def _PUT(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None: return web.notfound()
if not validates_rule(self):
return web.badrequest(self.view.alert)
rule_id = int(param[1])
if not validates_param_id(self, rule_id):
return web.notfound(self.view.alert)
self.view.host_id = host_id
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
rule_info = {"target" : self.input.target,
"protocol" : self.input.protocol,
"source" : self.input.source,
"destination" : self.input.destination,
"source-port" : self.input.sport,
"destination-port" : self.input.dport,
"in-interface" : self.input.inif,
"out-interface" : self.input.outif,
}
rule_id = kit.modify_rule(rule_id,rule_info)
kit.write_firewall_xml()
return web.seeother("%s?mode=input" % web.ctx.path)
def _POST(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None: return web.notfound()
if not validates_rule(self, is_newrule=True):
return web.badrequest(self.view.alert)
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
rule_info = {"target" : self.input.target,
"protocol" : self.input.protocol,
"source" : self.input.source,
"destination" : self.input.destination,
"source-port" : self.input.sport,
"destination-port" : self.input.dport,
"in-interface" : self.input.inif,
"out-interface" : self.input.outif,
}
if self.input.rule_id == "":
rule_id = kit.add_rule(rule_info)
else:
rule_id = kit.insert_rule(int(self.input.rule_id),rule_info)
kit.write_firewall_xml()
self.view.host_id = host_id
return web.created('%s/%d' % (web.ctx.path, rule_id,))
def _POST(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None: return web.notfound()
if not validates_rule(self, is_newrule=True):
return web.badrequest(self.view.alert)
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
rule_info = {
"target": self.input.target,
"protocol": self.input.protocol,
"source": self.input.source,
"destination": self.input.destination,
"source-port": self.input.sport,
"destination-port": self.input.dport,
"in-interface": self.input.inif,
"out-interface": self.input.outif,
}
if self.input.rule_id == "":
rule_id = kit.add_rule(rule_info)
else:
rule_id = kit.insert_rule(int(self.input.rule_id), rule_info)
kit.write_firewall_xml()
self.view.host_id = host_id
return web.created('%s/%d' % (
web.ctx.path,
rule_id,
))
def _PUT(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None: return web.notfound()
if not validates_rule(self):
return web.badrequest(self.view.alert)
rule_id = int(param[1])
if not validates_param_id(self, rule_id):
return web.notfound(self.view.alert)
self.view.host_id = host_id
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
rule_info = {"target" : self.input.target,
"protocol" : self.input.protocol,
"source" : self.input.source,
"destination" : self.input.destination,
"source-port" : self.input.sport,
"destination-port" : self.input.dport,
"in-interface" : self.input.inif,
"out-interface" : self.input.outif,
}
rule_id = kit.modify_rule(rule_id,rule_info)
kit.write_firewall_xml()
return web.seeother("%s?mode=input" % web.ctx.path)
def _DELETE(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None: return web.notfound()
rule_id = param[1]
if not validates_param_id(self, rule_id):
return web.notfound(self.view.alert)
new_rules = []
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
kit.delete_rule(int(rule_id))
kit.write_firewall_xml()
return web.seeother("%s.part" % web.ctx.path[:web.ctx.path.rfind('/')])
def _DELETE(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None: return web.notfound()
rule_id = param[1]
if not validates_param_id(self, rule_id):
return web.notfound(self.view.alert)
new_rules = []
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
kit.delete_rule(int(rule_id))
kit.write_firewall_xml()
return web.seeother("%s.part" % web.ctx.path[:web.ctx.path.rfind('/')])
def _PUT(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None:
return web.notfound()
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
if not validates_policy(self):
self.logger.debug("Create account is failed, Invalid input value")
return web.badrequest(self.view.alert)
kit.modify_policy("INPUT", self.input.input_policy)
kit.modify_policy("OUTPUT", self.input.output_policy)
kit.modify_policy("FORWARD", self.input.forward_policy)
kit.write_firewall_xml()
for chain in kit.basic_chains["filter"]:
try:
policy = kit.firewall_xml["filter"][chain]["policy"]
except:
policy = "ACCEPT"
chain = chain.lower()
exec("self.view.%s_policy_ACCEPT_checked = ''" % chain)
exec("self.view.%s_policy_DROP_checked = ''" % chain)
exec("self.view.%s_policy_REJECT_checked = ''" % chain)
if policy == "REJECT":
exec("self.view.%s_policy = 'REJECT'" % chain)
exec("self.view.%s_policy_REJECT_checked = 'checked'" % chain)
elif policy == "DROP":
exec("self.view.%s_policy = 'DROP'" % chain)
exec("self.view.%s_policy_DROP_checked = 'checked'" % chain)
self.view.base_policy_DROP_checked = "checked"
else:
exec("self.view.%s_policy = 'ACCEPT'" % chain)
exec("self.view.%s_policy_ACCEPT_checked = 'checked'" % chain)
return web.seeother(web.ctx.path)
def _PUT(self, *param, **params):
host_id = self.chk_hostby1(param)
if host_id is None: return web.notfound()
kit = KaresansuiIpTables()
kit.firewall_xml = kit.read_firewall_xml()
if not validates_policy(self):
self.logger.debug("Create account is failed, Invalid input value")
return web.badrequest(self.view.alert)
kit.modify_policy("INPUT", self.input.input_policy)
kit.modify_policy("OUTPUT", self.input.output_policy)
kit.modify_policy("FORWARD", self.input.forward_policy)
kit.write_firewall_xml()
for chain in kit.basic_chains['filter']:
try:
policy = kit.firewall_xml['filter'][chain]['policy']
except:
policy = 'ACCEPT'
chain = chain.lower()
exec("self.view.%s_policy_ACCEPT_checked = ''" % chain)
exec("self.view.%s_policy_DROP_checked = ''" % chain)
exec("self.view.%s_policy_REJECT_checked = ''" % chain)
if policy == 'REJECT':
exec("self.view.%s_policy = 'REJECT'" % chain)
exec("self.view.%s_policy_REJECT_checked = 'checked'" % chain)
elif policy == 'DROP':
exec("self.view.%s_policy = 'DROP'" % chain)
exec("self.view.%s_policy_DROP_checked = 'checked'" % chain)
self.view.base_policy_DROP_checked = 'checked'
else:
exec("self.view.%s_policy = 'ACCEPT'" % chain)
exec("self.view.%s_policy_ACCEPT_checked = 'checked'" % chain)
return web.seeother(web.ctx.path)
