def __get_filter_key(self, filter_param): network_format = "network={:s}" port_format = "port={:d}" key_item_list = [] if "handle" in filter_param: handle = filter_param.get("handle") IntegerType(handle).validate() handle = int(handle) for mangle in IptablesMangleController.parse(): if mangle.mark_id != handle: continue key_item_list.append(network_format.format(mangle.destination)) if dataproperty.is_not_empty_string(mangle.source): key_item_list.append("source={:s}".format(mangle.source)) key_item_list.append("protocol={}".format(mangle.protocol)) break else: raise ValueError("mangle mark not found: {}".format(mangle)) else: if dataproperty.is_not_empty_string(filter_param.get("network")): key_item_list.append( network_format.format(filter_param.get("network"))) if IntegerType(filter_param.get("port")).is_type(): key_item_list.append( port_format.format(filter_param.get("port"))) return ", ".join(key_item_list)
def to_append_command(self): IntegerType(self.mark_id).validate() command_item_list = [ "iptables -A {:s} -t mangle -j MARK".format(self.chain), "--set-mark {}".format(self.mark_id), ] if any([ dataproperty.is_not_empty_string(self.protocol), IntegerType(self.protocol).is_type(), ]): command_item_list.append("-p {}".format(self.protocol)) if self.__is_valid_srcdst(self.source): command_item_list.append( "-s {:s}".format(self.source)) if self.__is_valid_srcdst(self.destination): command_item_list.append( "-d {:s}".format(self.destination)) return " ".join(command_item_list)
def __repr__(self, *args, **kwargs): str_list = [] if IntegerType(self.line_number).is_type(): str_list.append("line-num={}".format(self.line_number)) str_list.extend([ "protocol={:s}".format(self.protocol), "source={:s}".format(self.source), "destination={:s}".format(self.destination), "mark_id={:d}".format(self.mark_id), "chain={:s}".format(self.chain), ]) return ", ".join(str_list)
def __set_pre_network_filter(self, qdisc_major_id): if self.__is_use_iptables(): return 0 if all([ dataproperty.is_empty_string(self.network), not IntegerType(self.port).is_type(), ]): flowid = "{:x}:{:d}".format(qdisc_major_id, self.__get_qdisc_minor_id()) else: flowid = "{:x}:2".format(qdisc_major_id) command_list = [ "tc filter add", "dev " + self.__get_tc_device(), "protocol ip", "parent {:x}:".format(qdisc_major_id), "prio 2 u32 match ip {:s} {:s}".format( self.__get_network_direction_str(), ANYWHERE_NETWORK), "flowid " + flowid, ] return SubprocessRunner(" ".join(command_list)).run()
def to_delete_command(self): IntegerType(self.line_number).validate() return "iptables -t mangle -D {:s} {}".format( self.chain, self.line_number)