示例#1
0
文件: __init__.py 项目: neoclust/mss
def get_custom_config(config):
    from mmc.plugins.shorewall import get_zones, get_zones_interfaces
    zones = get_zones('lan')
    interfaces = get_zones_interfaces(zones)
    options = []
    for interface in interfaces:
        if_detail = netifaces.ifaddresses(interface[1])
        # check interface is configured
        if netifaces.AF_INET in if_detail:
            addr = if_detail[netifaces.AF_INET][0]['addr']
            netmask = if_detail[netifaces.AF_INET][0]['netmask']
            network = str(IP(addr).make_net(netmask).net())
            options.append({
                'name': interface[0] + '(' + network + ')',
                'value': interface[1]
            })

    config.append({
        'slug':
        'mds_samba4',
        'name':
        'net',
        'require':
        'yes',
        'label':
        _('Network', 'mds_samba4'),
        'help':
        _('Choose the network for the DNS zone and DHCP.', 'mds_samba4'),
        'type':
        'options',
        'options':
        options
    })

    return config
示例#2
0
文件: provision.py 项目: neoclust/mss
        def configure_shorewall():
            print("Configure shorewall")
            src = os.path.join(os.getcwd(), 'templates',
                               'shorewall_macro.Samba4AD')
            dst = os.path.join('/etc/shorewall/', 'macro.Samba4AD')
            shutil.copy(src, dst)
            os.chmod(dst, 0o600)

            zones = get_zones('lan')
            for zone in zones:
                add_rule('Samba4AD/ACCEPT', zone, "fw")

            shlaunch("systemctl restart shorewall")
示例#3
0
文件: __init__.py 项目: neoclust/mss
def get_custom_config(config):
    from mmc.plugins.shorewall import get_zones, get_zones_interfaces
    zones = get_zones('lan')
    interfaces = get_zones_interfaces(zones)
    options = []
    for interface in interfaces:
        if_detail = netifaces.ifaddresses(interface[1])
        # check interface is configured
        if netifaces.AF_INET in if_detail:
            addr = if_detail[netifaces.AF_INET][0]['addr']
            netmask = if_detail[netifaces.AF_INET][0]['netmask']
            network = str(IP(addr).make_net(netmask).net())
            options.append({'name': interface[0] + '(' + network + ')',
                            'value': interface[1]})

    config.append({'slug': 'mds_samba4',
                   'name': 'net',
                   'require': 'yes',
                   'label': _('Network', 'mds_samba4'),
                   'help': _('Choose the network for the DNS zone and DHCP.', 'mds_samba4'),
                   'type': 'options',
                   'options': options})

    return config
示例#4
0
文件: setup-fw.py 项目: neoclust/mss
from mmc.plugins.shorewall import get_zones, get_zones_types, \
    ShorewallPolicies, ShorewallRules

internal_zones = get_zones(get_zones_types()[0])
external_zones = get_zones(get_zones_types()[1])

policies = ShorewallPolicies()
rules = ShorewallRules()

last_policy_idx = len(policies.get_conf()) - 1
# insert VPN policies before the last one
policies.add_line(['vpn', 'fw', 'DROP'], last_policy_idx)
for zone in internal_zones + external_zones:
    policies.add_line(['vpn', zone, 'DROP'], last_policy_idx)
    policies.add_line([zone, 'vpn', 'DROP'], last_policy_idx)

# duplicate lan -> fw rules to vpn -> fw
for rule in rules.get(srcs=internal_zones, dsts=["fw"]):
    # [('ACCEPT', 'lan3', 'fw', 'tcp', '8000')]
    rules.add(rule[0], 'vpn', rule[2], rule[3], rule[4])

policies.write()
rules.write()