def get(self, request, format=None):
"""
the firewall policy query
"""
fm = FirewallManger()
fire_mode = FirewallManger.firewall_status(fm)
return Response(fire_mode, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
query the system firewall panic mode
"""
fm = FirewallManger()
panic_mode = fm.get_firewall_panic_mode()
return Response(panic_mode, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
List the configuration info of the runtime or permanent
"""
config_type = request.GET.get("config_type", '')
fm = FirewallManger()
result = fm.get_configuration(config_type)
return Response(result, status=status.HTTP_200_OK)
def get(self, request, format=None):
fm = FirewallManger()
firewall_status = fm.get_firewalld_status()
state = {'status': firewall_status}
if firewall_status == -1:
return Response(state, status=status.HTTP_503_SERVICE_UNAVAILABLE)
else:
return Response(state, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
Get a list of all support services
"""
fm = FirewallManger()
config_type = request.GET.get('config_type', '')
services_list = fm.get_service(config_type)
services_dic = {'services': services_list}
return Response(services_dic, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
get a list if all support zones
"""
config_type = request.GET.get('config_type', '')
fm = FirewallManger()
zone_list = fm.get_support_zones(config_type)
zones_dic = {'zones': zone_list}
return Response(zones_dic, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
Get a list of all active zones
"""
fm = FirewallManger()
active_list = fm.get_active_zones()
zones_dic = {'zones': active_list}
return Response(zones_dic, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
Get the ports and protocol in a zone
"""
config_type = request.GET.get('config_type', '')
zone_name = request.GET.get('zone_name', '')
fm = FirewallManger()
result = fm.get_ports(config_type, zone_name)
ports_dic = {'ports': result}
return Response(ports_dic, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
Get the interfaces in a zone
"""
config_type = request.GET.get("config_type", '')
zone_name = request.GET.get("zone_name", '')
fm = FirewallManger()
interface_list = fm.get_interface(config_type, zone_name)
intface_dict = {'interfaces': interface_list}
return Response(intface_dict, status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
Get a list of all default zones.
"""
fm = FirewallManger()
default_zone = fm.get_default_zones()[0]
default = {'default_zones': default_zone}
if default_zone:
return Response(default, status=status.HTTP_200_OK)
else:
return Response("No default zone in system firewall!",
status=status.HTTP_200_OK)
def get(self, request, format=None):
"""
Get a list of enabled services or query a enabled service in a zone
"""
config_type = request.GET.get('config_type', '')
zone_name = request.GET.get('zone_name', '')
service_name = request.GET.get('service_name')
if zone_name == '' or service_name == '':
return Response('the service name or zone name can not be empty',
status=status.HTTP_400_BAD_REQUEST)
fm = FirewallManger()
result = fm.get_enabled_service(zone_name, service_name, config_type)
return Response(result, status=status.HTTP_200_OK)
def post(self, request, format=None):
"""
Add the interface form a zone
"""
config_type = request.DATA.get('config_type', '')
zone_name = request.DATA.get('zone_name', '')
interface = request.DATA.get('interface', '')
fm = FirewallManger()
message, flag = fm.add_interface(config_type, zone_name, interface)
if flag:
return Response(message, status=status.HTTP_200_OK)
else:
return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def put(self, request, format=None):
"""
Reload the firewall
"""
is_complete = request.data.get('complete').upper()
fm = FirewallManger()
result = fm.reload_firewall(is_complete)
if result:
return Response('Reload success!', status=status.HTTP_200_OK)
else:
return Response('Reload failed!',
status=status.HTTP_400_BAD_REQUEST)
def get(self, request, format=None):
"""
Get the ICMP
"""
icmp_list = []
config_type = request.GET.get('config_type')
fm = FirewallManger()
icmp_list = fm.get_icmp(config_type)
if icmp_list:
return Response(icmp_list, status=status.HTTP_200_OK)
else:
return Response('The ICMP list is empty!')
def put(self, request, format=None):
"""
Change the zone an interface belongs to
"""
config_type = request.DATA.get('config_type', '')
zone_name = request.DATA.get('zone_name', '')
interface = request.DATA.get('interface', '')
fm = FirewallManger()
message, flag = fm.change_interface_zone(config_type, zone_name,
interface)
if flag:
return Response(message, status=status.HTTP_200_OK)
else:
return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request, format=None):
"""
Add protocol in a zone
"""
config_type = request.DATA.get('config_type', '')
zone_name = request.DATA.get('zone_name', '')
port = request.DATA.get('ports', '')
protocol = request.DATA.get('protocol', '')
fm = FirewallManger()
# return Response(config_type+zone_name+protocol+port)
message, flag = fm.add_port(config_type, zone_name, port, protocol)
if flag:
return Response(message, status=status.HTTP_200_OK)
else:
return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def delete(self, request, format=None):
"""
Disable a service of a zone
"""
config_type = request.DATA.get('config_type', '')
zone_name = request.DATA.get('zone_name', '')
service_name = request.DATA.get('service_name', '')
fm = FirewallManger()
message, flag = fm.disable_service(zone_name, service_name,
config_type)
if flag:
return Response(message, status=status.HTTP_200_OK)
else:
return Response(message, status=status.HTTP_400_BAD_REQUEST)
def put(self, request, format=None):
"""
set default zone of system firewall
"""
zone_name = request.data.get('zone_name')
fm = FirewallManger()
zone_list = fm.get_support_zones('')
# if zone_list and zone_name in zone_list:
result = fm.set_default_zone(zone_name)
if result:
return Response('Set default zone success !',
status=status.HTTP_200_OK)
else:
return Response('Set default zone failed !',
status=status.HTTP_400_BAD_REQUEST)
def put(self, request, format=None):
"""
config the firewall panic mode:on or off
"""
fm = FirewallManger()
mode = request.DATA.get('panic_mode')
mode_struct = ['on', 'off']
if mode not in mode_struct:
return Response('Arguments is not invalid!')
else:
result = fm.set_panic_mode(mode)
if result:
return Response("Config Success!", status=status.HTTP_200_OK)
else:
return Response("Config failed!",
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def delete(self, request, format=None):
"""
Delete port from a zone
"""
config_type = request.DATA.get('config_type', '')
zone_name = request.DATA.get('zone_name', '')
port = request.DATA.get('ports', '')
protocol = request.DATA.get('protocol', '')
if port == '' or protocol == '':
return Response('port or protocol is not empty',
status=status.HTTP_400_BAD_REQUEST)
fm = FirewallManger()
message, flag = fm.remove_port(config_type, zone_name, port, protocol)
if flag:
return Response(message, status=status.HTTP_200_OK)
else:
return Response(message, status=status.HTTP_401_UNAUTHORIZED)
def put(self, request, format=None):
"""
config the firewall mode ex:STATIC,DYNAMIC
"""
cfm = FirewallManger()
_firemode_list = ['STATIC', 'DYNAMIC', 'UNKNOWN']
current_mode = cfm.firewall_status()
_fm = request.data.get('policy')
if _fm not in _firemode_list:
return Response('FIREWALL MODE IS INVALID',
status=status.HTTP_400_BAD_REQUEST)
elif current_mode == _fm:
return Response('FIREWALL MODE IS RUNNING',
status=status.HTTP_400_BAD_REQUEST)
else:
if current_mode == 'UNKNOWN':
if _fm == 'STATIC':
q1 = cfm.enable_static_firewall()
q2 = cfm.start_firewall_service("STATIC")
return Response(q2, status=status.HTTP_200_OK)
else:
cfm.enable_firewalld()
cfm.start_firewall_service("DYNAMIC")
else:
if _fm == 'STATIC':
cfm.enable_static_firewall()
cfm.stop_firewall_service("DYNAMIC")
cfm.start_firewall_service("STATIC")
else:
cfm.enable_firewalld()
cfm.stop_firewall_service("STATIC")
cfm.start_firewall_service("DYNAMIC")
return Response('CONFIG SUCCESS', status=status.HTTP_200_OK)
