def remove_firewall_rule(*args):
"""
remove a static firewall rule
Parameters:
*args : argument list as passed to the iptables(8) command
Return:
(code,message): command code , on failure a message is sent back
"""
fw_rule_cmd = ['/usr/sbin/iptables']
fw_rule_cmd.extend(args)
_logger.debug('removing fw rule : [%s]' % ' '.join(args))
_out = sudo_utils.call_output(fw_rule_cmd)
if _out is not None and len(_out) > 0:
_logger.warning('removal of firewall rule failed')
return (1, _out)
return (0, '')
def add_firewall_rule(*args, **kwargs):
"""
add a static firewall rule
Parameters:
kwargs:
script : a reference to StringIO object to write the command for future use in script
*args : argument list as passed to the iptables(8) command
Return:
(code,message): command code , on failure a message is sent back
"""
fw_rule_cmd = ['/usr/sbin/iptables']
fw_rule_cmd.extend(args)
_logger.debug('adding fw rule : [%s]' % ' '.join(args))
_out = sudo_utils.call_output(fw_rule_cmd)
if _out is not None and len(_out) > 0:
_logger.warning('add of firewall rule failed')
return (1, _out)
if kwargs.get('script'):
kwargs.get('script').write(' '.join(fw_rule_cmd))
kwargs.get('script').write('\n')
return (0, '')
def add_static_ip_rule(*args, **kwargs):
"""
add a static rule
Parameters:
kwargs:
device : network device on which assign the rule
script : a reference to StringIO object to write the command for future use in script
*args : argument list as passed to the ip-rule(8) command
Return:
(code,message): command code , on failure a message is sent back
"""
ip_rule_cmd = ['/usr/sbin/ip', 'rule', 'add']
ip_rule_cmd.extend(args)
_logger.debug('adding rule : [%s]' % ' '.join(args))
_out = sudo_utils.call_output(ip_rule_cmd)
if _out is not None and len(_out) > 0:
_logger.warning('add of ip rule failed')
return (1, _out)
if kwargs.get('script'):
kwargs.get('script').write(' '.join(ip_rule_cmd))
kwargs.get('script').write('\n')
return (0, '')
the ip link name
Return:
None
"""
_logger.debug('looking for ip routes for dev=%s' % link_name)
_lines = []
try:
_lines = subprocess.check_output(
['/sbin/ip', 'route', 'show', 'dev', link_name]).splitlines()
except subprocess.CalledProcessError, ignored:
pass
_logger.debug('routes found [%s]' % _lines)
for _line in _lines:
_command = ['/sbin/ip', 'route', 'del']
_command.extend(_line.strip().split(' '))
_out = sudo_utils.call_output(_command)
if _out is not None and len(_out) > 0:
_logger.warning('removal of ip route (%s) failed' % _line)
def add_static_ip_route(*args, **kwargs):
"""
add a static route
Parameters:
kwargs:
device : network device on which assign the route
script : a reference to StringIO object to write the command for future use in script
*args : argument list as passed to the ip-route(8) command
Return:
(code,message): command code , on failure a message is sent back
"""