_info['index_route'], iface, Ip(p[3]), Ip(p[4]), Ip(p[5]),
int(p[6]))
p_info['route_list'].append(route)
p_info['index_route'] += 1
print route.to_string()
print('okk')
print 'pb instanticiation de la route'
def p_route_line2(p):
'''route_line : IP_ADDR SLASH NUMBER VIA IP_ADDR DEV WORD'''
print[p[i] for i in range(len(p))]
iface = p_info['firewall'].get_interface_by_name(str(p[5]))
if not isinstance(iface, Interface):
for i in p_info['firewall'].interfaces:
iface = i.get_subif_by_name(str(p[5]))
if isinstance(iface, Interface):
break
route = Route(p_info['index_route'], iface, Ip(p[1]),
Ip(fromDec2Dotted(int(p[3]))), Ip(p[5]))
print route.to_string()
p_info['route_list'].append(route)
p_info['index_route'] += 1
def p_default_route_line(p):
'''route_line : DEFAULT VIA IP_ADDR DEV WORD'''
print[p[i] for i in range(len(p))]
iface = p_info['firewall'].get_interface_by_name(str(p[5]))
if not isinstance(iface, Interface):
for i in p_info['firewall'].interfaces:
iface = i.get_subif_by_name(str(p[5]))
if isinstance(iface, Interface):
break
route = Route(p_info['index_route'], iface, Ip('0.0.0.0'), Ip('0.0.0.0'),
Ip(p[3]))
print route.to_string()
p_info['route_list'].append(route)
p_info['index_route'] += 1
def init(name, raise_on_error=False):
# clear object variables
parser.object_dict.clear()
# init firewall
p_info['firewall'] = Firewall()
p_info['firewall'].name = name
p_info['firewall'].hostname = ntpath.basename(name)
p_info['firewall'].type = 'Iptables'
# create default acl
p_info['firewall'].acl.append(ACL('INPUT'))
p_info['firewall'].acl.append(ACL('FORWARD'))
p_info['firewall'].acl.append(ACL('OUTPUT'))
# init parser state
p_info['current_interface_name'] = None
p_info['used_object'] = set()
p_info['default_policy'] = dict()
p_info['default_policy']['INPUT'] = Action(True)
p_info['default_policy']['FORWARD'] = Action(True)
p_info['default_policy']['OUTPUT'] = Action(True)
p_info['current_chain'] = None
p_info['rule_id'] = 0
p_info['rule_list'] = []
p_info['rule_bind'] = dict()
p_info['current_rule'] = Rule(p_info['rule_id'], None, [], [], [], [], [],
Action(False))
p_info['rule_bind'][p_info['rule_id']] = [None, None]
p_info['current_table'] = None
# raise on error option
p_info['raise_on_error'] = raise_on_error
#parsing routes
p_info['route_list'] = []
p_info['current_route'] = Route(None, None, None, None, None, 1)
p_info['index_route'] = 0
def p_route_line(p) :
'''route_line : SET ROUTE IP_ADDR SLASH NUMBER INTERFACE WORD GATEWAY IP_ADDR
| SET ROUTE IP_ADDR SLASH NUMBER INTERFACE WORD GATEWAY IP_ADDR PREFERENCE NUMBER'''
iface = p_info['firewall'].get_interface_by_nameif(str(p[7]))
if not isinstance(iface, Interface) :
for i in p_info['firewall'].interfaces :
iface = i.get_subif_by_nameif(str(p[7]))
if isinstance(iface, Interface) : break
print iface.name
route = Route(p_info['index_route'], iface, Ip(p[3]), Ip(str(calcDottedMask(int(p[5])))), Ip(p[9]))
print 'ok'
p_info['route_list'].append(route)
p_info['index_route'] += 1
print route.to_string()
print ('okk')
print 'pb instanticiation de la route'
def p_route_line(p):
'''route_line : SET ROUTE IP_ADDR SLASH NUMBER INTERFACE WORD GATEWAY IP_ADDR
| SET ROUTE IP_ADDR SLASH NUMBER INTERFACE WORD GATEWAY IP_ADDR PREFERENCE NUMBER'''
iface = p_info['firewall'].get_interface_by_nameif(str(p[7]))
if not isinstance(iface, Interface):
for i in p_info['firewall'].interfaces:
iface = i.get_subif_by_nameif(str(p[7]))
if isinstance(iface, Interface): break
print iface.name
route = Route(p_info['index_route'], iface, Ip(p[3]),
Ip(str(calcDottedMask(int(p[5])))), Ip(p[9]))
print 'ok'
p_info['route_list'].append(route)
p_info['index_route'] += 1
print route.to_string()
print('okk')
print 'pb instanticiation de la route'
def p_route_line(p) :
'''route_line : ROUTE WORD IP_ADDR IP_ADDR IP_ADDR NUMBER'''
iface = p_info['firewall'].get_interface_by_name(str(p[2]))
if not isinstance(iface, Interface) :
for i in p_info['firewall'].interfaces :
iface = i.get_subif_by_name(str(p[7]))
if isinstance(iface, Interface) : break
route = Route(p_info['index_route'], iface, Ip(p[3]), Ip(p[4]), Ip(p[5]), int(p[6]))
p_info['route_list'].append(route)
p_info['index_route'] += 1
def init(name, raise_on_error=False):
p_info['firewall_list'] = []
p_info['raise_on_error'] = raise_on_error
p_info['use_vdom'] = False
p_info['name'] = name
p_info['hostname'] = ntpath.basename(name)
p_info['current_state'] = []
p_info['interface_list'] = []
p_info['zone_list'] = {}
p_info['current_zone'] = None
p_info['route_list'] = []
p_info['current_route'] = Route(None, None, None, None, None, 1)
p_info['index_route'] = 0
restore_or_create_fw(None)
def init(name, raise_on_error=False):
object_dict.clear()
p_info['firewall'] = Firewall()
p_info['firewall'].name = name
p_info['firewall'].hostname = ntpath.basename(name)
p_info['firewall'].type = 'Juniper Netscreen'
p_info['current_policy'] = Rule(0, "", [], [], [], [], [], Action(False))
p_info['context_policy'] = Rule(0, "", [], [], [], [], [], Action(False)),
p_info['policy_zone_src'] = None
p_info['policy_zone_dst'] = None
p_info['current_object'] = []
p_info['used_object'] = set()
p_info['policy_context'] = 0
p_info['index_rule'] = -1
p_info['default_permit_all'] = False
p_info['raise_on_error'] = raise_on_error
p_info['route_list'] = []
p_info['current_route'] = Route(None, None, None, None, None, 1)
p_info['index_route'] = 0
def init(name, raise_on_error=False):
object_dict.clear()
p_info['firewall'] = Firewall()
p_info['firewall'].name = name
p_info['firewall'].hostname = ntpath.basename(name)
p_info['firewall'].type = 'Cisco Asa'
p_info['interface_state'] = False
p_info['current_interface'] = None
p_info['object_name'] = None
p_info['used_object'] = set()
p_info['bounded_rules'] = set()
p_info['rule_id'] = 0
p_info['rule_list'] = []
p_info['current_rule'] = Rule(None, None, [], [], [], [], [], Action(False))
p_info['index_rule'] = 0
p_info['global_rules'] = []
p_info['raise_on_error'] = raise_on_error
p_info['route_list']= []
p_info['current_route'] = Route(None, None,None, None,None, 1)
p_info['index_route'] = 0
def _init(vdom):
object_dict.clear()
p_info['firewall'] = Firewall()
p_info['firewall'].name = p_info['name']
p_info['firewall'].hostname = p_info['hostname'] + ('-' +
vdom if vdom else '')
p_info['firewall'].type = 'Fortinet FortiGate'
p_info['vdom'] = vdom
p_info['srcintf'] = []
p_info['dstintf'] = []
p_info['used_object'] = set()
p_info['bounded_rules'] = set()
p_info['current_rule'] = Rule(None, None, [], [], [], [], [],
Action(False))
p_info['current_interface'] = Interface(None, None, None, [])
p_info['current_object'] = None
p_info['range_ip'] = None
p_info['range_port'] = None
p_info['route_list'] = []
p_info['current_route'] = Route(None, None, None, None, None, 1)
p_info['index_route'] = 0
def fortigate_route_from_data(self, data):
if len(data) == 6:
if data[0] == "S" or data[0] == "S*":
search_interface = None
newIp = None
ip1 = None
for idx_inter, interface in enumerate(self.fw.interfaces):
if interface.nameif == data[5][:len(data[5]) - 1]:
search_interface = idx_inter
network1 = netaddr.IPNetwork(data[1])
newIp = Ip(int(network1.ip), int(network1.netmask))
ip1 = Ip(
int(netaddr.IPAddress(data[4][:len(data[4]) - 1])),
"255.255.255.255")
self.identifier += 1
break
if search_interface is not None and newIp is not None and ip1 is not None:
new_route = Route(self.identifier,
self.fw.interfaces[search_interface],
newIp, newIp, ip1)
self.routes.append(new_route)
else:
return None
'dstintf': [],
'used_object': set(),
'bounded_rules': set(),
'current_rule': Rule(None, None, [], [], [], [], [], Action(False)),
'current_interface': Interface(None, None, None, []),
'current_object': None,
'current_state': [],
'range_ip': None,
'range_port': None,
'raise_on_error': False,
'use_vdom': False,
'interface_list': [],
'zone_list': {},
'current_zone': None,
'route_list': [],
'current_route': Route(None, None, None, None, None, 1),
'index_route': 0,
}
def init(name, raise_on_error=False):
p_info['firewall_list'] = []
p_info['raise_on_error'] = raise_on_error
p_info['use_vdom'] = False
p_info['name'] = name
p_info['hostname'] = ntpath.basename(name)
p_info['current_state'] = []
p_info['interface_list'] = []
p_info['zone_list'] = {}
p_info['current_zone'] = None
p_info['route_list'] = []
def update():
p_info['current_route'] = Route(None, None, None, None, None, 1)
p_info['index_route'] = len(p_info['route_list'])
pass
def p_next_line(p):
'''next_line : NEXT'''
global parsing_route
if parsing_route == True:
p_info['route_list'].append(p_info['current_route'])
p_info['current_route'] = Route(None, None, None, None, None, 1)
def update():
p_info['current_rule'] = Rule(None, None, [], [], [], [], [], False)
p_info['index_rule'] = len(p_info['rule_list'])
p_info['current_route'] = Route(None, None,None, None,None, 1)
p_info['index_route'] = len(p_info['route_list'])
def update():
p_info['current_rule'] = Rule(p_info['rule_id'], None, [], [], [], [], [],
Action(False))
p_info['rule_bind'][p_info['rule_id']] = [None, None]
p_info['current_route'] = Route(None, None, None, None, None, 1)
p_info['index_route'] = len(p_info['route_list'])