def update_targets(self, sources, destinations, services):
source = Source()
destination = Destination()
service = Service()
if sources is not None:
if isinstance(sources, str) and sources.lower() == "any":
source.set_any()
else:
source.add_many(sources)
else:
source.set_none()
if destinations is not None:
if isinstance(destinations, str) and destinations.lower() == "any":
destination.set_any()
else:
destination.add_many(destinations)
else:
destination.set_none()
if services is not None:
if isinstance(services, str) and services.lower() == "any":
service.set_any()
else:
service.add_many(services)
else:
service.set_none()
e = {}
e.update(sources=source.data)
e.update(destinations=destination.data)
e.update(services=service.data)
return e
def update_targets(self, sources, destinations, services):
source = Source()
destination = Destination()
service = Service()
if sources is not None:
if isinstance(sources, str) and sources.lower() == 'any':
source.set_any()
else:
source.add_many(sources)
else:
source.set_none()
if destinations is not None:
if isinstance(destinations, str) and destinations.lower() == 'any':
destination.set_any()
else:
destination.add_many(destinations)
else:
destination.set_none()
if services is not None:
if isinstance(services, str) and services.lower() == 'any':
service.set_any()
else:
service.add_many(services)
else:
service.set_none()
e = {}
#e.update(source())
e.update(sources=source.data)
e.update(destinations=destination.data)
e.update(services=service.data)
return e
def _rule_common(sources, destinations, services):
"""
Common rule elements
"""
source = Source()
destination = Destination()
service = Service()
if sources is not None:
if isinstance(sources, str) and sources.lower() == 'any':
source.set_any()
else:
source.add_many(sources)
else:
source.set_none()
if destinations is not None:
if isinstance(destinations, str) and destinations.lower() == 'any':
destination.set_any()
else:
destination.add_many(destinations)
else:
destination.set_none()
if services is not None:
if isinstance(services, str) and services.lower() == 'any':
service.set_any()
else:
service.add_many(services)
else:
service.set_none()
e = {}
e.update(source())
e.update(destination())
e.update(service())
return e
def create(self,
name,
sources=None,
destinations=None,
services=None,
dynamic_src_nat=None,
dynamic_src_nat_ports=(1024, 65535),
static_src_nat=None,
static_dst_nat=None,
static_dst_nat_ports=None,
is_disabled=False,
used_on=None):
"""
Create a NAT rule.
When providing sources/destinations or services, you can provide the
element href, network element or services from ``smc.elements``.
You can also mix href strings with Element types in these fields.
:param str name: name of NAT rule
:param list sources: list of sources by href or Element
:type sources: list(str,Element)
:param list destinations: list of destinations by href or Element
:type destinations: list(str,Element)
:param list services: list of services by href or Element
:type services: list(str,Element)
:param dynamic_src_nat: str ip or Element for dest NAT
:type dynamic_src_nat: str,Element
:param tuple dynamic_src_nat_ports: starting and ending ports for PAT.
Default: (1024, 65535)
:param str static_src_nat: ip or element href of used for source NAT
:param str static_dst_nat: destination NAT IP address or element href
:param tuple static_dst_nat_ports: ports or port range used for original
and destination ports (only needed if a different destination port
is used and does not match the rules service port)
:param bool is_disabled: whether to disable rule or not
:param str used_on: href or Element (of security engine) where this
NAT rule applies, Default: Any
:type used_on: str,Element
:raises InvalidRuleValue: if rule requirements are not met
:raises CreateRuleFailed: rule creation failure
:return: newly created NAT rule
:rtype: IPv4NATRule
"""
rule_values = self.update_targets(sources, destinations, services)
rule_values.update(name=name)
rule_values.update(is_disabled=is_disabled)
options = LogOptions()
if dynamic_src_nat:
nat = DynamicSourceNAT(options.data)
nat.translated_value = dynamic_src_nat
nat.translated_ports = (dynamic_src_nat_ports)
rule_values.update(options=nat.data)
elif static_src_nat:
nat = StaticSourceNAT(options.data)
nat.translated_value = static_src_nat
nat.original_value = sources[0].href
rule_values.update(options=nat.data)
if static_dst_nat:
destinations = rule_values['destinations']
if 'any' in destinations or 'none' in destinations:
raise InvalidRuleValue(
'Destination field cannot be none or any for '
'destination NAT.')
destination = Destination()
destination.add_many(destinations.get('dst'))
nat = StaticDestNAT(options.data)
nat.translated_value = static_dst_nat
nat.original_value = destination.all_as_href()[0]
if static_dst_nat_ports:
nat.translated_ports = static_dst_nat_ports
rule_values.update(options=nat.data)
if 'options' not in rule_values: # No NAT
rule_values.update(options=options.data)
rule_values.update(used_on=used_on)
return SubElementCreator(self.__class__,
CreateRuleFailed,
href=self.href,
json=rule_values)