def filterRules(self, acls, forward_chains, custom_rules):
for line in longComment("filter table"):
yield line
yield "*filter"
for chain in ("INPUT", "FORWARD", "OUTPUT"):
decision = self.default_decisions.getDecision(chain)
if decision == 'REJECT':
decision = 'DROP'
yield Counters(chain, decision=decision)
for chain_obj in forward_chains:
yield chain_obj.create
if self.options.deny_all:
return
for line in self.defaultFilterRules():
yield line
for line in self.userPreRules('filter'):
yield line
for line in self.customRules(custom_rules, 'filter-pre'):
yield line
for line in comment("Dispatch FORWARD to the different chains"):
yield line
for line in dispatchRules(forward_chains):
yield line
for line in aclsRules(self, acls):
yield line
for line in self.customRules(custom_rules, 'filter-post'):
yield line
for line in self.userPostRules('filter'):
yield line
for line in self.filterDrop(forward_chains):
yield line
def natRules(self, nats, custom_rules):
for line in longComment("nat table"):
yield line
yield "*nat"
for chain in (u"PREROUTING", u"POSTROUTING", u"OUTPUT"):
yield Counters(chain)
for line in self.userPreRules('nat'):
yield line
for line in self.customRules(custom_rules, 'nat-pre'):
yield line
for line in natsRules(self, nats, self.apply_rules):
yield line
for line in self.customRules(custom_rules, 'nat-post'):
yield line
for line in self.userPostRules('nat'):
yield line
def mangleRules(self, custom_rules):
for line in longComment("mangle table"):
yield line
yield "*mangle"
for chain in ("PREROUTING", "INPUT", "FORWARD", "OUTPUT", "POSTROUTING"):
yield Counters(chain)
if self.options.deny_all:
return
for line in self.userPreRules('mangle'):
yield line
for line in self.customRules(custom_rules, 'mangle-pre'):
yield line
for line in self.defaultMangleRules():
yield line
# -- ufwi_ruleset mangle rules (no rules yet) --
for line in self.customRules(custom_rules, 'mangle-post'):
yield line
for line in self.userPostRules('mangle'):
yield line