def init(name, raise_on_error=False): # clear object variables parser.object_dict.clear() # init firewall p_info['firewall'] = Firewall() p_info['firewall'].name = name p_info['firewall'].hostname = ntpath.basename(name) p_info['firewall'].type = 'Iptables' # create default acl p_info['firewall'].acl.append(ACL('INPUT')) p_info['firewall'].acl.append(ACL('FORWARD')) p_info['firewall'].acl.append(ACL('OUTPUT')) # init parser state p_info['current_interface_name'] = None p_info['used_object'] = set() p_info['default_policy'] = dict() p_info['default_policy']['INPUT'] = Action(True) p_info['default_policy']['FORWARD'] = Action(True) p_info['default_policy']['OUTPUT'] = Action(True) p_info['current_chain'] = None p_info['rule_id'] = 0 p_info['rule_list'] = [] p_info['rule_bind'] = dict() p_info['current_rule'] = Rule(p_info['rule_id'], None, [], [], [], [], [], Action(False)) p_info['rule_bind'][p_info['rule_id']] = [None, None] p_info['current_table'] = None # raise on error option p_info['raise_on_error'] = raise_on_error
def finish(): my_parser = IptablesParser() # select the 3 main nodes input_node = my_parser.get_node("INPUT") output_node = my_parser.get_node("OUTPUT") forward_node = my_parser.get_node("FORWARD") # create every path from the 3 nodes input_path_list = my_parser.create_all_path_from_node(input_node) output_path_list = my_parser.create_all_path_from_node(output_node) forward_path_list = my_parser.create_all_path_from_node(forward_node) # create the rules which correspond to the path list input_rules = my_parser.get_rules_from_path_list(input_path_list) output_rules = my_parser.get_rules_from_path_list(output_path_list) forward_rules = my_parser.get_rules_from_path_list(forward_path_list) # add the rule for default drop or accept input_rules.append(my_parser.get_general_rule(input_node)) output_rules.append(my_parser.get_general_rule(output_node)) forward_rules.append(my_parser.get_general_rule(forward_node)) # create the fw acl_input = ACL("INPUT") acl_input.rules = input_rules acl_output = ACL("OUTPUT") acl_output.rules = output_rules acl_forward = ACL("FORWARD") acl_forward.rules = forward_rules new_fw = Firewall() new_fw.acl = [acl_input, acl_output, acl_forward] new_fw.hostname = my_parser.instance.filename new_fw.name = my_parser.instance.filename new_fw.type = "Iptables" my_parser.instance.fw.append(new_fw)
def init(name, raise_on_error=False): object_dict.clear() p_info['firewall'] = Firewall() p_info['firewall'].name = name p_info['firewall'].hostname = ntpath.basename(name) p_info['firewall'].type = 'JuniperNetscreen' p_info['current_policy'] = Rule(0, "", [], [], [], [], [], False) p_info['context_policy'] = Rule(0, "", [], [], [], [], [], False), p_info['policy_zone_src'] = None p_info['policy_zone_dst'] = None p_info['current_object'] = [] p_info['used_object'] = set() p_info['policy_context'] = 0 p_info['index_rule'] = -1 p_info['raise_on_error'] = raise_on_error
def _init(vdom): object_dict.clear() p_info['firewall'] = Firewall() p_info['firewall'].name = p_info['name'] p_info['firewall'].hostname = p_info['hostname'] + ('-' + vdom if vdom else '') p_info['firewall'].type = 'Fortinet FortiGate' p_info['vdom'] = vdom p_info['srcintf'] = [] p_info['dstintf'] = [] p_info['used_object'] = set() p_info['bounded_rules'] = set() p_info['current_rule'] = Rule(None, None, [], [], [], [], [], Action(False)) p_info['current_interface'] = Interface(None, None, None, []) p_info['current_object'] = None p_info['range_ip'] = None p_info['range_port'] = None
def init(name, raise_on_error=False): object_dict.clear() p_info['firewall'] = Firewall() p_info['firewall'].name = name p_info['firewall'].hostname = ntpath.basename(name) p_info['firewall'].type = 'CiscoAsa' p_info['interface_state'] = False p_info['current_interface'] = None p_info['object_name'] = None p_info['used_object'] = set() p_info['bounded_rules'] = set() p_info['rule_id'] = 0 p_info['rule_list'] = [] p_info['current_rule'] = Rule(None, None, [], [], [], [], [], False) p_info['index_rule'] = 0 p_info['global_rules'] = [] p_info['raise_on_error'] = raise_on_error
def init(name, raise_on_error=False): object_dict.clear() p_info['firewall'] = Firewall() p_info['firewall'].name = name p_info['firewall'].hostname = ntpath.basename(name) p_info['firewall'].type = 'Cisco Asa' p_info['interface_state'] = False p_info['current_interface'] = None p_info['object_name'] = None p_info['used_object'] = set() p_info['bounded_rules'] = set() p_info['rule_id'] = 0 p_info['rule_list'] = [] p_info['current_rule'] = Rule(None, None, [], [], [], [], [], Action(False)) p_info['index_rule'] = 0 p_info['global_rules'] = [] p_info['raise_on_error'] = raise_on_error
def init(name, raise_on_error=False): object_dict.clear() p_info['firewall'] = Firewall() p_info['firewall'].name = name p_info['firewall'].hostname = ntpath.basename(name) p_info['firewall'].type = 'FortiGate' p_info['srcintf'] = None p_info['dstintf'] = None p_info['used_object'] = set() p_info['bounded_rules'] = set() p_info['current_rule'] = Rule(None, None, [], [], [], [], [], False) p_info['current_interface'] = Interface(None, None, None, []) p_info['current_object'] = None p_info['current_state'] = [] p_info['range_ip'] = None p_info['range_port'] = None p_info['raise_on_error'] = raise_on_error
def init(name, raise_on_error=False): object_dict.clear() p_info["firewall"] = Firewall() p_info["firewall"].name = name p_info["firewall"].hostname = ntpath.basename(name) p_info["firewall"].type = "Cisco Asa" p_info["interface_state"] = False p_info["current_interface"] = None p_info["object_name"] = None p_info["used_object"] = set() p_info["bounded_rules"] = set() p_info["rule_id"] = 0 p_info["rule_list"] = [] p_info["current_rule"] = Rule(None, None, [], [], [], [], [], Action(False)) p_info["index_rule"] = 0 p_info["global_rules"] = [] p_info["raise_on_error"] = raise_on_error
def finish_fw(acls): for fw in firewalls: p_info['firewall'] = Firewall() p_info['firewall'].name = p_info['name'] p_info['firewall'].hostname = fw['name'] p_info['firewall'].type = 'CheckPoint' p_info['firewall'].unused_objects = set(unused_objects) p_info['firewall'].dictionnary = dict(nd) if fw['ifaces']: for iface in fw['ifaces']: p_info['firewall'].interfaces.append(Interface(iface['name'], Ip(iface['ipaddr'], iface['netmask']), iface['index'])) for name, acl in acls.iteritems(): if name == p_info['firewall'].hostname: newAcl = ACL(name) newAcl.rules = acl p_info['firewall'].acl.append(newAcl) p_info['firewall_list'].append(p_info['firewall'])
def _init(vdom): object_dict.clear() p_info['firewall'] = Firewall() p_info['firewall'].name = p_info['name'] p_info['firewall'].hostname = p_info['hostname'] + ('-' + vdom if vdom else '') p_info['firewall'].type = 'Fortinet FortiGate' p_info['vdom'] = vdom p_info['srcintf'] = [] p_info['dstintf'] = [] p_info['used_object'] = set() p_info['bounded_rules'] = set() p_info['current_rule'] = Rule(None, None, [], [], [], [], [], Action(False)) p_info['current_interface'] = Interface(None, None, None, []) p_info['current_object'] = None p_info['range_ip'] = None p_info['range_port'] = None p_info['route_list'] = [] p_info['current_route'] = Route(None, None, None, None, None, 1) p_info['index_route'] = 0
def finish_fw(acls): for fw in firewalls: p_info['firewall'] = Firewall() p_info['firewall'].name = p_info['name'] p_info['firewall'].hostname = fw['name'] p_info['firewall'].type = 'CheckPoint' p_info['firewall'].unused_objects = set(unused_objects) p_info['firewall'].dictionnary = dict(nd) if fw['ifaces']: for iface in fw['ifaces']: p_info['firewall'].interfaces.append( Interface(iface['name'], Ip(iface['ipaddr'], iface['netmask']), iface['index'])) for name, acl in acls.iteritems(): if name == p_info['firewall'].hostname: newAcl = ACL(name) newAcl.rules = acl p_info['firewall'].acl.append(newAcl) p_info['firewall_list'].append(p_info['firewall'])