def __init__(self): self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF) self.ip4tables_backend = ipXtables.ip4tables(self) self.ip4tables_enabled = True self.ip4tables_supported_icmp_types = [] self.ip6tables_backend = ipXtables.ip6tables(self) self.ip6tables_enabled = True self.ip6tables_supported_icmp_types = [] self.ebtables_backend = ebtables.ebtables() self.ebtables_enabled = True self.ipset_backend = ipset.ipset() self.ipset_enabled = True self.ipset_supported_types = [] self.nftables_backend = nftables.nftables(self) self.nftables_enabled = True self.modules_backend = modules.modules() self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.ipset = FirewallIPSet(self) self.helper = FirewallHelper(self) self.__init_vars()
def __init__(self): self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF) self.ip4tables_backend = ipXtables.ip4tables() self.ip4tables_enabled = True self.ip6tables_backend = ipXtables.ip6tables() self.ip6tables_enabled = True self.ebtables_backend = ebtables.ebtables() self.ebtables_enabled = True self.ipset_backend = ipset.ipset() self.ipset_enabled = True self.ipset_supported_types = [] self.available_tables = {} self.available_tables[ "ipv4"] = self.ip4tables_backend.available_tables() self.available_tables[ "ipv6"] = self.ip6tables_backend.available_tables() self.available_tables["eb"] = self.ebtables_backend.available_tables() self.modules_backend = modules.modules() self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.ipset = FirewallIPSet(self) self.__init_vars()
def __init__(self): self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF) self.ip4tables_backend = ipXtables.ip4tables() self.ip4tables_enabled = True self.ip6tables_backend = ipXtables.ip6tables() self.ip6tables_enabled = True self.ebtables_backend = ebtables.ebtables() self.ebtables_enabled = True self.ipset_backend = ipset.ipset() self.ipset_enabled = True self.ipset_supported_types = [ ] self.available_tables = { } self.available_tables["ipv4"] = self.ip4tables_backend.available_tables() self.available_tables["ipv6"] = self.ip6tables_backend.available_tables() self.available_tables["eb"] = self.ebtables_backend.available_tables() self.modules_backend = modules.modules() self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.ipset = FirewallIPSet(self) self.helper = FirewallHelper(self) self.__init_vars()
def __init__(self): self._firewalld_conf = firewalld_conf(FIREWALLD_CONF) self.ip4tables_enabled = False self.ip6tables_enabled = False self.ebtables_enabled = False self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.__init_vars()
def __init__(self): self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF) self.ip4tables_enabled = False self.ip6tables_enabled = False self.ebtables_enabled = False self.ipset_enabled = False self.ipset_supported_types = IPSET_TYPES self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.ipset = FirewallIPSet(self) self.helper = FirewallHelper(self) self.__init_vars()
def __init__(self): self._firewalld_conf = firewalld_conf(FIREWALLD_CONF) self._ip4tables = ipXtables.ip4tables() self.ip4tables_enabled = True self._ip6tables = ipXtables.ip6tables() self.ip6tables_enabled = True self._ebtables = ebtables.ebtables() self.ebtables_enabled = True self._ipset = ipset.ipset() self.ipset_enabled = True self._modules = modules.modules() self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.ipset = FirewallIPSet(self) self.__init_vars()
def __init__(self): self._firewalld_conf = firewalld_conf(FIREWALLD_CONF) self._ip4tables = ipXtables.ip4tables() self.ip4tables_enabled = True self._ip6tables = ipXtables.ip6tables() self.ip6tables_enabled = True self._ebtables = ebtables.ebtables() self.ebtables_enabled = True self._ipset = ipset.ipset() self.ipset_enabled = True self._modules = modules.modules() self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.ipset = FirewallIPSet(self) self.__init_vars()
def __init__(self): self._firewalld_conf = firewalld_conf(config.FIREWALLD_CONF) self.ip4tables_enabled = False self.ip6tables_enabled = False self.ebtables_enabled = False self.ipset_enabled = False self.ipset_supported_types = IPSET_TYPES self.available_tables = { } self.available_tables["ipv4"] = [ ] self.available_tables["ipv6"] = [ ] self.available_tables["eb"] = [ ] self.icmptype = FirewallIcmpType(self) self.service = FirewallService(self) self.zone = FirewallZone(self) self.direct = FirewallDirect(self) self.config = FirewallConfig(self) self.policies = FirewallPolicies() self.ipset = FirewallIPSet(self) self.__init_vars()
def check_config(fw): fw_config = FirewallConfig(fw) readers = { "ipset": { "reader": ipset_reader, "add": fw_config.add_ipset, "dirs": [config.FIREWALLD_IPSETS, config.ETC_FIREWALLD_IPSETS], }, "helper": { "reader": helper_reader, "add": fw_config.add_helper, "dirs": [config.FIREWALLD_HELPERS, config.ETC_FIREWALLD_HELPERS], }, "icmptype": { "reader": icmptype_reader, "add": fw_config.add_icmptype, "dirs": [config.FIREWALLD_ICMPTYPES, config.ETC_FIREWALLD_ICMPTYPES], }, "service": { "reader": service_reader, "add": fw_config.add_service, "dirs": [config.FIREWALLD_SERVICES, config.ETC_FIREWALLD_SERVICES], }, "zone": { "reader": zone_reader, "add": fw_config.add_zone, "dirs": [config.FIREWALLD_ZONES, config.ETC_FIREWALLD_ZONES], }, "policy": { "reader": policy_reader, "add": fw_config.add_policy_object, "dirs": [config.FIREWALLD_POLICIES, config.ETC_FIREWALLD_POLICIES], }, } for reader in readers.keys(): for _dir in readers[reader]["dirs"]: if not os.path.isdir(_dir): continue for file in sorted(os.listdir(_dir)): if file.endswith(".xml"): try: obj = readers[reader]["reader"](file, _dir) if reader in ["zone", "policy"]: obj.fw_config = fw_config obj.check_config(obj.export_config()) readers[reader]["add"](obj) except FirewallError as error: raise FirewallError(error.code, "'%s': %s" % (file, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (file, msg)) if os.path.isfile(config.FIREWALLD_DIRECT): try: obj = Direct(config.FIREWALLD_DIRECT) obj.read() obj.check_config(obj.export_config()) except FirewallError as error: raise FirewallError( error.code, "'%s': %s" % (config.FIREWALLD_DIRECT, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (config.FIREWALLD_DIRECT, msg)) if os.path.isfile(config.LOCKDOWN_WHITELIST): try: obj = LockdownWhitelist(config.LOCKDOWN_WHITELIST) obj.read() obj.check_config(obj.export_config()) except FirewallError as error: raise FirewallError( error.code, "'%s': %s" % (config.LOCKDOWN_WHITELIST, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (config.LOCKDOWN_WHITELIST, msg)) if os.path.isfile(config.FIREWALLD_CONF): try: obj = firewalld_conf(config.FIREWALLD_CONF) obj.read() except FirewallError as error: raise FirewallError( error.code, "'%s': %s" % (config.FIREWALLD_CONF, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (config.FIREWALLD_CONF, msg))
def check_config(fw=None): readers = { "ipset": (ipset_reader, [config.FIREWALLD_IPSETS, config.ETC_FIREWALLD_IPSETS]), "helper": (helper_reader, [config.FIREWALLD_HELPERS, config.ETC_FIREWALLD_HELPERS]), "icmptype": (icmptype_reader, [config.FIREWALLD_ICMPTYPES, config.ETC_FIREWALLD_ICMPTYPES]), "service": (service_reader, [config.FIREWALLD_SERVICES, config.ETC_FIREWALLD_SERVICES]), "zone": (zone_reader, [config.FIREWALLD_ZONES, config.ETC_FIREWALLD_ZONES]), } for reader in readers.keys(): for dir in readers[reader][1]: if not os.path.isdir(dir): continue for file in sorted(os.listdir(dir)): if file.endswith(".xml"): try: obj = readers[reader][0](file, dir) if fw and reader == "zone": obj.fw_config = fw.config obj.check_config(obj.export_config()) except FirewallError as error: raise FirewallError(error.code, "'%s': %s" % (file, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (file, msg)) if os.path.isfile(config.FIREWALLD_DIRECT): try: obj = Direct(config.FIREWALLD_DIRECT) obj.read() obj.check_config(obj.export_config()) except FirewallError as error: raise FirewallError( error.code, "'%s': %s" % (config.FIREWALLD_DIRECT, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (config.FIREWALLD_DIRECT, msg)) if os.path.isfile(config.LOCKDOWN_WHITELIST): try: obj = LockdownWhitelist(config.LOCKDOWN_WHITELIST) obj.read() obj.check_config(obj.export_config()) except FirewallError as error: raise FirewallError( error.code, "'%s': %s" % (config.LOCKDOWN_WHITELIST, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (config.LOCKDOWN_WHITELIST, msg)) if os.path.isfile(config.FIREWALLD_CONF): try: obj = firewalld_conf(config.FIREWALLD_CONF) obj.read() except FirewallError as error: raise FirewallError( error.code, "'%s': %s" % (config.FIREWALLD_CONF, error.msg)) except Exception as msg: raise Exception("'%s': %s" % (config.FIREWALLD_CONF, msg))