Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CIRCLE
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
94
Merge Requests
10
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
52795118
authored
Apr 10, 2014
by
Bach Dániel
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'feature-improve-firewall' into 'master'
Feature: Improve Firewall
✅
tests
parents
cf9b2fa2
59af5705
Hide whitespace changes
Inline
Side-by-side
Showing
18 changed files
with
2133 additions
and
465 deletions
+2133
-465
circle/dashboard/fixtures/node.json
+0
-1
circle/firewall/admin.py
+8
-4
circle/firewall/fw.py
+199
-336
circle/firewall/iptables.py
+111
-0
circle/firewall/migrations/0045_auto__del_field_host_pub_ipv4__add_field_host_external_ipv4__del_field.py
+257
-0
circle/firewall/migrations/0046_auto__chg_field_rule_priority.py
+218
-0
circle/firewall/migrations/0047_auto__del_field_rule_priority__add_field_rule_weight.py
+221
-0
circle/firewall/migrations/0048_auto__add_field_rule_action.py
+224
-0
circle/firewall/migrations/0049_auto__del_field_rule_accept.py
+224
-0
circle/firewall/migrations/0050_auto__add_field_vlan_host_ipv6_prefixlen.py
+221
-0
circle/firewall/models.py
+171
-111
circle/firewall/tasks/local_tasks.py
+3
-3
circle/firewall/templates/firewall/iptables.conf
+59
-0
circle/firewall/tests/test_firewall.py
+201
-4
circle/network/forms.py
+6
-3
circle/network/tables.py
+3
-2
circle/network/templates/network/columns/host-rule.html
+2
-1
circle/network/views.py
+5
-0
No files found.
circle/dashboard/fixtures/node.json
View file @
52795118
...
...
@@ -33,7 +33,6 @@
"hostname"
:
"devenv"
,
"modified_at"
:
"2014-02-24T15:55:01.412Z"
,
"location"
:
""
,
"pub_ipv4"
:
null
,
"mac"
:
"11:22:33:44:55:66"
,
"shared_ip"
:
false
,
"ipv4"
:
"10.7.0.96"
,
...
...
circle/firewall/admin.py
View file @
52795118
...
...
@@ -16,7 +16,7 @@ class RecordInline(contrib.admin.TabularInline):
class
HostAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'hostname'
,
'vlan'
,
'ipv4'
,
'ipv6'
,
'
pub
_ipv4'
,
'mac'
,
list_display
=
(
'hostname'
,
'vlan'
,
'ipv4'
,
'ipv6'
,
'
external
_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'description'
,
'reverse'
,
'list_groups'
)
ordering
=
(
'hostname'
,
)
...
...
@@ -25,6 +25,10 @@ class HostAdmin(admin.ModelAdmin):
filter_horizontal
=
(
'groups'
,
)
inlines
=
(
RuleInline
,
RecordInline
)
def
queryset
(
self
,
request
):
qs
=
super
(
HostAdmin
,
self
)
.
queryset
(
request
)
return
qs
.
prefetch_related
(
'groups'
)
@staticmethod
def
list_groups
(
instance
):
"""Returns instance's groups' names as a comma-separated list."""
...
...
@@ -48,9 +52,9 @@ class VlanAdmin(admin.ModelAdmin):
class
RuleAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'r_type'
,
'color_desc'
,
'owner'
,
'extra'
,
'direction'
,
'ac
cept
'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_
d
port'
,
'used_in'
)
list_filter
=
(
'vlan'
,
'owner'
,
'direction'
,
'ac
cept
'
,
'ac
tion
'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_
external_
port'
,
'used_in'
)
list_filter
=
(
'vlan'
,
'owner'
,
'direction'
,
'ac
tion
'
,
'proto'
,
'nat'
)
def
color_desc
(
self
,
instance
):
...
...
circle/firewall/fw.py
View file @
52795118
from
firewall
import
models
import
django.conf
import
re
import
logging
from
collections
import
OrderedDict
from
netaddr
import
IPAddress
,
AddrFormatError
from
datetime
import
datetime
,
timedelta
from
itertools
import
product
from
.models
import
(
Host
,
Rule
,
Vlan
,
Domain
,
Record
,
Blacklist
,
SwitchPort
)
from
.iptables
import
IptRule
,
IptChain
import
django.conf
from
django.db.models
import
Q
from
django.template
import
loader
,
Context
settings
=
django
.
conf
.
settings
.
FIREWALL_SETTINGS
logger
=
logging
.
getLogger
(
__name__
)
class
Firewall
:
def
dportsport
(
self
,
rule
,
repl
=
True
):
retval
=
' '
if
rule
.
proto
==
'tcp'
or
rule
.
proto
==
'udp'
:
retval
=
'-p
%
s '
%
rule
.
proto
if
rule
.
sport
:
retval
+=
' --sport
%
s '
%
rule
.
sport
if
rule
.
dport
:
retval
+=
' --dport
%
s '
%
(
rule
.
nat_dport
if
(
repl
and
rule
.
nat
and
rule
.
direction
==
'1'
)
else
rule
.
dport
)
elif
rule
.
proto
==
'icmp'
:
retval
=
'-p
%
s '
%
rule
.
proto
return
retval
def
iptables
(
self
,
s
):
"""Append rule to filter table."""
self
.
RULES
.
append
(
s
)
def
iptablesnat
(
self
,
s
):
"""Append rule to NAT table."""
self
.
RULES_NAT
.
append
(
s
)
def
host2vlan
(
self
,
host
,
rule
):
if
not
rule
.
foreign_network
:
return
if
self
.
proto
==
6
and
host
.
ipv6
:
ipaddr
=
str
(
host
.
ipv6
)
+
'/112'
else
:
ipaddr
=
str
(
host
.
ipv4
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
rule
.
accept
:
if
rule
.
direction
==
'0'
and
vlan
.
name
==
'PUB'
:
if
rule
.
dport
==
25
:
self
.
iptables
(
'-A PUB_OUT -s
%
s
%
s -p tcp '
'--dport 25 -j LOG_ACC'
%
(
ipaddr
,
rule
.
extra
))
break
action
=
'PUB_OUT'
else
:
action
=
'LOG_ACC'
else
:
action
=
'LOG_DROP'
class
BuildFirewall
:
if
rule
.
direction
==
'1'
:
# going TO host
self
.
iptables
(
'-A
%
s_
%
s -d
%
s
%
s
%
s -g
%
s'
%
(
vlan
.
name
,
host
.
vlan
.
name
,
ipaddr
,
dport_sport
,
rule
.
extra
,
action
))
else
:
self
.
iptables
(
'-A
%
s_
%
s -s
%
s
%
s
%
s -g
%
s'
%
(
host
.
vlan
.
name
,
vlan
.
name
,
ipaddr
,
dport_sport
,
rule
.
extra
,
action
))
def
__init__
(
self
):
self
.
chains
=
OrderedDict
()
def
fw2vlan
(
self
,
rule
):
if
not
rule
.
foreign_network
:
return
def
add_rules
(
self
,
*
args
,
**
kwargs
):
for
chain_name
,
ipt_rule
in
kwargs
.
items
():
if
chain_name
not
in
self
.
chains
:
self
.
create_chain
(
chain_name
)
self
.
chains
[
chain_name
]
.
add
(
ipt_rule
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
rule
.
direction
==
'1'
:
# going TO host
self
.
iptables
(
'-A INPUT -i
%
s
%
s
%
s -g
%
s'
%
(
vlan
.
name
,
dport_sport
,
rule
.
extra
,
'LOG_ACC'
if
rule
.
accept
else
'LOG_DROP'
))
else
:
self
.
iptables
(
'-A OUTPUT -o
%
s
%
s
%
s -g
%
s'
%
(
vlan
.
name
,
dport_sport
,
rule
.
extra
,
'LOG_ACC'
if
rule
.
accept
else
'LOG_DROP'
))
def
vlan2vlan
(
self
,
l_vlan
,
rule
):
if
not
rule
.
foreign_network
:
return
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
rule
.
accept
:
if
rule
.
direction
==
'0'
and
vlan
.
name
==
'PUB'
:
action
=
'PUB_OUT'
else
:
action
=
'LOG_ACC'
else
:
action
=
'LOG_DROP'
if
rule
.
direction
==
'1'
:
# going TO host
self
.
iptables
(
'-A
%
s_
%
s
%
s
%
s -g
%
s'
%
(
vlan
.
name
,
l_vlan
.
name
,
dport_sport
,
rule
.
extra
,
action
))
else
:
self
.
iptables
(
'-A
%
s_
%
s
%
s
%
s -g
%
s'
%
(
l_vlan
.
name
,
vlan
.
name
,
dport_sport
,
rule
.
extra
,
action
))
def
prerun
(
self
):
self
.
iptables
(
'*filter'
)
self
.
iptables
(
':INPUT DROP [88:6448]'
)
self
.
iptables
(
':FORWARD DROP [0:0]'
)
self
.
iptables
(
':OUTPUT DROP [50:6936]'
)
# initialize logging
self
.
iptables
(
'-N LOG_DROP'
)
# windows port scan are silently dropped
self
.
iptables
(
'-A LOG_DROP -p tcp --dport 445 -j DROP'
)
self
.
iptables
(
'-A LOG_DROP -p udp --dport 137 -j DROP'
)
self
.
iptables
(
'-A LOG_DROP -j LOG --log-level 7 '
'--log-prefix "[ipt][drop]"'
)
self
.
iptables
(
'-A LOG_DROP -j DROP'
)
self
.
iptables
(
'-N LOG_ACC'
)
self
.
iptables
(
'-A LOG_ACC -j LOG --log-level 7 '
'--log-prefix "[ipt][isok]"'
)
self
.
iptables
(
'-A LOG_ACC -j ACCEPT'
)
self
.
iptables
(
'-N PUB_OUT'
)
self
.
iptables
(
'-A FORWARD -m set --match-set blacklist src,dst '
'-j DROP'
)
self
.
iptables
(
'-A FORWARD -m state --state INVALID -g LOG_DROP'
)
self
.
iptables
(
'-A FORWARD -m state --state ESTABLISHED,RELATED '
'-j ACCEPT'
)
self
.
iptables
(
'-A FORWARD -p icmp --icmp-type echo-request '
'-g LOG_ACC'
)
self
.
iptables
(
'-A INPUT -m set --match-set blacklist src -j DROP'
)
self
.
iptables
(
'-A INPUT -m state --state INVALID -g LOG_DROP'
)
self
.
iptables
(
'-A INPUT -i lo -j ACCEPT'
)
self
.
iptables
(
'-A INPUT -m state --state ESTABLISHED,RELATED '
'-j ACCEPT'
)
self
.
iptables
(
'-A OUTPUT -m state --state INVALID -g LOG_DROP'
)
self
.
iptables
(
'-A OUTPUT -o lo -j ACCEPT'
)
self
.
iptables
(
'-A OUTPUT -m state --state ESTABLISHED,RELATED '
'-j ACCEPT'
)
def
postrun
(
self
):
self
.
iptables
(
'-A PUB_OUT -p tcp --dport 25 -j LOG_DROP'
)
self
.
iptables
(
'-A PUB_OUT -p tcp --dport 445 -j LOG_DROP'
)
self
.
iptables
(
'-A PUB_OUT -p udp --dport 445 -j LOG_DROP'
)
self
.
iptables
(
'-A PUB_OUT -g LOG_ACC'
)
self
.
iptables
(
'-A FORWARD -g LOG_DROP'
)
self
.
iptables
(
'-A INPUT -g LOG_DROP'
)
self
.
iptables
(
'-A OUTPUT -g LOG_DROP'
)
self
.
iptables
(
'COMMIT'
)
def
ipt_nat
(
self
):
self
.
iptablesnat
(
'*nat'
)
self
.
iptablesnat
(
':PREROUTING ACCEPT [0:0]'
)
self
.
iptablesnat
(
':INPUT ACCEPT [0:0]'
)
self
.
iptablesnat
(
':OUTPUT ACCEPT [1:708]'
)
self
.
iptablesnat
(
':POSTROUTING ACCEPT [1:708]'
)
def
create_chain
(
self
,
chain_name
):
self
.
chains
[
chain_name
]
=
IptChain
(
name
=
chain_name
)
def
build_ipt_nat
(
self
):
# portforward
for
host
in
self
.
hosts
.
exclude
(
pub_ipv4
=
None
):
for
rule
in
host
.
rules
.
filter
(
nat
=
True
,
direction
=
'1'
):
dport_sport
=
self
.
dportsport
(
rule
,
False
)
if
host
.
vlan
.
snat_ip
:
self
.
iptablesnat
(
'-A PREROUTING -d
%
s
%
s
%
s -j DNAT '
'--to-destination
%
s:
%
s'
%
(
host
.
pub_ipv4
,
dport_sport
,
rule
.
extra
,
host
.
ipv4
,
rule
.
nat_dport
))
# rules for machines with dedicated public IP
for
host
in
self
.
hosts
.
exclude
(
shared_ip
=
True
):
if
host
.
pub_ipv4
:
self
.
iptablesnat
(
'-A PREROUTING -d
%
s -j DNAT '
'--to-destination
%
s'
%
(
host
.
pub_ipv4
,
host
.
ipv4
))
self
.
iptablesnat
(
'-A POSTROUTING -s
%
s -j SNAT '
'--to-source
%
s'
%
(
host
.
ipv4
,
host
.
pub_ipv4
))
# default NAT rules for VLANs
for
s_vlan
in
self
.
vlans
:
if
s_vlan
.
snat_ip
:
for
d_vlan
in
s_vlan
.
snat_to
.
all
():
self
.
iptablesnat
(
'-A POSTROUTING -s
%
s -o
%
s -j SNAT '
'--to-source
%
s'
%
(
str
(
s_vlan
.
network4
),
d_vlan
.
name
,
s_vlan
.
snat_ip
))
self
.
iptablesnat
(
'COMMIT'
)
def
ipt_filter
(
self
):
self
.
prerun
()
self
.
ipt_filter_firewall
()
self
.
ipt_filter_zones
()
self
.
ipt_filter_host_rules
()
self
.
ipt_filter_vlan_rules
()
self
.
ipt_filter_vlan_drop
()
self
.
postrun
()
if
self
.
proto
==
6
:
# remove ipv4-specific rules
ipv4_re
=
re
.
compile
(
'([0-9]{1,3}
\
.){3}[0-9]{1,3}'
)
self
.
RULES
=
[
x
for
x
in
self
.
RULES
if
not
ipv4_re
.
search
(
x
)]
self
.
RULES
=
[
x
.
replace
(
'icmp'
,
'icmpv6'
)
for
x
in
self
.
RULES
]
for
rule
in
Rule
.
objects
.
filter
(
action__in
=
[
'accept'
,
'drop'
],
nat
=
True
,
direction
=
'in'
)
.
select_related
(
'host'
):
self
.
add_rules
(
PREROUTING
=
IptRule
(
priority
=
1000
,
dst
=
(
rule
.
get_external_ipv4
(),
None
),
proto
=
rule
.
proto
,
dport
=
rule
.
get_external_port
(
'ipv4'
),
extra
=
'-j DNAT --to-destination
%
s:
%
s'
%
(
rule
.
host
.
ipv4
,
rule
.
dport
)))
# default outbound NAT rules for VLANs
for
vl_in
in
Vlan
.
objects
.
exclude
(
snat_ip
=
None
)
.
prefetch_related
(
'snat_to'
):
for
vl_out
in
vl_in
.
snat_to
.
all
():
self
.
add_rules
(
POSTROUTING
=
IptRule
(
priority
=
1000
,
src
=
(
vl_in
.
network4
,
None
),
extra
=
'-o
%
s -j SNAT --to-source
%
s'
%
(
vl_out
.
name
,
vl_in
.
snat_ip
)))
def
ipt_filter_firewall
(
self
):
"""Build firewall's own rules."""
for
f
in
self
.
fw
:
for
rule
in
f
.
rules
.
all
():
self
.
fw2vlan
(
rule
)
def
ipt_filter_zones
(
self
):
"""Jumping to chains between zones."""
for
s_vlan
in
self
.
vlans
:
for
d_vlan
in
self
.
vlans
:
self
.
iptables
(
'-N
%
s_
%
s'
%
(
s_vlan
.
name
,
d_vlan
.
name
))
self
.
iptables
(
'-A FORWARD -i
%
s -o
%
s -g
%
s_
%
s'
%
(
s_vlan
.
name
,
d_vlan
.
name
,
s_vlan
.
name
,
d_vlan
.
name
))
rules
=
Rule
.
objects
.
filter
(
action__in
=
[
'accept'
,
'drop'
])
for
rule
in
rules
.
exclude
(
firewall
=
None
)
.
select_related
(
'foreign_network'
)
.
prefetch_related
(
'foreign_network__vlans'
):
self
.
add_rules
(
**
rule
.
get_ipt_rules
())
def
ipt_filter_host_rules
(
self
):
"""Build hosts' rules."""
for
i_vlan
in
self
.
vlans
:
for
i_host
in
i_vlan
.
host_set
.
all
():
for
group
in
i_host
.
groups
.
all
():
for
rule
in
group
.
rules
.
all
():
self
.
host2vlan
(
i_host
,
rule
)
for
rule
in
i_host
.
rules
.
all
():
self
.
host2vlan
(
i_host
,
rule
)
# host rules
rules
=
Rule
.
objects
.
filter
(
action__in
=
[
'accept'
,
'drop'
])
for
rule
in
rules
.
exclude
(
host
=
None
)
.
select_related
(
'foreign_network'
,
'host'
,
'host__vlan'
)
.
prefetch_related
(
'foreign_network__vlans'
):
self
.
add_rules
(
**
rule
.
get_ipt_rules
(
rule
.
host
))
# group rules
for
rule
in
rules
.
exclude
(
hostgroup
=
None
)
.
select_related
(
'hostgroup'
,
'foreign_network'
)
.
prefetch_related
(
'hostgroup__host_set__vlan'
,
'foreign_network__vlans'
):
for
host
in
rule
.
hostgroup
.
host_set
.
all
():
self
.
add_rules
(
**
rule
.
get_ipt_rules
(
host
))
def
ipt_filter_vlan_rules
(
self
):
"""Enable communication between VLANs."""
for
s_vlan
in
self
.
vlans
:
for
rule
in
s_vlan
.
rules
.
all
():
self
.
vlan2vlan
(
s_vlan
,
rule
)
rules
=
Rule
.
objects
.
filter
(
action__in
=
[
'accept'
,
'drop'
])
for
rule
in
rules
.
exclude
(
vlan
=
None
)
.
select_related
(
'vlan'
,
'foreign_network'
)
.
prefetch_related
(
'foreign_network__vlans'
):
self
.
add_rules
(
**
rule
.
get_ipt_rules
())
def
ipt_filter_vlan_drop
(
self
):
"""Close intra-VLAN chains."""
for
s_vlan
in
self
.
vlans
:
for
d_vlan
in
self
.
vlans
:
self
.
iptables
(
'-A
%
s_
%
s -g LOG_DROP'
%
(
s_vlan
.
name
,
d_vlan
.
name
))
def
__init__
(
self
,
proto
=
4
):
self
.
RULES
=
[]
self
.
RULES_NAT
=
[]
self
.
proto
=
proto
self
.
vlans
=
models
.
Vlan
.
objects
.
all
()
self
.
hosts
=
models
.
Host
.
objects
.
all
()
self
.
fw
=
models
.
Firewall
.
objects
.
all
()
self
.
ipt_filter
()
if
self
.
proto
!=
6
:
self
.
ipt_nat
()
def
get
(
self
):
if
self
.
proto
==
6
:
return
{
'filter'
:
self
.
RULES
,
}
else
:
return
{
'filter'
:
self
.
RULES
,
'nat'
:
self
.
RULES_NAT
}
def
show
(
self
):
if
self
.
proto
==
6
:
return
'
\n
'
.
join
(
self
.
RULES
)
+
'
\n
'
else
:
return
(
'
\n
'
.
join
(
self
.
RULES
)
+
'
\n
'
+
'
\n
'
.
join
(
self
.
RULES_NAT
)
+
'
\n
'
)
for
chain
in
self
.
chains
.
values
():
close_chain_rule
=
IptRule
(
priority
=
1
,
action
=
'LOG_DROP'
)
chain
.
add
(
close_chain_rule
)
def
ipt_filter_vlan_jump
(
self
):
"""Create intra-VLAN jump rules."""
vlans
=
Vlan
.
objects
.
all
()
.
values_list
(
'name'
,
flat
=
True
)
for
vl_in
,
vl_out
in
product
(
vlans
,
repeat
=
2
):
name
=
'
%
s_
%
s'
%
(
vl_in
,
vl_out
)
try
:
chain
=
self
.
chains
[
name
]
except
KeyError
:
pass
else
:
jump_rule
=
IptRule
(
priority
=
65535
,
action
=
chain
.
name
,
extra
=
'-i
%
s -o
%
s'
%
(
vl_in
,
vl_out
))
self
.
add_rules
(
FORWARD
=
jump_rule
)
def
build_ipt
(
self
):
"""Build rules."""
self
.
ipt_filter_firewall
()
self
.
ipt_filter_host_rules
()
self
.
ipt_filter_vlan_rules
()
self
.
ipt_filter_vlan_jump
()
self
.
ipt_filter_vlan_drop
()
self
.
build_ipt_nat
()
context
=
{
'filter'
:
lambda
:
(
chain
for
name
,
chain
in
self
.
chains
.
iteritems
()
if
chain
.
name
not
in
IptChain
.
nat_chains
),
'nat'
:
lambda
:
(
chain
for
name
,
chain
in
self
.
chains
.
iteritems
()
if
chain
.
name
in
IptChain
.
nat_chains
)}
template
=
loader
.
get_template
(
'firewall/iptables.conf'
)
context
[
'proto'
]
=
'ipv4'
ipv4
=
unicode
(
template
.
render
(
Context
(
context
)))
context
[
'proto'
]
=
'ipv6'
ipv6
=
unicode
(
template
.
render
(
Context
(
context
)))
return
(
ipv4
,
ipv6
)
def
ipset
():
week
=
datetime
.
now
()
-
timedelta
(
days
=
2
)
filter_ban
=
(
Q
(
type
=
'tempban'
,
modified_at__gte
=
week
)
|
Q
(
type
=
'permban'
))
.
values
(
'ipv4'
,
'reason'
)
return
models
.
Blacklist
.
objects
.
filter
(
filter_ban
)
Q
(
type
=
'permban'
))
return
Blacklist
.
objects
.
filter
(
filter_ban
)
.
values
(
'ipv4'
,
'reason'
)
def
ipv6_to_octal
(
ipv6
):
while
len
(
ipv6
.
split
(
':'
))
<
8
:
ipv6
=
ipv6
.
replace
(
'::'
,
':::'
)
ipv6
=
IPAddress
(
ipv6
,
version
=
6
)
octets
=
[]
for
part
in
ipv6
.
split
(
':'
):
if
not
part
:
octets
.
extend
([
0
,
0
])
else
:
# Pad hex part to 4 digits.
part
=
'
%04
x'
%
int
(
part
,
16
)
octets
.
append
(
int
(
part
[:
2
],
16
))
octets
.
append
(
int
(
part
[
2
:],
16
))
return
'
\\
'
+
'
\\
'
.
join
([
'
%03
o'
%
x
for
x
in
octets
])
for
part
in
ipv6
.
words
:
# Pad hex part to 4 digits.
part
=
'
%04
x'
%
part
octets
.
append
(
int
(
part
[:
2
],
16
))
octets
.
append
(
int
(
part
[
2
:],
16
))
return
""
.
join
(
r"\%03o"
%
x
for
x
in
octets
)
# =fqdn:ip:ttl A, PTR
...
...
@@ -314,26 +162,23 @@ def ipv6_to_octal(ipv6):
def
generate_ptr_records
():
DNS
=
[]
for
host
in
models
.
Host
.
objects
.
order_by
(
'vlan'
)
.
all
():
rev
=
host
.
vlan
.
reverse_domain
ipv4
=
str
(
host
.
pub_ipv4
if
host
.
pub_ipv4
and
not
host
.
shared_ip
else
host
.
ipv4
)
i
=
ipv4
.
split
(
'.'
,
4
)
reverse
=
(
host
.
reverse
if
host
.
reverse
and
len
(
host
.
reverse
)
else
host
.
get_fqdn
())
for
host
in
Host
.
objects
.
order_by
(
'vlan'
)
.
all
():
template
=
host
.
vlan
.
reverse_domain
i
=
host
.
get_external_ipv4
()
.
words
reverse
=
(
host
.
reverse
if
host
.
reverse
not
in
[
None
,
''
]
else
host
.
get_fqdn
())
# ipv4
if
host
.
ipv4
:
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
(
rev
%
{
'a'
:
int
(
i
[
0
]),
'b'
:
int
(
i
[
1
]),
'c'
:
int
(
i
[
2
]),
'd'
:
int
(
i
[
3
])}),
reverse
,
models
.
settings
[
'dns_ttl'
]))
fqdn
=
template
%
{
'a'
:
i
[
0
],
'b'
:
i
[
1
],
'c'
:
i
[
2
],
'd'
:
i
[
3
]}
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
fqdn
,
reverse
,
settings
[
'dns_ttl'
]))
# ipv6
if
host
.
ipv6
:
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
host
.
ipv6
.
reverse_dns
,
reverse
,
models
.
settings
[
'dns_ttl'
]))
return
DNS
reverse
,
settings
[
'dns_ttl'
]))
return
DNS
def
txt_to_octal
(
txt
):
...
...
@@ -341,30 +186,32 @@ def txt_to_octal(txt):
def
generate_records
():
DNS
=
[]
for
r
in
models
.
Record
.
objects
.
all
():
if
r
.
type
==
'A'
:
DNS
.
append
(
"+
%
s:
%
s:
%
s"
%
(
r
.
fqdn
,
r
.
address
,
r
.
ttl
))
elif
r
.
type
==
'AAAA'
:
DNS
.
append
(
":
%
s:28:
%
s:
%
s"
%
(
r
.
fqdn
,
ipv6_to_octal
(
r
.
address
),
r
.
ttl
))
elif
r
.
type
==
'NS'
:
DNS
.
append
(
"&
%
s::
%
s:
%
s"
%
(
r
.
fqdn
,
r
.
address
,
r
.
ttl
))
elif
r
.
type
==
'CNAME'
:
DNS
.
append
(
"C
%
s:
%
s:
%
s"
%
(
r
.
fqdn
,
r
.
address
,
r
.
ttl
))
elif
r
.
type
==
'MX'
:
mx
=
r
.
address
.
split
(
':'
,
2
)
DNS
.
append
(
"@
%(fqdn)
s::
%(mx)
s:
%(dist)
s:
%(ttl)
s"
%
{
'fqdn'
:
r
.
fqdn
,
'mx'
:
mx
[
1
],
'dist'
:
mx
[
0
],
'ttl'
:
r
.
ttl
})
elif
r
.
type
==
'PTR'
:
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
r
.
fqdn
,
r
.
address
,
r
.
ttl
))
elif
r
.
type
==
'TXT'
:
DNS
.
append
(
"'
%
s:
%
s:
%
s"
%
(
r
.
fqdn
,
txt_to_octal
(
r
.
address
),
r
.
ttl
))
types
=
{
'A'
:
'+
%(fqdn)
s:
%(address)
s:
%(ttl)
s'
,
'AAAA'
:
':
%(fqdn)
s:28:
%(octal)
s:
%(ttl)
s'
,
'NS'
:
'&
%(fqdn)
s::
%(address)
s:
%(ttl)
s'
,
'CNAME'
:
'C
%(fqdn)
s:
%(address)
s:
%(ttl)
s'
,
'MX'
:
'@
%(fqdn)
s::
%(address)
s:
%(dist)
s:
%(ttl)
s'
,
'PTR'
:
'^
%(fqdn)
s:
%(address)
s:
%(ttl)
s'
,
'TXT'
:
'
%(fqdn)
s:
%(octal)
s:
%(ttl)
s'
}
retval
=
[]
for
r
in
Record
.
objects
.
all
():
params
=
{
'fqdn'
:
r
.
fqdn
,
'address'
:
r
.
address
,
'ttl'
:
r
.
ttl
}
if
r
.
type
==
'MX'
:
params
[
'address'
],
params
[
'dist'
]
=
r
.
address
.
split
(
':'
,
2
)
if
r
.
type
==
'AAAA'
:
try
:
params
[
'octal'
]
=
ipv6_to_octal
(
r
.
address
)
except
AddrFormatError
:
logger
.
error
(
'Invalid ipv6 address:
%
s, record:
%
s'
,
r
.
address
,
r
)
continue
if
r
.
type
==
'TXT'
:
params
[
'octal'
]
=
txt_to_octal
(
r
.
address
)
retval
.
append
(
types
[
r
.
type
]
%
params
)
return
DNS
return
retval
def
dns
():
...
...
@@ -374,10 +221,10 @@ def dns():
DNS
+=
generate_ptr_records
()
# domain SOA record
for
domain
in
models
.
Domain
.
objects
.
all
():
for
domain
in
Domain
.
objects
.
all
():
DNS
.
append
(
"Z
%
s:
%
s:support.ik.bme.hu::::::
%
s"
%
(
domain
.
name
,
settings
[
'dns_hostname'
],
models
.
settings
[
'dns_ttl'
]))
settings
[
'dns_ttl'
]))
# records
DNS
+=
generate_records
()
...
...
@@ -385,18 +232,24 @@ def dns():
return
DNS
class
UniqueHostname
(
object
):
"""Append vlan id if hostname already exists."""
def
__init__
(
self
):
self
.
used_hostnames
=
set
()
def
get
(
self
,
hostname
,
vlan_id
):
if
hostname
in
self
.
used_hostnames
:
hostname
=
"
%
s-
%
s"
%
(
hostname
,
vlan_id
)
self
.
used_hostnames
.
add
(
hostname
)
return
hostname
def
dhcp
():
regex
=
re
.
compile
(
r'^([0-9]+)\.([0-9]+)\.[0-9]+\.[0-9]+\s+'
r'([0-9]+)\.([0-9]+)\.[0-9]+\.[0-9]+$'
)
DHCP
=
[]
config
=
[]
# /tools/dhcp3/dhcpd.conf.generated
for
i_vlan
in
models
.
Vlan
.
objects
.
all
():
if
(
i_vlan
.
dhcp_pool
):
m
=
regex
.
search
(
i_vlan
.
dhcp_pool
)
if
(
m
or
i_vlan
.
dhcp_pool
==
"manual"
):
DHCP
.
append
(
'''
VLAN_TEMPLATE
=
'''
#
%(name)
s -
%(interface)
s
subnet
%(net)
s netmask
%(netmask)
s {
%(extra)
s;
...
...
@@ -408,43 +261,53 @@ def dhcp():
authoritative;
filename
\"
pxelinux.0
\"
;
allow bootp; allow booting;
}'''
%
{
'net'
:
str
(
i_vlan
.
network4
.
network
),
'netmask'
:
str
(
i_vlan
.
network4
.
netmask
),
'domain'
:
i_vlan
.
domain
,
'router'
:
i_vlan
.
ipv4
,
'ntp'
:
i_vlan
.
ipv4
,
'dnsserver'
:
settings
[
'rdns_ip'
],
'extra'
:
(
"range
%
s"
%
i_vlan
.
dhcp_pool
if
m
else
"deny unknown-clients"
),
'interface'
:
i_vlan
.
name
,
'name'
:
i_vlan
.
name
,
'tftp'
:
i_vlan
.
ipv4
}'''
HOST_TEMPLATE
=
'''
host
%(hostname)
s {
hardware ethernet
%(mac)
s;
fixed-address
%(ipv4)
s;
}'''
unique_hostnames
=
UniqueHostname
()
for
vlan
in
Vlan
.
objects
.
exclude
(
dhcp_pool
=
None
)
.
select_related
(
'domain'
)
.
prefetch_related
(
'host_set'
):
m
=
regex
.
search
(
vlan
.
dhcp_pool
)
if
(
m
or
vlan
.
dhcp_pool
==
"manual"
):
config
.
append
(
VLAN_TEMPLATE
%
{
'net'
:
str
(
vlan
.
network4
.
network
),
'netmask'
:
str
(
vlan
.
network4
.
netmask
),
'domain'
:
vlan
.
domain
,
'router'
:
vlan
.
network4
.
ip
,
'ntp'
:
vlan
.
network4
.
ip
,
'dnsserver'
:
settings
[
'rdns_ip'
],
'extra'
:
(
"range
%
s"
%
vlan
.
dhcp_pool
if
m
else
"deny unknown-clients"
),
'interface'
:
vlan
.
name
,
'name'
:
vlan
.
name
,
'tftp'
:
vlan
.
network4
.
ip
})
for
host
in
vlan
.
host_set
.
all
():
config
.
append
(
HOST_TEMPLATE
%
{
'hostname'
:
unique_hostnames
.
get
(
host
.
hostname
,
vlan
.
vid
),
'mac'
:
host
.
mac
,
'ipv4'
:
host
.
ipv4
,
})
for
i_host
in
i_vlan
.
host_set
.
all
():
DHCP
.
append
(
'''
host
%(hostname)
s {
hardware ethernet
%(mac)
s;
fixed-address
%(ipv4)
s;
}'''
%
{
'hostname'
:
i_host
.
hostname
,
'mac'
:
i_host
.
mac
,
'ipv4'
:
i_host
.
ipv4
,
})
return
DHCP
return
config
def
vlan
():
obj
=
models
.
Vlan
.
objects
.
values
(
'vid'
,
'name'
,
'network4'
,
'network6'
)
obj
=
Vlan
.
objects
.
values
(
'vid'
,
'name'
,
'network4'
,
'network6'
)
retval
=
{
x
[
'name'
]:
{
'tag'
:
x
[
'vid'
],
'type'
:
'internal'
,
'interfaces'
:
[
x
[
'name'
]],
'addresses'
:
[
str
(
x
[
'network4'
]),
str
(
x
[
'network6'
])]}
for
x
in
obj
}
for
p
in
models
.
SwitchPort
.
objects
.
all
():
for
p
in
SwitchPort
.
objects
.
all
():
eth_count
=
p
.
ethernet_devices
.
count
()
if
eth_count
>
1
:
name
=
'bond
%
d'
%
p
.
id
...
...
circle/firewall/iptables.py
0 → 100644
View file @
52795118
import
logging
import
re
from
collections
import
OrderedDict
logger
=
logging
.
getLogger
()
ipv4_re
=
re
.
compile
(
r'^(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}'
)
class
InvalidRuleExcepion
(
Exception
):
pass
class
IptRule
(
object
):
def
__init__
(
self
,
priority
=
1000
,
action
=
None
,
src
=
None
,
dst
=
None
,
proto
=
None
,
sport
=
None
,
dport
=
None
,
extra
=
None
,
ipv4_only
=
False
,
comment
=
None
):
if
proto
not
in
[
'tcp'
,
'udp'
,
'icmp'
,
None
]:
raise
InvalidRuleExcepion
()
if
proto
not
in
[
'tcp'
,
'udp'
]
and
(
sport
is
not
None
or
dport
is
not
None
):
raise
InvalidRuleExcepion
()
self
.
priority
=
int
(
priority
)
self
.
action
=
action
(
self
.
src4
,
self
.
src6
)
=
(
None
,
None
)
if
isinstance
(
src
,
tuple
):
(
self
.
src4
,
self
.
src6
)
=
src
if
not
self
.
src6
:
ipv4_only
=
True
(
self
.
dst4
,
self
.
dst6
)
=
(
None
,
None
)
if
isinstance
(
dst
,
tuple
):
(
self
.
dst4
,
self
.
dst6
)
=
dst
if
not
self
.
dst6
:
ipv4_only
=
True
self
.
proto
=
proto
self
.
sport
=
sport
self
.
dport
=
dport
self
.
extra
=
extra
self
.
ipv4_only
=
(
ipv4_only
or
extra
is
not
None
and
bool
(
ipv4_re
.
search
(
extra
)))
self
.
comment
=
comment
def
__hash__
(
self
):
return
hash
(
frozenset
(
self
.
__dict__
.
items
()))
def
__eq__
(
self
,
other
):
return
self
.
__dict__
==
other
.
__dict__
def
__lt__
(
self
,
other
):
return
self
.
priority
<
other
.
priority
def
__repr__
(
self
):
return
'<IptRule: @
%
d
%
s >'
%
(
self
.
priority
,
self
.
compile
())
def
__unicode__
(
self
):
return
self
.
__repr__
()
def
compile
(
self
,
proto
=
'ipv4'
):
opts
=
OrderedDict
([(
'src4'
if
proto
==
'ipv4'
else
'src6'
,
'-s
%
s'
),
(
'dst4'
if
proto
==
'ipv4'
else
'dst6'
,
'-d
%
s'
),
(
'proto'
,
'-p
%
s'
),
(
'sport'
,
'--sport
%
s'
),
(
'dport'
,
'--dport
%
s'
),
(
'extra'
,
'
%
s'
),
(
'comment'
,
'-m comment --comment "
%
s"'
),
(
'action'
,
'-g
%
s'
)])
params
=
[
opts
[
param
]
%
getattr
(
self
,
param
)
for
param
in
opts
if
getattr
(
self
,
param
)
is
not
None
]
return
' '
.
join
(
params
)
class
IptChain
(
object
):
nat_chains
=
(
'PREROUTING'
,
'POSTROUTING'
)
builtin_chains
=
(
'FORWARD'
,
'INPUT'
,
'OUTPUT'
)
+
nat_chains
def
__init__
(
self
,
name
):
self
.
rules
=
set
()
self
.
name
=
name
def
add
(
self
,
*
args
,
**
kwargs
):
for
rule
in
args
:
self
.
rules
.
add
(
rule
)
def
sort
(
self
):
return
sorted
(
list
(
self
.
rules
))
def
__len__
(
self
):
return
len
(
self
.
rules
)
def
__repr__
(
self
):
return
'<IptChain:
%
s
%
s>'
%
(
self
.
name
,
self
.
rules
)
def
__unicode__
(
self
):
return
self
.
__repr__
()
def
compile
(
self
,
proto
=
'ipv4'
):
assert
proto
in
(
'ipv4'
,
'ipv6'
)
prefix
=
'-A
%
s '
%
self
.
name
return
'
\n
'
.
join
([
prefix
+
rule
.
compile
(
proto
)
for
rule
in
self
.
sort
()
if
not
(
proto
==
'ipv6'
and
rule
.
ipv4_only
)])
def
compile_v6
(
self
):
return
self
.
compile
(
'ipv6'
)
circle/firewall/migrations/0045_auto__del_field_host_pub_ipv4__add_field_host_external_ipv4__del_field.py
0 → 100644
View file @
52795118
# -*- coding: utf-8 -*-
import
datetime
from
south.db
import
db
from
south.v2
import
SchemaMigration
from
django.db
import
models
class
Migration
(
SchemaMigration
):
def
forwards
(
self
,
orm
):
# Renaming field 'Host.pub_ipv4' to 'Host.external_ipv4'
db
.
rename_column
(
u'firewall_host'
,
'pub_ipv4'
,
'external_ipv4'
)
# Renaming field 'Rule.nat_dport' to 'Rule.nat_external_port'
db
.
rename_column
(
u'firewall_rule'
,
'nat_dport'
,
'nat_external_port'
)
# Adding field 'Rule.priority'
db
.
add_column
(
u'firewall_rule'
,
'priority'
,
self
.
gf
(
'django.db.models.fields.IntegerField'
)(
default
=
1000
,
null
=
True
,
blank
=
True
),
keep_default
=
False
)
# Adding field 'Rule.nat_external_ipv4'
db
.
add_column
(
u'firewall_rule'
,
'nat_external_ipv4'
,
self
.
gf
(
'firewall.fields.IPAddressField'
)(
max_length
=
100
,
null
=
True
,
blank
=
True
),
keep_default
=
False
)
# Changing field 'Rule.direction'
db
.
alter_column
(
u'firewall_rule'
,
'direction'
,
self
.
gf
(
'django.db.models.fields.CharField'
)(
max_length
=
3
))
# Migrating data
for
rule
in
orm
.
Rule
.
objects
.
all
():
if
rule
.
nat
:
# swap
tmp
=
rule
.
dport
# rule.dport = rule.nat_external_port
# rule.nat_external_port = tmp
if
rule
.
direction
==
'0'
:
rule
.
direction
=
'out'
elif
rule
.
direction
==
'1'
:
rule
.
direction
=
'in'
rule
.
save
()
def
backwards
(
self
,
orm
):
# Renaming field 'Host.external_ipv4' to 'Host.pub_ipv4'
db
.
rename_column
(
u'firewall_host'
,
'external_ipv4'
,
'pub_ipv4'
)
# Renaming field 'Rule.nat_external_port' to 'Rule.nat_dport'
db
.
rename_column
(
u'firewall_rule'
,
'nat_external_port'
,
'nat_dport'
)
# Deleting field 'Rule.priority'
db
.
delete_column
(
u'firewall_rule'
,
'priority'
)
# Deleting field 'Rule.nat_external_ipv4'
db
.
delete_column
(
u'firewall_rule'
,
'nat_external_ipv4'
)
# Changing field 'Rule.direction'
db
.
alter_column
(
u'firewall_rule'
,
'direction'
,
self
.
gf
(
'django.db.models.fields.CharField'
)(
max_length
=
3
))
models
=
{
u'acl.level'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'codename'),)"
,
'object_name'
:
'Level'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
})
},
u'acl.objectlevel'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'object_id', 'level'),)"
,
'object_name'
:
'ObjectLevel'
},
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'level'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['acl.Level']"
}),
'object_id'
:
(
'django.db.models.fields.IntegerField'
,
[],
{}),
'users'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'symmetrical'
:
'False'
})
},
u'auth.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'80'
}),
'permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
})
},
u'auth.permission'
:
{
'Meta'
:
{
'ordering'
:
"(u'content_type__app_label', u'content_type__model', u'codename')"
,
'unique_together'
:
"((u'content_type', u'codename'),)"
,
'object_name'
:
'Permission'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
})
},
u'auth.user'
:
{
'Meta'
:
{
'object_name'
:
'User'
},
'date_joined'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'email'
:
(
'django.db.models.fields.EmailField'
,
[],
{
'max_length'
:
'75'
,
'blank'
:
'True'
}),
'first_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'is_active'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'is_staff'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'is_superuser'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'last_login'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'last_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'password'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'128'
}),
'user_permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
'username'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'30'
})
},
u'contenttypes.contenttype'
:
{
'Meta'
:
{
'ordering'
:
"('name',)"
,
'unique_together'
:
"(('app_label', 'model'),)"
,
'object_name'
:
'ContentType'
,
'db_table'
:
"'django_content_type'"
},
'app_label'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'model'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
})
},
u'firewall.blacklist'
:
{
'Meta'
:
{
'object_name'
:
'Blacklist'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'39'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'reason'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'snort_message'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'tempban'"
,
'max_length'
:
'10'
})
},
u'firewall.domain'
:
{
'Meta'
:
{
'object_name'
:
'Domain'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
})
},
u'firewall.ethernetdevice'
:
{
'Meta'
:
{
'object_name'
:
'EthernetDevice'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'switch_port'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ethernet_devices'"
,
'to'
:
u"orm['firewall.SwitchPort']"
})
},
u'firewall.firewall'
:
{
'Meta'
:
{
'object_name'
:
'Firewall'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
})
},
u'firewall.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
},
u'firewall.host'
:
{
'Meta'
:
{
'ordering'
:
"('normalized_hostname', 'vlan')"
,
'unique_together'
:
"(('hostname', 'vlan'),)"
,
'object_name'
:
'Host'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Group']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'hostname'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'100'
}),
'ipv6'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'unique'
:
'True'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'location'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'mac'
:
(
'firewall.fields.MACAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'17'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'normalized_hostname'
:
(
'common.models.HumanSortField'
,
[],
{
'default'
:
"''"
,
'maximum_number_length'
:
'4'
,
'max_length'
:
'80'
,
'monitor'
:
"'hostname'"
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'reverse'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'shared_ip'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.record'
:
{
'Meta'
:
{
'ordering'
:
"('domain', 'name')"
,
'object_name'
:
'Record'
},
'address'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'200'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'6'
})
},
u'firewall.rule'
:
{
'Meta'
:
{
'ordering'
:
"('direction', 'proto', 'sport', 'dport', 'nat_external_port', 'host')"
,
'object_name'
:
'Rule'
},
'accept'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'direction'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'3'
}),
'dport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'extra'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'firewall'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Firewall']"
}),
'foreign_network'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ForeignRules'"
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Host']"
}),
'hostgroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Group']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'nat'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'nat_external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'nat_external_port'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'priority'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'1000'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'proto'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'10'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'sport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Vlan']"
}),
'vlangroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
})
},
u'firewall.switchport'
:
{
'Meta'
:
{
'object_name'
:
'SwitchPort'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'tagged_vlans'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'tagged_ports'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'untagged_vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'untagged_ports'"
,
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.vlan'
:
{
'Meta'
:
{
'object_name'
:
'Vlan'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'dhcp_pool'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv6_template'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'2001:738:2001:4031:
%(b)
d:
%(c)
d:
%(d)
d:0'"
}),
'managed'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'network4'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
}),
'network6'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'network_type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'reverse_domain'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'
%(d)
d.
%(c)
d.
%(b)
d.
%(a)
d.in-addr.arpa'"
}),
'snat_ip'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'max_length'
:
'39'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'snat_to'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vid'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'unique'
:
'True'
})
},
u'firewall.vlangroup'
:
{
'Meta'
:
{
'object_name'
:
'VlanGroup'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlans'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
}
}
complete_apps
=
[
'firewall'
]
circle/firewall/migrations/0046_auto__chg_field_rule_priority.py
0 → 100644
View file @
52795118
# -*- coding: utf-8 -*-
import
datetime
from
south.db
import
db
from
south.v2
import
SchemaMigration
from
django.db
import
models
class
Migration
(
SchemaMigration
):
def
forwards
(
self
,
orm
):
# Changing field 'Rule.priority'
db
.
alter_column
(
u'firewall_rule'
,
'priority'
,
self
.
gf
(
'django.db.models.fields.IntegerField'
)())
def
backwards
(
self
,
orm
):
# Changing field 'Rule.priority'
db
.
alter_column
(
u'firewall_rule'
,
'priority'
,
self
.
gf
(
'django.db.models.fields.IntegerField'
)(
null
=
True
))
models
=
{
u'acl.level'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'codename'),)"
,
'object_name'
:
'Level'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
})
},
u'acl.objectlevel'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'object_id', 'level'),)"
,
'object_name'
:
'ObjectLevel'
},
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'level'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['acl.Level']"
}),
'object_id'
:
(
'django.db.models.fields.IntegerField'
,
[],
{}),
'users'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'symmetrical'
:
'False'
})
},
u'auth.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'80'
}),
'permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
})
},
u'auth.permission'
:
{
'Meta'
:
{
'ordering'
:
"(u'content_type__app_label', u'content_type__model', u'codename')"
,
'unique_together'
:
"((u'content_type', u'codename'),)"
,
'object_name'
:
'Permission'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
})
},
u'auth.user'
:
{
'Meta'
:
{
'object_name'
:
'User'
},
'date_joined'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'email'
:
(
'django.db.models.fields.EmailField'
,
[],
{
'max_length'
:
'75'
,
'blank'
:
'True'
}),
'first_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'is_active'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'is_staff'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'is_superuser'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'last_login'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'last_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'password'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'128'
}),
'user_permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
'username'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'30'
})
},
u'contenttypes.contenttype'
:
{
'Meta'
:
{
'ordering'
:
"('name',)"
,
'unique_together'
:
"(('app_label', 'model'),)"
,
'object_name'
:
'ContentType'
,
'db_table'
:
"'django_content_type'"
},
'app_label'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'model'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
})
},
u'firewall.blacklist'
:
{
'Meta'
:
{
'object_name'
:
'Blacklist'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'39'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'reason'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'snort_message'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'tempban'"
,
'max_length'
:
'10'
})
},
u'firewall.domain'
:
{
'Meta'
:
{
'object_name'
:
'Domain'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
})
},
u'firewall.ethernetdevice'
:
{
'Meta'
:
{
'object_name'
:
'EthernetDevice'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'switch_port'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ethernet_devices'"
,
'to'
:
u"orm['firewall.SwitchPort']"
})
},
u'firewall.firewall'
:
{
'Meta'
:
{
'object_name'
:
'Firewall'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
})
},
u'firewall.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
},
u'firewall.host'
:
{
'Meta'
:
{
'ordering'
:
"('normalized_hostname', 'vlan')"
,
'unique_together'
:
"(('hostname', 'vlan'),)"
,
'object_name'
:
'Host'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Group']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'hostname'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'100'
}),
'ipv6'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'unique'
:
'True'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'location'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'mac'
:
(
'firewall.fields.MACAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'17'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'normalized_hostname'
:
(
'common.models.HumanSortField'
,
[],
{
'default'
:
"''"
,
'maximum_number_length'
:
'4'
,
'max_length'
:
'80'
,
'monitor'
:
"'hostname'"
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'reverse'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'shared_ip'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.record'
:
{
'Meta'
:
{
'ordering'
:
"('domain', 'name')"
,
'object_name'
:
'Record'
},
'address'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'200'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'6'
})
},
u'firewall.rule'
:
{
'Meta'
:
{
'ordering'
:
"('direction', 'proto', 'sport', 'dport', 'nat_external_port', 'host')"
,
'object_name'
:
'Rule'
},
'accept'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'direction'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'3'
}),
'dport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'extra'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'firewall'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Firewall']"
}),
'foreign_network'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ForeignRules'"
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Host']"
}),
'hostgroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Group']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'nat'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'nat_external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'nat_external_port'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'priority'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'1000'
}),
'proto'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'10'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'sport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Vlan']"
}),
'vlangroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
})
},
u'firewall.switchport'
:
{
'Meta'
:
{
'object_name'
:
'SwitchPort'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'tagged_vlans'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'tagged_ports'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'untagged_vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'untagged_ports'"
,
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.vlan'
:
{
'Meta'
:
{
'object_name'
:
'Vlan'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'dhcp_pool'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv6_template'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'2001:738:2001:4031:
%(b)
d:
%(c)
d:
%(d)
d:0'"
}),
'managed'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'network4'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
}),
'network6'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'network_type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'portforward'"
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'reverse_domain'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'
%(d)
d.
%(c)
d.
%(b)
d.
%(a)
d.in-addr.arpa'"
}),
'snat_ip'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'max_length'
:
'39'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'snat_to'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vid'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'unique'
:
'True'
})
},
u'firewall.vlangroup'
:
{
'Meta'
:
{
'object_name'
:
'VlanGroup'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlans'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
}
}
complete_apps
=
[
'firewall'
]
\ No newline at end of file
circle/firewall/migrations/0047_auto__del_field_rule_priority__add_field_rule_weight.py
0 → 100644
View file @
52795118
# -*- coding: utf-8 -*-
import
datetime
from
south.db
import
db
from
south.v2
import
SchemaMigration
from
django.db
import
models
class
Migration
(
SchemaMigration
):
def
forwards
(
self
,
orm
):
db
.
rename_column
(
u'firewall_rule'
,
'priority'
,
'weight'
)
db
.
alter_column
(
u'firewall_rule'
,
'weight'
,
self
.
gf
(
'django.db.models.fields.IntegerField'
)(
default
=
30000
))
def
backwards
(
self
,
orm
):
db
.
rename_column
(
u'firewall_rule'
,
'priority'
,
'weight'
)
db
.
alter_column
(
u'firewall_rule'
,
'priority'
,
self
.
gf
(
'django.db.models.fields.IntegerField'
)(
default
=
1000
))
models
=
{
u'acl.level'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'codename'),)"
,
'object_name'
:
'Level'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
})
},
u'acl.objectlevel'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'object_id', 'level'),)"
,
'object_name'
:
'ObjectLevel'
},
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'level'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['acl.Level']"
}),
'object_id'
:
(
'django.db.models.fields.IntegerField'
,
[],
{}),
'users'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'symmetrical'
:
'False'
})
},
u'auth.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'80'
}),
'permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
})
},
u'auth.permission'
:
{
'Meta'
:
{
'ordering'
:
"(u'content_type__app_label', u'content_type__model', u'codename')"
,
'unique_together'
:
"((u'content_type', u'codename'),)"
,
'object_name'
:
'Permission'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
})
},
u'auth.user'
:
{
'Meta'
:
{
'object_name'
:
'User'
},
'date_joined'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'email'
:
(
'django.db.models.fields.EmailField'
,
[],
{
'max_length'
:
'75'
,
'blank'
:
'True'
}),
'first_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'is_active'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'is_staff'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'is_superuser'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'last_login'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'last_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'password'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'128'
}),
'user_permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
'username'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'30'
})
},
u'contenttypes.contenttype'
:
{
'Meta'
:
{
'ordering'
:
"('name',)"
,
'unique_together'
:
"(('app_label', 'model'),)"
,
'object_name'
:
'ContentType'
,
'db_table'
:
"'django_content_type'"
},
'app_label'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'model'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
})
},
u'firewall.blacklist'
:
{
'Meta'
:
{
'object_name'
:
'Blacklist'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'39'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'reason'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'snort_message'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'tempban'"
,
'max_length'
:
'10'
})
},
u'firewall.domain'
:
{
'Meta'
:
{
'object_name'
:
'Domain'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
})
},
u'firewall.ethernetdevice'
:
{
'Meta'
:
{
'object_name'
:
'EthernetDevice'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'switch_port'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ethernet_devices'"
,
'to'
:
u"orm['firewall.SwitchPort']"
})
},
u'firewall.firewall'
:
{
'Meta'
:
{
'object_name'
:
'Firewall'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
})
},
u'firewall.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
},
u'firewall.host'
:
{
'Meta'
:
{
'ordering'
:
"('normalized_hostname', 'vlan')"
,
'unique_together'
:
"(('hostname', 'vlan'),)"
,
'object_name'
:
'Host'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Group']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'hostname'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'100'
}),
'ipv6'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'unique'
:
'True'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'location'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'mac'
:
(
'firewall.fields.MACAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'17'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'normalized_hostname'
:
(
'common.models.HumanSortField'
,
[],
{
'default'
:
"''"
,
'maximum_number_length'
:
'4'
,
'max_length'
:
'80'
,
'monitor'
:
"'hostname'"
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'reverse'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'shared_ip'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.record'
:
{
'Meta'
:
{
'ordering'
:
"('domain', 'name')"
,
'object_name'
:
'Record'
},
'address'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'200'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'6'
})
},
u'firewall.rule'
:
{
'Meta'
:
{
'ordering'
:
"('direction', 'proto', 'sport', 'dport', 'nat_external_port', 'host')"
,
'object_name'
:
'Rule'
},
'accept'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'direction'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'3'
}),
'dport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'extra'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'firewall'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Firewall']"
}),
'foreign_network'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ForeignRules'"
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Host']"
}),
'hostgroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Group']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'nat'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'nat_external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'nat_external_port'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'proto'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'10'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'sport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Vlan']"
}),
'vlangroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'30000'
})
},
u'firewall.switchport'
:
{
'Meta'
:
{
'object_name'
:
'SwitchPort'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'tagged_vlans'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'tagged_ports'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'untagged_vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'untagged_ports'"
,
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.vlan'
:
{
'Meta'
:
{
'object_name'
:
'Vlan'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'dhcp_pool'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv6_template'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'2001:738:2001:4031:
%(b)
d:
%(c)
d:
%(d)
d:0'"
}),
'managed'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'network4'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
}),
'network6'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'network_type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'portforward'"
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'reverse_domain'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'
%(d)
d.
%(c)
d.
%(b)
d.
%(a)
d.in-addr.arpa'"
}),
'snat_ip'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'max_length'
:
'39'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'snat_to'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vid'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'unique'
:
'True'
})
},
u'firewall.vlangroup'
:
{
'Meta'
:
{
'object_name'
:
'VlanGroup'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlans'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
}
}
complete_apps
=
[
'firewall'
]
circle/firewall/migrations/0048_auto__add_field_rule_action.py
0 → 100644
View file @
52795118
# -*- coding: utf-8 -*-
import
datetime
from
south.db
import
db
from
south.v2
import
SchemaMigration
from
django.db
import
models
class
Migration
(
SchemaMigration
):
def
forwards
(
self
,
orm
):
# Adding field 'Rule.action'
db
.
add_column
(
u'firewall_rule'
,
'action'
,
self
.
gf
(
'django.db.models.fields.CharField'
)(
default
=
'drop'
,
max_length
=
10
),
keep_default
=
False
)
# Migrating data
for
rule
in
orm
.
Rule
.
objects
.
all
():
rule
.
action
=
'accept'
if
rule
.
accept
else
'drop'
rule
.
save
()
def
backwards
(
self
,
orm
):
# Deleting field 'Rule.action'
db
.
delete_column
(
u'firewall_rule'
,
'action'
)
models
=
{
u'acl.level'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'codename'),)"
,
'object_name'
:
'Level'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
})
},
u'acl.objectlevel'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'object_id', 'level'),)"
,
'object_name'
:
'ObjectLevel'
},
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'level'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['acl.Level']"
}),
'object_id'
:
(
'django.db.models.fields.IntegerField'
,
[],
{}),
'users'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'symmetrical'
:
'False'
})
},
u'auth.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'80'
}),
'permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
})
},
u'auth.permission'
:
{
'Meta'
:
{
'ordering'
:
"(u'content_type__app_label', u'content_type__model', u'codename')"
,
'unique_together'
:
"((u'content_type', u'codename'),)"
,
'object_name'
:
'Permission'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
})
},
u'auth.user'
:
{
'Meta'
:
{
'object_name'
:
'User'
},
'date_joined'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'email'
:
(
'django.db.models.fields.EmailField'
,
[],
{
'max_length'
:
'75'
,
'blank'
:
'True'
}),
'first_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'is_active'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'is_staff'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'is_superuser'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'last_login'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'last_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'password'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'128'
}),
'user_permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
'username'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'30'
})
},
u'contenttypes.contenttype'
:
{
'Meta'
:
{
'ordering'
:
"('name',)"
,
'unique_together'
:
"(('app_label', 'model'),)"
,
'object_name'
:
'ContentType'
,
'db_table'
:
"'django_content_type'"
},
'app_label'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'model'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
})
},
u'firewall.blacklist'
:
{
'Meta'
:
{
'object_name'
:
'Blacklist'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'39'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'reason'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'snort_message'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'tempban'"
,
'max_length'
:
'10'
})
},
u'firewall.domain'
:
{
'Meta'
:
{
'object_name'
:
'Domain'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
})
},
u'firewall.ethernetdevice'
:
{
'Meta'
:
{
'object_name'
:
'EthernetDevice'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'switch_port'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ethernet_devices'"
,
'to'
:
u"orm['firewall.SwitchPort']"
})
},
u'firewall.firewall'
:
{
'Meta'
:
{
'object_name'
:
'Firewall'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
})
},
u'firewall.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
},
u'firewall.host'
:
{
'Meta'
:
{
'ordering'
:
"('normalized_hostname', 'vlan')"
,
'unique_together'
:
"(('hostname', 'vlan'),)"
,
'object_name'
:
'Host'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Group']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'hostname'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'100'
}),
'ipv6'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'unique'
:
'True'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'location'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'mac'
:
(
'firewall.fields.MACAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'17'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'normalized_hostname'
:
(
'common.models.HumanSortField'
,
[],
{
'default'
:
"''"
,
'maximum_number_length'
:
'4'
,
'max_length'
:
'80'
,
'monitor'
:
"'hostname'"
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'reverse'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'shared_ip'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.record'
:
{
'Meta'
:
{
'ordering'
:
"('domain', 'name')"
,
'object_name'
:
'Record'
},
'address'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'200'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'6'
})
},
u'firewall.rule'
:
{
'Meta'
:
{
'ordering'
:
"('direction', 'proto', 'sport', 'dport', 'nat_external_port', 'host')"
,
'object_name'
:
'Rule'
},
'action'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'drop'"
,
'max_length'
:
'10'
}),
'accept'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'direction'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'3'
}),
'dport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'extra'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'firewall'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Firewall']"
}),
'foreign_network'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ForeignRules'"
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Host']"
}),
'hostgroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Group']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'nat'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'nat_external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'nat_external_port'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'proto'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'10'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'sport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Vlan']"
}),
'vlangroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'30000'
})
},
u'firewall.switchport'
:
{
'Meta'
:
{
'object_name'
:
'SwitchPort'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'tagged_vlans'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'tagged_ports'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'untagged_vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'untagged_ports'"
,
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.vlan'
:
{
'Meta'
:
{
'object_name'
:
'Vlan'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'dhcp_pool'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv6_template'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'2001:738:2001:4031:
%(b)
d:
%(c)
d:
%(d)
d:0'"
}),
'managed'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'network4'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
}),
'network6'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'network_type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'portforward'"
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'reverse_domain'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'
%(d)
d.
%(c)
d.
%(b)
d.
%(a)
d.in-addr.arpa'"
}),
'snat_ip'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'max_length'
:
'39'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'snat_to'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vid'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'unique'
:
'True'
})
},
u'firewall.vlangroup'
:
{
'Meta'
:
{
'object_name'
:
'VlanGroup'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlans'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
}
}
complete_apps
=
[
'firewall'
]
circle/firewall/migrations/0049_auto__del_field_rule_accept.py
0 → 100644
View file @
52795118
# -*- coding: utf-8 -*-
import
datetime
from
south.db
import
db
from
south.v2
import
SchemaMigration
from
django.db
import
models
class
Migration
(
SchemaMigration
):
def
forwards
(
self
,
orm
):
# Deleting field 'Rule.accept'
db
.
delete_column
(
u'firewall_rule'
,
'accept'
)
def
backwards
(
self
,
orm
):
# Adding field 'Rule.accept'
db
.
add_column
(
u'firewall_rule'
,
'accept'
,
self
.
gf
(
'django.db.models.fields.BooleanField'
)(
default
=
True
),
keep_default
=
False
)
# Migrating data
for
rule
in
orm
.
Rule
.
objects
.
all
():
rule
.
accept
=
rule
.
action
==
'accept'
rule
.
save
()
models
=
{
u'acl.level'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'codename'),)"
,
'object_name'
:
'Level'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
})
},
u'acl.objectlevel'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'object_id', 'level'),)"
,
'object_name'
:
'ObjectLevel'
},
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'level'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['acl.Level']"
}),
'object_id'
:
(
'django.db.models.fields.IntegerField'
,
[],
{}),
'users'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'symmetrical'
:
'False'
})
},
u'auth.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'80'
}),
'permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
})
},
u'auth.permission'
:
{
'Meta'
:
{
'ordering'
:
"(u'content_type__app_label', u'content_type__model', u'codename')"
,
'unique_together'
:
"((u'content_type', u'codename'),)"
,
'object_name'
:
'Permission'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
})
},
u'auth.user'
:
{
'Meta'
:
{
'object_name'
:
'User'
},
'date_joined'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'email'
:
(
'django.db.models.fields.EmailField'
,
[],
{
'max_length'
:
'75'
,
'blank'
:
'True'
}),
'first_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'is_active'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'is_staff'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'is_superuser'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'last_login'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'last_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'password'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'128'
}),
'user_permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
'username'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'30'
})
},
u'contenttypes.contenttype'
:
{
'Meta'
:
{
'ordering'
:
"('name',)"
,
'unique_together'
:
"(('app_label', 'model'),)"
,
'object_name'
:
'ContentType'
,
'db_table'
:
"'django_content_type'"
},
'app_label'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'model'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
})
},
u'firewall.blacklist'
:
{
'Meta'
:
{
'object_name'
:
'Blacklist'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'39'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'reason'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'snort_message'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'tempban'"
,
'max_length'
:
'10'
})
},
u'firewall.domain'
:
{
'Meta'
:
{
'object_name'
:
'Domain'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
})
},
u'firewall.ethernetdevice'
:
{
'Meta'
:
{
'object_name'
:
'EthernetDevice'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'switch_port'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ethernet_devices'"
,
'to'
:
u"orm['firewall.SwitchPort']"
})
},
u'firewall.firewall'
:
{
'Meta'
:
{
'object_name'
:
'Firewall'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
})
},
u'firewall.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
},
u'firewall.host'
:
{
'Meta'
:
{
'ordering'
:
"('normalized_hostname', 'vlan')"
,
'unique_together'
:
"(('hostname', 'vlan'),)"
,
'object_name'
:
'Host'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Group']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'hostname'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'100'
}),
'ipv6'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'unique'
:
'True'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'location'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'mac'
:
(
'firewall.fields.MACAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'17'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'normalized_hostname'
:
(
'common.models.HumanSortField'
,
[],
{
'default'
:
"''"
,
'maximum_number_length'
:
'4'
,
'max_length'
:
'80'
,
'monitor'
:
"'hostname'"
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'reverse'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'shared_ip'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.record'
:
{
'Meta'
:
{
'ordering'
:
"('domain', 'name')"
,
'object_name'
:
'Record'
},
'address'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'200'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'6'
})
},
u'firewall.rule'
:
{
'Meta'
:
{
'ordering'
:
"('direction', 'proto', 'sport', 'dport', 'nat_external_port', 'host')"
,
'object_name'
:
'Rule'
},
'action'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'drop'"
,
'max_length'
:
'10'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'direction'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'3'
}),
'dport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'extra'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'firewall'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Firewall']"
}),
'foreign_network'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ForeignRules'"
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Host']"
}),
'hostgroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Group']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'nat'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'nat_external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'nat_external_port'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'proto'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'10'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'sport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Vlan']"
}),
'vlangroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'30000'
})
},
u'firewall.switchport'
:
{
'Meta'
:
{
'object_name'
:
'SwitchPort'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'tagged_vlans'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'tagged_ports'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'untagged_vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'untagged_ports'"
,
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.vlan'
:
{
'Meta'
:
{
'object_name'
:
'Vlan'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'dhcp_pool'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv6_template'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'2001:738:2001:4031:
%(b)
d:
%(c)
d:
%(d)
d:0'"
}),
'managed'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'network4'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
}),
'network6'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'network_type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'portforward'"
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'reverse_domain'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'
%(d)
d.
%(c)
d.
%(b)
d.
%(a)
d.in-addr.arpa'"
}),
'snat_ip'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'max_length'
:
'39'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'snat_to'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vid'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'unique'
:
'True'
})
},
u'firewall.vlangroup'
:
{
'Meta'
:
{
'object_name'
:
'VlanGroup'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlans'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
}
}
complete_apps
=
[
'firewall'
]
circle/firewall/migrations/0050_auto__add_field_vlan_host_ipv6_prefixlen.py
0 → 100644
View file @
52795118
# -*- coding: utf-8 -*-
import
datetime
from
south.db
import
db
from
south.v2
import
SchemaMigration
from
django.db
import
models
class
Migration
(
SchemaMigration
):
def
forwards
(
self
,
orm
):
# Adding field 'Vlan.host_ipv6_prefixlen'
db
.
add_column
(
u'firewall_vlan'
,
'host_ipv6_prefixlen'
,
self
.
gf
(
'django.db.models.fields.IntegerField'
)(
default
=
112
),
keep_default
=
False
)
def
backwards
(
self
,
orm
):
# Deleting field 'Vlan.host_ipv6_prefixlen'
db
.
delete_column
(
u'firewall_vlan'
,
'host_ipv6_prefixlen'
)
models
=
{
u'acl.level'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'codename'),)"
,
'object_name'
:
'Level'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
})
},
u'acl.objectlevel'
:
{
'Meta'
:
{
'unique_together'
:
"(('content_type', 'object_id', 'level'),)"
,
'object_name'
:
'ObjectLevel'
},
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'level'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['acl.Level']"
}),
'object_id'
:
(
'django.db.models.fields.IntegerField'
,
[],
{}),
'users'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'symmetrical'
:
'False'
})
},
u'auth.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'80'
}),
'permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
})
},
u'auth.permission'
:
{
'Meta'
:
{
'ordering'
:
"(u'content_type__app_label', u'content_type__model', u'codename')"
,
'unique_together'
:
"((u'content_type', u'codename'),)"
,
'object_name'
:
'Permission'
},
'codename'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'content_type'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['contenttypes.ContentType']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'50'
})
},
u'auth.user'
:
{
'Meta'
:
{
'object_name'
:
'User'
},
'date_joined'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'email'
:
(
'django.db.models.fields.EmailField'
,
[],
{
'max_length'
:
'75'
,
'blank'
:
'True'
}),
'first_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Group']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'is_active'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'is_staff'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'is_superuser'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'last_login'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'default'
:
'datetime.datetime.now'
}),
'last_name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'30'
,
'blank'
:
'True'
}),
'password'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'128'
}),
'user_permissions'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'to'
:
u"orm['auth.Permission']"
,
'symmetrical'
:
'False'
,
'blank'
:
'True'
}),
'username'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'30'
})
},
u'contenttypes.contenttype'
:
{
'Meta'
:
{
'ordering'
:
"('name',)"
,
'unique_together'
:
"(('app_label', 'model'),)"
,
'object_name'
:
'ContentType'
,
'db_table'
:
"'django_content_type'"
},
'app_label'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'model'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'100'
})
},
u'firewall.blacklist'
:
{
'Meta'
:
{
'object_name'
:
'Blacklist'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'39'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'reason'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'snort_message'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'tempban'"
,
'max_length'
:
'10'
})
},
u'firewall.domain'
:
{
'Meta'
:
{
'object_name'
:
'Domain'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
})
},
u'firewall.ethernetdevice'
:
{
'Meta'
:
{
'object_name'
:
'EthernetDevice'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'switch_port'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ethernet_devices'"
,
'to'
:
u"orm['firewall.SwitchPort']"
})
},
u'firewall.firewall'
:
{
'Meta'
:
{
'object_name'
:
'Firewall'
},
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
})
},
u'firewall.group'
:
{
'Meta'
:
{
'object_name'
:
'Group'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
},
u'firewall.host'
:
{
'Meta'
:
{
'ordering'
:
"('normalized_hostname', 'vlan')"
,
'unique_together'
:
"(('hostname', 'vlan'),)"
,
'object_name'
:
'Host'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'groups'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Group']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'hostname'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'100'
}),
'ipv6'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'unique'
:
'True'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'location'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'mac'
:
(
'firewall.fields.MACAddressField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'17'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'normalized_hostname'
:
(
'common.models.HumanSortField'
,
[],
{
'default'
:
"''"
,
'maximum_number_length'
:
'4'
,
'max_length'
:
'80'
,
'monitor'
:
"'hostname'"
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'reverse'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'shared_ip'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.record'
:
{
'Meta'
:
{
'ordering'
:
"('domain', 'name')"
,
'object_name'
:
'Record'
},
'address'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'200'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Host']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'40'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
}),
'ttl'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'600'
}),
'type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'6'
})
},
u'firewall.rule'
:
{
'Meta'
:
{
'ordering'
:
"('direction', 'proto', 'sport', 'dport', 'nat_external_port', 'host')"
,
'object_name'
:
'Rule'
},
'action'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'drop'"
,
'max_length'
:
'10'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'direction'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'3'
}),
'dport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'extra'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'firewall'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Firewall']"
}),
'foreign_network'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'ForeignRules'"
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'host'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Host']"
}),
'hostgroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Group']"
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'nat'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'False'
}),
'nat_external_ipv4'
:
(
'firewall.fields.IPAddressField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'nat_external_port'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'proto'
:
(
'django.db.models.fields.CharField'
,
[],
{
'max_length'
:
'10'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'sport'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.Vlan']"
}),
'vlangroup'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'rules'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'weight'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'30000'
})
},
u'firewall.switchport'
:
{
'Meta'
:
{
'object_name'
:
'SwitchPort'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'tagged_vlans'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'blank'
:
'True'
,
'related_name'
:
"'tagged_ports'"
,
'null'
:
'True'
,
'to'
:
u"orm['firewall.VlanGroup']"
}),
'untagged_vlan'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'related_name'
:
"'untagged_ports'"
,
'to'
:
u"orm['firewall.Vlan']"
})
},
u'firewall.vlan'
:
{
'Meta'
:
{
'object_name'
:
'Vlan'
},
'comment'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'dhcp_pool'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
'domain'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['firewall.Domain']"
}),
'host_ipv6_prefixlen'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'default'
:
'112'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'ipv6_template'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'2001:738:2001:4031:
%(b)
d:
%(c)
d:
%(d)
d:0'"
}),
'managed'
:
(
'django.db.models.fields.BooleanField'
,
[],
{
'default'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'network4'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
}),
'network6'
:
(
'firewall.fields.IPNetworkField'
,
[],
{
'max_length'
:
'100'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'network_type'
:
(
'django.db.models.fields.CharField'
,
[],
{
'default'
:
"'portforward'"
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'reverse_domain'
:
(
'django.db.models.fields.TextField'
,
[],
{
'default'
:
"'
%(d)
d.
%(c)
d.
%(b)
d.
%(a)
d.in-addr.arpa'"
}),
'snat_ip'
:
(
'django.db.models.fields.GenericIPAddressField'
,
[],
{
'max_length'
:
'39'
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'snat_to'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vid'
:
(
'django.db.models.fields.IntegerField'
,
[],
{
'unique'
:
'True'
})
},
u'firewall.vlangroup'
:
{
'Meta'
:
{
'object_name'
:
'VlanGroup'
},
'created_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now_add'
:
'True'
,
'blank'
:
'True'
}),
'description'
:
(
'django.db.models.fields.TextField'
,
[],
{
'blank'
:
'True'
}),
u'id'
:
(
'django.db.models.fields.AutoField'
,
[],
{
'primary_key'
:
'True'
}),
'modified_at'
:
(
'django.db.models.fields.DateTimeField'
,
[],
{
'auto_now'
:
'True'
,
'blank'
:
'True'
}),
'name'
:
(
'django.db.models.fields.CharField'
,
[],
{
'unique'
:
'True'
,
'max_length'
:
'20'
}),
'owner'
:
(
'django.db.models.fields.related.ForeignKey'
,
[],
{
'to'
:
u"orm['auth.User']"
,
'null'
:
'True'
,
'blank'
:
'True'
}),
'vlans'
:
(
'django.db.models.fields.related.ManyToManyField'
,
[],
{
'symmetrical'
:
'False'
,
'to'
:
u"orm['firewall.Vlan']"
,
'null'
:
'True'
,
'blank'
:
'True'
})
}
}
complete_apps
=
[
'firewall'
]
\ No newline at end of file
circle/firewall/models.py
View file @
52795118
...
...
@@ -2,7 +2,7 @@
from
itertools
import
islice
,
ifilter
import
logging
from
netaddr
import
IPSet
,
EUI
from
netaddr
import
IPSet
,
EUI
,
IPNetwork
from
django.contrib.auth.models
import
User
from
django.db
import
models
...
...
@@ -19,6 +19,7 @@ import random
from
common.models
import
HumanSortField
from
firewall.tasks.local_tasks
import
reloadtask
from
.iptables
import
IptRule
from
acl.models
import
AclBase
logger
=
logging
.
getLogger
(
__name__
)
settings
=
django
.
conf
.
settings
.
FIREWALL_SETTINGS
...
...
@@ -36,9 +37,11 @@ class Rule(models.Model):
CHOICES_type
=
((
'host'
,
'host'
),
(
'firewall'
,
'firewall'
),
(
'vlan'
,
'vlan'
))
CHOICES_proto
=
((
'tcp'
,
'tcp'
),
(
'udp'
,
'udp'
),
(
'icmp'
,
'icmp'
))
CHOICES_dir
=
((
'0'
,
'out'
),
(
'1'
,
'in'
))
CHOICES_dir
=
((
'out'
,
_
(
'out'
)),
(
'in'
,
_
(
'in'
)))
CHOICES_action
=
((
'accept'
,
_
(
'accept'
)),
(
'drop'
,
_
(
'drop'
)),
(
'ignore'
,
_
(
'ignore'
)))
direction
=
models
.
CharField
(
max_length
=
1
,
choices
=
CHOICES_dir
,
direction
=
models
.
CharField
(
max_length
=
3
,
choices
=
CHOICES_dir
,
blank
=
False
,
verbose_name
=
_
(
"direction"
),
help_text
=
_
(
"If the rule matches egress "
"or ingress packets."
))
...
...
@@ -58,28 +61,38 @@ class Rule(models.Model):
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
"source port"
),
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)],
help_text
=
_
(
"Source port number of packets that match."
))
weight
=
models
.
IntegerField
(
verbose_name
=
_
(
"weight"
),
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)],
help_text
=
_
(
"Rule weight"
),
default
=
30000
)
proto
=
models
.
CharField
(
max_length
=
10
,
choices
=
CHOICES_proto
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
"protocol"
),
help_text
=
_
(
"Protocol of packets that match."
))
extra
=
models
.
TextField
(
blank
=
True
,
verbose_name
=
_
(
"extra arguments"
),
help_text
=
_
(
"Additional arguments passed "
"literally to the iptables-rule."
))
accept
=
models
.
BooleanField
(
default
=
False
,
verbose_name
=
_
(
"accept"
),
help_text
=
_
(
"Accept the matching packets "
"(or deny if not checked)."
))
action
=
models
.
CharField
(
max_length
=
10
,
choices
=
CHOICES_action
,
default
=
'drop'
,
verbose_name
=
_
(
'action'
),
help_text
=
_
(
"Accept, drop or ignore the "
"matching packets."
))
owner
=
models
.
ForeignKey
(
User
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
"owner"
),
help_text
=
_
(
"The user responsible for "
"this rule."
))
nat
=
models
.
BooleanField
(
default
=
False
,
verbose_name
=
_
(
"NAT"
),
help_text
=
_
(
"If network address translation "
"should be done."
))
nat_dport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
help_text
=
_
(
"Rewrite destination port "
"number to this if NAT is "
"needed."
),
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
nat_external_port
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
help_text
=
_
(
"Rewrite destination port number to this if NAT is "
"needed."
),
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
nat_external_ipv4
=
IPAddressField
(
version
=
4
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'external IPv4 address'
))
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
,
verbose_name
=
_
(
"created at"
))
...
...
@@ -120,14 +133,25 @@ class Rule(models.Model):
if
len
(
selected_fields
)
>
1
:
raise
ValidationError
(
_
(
'Only one field can be selected.'
))
def
get_external_ipv4
(
self
):
return
(
self
.
nat_external_ipv4
if
self
.
nat_external_ipv4
else
self
.
host
.
get_external_ipv4
())
def
get_external_port
(
self
,
proto
=
'ipv4'
):
assert
proto
in
(
'ipv4'
,
'ipv6'
)
if
proto
==
'ipv4'
and
self
.
nat_external_port
:
return
self
.
nat_external_port
else
:
return
self
.
dport
def
desc
(
self
):
"""Return a short string representation of the current rule.
"""
return
u'[
%(type)
s]
%(src)
s ▸
%(dst)
s
%(para)
s
%(desc)
s'
%
{
'type'
:
self
.
r_type
,
'src'
:
(
unicode
(
self
.
foreign_network
)
if
self
.
direction
==
'
1
'
'src'
:
(
unicode
(
self
.
foreign_network
)
if
self
.
direction
==
'
in
'
else
self
.
r_type
),
'dst'
:
(
self
.
r_type
if
self
.
direction
==
'
1
'
'dst'
:
(
self
.
r_type
if
self
.
direction
==
'
out
'
else
unicode
(
self
.
foreign_network
)),
'para'
:
(((
"proto=
%
s "
%
self
.
proto
)
if
self
.
proto
else
''
)
+
((
"sport=
%
s "
%
self
.
sport
)
if
self
.
sport
else
''
)
+
...
...
@@ -147,6 +171,61 @@ class Rule(models.Model):
def
get_absolute_url
(
self
):
return
(
'network.rule'
,
None
,
{
'pk'
:
self
.
pk
})
@staticmethod
def
get_chain_name
(
local
,
remote
,
direction
):
if
direction
==
'in'
:
# remote -> local
return
'
%
s_
%
s'
%
(
remote
,
local
)
else
:
# local -> remote
return
'
%
s_
%
s'
%
(
local
,
remote
)
def
get_ipt_rules
(
self
,
host
=
None
):
# action
action
=
'LOG_ACC'
if
self
.
action
==
'accept'
else
'LOG_DROP'
# src and dst addresses
src
=
None
dst
=
None
if
host
:
ip
=
(
host
.
ipv4
,
host
.
ipv6_with_prefixlen
)
if
self
.
direction
==
'in'
:
dst
=
ip
else
:
src
=
ip
# src and dst ports
if
self
.
direction
==
'in'
:
dport
=
self
.
dport
sport
=
self
.
sport
else
:
dport
=
self
.
sport
sport
=
self
.
dport
# 'chain_name': rule dict
retval
=
{}
# process foreign vlans
for
foreign_vlan
in
self
.
foreign_network
.
vlans
.
all
():
r
=
IptRule
(
priority
=
self
.
weight
,
action
=
action
,
proto
=
self
.
proto
,
extra
=
self
.
extra
,
comment
=
'Rule #
%
s'
%
self
.
pk
,
src
=
src
,
dst
=
dst
,
dport
=
dport
,
sport
=
sport
)
# host, hostgroup or vlan rule
if
host
or
self
.
vlan_id
:
local_vlan
=
host
.
vlan
.
name
if
host
else
self
.
vlan
.
name
chain_name
=
Rule
.
get_chain_name
(
local
=
local_vlan
,
remote
=
foreign_vlan
.
name
,
direction
=
self
.
direction
)
# firewall rule
elif
self
.
firewall_id
:
chain_name
=
'INPUT'
if
self
.
direction
==
'in'
else
'OUTPUT'
retval
[
chain_name
]
=
r
return
retval
class
Meta
:
verbose_name
=
_
(
"rule"
)
verbose_name_plural
=
_
(
"rules"
)
...
...
@@ -155,7 +234,7 @@ class Rule(models.Model):
'proto'
,
'sport'
,
'dport'
,
'nat_
d
port'
,
'nat_
external_
port'
,
'host'
,
)
...
...
@@ -177,7 +256,7 @@ class Vlan(AclBase, models.Model):
(
'user'
,
_
(
'user'
)),
(
'operator'
,
_
(
'operator'
)),
)
CHOICES_NETWORK_TYPE
=
((
'public'
,
_
(
'public'
)),
(
'dmz'
,
_
(
'dmz'
)),
CHOICES_NETWORK_TYPE
=
((
'public'
,
_
(
'public'
)),
(
'portforward'
,
_
(
'portforward'
)))
vid
=
models
.
IntegerField
(
unique
=
True
,
verbose_name
=
_
(
'VID'
),
...
...
@@ -199,6 +278,12 @@ class Vlan(AclBase, models.Model):
'valid address of the subnet, '
'for example '
'10.4.255.254/16 for 10.4.0.0/16.'
))
host_ipv6_prefixlen
=
models
.
IntegerField
(
verbose_name
=
_
(
'IPv6 prefixlen/host'
),
help_text
=
_
(
'The prefix length of the subnet assigned to a host. '
'For example /112 = 65536 addresses/host.'
),
default
=
112
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
128
)])
network6
=
IPNetworkField
(
unique
=
False
,
version
=
6
,
null
=
True
,
...
...
@@ -226,6 +311,7 @@ class Vlan(AclBase, models.Model):
'of NAT IP address.'
))
network_type
=
models
.
CharField
(
choices
=
CHOICES_NETWORK_TYPE
,
verbose_name
=
_
(
'network type'
),
default
=
'portforward'
,
max_length
=
20
)
managed
=
models
.
BooleanField
(
default
=
True
,
verbose_name
=
_
(
'managed'
))
description
=
models
.
TextField
(
blank
=
True
,
verbose_name
=
_
(
'description'
),
...
...
@@ -275,30 +361,6 @@ class Vlan(AclBase, models.Model):
def
get_absolute_url
(
self
):
return
(
'network.vlan'
,
None
,
{
'vid'
:
self
.
vid
})
@property
def
net4
(
self
):
return
self
.
network4
.
network
@property
def
ipv4
(
self
):
return
self
.
network4
.
ip
@property
def
prefix4
(
self
):
return
self
.
network4
.
prefixlen
@property
def
net6
(
self
):
return
self
.
network6
.
network
@property
def
ipv6
(
self
):
return
self
.
network6
.
ip
@property
def
prefix6
(
self
):
return
self
.
network6
.
prefixlen
def
get_random_addresses
(
self
,
used_v4
,
buffer_size
=
100
,
max_hosts
=
10000
):
addresses
=
islice
(
self
.
network4
.
iter_hosts
(),
max_hosts
)
unused_addresses
=
list
(
islice
(
...
...
@@ -403,7 +465,7 @@ class Host(models.Model):
verbose_name
=
_
(
'IPv4 address'
),
help_text
=
_
(
'The real IPv4 address of the '
'host, for example 10.5.1.34.'
))
pub
_ipv4
=
IPAddressField
(
external
_ipv4
=
IPAddressField
(
version
=
4
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'WAN IPv4 address'
),
help_text
=
_
(
'The public IPv4 address of the host on the wide '
...
...
@@ -449,18 +511,31 @@ class Host(models.Model):
@property
def
incoming_rules
(
self
):
return
self
.
rules
.
filter
(
direction
=
'1'
)
return
self
.
rules
.
filter
(
direction
=
'in'
)
@property
def
ipv6_with_prefixlen
(
self
):
try
:
net
=
IPNetwork
(
self
.
ipv6
)
net
.
prefixlen
=
self
.
vlan
.
host_ipv6_prefixlen
return
net
except
TypeError
:
return
None
def
get_external_ipv4
(
self
):
return
self
.
external_ipv4
if
self
.
external_ipv4
else
self
.
ipv4
@property
def
outgoing_rules
(
self
):
return
self
.
rules
.
filter
(
direction
=
'0'
)
def
behind_nat
(
self
):
return
self
.
vlan
.
network_type
!=
'public'
def
clean
(
self
):
if
(
not
self
.
shared_ip
and
self
.
pub_ipv4
and
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
pub_ipv4
=
self
.
pub_ipv4
)):
if
(
self
.
external_ipv4
and
not
self
.
shared_ip
and
self
.
behind_nat
and
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
external_ipv4
=
self
.
external_ipv4
)):
raise
ValidationError
(
_
(
"If shared_ip has been checked, "
"
pub
_ipv4 has to be unique."
))
if
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
pub
_ipv4
=
self
.
ipv4
):
"
external
_ipv4 has to be unique."
))
if
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
external
_ipv4
=
self
.
ipv4
):
raise
ValidationError
(
_
(
"You can't use another host's NAT'd "
"address as your own IPv4."
))
...
...
@@ -472,36 +547,36 @@ class Host(models.Model):
super
(
Host
,
self
)
.
save
(
*
args
,
**
kwargs
)
# IPv4
if
self
.
ipv4
is
not
None
:
Record
.
objects
.
filter
(
host
=
self
,
name
=
self
.
hostname
,
type
=
'A'
)
.
update
(
address
=
self
.
ipv4
)
record_count
=
self
.
record_set
.
filter
(
host
=
self
,
name
=
self
.
hostname
,
address
=
self
.
ipv4
,
type
=
'A'
)
.
count
()
if
record_count
==
0
:
# update existing records
affected_records
=
Record
.
objects
.
filter
(
host
=
self
,
name
=
self
.
hostname
,
type
=
'A'
)
.
update
(
address
=
self
.
ipv4
)
# create new record
if
affected_records
==
0
:
Record
(
host
=
self
,
name
=
self
.
hostname
,
domain
=
self
.
vlan
.
domain
,
address
=
self
.
ipv4
,
owner
=
self
.
owner
,
description
=
'host.save()'
,
description
=
'
created by
host.save()'
,
type
=
'A'
)
.
save
()
if
self
.
ipv6
:
Record
.
objects
.
filter
(
host
=
self
,
name
=
self
.
hostname
,
type
=
'AAAA'
)
.
update
(
address
=
self
.
ipv6
)
record_count
=
self
.
record_set
.
filter
(
host
=
self
,
name
=
self
.
hostname
,
address
=
self
.
ipv6
,
type
=
'AAAA'
)
.
count
()
if
record_count
==
0
:
# IPv6
if
self
.
ipv6
is
not
None
:
# update existing records
affected_records
=
Record
.
objects
.
filter
(
host
=
self
,
name
=
self
.
hostname
,
type
=
'AAAA'
)
.
update
(
address
=
self
.
ipv6
)
# create new record
if
affected_records
==
0
:
Record
(
host
=
self
,
name
=
self
.
hostname
,
domain
=
self
.
vlan
.
domain
,
address
=
self
.
ipv6
,
owner
=
self
.
owner
,
description
=
'host.save()'
,
description
=
'
created by
host.save()'
,
type
=
'AAAA'
)
.
save
()
def
enable_net
(
self
):
...
...
@@ -517,12 +592,15 @@ class Host(models.Model):
:type proto: str.
:returns: list -- list of int port numbers used.
"""
if
self
.
shared_ip
:
ports
=
Rule
.
objects
.
filter
(
host__pub_ipv4
=
self
.
pub_ipv4
,
nat
=
True
,
proto
=
proto
)
if
self
.
behind_nat
:
ports
=
Rule
.
objects
.
filter
(
host__external_ipv4
=
self
.
external_ipv4
,
nat
=
True
,
proto
=
proto
)
.
values_list
(
'nat_external_port'
,
flat
=
True
)
else
:
ports
=
self
.
rules
.
filter
(
proto
=
proto
,
)
return
set
(
ports
.
values_list
(
'dport'
,
flat
=
True
))
ports
=
self
.
rules
.
filter
(
proto
=
proto
)
.
values_list
(
'dport'
,
flat
=
True
)
return
set
(
ports
)
def
_get_random_port
(
self
,
proto
,
used_ports
=
None
):
"""
...
...
@@ -577,17 +655,15 @@ class Host(models.Model):
logger
.
error
(
'Host.add_port: default_vlangroup
%
s missing.
%
s'
,
vgname
,
unicode
(
e
))
else
:
if
self
.
shared_ip
:
rule
=
Rule
(
direction
=
'in'
,
owner
=
self
.
owner
,
dport
=
private
,
proto
=
proto
,
nat
=
False
,
action
=
'accept'
,
host
=
self
,
foreign_network
=
vg
)
if
self
.
behind_nat
:
if
public
<
1024
:
raise
ValidationError
(
_
(
"Only ports above 1024 can be used."
))
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
dport
=
public
,
proto
=
proto
,
nat
=
True
,
accept
=
True
,
nat_dport
=
private
,
host
=
self
,
foreign_network
=
vg
)
else
:
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
dport
=
private
,
proto
=
proto
,
nat
=
False
,
accept
=
True
,
host
=
self
,
foreign_network
=
vg
)
rule
.
nat_external_port
=
public
rule
.
nat
=
True
rule
.
full_clean
()
rule
.
save
()
...
...
@@ -602,12 +678,8 @@ class Host(models.Model):
:param private: Port number of host in subject.
"""
if
self
.
shared_ip
:
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
host
=
self
,
nat_dport
=
private
)
.
delete
()
else
:
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
host
=
self
,
dport
=
private
)
.
delete
()
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
host
=
self
,
dport
=
private
)
.
delete
()
def
get_hostname
(
self
,
proto
,
public
=
True
):
"""
...
...
@@ -622,11 +694,11 @@ class Host(models.Model):
res
=
self
.
record_set
.
filter
(
type
=
'AAAA'
,
address
=
self
.
ipv6
)
elif
proto
==
'ipv4'
:
if
self
.
shared_ip
and
public
:
res
=
Record
.
objects
.
filter
(
type
=
'A'
,
address
=
self
.
pub_ipv4
)
if
self
.
behind_nat
and
public
:
res
=
Record
.
objects
.
filter
(
type
=
'A'
,
address
=
self
.
get_external_ipv4
()
)
if
res
.
count
()
<
1
:
return
unicode
(
self
.
pub_ipv4
)
return
unicode
(
self
.
get_external_ipv4
()
)
else
:
res
=
self
.
record_set
.
filter
(
type
=
'A'
,
address
=
self
.
ipv4
)
...
...
@@ -640,27 +712,21 @@ class Host(models.Model):
"""
retval
=
[]
for
rule
in
self
.
rules
.
filter
(
owner
=
self
.
owner
):
private
=
rule
.
nat_dport
if
self
.
shared_ip
else
rule
.
dport
forward
=
{
'proto'
:
rule
.
proto
,
'private'
:
private
,
'private'
:
rule
.
dport
,
}
if
self
.
shared_ip
:
public4
=
rule
.
dport
public6
=
rule
.
nat_dport
else
:
public4
=
public6
=
rule
.
dport
if
True
:
# ipv4
forward
[
'ipv4'
]
=
{
'host'
:
self
.
get_hostname
(
proto
=
'ipv4'
),
'port'
:
public4
,
'port'
:
rule
.
get_external_port
(
proto
=
'ipv4'
)
,
'pk'
:
rule
.
pk
,
}
if
self
.
ipv6
:
# ipv6
forward
[
'ipv6'
]
=
{
'host'
:
self
.
get_hostname
(
proto
=
'ipv6'
),
'port'
:
public6
,
'port'
:
rule
.
get_external_port
(
proto
=
'ipv6'
)
,
'pk'
:
rule
.
pk
,
}
retval
.
append
(
forward
)
...
...
@@ -679,22 +745,16 @@ class Host(models.Model):
"""
endpoints
=
{}
# IPv4
public_ipv4
=
self
.
pub_ipv4
if
self
.
pub_ipv4
else
self
.
ipv4
# try get matching port(s) without NAT
ports
=
self
.
incoming_rules
.
filter
(
accept
=
True
,
dport
=
port
,
nat
=
False
,
proto
=
protocol
)
if
ports
.
exists
():
public_port
=
ports
[
0
]
.
dport
else
:
# try get matching port(s) with NAT
ports
=
self
.
incoming_rules
.
filter
(
accept
=
True
,
nat_dport
=
port
,
nat
=
True
,
proto
=
protocol
)
public_port
=
ports
[
0
]
.
dport
if
ports
.
exists
()
else
None
endpoints
[
'ipv4'
]
=
((
public_ipv4
,
public_port
)
if
public_port
else
ports
=
self
.
incoming_rules
.
filter
(
action
=
'accept'
,
dport
=
port
,
proto
=
protocol
)
public_port
=
(
ports
[
0
]
.
get_external_port
(
proto
=
'ipv4'
)
if
ports
.
exists
()
else
None
)
endpoints
[
'ipv4'
]
=
((
self
.
get_external_ipv4
(),
public_port
)
if
public_port
else
None
)
# IPv6
blocked
=
self
.
incoming_rules
.
filter
(
accept
=
False
,
dport
=
port
,
proto
=
protocol
)
.
exists
()
blocked
=
self
.
incoming_rules
.
exclude
(
action
=
'accept'
)
.
filter
(
dport
=
port
,
proto
=
protocol
)
.
exists
()
endpoints
[
'ipv6'
]
=
(
self
.
ipv6
,
port
)
if
not
blocked
else
None
return
endpoints
...
...
circle/firewall/tasks/local_tasks.py
View file @
52795118
...
...
@@ -26,7 +26,7 @@ def _apply_once(name, queues, task, data):
@celery.task
(
ignore_result
=
True
)
def
periodic_task
():
from
firewall.fw
import
Firewall
,
dhcp
,
dns
,
ipset
,
vlan
from
firewall.fw
import
Build
Firewall
,
dhcp
,
dns
,
ipset
,
vlan
from
remote_tasks
import
(
reload_dns
,
reload_dhcp
,
reload_firewall
,
reload_firewall_vlan
,
reload_blacklist
)
...
...
@@ -40,7 +40,7 @@ def periodic_task():
_apply_once
(
'dhcp'
,
firewall_queues
,
reload_dhcp
,
lambda
:
(
dhcp
(),
))
_apply_once
(
'firewall'
,
firewall_queues
,
reload_firewall
,
lambda
:
(
Firewall
(
proto
=
4
)
.
get
(),
Firewall
(
proto
=
6
)
.
ge
t
()))
lambda
:
(
BuildFirewall
()
.
build_ip
t
()))
_apply_once
(
'firewall_vlan'
,
firewall_queues
,
reload_firewall_vlan
,
lambda
:
(
vlan
(),
))
_apply_once
(
'blacklist'
,
firewall_queues
,
reload_blacklist
,
...
...
@@ -48,7 +48,7 @@ def periodic_task():
@celery.task
def
reloadtask
(
type
=
'Host'
):
def
reloadtask
(
type
=
'Host'
,
timeout
=
15
):
reload
=
{
'Host'
:
[
'dns'
,
'dhcp'
,
'firewall'
],
'Record'
:
[
'dns'
],
...
...
circle/firewall/templates/firewall/iptables.conf
0 → 100644
View file @
52795118
{%
if
proto
==
"ipv4"
%}
*
nat
:
PREROUTING
ACCEPT
[
0
:
0
]
:
INPUT
ACCEPT
[
0
:
0
]
:
OUTPUT
ACCEPT
[
0
:
0
]
:
POSTROUTING
ACCEPT
[
0
:
0
]
{%
for
chain
in
nat
%}
{{
chain
.
compile
|
safe
}}
{%
endfor
%}
COMMIT
{%
endif
%}
*
filter
:
INPUT
DROP
[
0
:
0
]
:
FORWARD
DROP
[
0
:
0
]
:
OUTPUT
DROP
[
0
:
0
]
# initialize logging
-
N
LOG_DROP
# windows port scan are silently dropped
-
A
LOG_DROP
-
p
tcp
--
dport
445
-
j
DROP
-
A
LOG_DROP
-
p
udp
--
dport
137
-
j
DROP
-
A
LOG_DROP
-
j
LOG
--
log
-
level
7
--
log
-
prefix
"[ipt][drop]"
-
A
LOG_DROP
-
j
DROP
-
N
LOG_ACC
-
A
LOG_ACC
-
j
LOG
--
log
-
level
7
--
log
-
prefix
"[ipt][isok]"
-
A
LOG_ACC
-
j
ACCEPT
# initialize FORWARD chain
-
A
FORWARD
-
m
set
--
match
-
set
blacklist
src
,
dst
-
j
DROP
-
A
FORWARD
-
m
state
--
state
INVALID
-
g
LOG_DROP
-
A
FORWARD
-
m
state
--
state
ESTABLISHED
,
RELATED
-
j
ACCEPT
-
A
FORWARD
-
p
icmp
--
icmp
-
type
echo
-
request
-
g
LOG_ACC
# initialize INPUT chain
-
A
INPUT
-
m
set
--
match
-
set
blacklist
src
-
j
DROP
-
A
INPUT
-
m
state
--
state
INVALID
-
g
LOG_DROP
-
A
INPUT
-
i
lo
-
j
ACCEPT
-
A
INPUT
-
m
state
--
state
ESTABLISHED
,
RELATED
-
j
ACCEPT
# initialize OUTPUT chain
-
A
OUTPUT
-
m
state
--
state
INVALID
-
g
LOG_DROP
-
A
OUTPUT
-
o
lo
-
j
ACCEPT
-
A
OUTPUT
-
m
state
--
state
ESTABLISHED
,
RELATED
-
j
ACCEPT
{%
for
chain
in
filter
%}
{%
if
chain
.
name
not
in
chain
.
builtin_chains
%}-
N
{{
chain
.
name
}}{%
endif
%}
{%
if
proto
==
"ipv4"
%}
{{
chain
.
compile
|
safe
}}
{%
else
%}
{{
chain
.
compile_v6
|
safe
}}
{%
endif
%}
{%
endfor
%}
# close all chains
-
A
FORWARD
-
g
LOG_DROP
-
A
INPUT
-
g
LOG_DROP
-
A
OUTPUT
-
g
LOG_DROP
COMMIT
circle/firewall/tests/test_firewall.py
View file @
52795118
from
netaddr
import
IPSet
from
netaddr
import
IPSet
,
AddrFormatError
from
django.test
import
TestCase
from
django.contrib.auth.models
import
User
from
..admin
import
HostAdmin
from
firewall.models
import
Vlan
,
Domain
,
Record
,
Host
from
firewall.models
import
(
Vlan
,
Domain
,
Record
,
Host
,
VlanGroup
,
Group
,
Rule
,
Firewall
)
from
firewall.fw
import
dns
,
ipv6_to_octal
from
firewall.tasks.local_tasks
import
periodic_task
,
reloadtask
from
django.forms
import
ValidationError
from
..iptables
import
IptRule
,
IptChain
,
InvalidRuleExcepion
from
mock
import
patch
import
django.conf
settings
=
django
.
conf
.
settings
.
FIREWALL_SETTINGS
class
MockInstance
:
...
...
@@ -96,12 +104,12 @@ class HostGetHostnameTestCase(TestCase):
self
.
vlan
.
save
()
self
.
h
=
Host
(
hostname
=
'h'
,
mac
=
'01:02:03:04:05:00'
,
ipv4
=
'10.0.0.1'
,
vlan
=
self
.
vlan
,
owner
=
self
.
u1
,
shared_ip
=
True
,
pub
_ipv4
=
self
.
vlan
.
snat_ip
)
external
_ipv4
=
self
.
vlan
.
snat_ip
)
self
.
h
.
save
()
def
test_issue_93_wo_record
(
self
):
self
.
assertEqual
(
self
.
h
.
get_hostname
(
proto
=
'ipv4'
,
public
=
True
),
unicode
(
self
.
h
.
pub
_ipv4
))
unicode
(
self
.
h
.
external
_ipv4
))
def
test_issue_93_w_record
(
self
):
self
.
r
=
Record
(
name
=
'vm'
,
type
=
'A'
,
domain
=
self
.
d
,
owner
=
self
.
u1
,
...
...
@@ -109,3 +117,192 @@ class HostGetHostnameTestCase(TestCase):
self
.
r
.
save
()
self
.
assertEqual
(
self
.
h
.
get_hostname
(
proto
=
'ipv4'
,
public
=
True
),
self
.
r
.
fqdn
)
class
IptablesTestCase
(
TestCase
):
def
setUp
(
self
):
self
.
r
=
[
IptRule
(
priority
=
4
,
action
=
'ACCEPT'
,
src
=
(
'127.0.0.4'
,
None
)),
IptRule
(
priority
=
4
,
action
=
'ACCEPT'
,
src
=
(
'127.0.0.4'
,
None
)),
IptRule
(
priority
=
2
,
action
=
'ACCEPT'
,
dst
=
(
'127.0.0.2'
,
None
),
extra
=
'-p icmp'
),
IptRule
(
priority
=
6
,
action
=
'ACCEPT'
,
dst
=
(
'127.0.0.6'
,
None
),
proto
=
'tcp'
,
dport
=
80
),
IptRule
(
priority
=
1
,
action
=
'ACCEPT'
,
dst
=
(
'127.0.0.1'
,
None
),
proto
=
'udp'
,
dport
=
53
),
IptRule
(
priority
=
5
,
action
=
'ACCEPT'
,
dst
=
(
'127.0.0.5'
,
None
),
proto
=
'tcp'
,
dport
=
443
),
IptRule
(
priority
=
2
,
action
=
'ACCEPT'
,
dst
=
(
'127.0.0.2'
,
None
),
proto
=
'icmp'
),
IptRule
(
priority
=
6
,
action
=
'ACCEPT'
,
dst
=
(
'127.0.0.6'
,
None
),
proto
=
'tcp'
,
dport
=
'1337'
)]
def
test_chain_add
(
self
):
ch
=
IptChain
(
name
=
'test'
)
ch
.
add
(
*
self
.
r
)
self
.
assertEqual
(
len
(
ch
),
len
(
self
.
r
)
-
1
)
def
test_rule_compile_ok
(
self
):
assert
unicode
(
self
.
r
[
5
])
self
.
assertEqual
(
self
.
r
[
5
]
.
compile
(),
'-d 127.0.0.5 -p tcp --dport 443 -g ACCEPT'
)
def
test_rule_compile_fail
(
self
):
self
.
assertRaises
(
InvalidRuleExcepion
,
IptRule
,
**
{
'proto'
:
'test'
})
self
.
assertRaises
(
InvalidRuleExcepion
,
IptRule
,
**
{
'priority'
:
5
,
'action'
:
'ACCEPT'
,
'dst'
:
'127.0.0.5'
,
'proto'
:
'icmp'
,
'dport'
:
443
})
def
test_chain_compile
(
self
):
ch
=
IptChain
(
name
=
'test'
)
ch
.
add
(
*
self
.
r
)
compiled
=
ch
.
compile
()
compiled_v6
=
ch
.
compile_v6
()
assert
unicode
(
ch
)
self
.
assertEqual
(
len
(
compiled
.
splitlines
()),
len
(
ch
))
self
.
assertEqual
(
len
(
compiled_v6
.
splitlines
()),
0
)
class
ReloadTestCase
(
TestCase
):
def
setUp
(
self
):
self
.
u1
=
User
.
objects
.
create
(
username
=
'user1'
)
self
.
u1
.
save
()
d
=
Domain
.
objects
.
create
(
name
=
'example.org'
,
owner
=
self
.
u1
)
self
.
vlan
=
Vlan
(
vid
=
1
,
name
=
'test'
,
network4
=
'10.0.0.0/29'
,
snat_ip
=
'152.66.243.99'
,
network6
=
'2001:738:2001:4031::/80'
,
domain
=
d
,
owner
=
self
.
u1
,
network_type
=
'portforward'
,
dhcp_pool
=
'manual'
)
self
.
vlan
.
save
()
self
.
vlan2
=
Vlan
(
vid
=
2
,
name
=
'pub'
,
network4
=
'10.1.0.0/29'
,
network6
=
'2001:738:2001:4032::/80'
,
domain
=
d
,
owner
=
self
.
u1
,
network_type
=
'public'
)
self
.
vlan2
.
save
()
self
.
vlan
.
snat_to
.
add
(
self
.
vlan2
)
settings
[
"default_vlangroup"
]
=
'public'
settings
[
"default_host_groups"
]
=
[
'netezhet'
]
vlg
=
VlanGroup
.
objects
.
create
(
name
=
'public'
)
vlg
.
vlans
.
add
(
self
.
vlan
,
self
.
vlan2
)
self
.
hg
=
Group
.
objects
.
create
(
name
=
'netezhet'
)
Rule
.
objects
.
create
(
action
=
'accept'
,
hostgroup
=
self
.
hg
,
foreign_network
=
vlg
)
firewall
=
Firewall
.
objects
.
create
(
name
=
'fw'
)
Rule
.
objects
.
create
(
action
=
'accept'
,
firewall
=
firewall
,
foreign_network
=
vlg
)
for
i
in
range
(
1
,
6
):
h
=
Host
.
objects
.
create
(
hostname
=
'h-
%
d'
%
i
,
vlan
=
self
.
vlan
,
mac
=
'01:02:03:04:05:
%02
d'
%
i
,
ipv4
=
'10.0.0.
%
d'
%
i
,
owner
=
self
.
u1
)
h
.
enable_net
()
h
.
groups
.
add
(
self
.
hg
)
if
i
==
5
:
h
.
vlan
=
self
.
vlan2
h
.
save
()
self
.
h5
=
h
if
i
==
1
:
self
.
h1
=
h
self
.
r1
=
Record
(
name
=
'tst'
,
type
=
'A'
,
address
=
'127.0.0.1'
,
domain
=
d
,
owner
=
self
.
u1
)
self
.
rb
=
Record
(
name
=
'tst'
,
type
=
'AAAA'
,
address
=
'1.0.0.1'
,
domain
=
d
,
owner
=
self
.
u1
)
self
.
r2
=
Record
(
name
=
'ts'
,
type
=
'AAAA'
,
address
=
'2001:123:45::6'
,
domain
=
d
,
owner
=
self
.
u1
)
self
.
rm
=
Record
(
name
=
'asd'
,
type
=
'MX'
,
address
=
'10:teszthu'
,
domain
=
d
,
owner
=
self
.
u1
)
self
.
rt
=
Record
(
name
=
'asd'
,
type
=
'TXT'
,
address
=
'ASD'
,
domain
=
d
,
owner
=
self
.
u1
)
self
.
r1
.
save
()
self
.
r2
.
save
()
with
patch
(
'firewall.models.Record.clean'
):
self
.
rb
.
save
()
self
.
rm
.
save
()
self
.
rt
.
save
()
def
test_bad_aaaa_record
(
self
):
self
.
assertRaises
(
AddrFormatError
,
ipv6_to_octal
,
self
.
rb
.
address
)
def
test_good_aaaa_record
(
self
):
ipv6_to_octal
(
self
.
r2
.
address
)
def
test_dns_func
(
self
):
records
=
dns
()
self
.
assertEqual
(
Host
.
objects
.
count
()
*
2
+
# soa
len
((
self
.
r1
,
self
.
r2
,
self
.
rm
,
self
.
rt
))
+
1
,
len
(
records
))
def
test_host_add_port
(
self
):
h
=
self
.
h1
h
.
ipv6
=
'2001:2:3:4::0'
assert
h
.
behind_nat
h
.
save
()
old_rules
=
h
.
rules
.
count
()
h
.
add_port
(
'tcp'
,
private
=
22
)
new_rules
=
h
.
rules
.
count
()
self
.
assertEqual
(
new_rules
,
old_rules
+
1
)
self
.
assertEqual
(
len
(
h
.
list_ports
()),
old_rules
+
1
)
endp
=
h
.
get_public_endpoints
(
22
)
self
.
assertEqual
(
endp
[
'ipv4'
][
0
],
h
.
ipv4
)
assert
int
(
endp
[
'ipv4'
][
1
])
self
.
assertEqual
(
endp
[
'ipv6'
][
0
],
h
.
ipv6
)
assert
int
(
endp
[
'ipv6'
][
1
])
def
test_host_add_port2
(
self
):
h
=
self
.
h5
h
.
ipv6
=
'2001:2:3:4::1'
h
.
save
()
assert
not
h
.
behind_nat
old_rules
=
h
.
rules
.
count
()
h
.
add_port
(
'tcp'
,
private
=
22
)
new_rules
=
h
.
rules
.
count
()
self
.
assertEqual
(
new_rules
,
old_rules
+
1
)
self
.
assertEqual
(
len
(
h
.
list_ports
()),
old_rules
+
1
)
endp
=
h
.
get_public_endpoints
(
22
)
self
.
assertEqual
(
endp
[
'ipv4'
][
0
],
h
.
ipv4
)
assert
int
(
endp
[
'ipv4'
][
1
])
self
.
assertEqual
(
endp
[
'ipv6'
][
0
],
h
.
ipv6
)
assert
int
(
endp
[
'ipv6'
][
1
])
def
test_host_del_port
(
self
):
h
=
self
.
h1
h
.
ipv6
=
'2001:2:3:4::0'
h
.
save
()
h
.
add_port
(
'tcp'
,
private
=
22
)
old_rules
=
h
.
rules
.
count
()
h
.
del_port
(
'tcp'
,
private
=
22
)
new_rules
=
h
.
rules
.
count
()
self
.
assertEqual
(
new_rules
,
old_rules
-
1
)
def
test_host_add_port_wo_vlangroup
(
self
):
VlanGroup
.
objects
.
filter
(
name
=
'public'
)
.
delete
()
h
=
self
.
h1
old_rules
=
h
.
rules
.
count
()
h
.
add_port
(
'tcp'
,
private
=
22
)
new_rules
=
h
.
rules
.
count
()
self
.
assertEqual
(
new_rules
,
old_rules
)
def
test_host_add_port_w_validationerror
(
self
):
h
=
self
.
h1
self
.
assertRaises
(
ValidationError
,
h
.
add_port
,
'tcp'
,
public
=
1000
,
private
=
22
)
def
test_periodic_task
(
self
):
#TODO
with
patch
(
'firewall.tasks.local_tasks.cache'
)
as
cache
:
self
.
test_host_add_port
()
self
.
test_host_add_port2
()
periodic_task
()
reloadtask
()
assert
cache
.
delete
.
called
circle/network/forms.py
View file @
52795118
...
...
@@ -106,7 +106,7 @@ class HostForm(ModelForm):
'ipv4'
,
'ipv6'
,
'shared_ip'
,
'
pub
_ipv4'
,
'
external
_ipv4'
,
),
Fieldset
(
'Information'
,
...
...
@@ -162,12 +162,14 @@ class RuleForm(ModelForm):
'foreign_network'
,
'dport'
,
'sport'
,
'weight'
,
'proto'
,
'extra'
,
'ac
cept
'
,
'ac
tion
'
,
'owner'
,
'nat'
,
'nat_dport'
,
'nat_external_port'
,
'nat_external_ipv4'
,
),
Fieldset
(
'External'
,
...
...
@@ -232,6 +234,7 @@ class VlanForm(ModelForm):
'IPv6'
,
'network6'
,
'ipv6_template'
,
'host_ipv6_prefixlen'
,
),
Fieldset
(
'Domain name service'
,
...
...
circle/network/tables.py
View file @
52795118
...
...
@@ -44,7 +44,7 @@ class HostTable(Table):
model
=
Host
attrs
=
{
'class'
:
'table table-striped table-condensed'
}
fields
=
(
'hostname'
,
'vlan'
,
'mac'
,
'ipv4'
,
'ipv6'
,
'
pub
_ipv4'
,
'created_at'
,
'owner'
,
)
'
external
_ipv4'
,
'created_at'
,
'owner'
,
)
order_by
=
(
'vlan'
,
'hostname'
,
)
...
...
@@ -128,7 +128,8 @@ class RuleTable(Table):
model
=
Rule
attrs
=
{
'class'
:
'table table-striped table-hover table-condensed'
}
fields
=
(
'r_type'
,
'color_desc'
,
'owner'
,
'extra'
,
'direction'
,
'accept'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_dport'
,
)
'action'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_external_port'
,
)
order_by
=
'direction'
...
...
circle/network/templates/network/columns/host-rule.html
View file @
52795118
...
...
@@ -33,5 +33,6 @@
{% if record.nat %}
<span
class=
"label label-success"
>
NAT
[ {{ record.dport }}
<i
class=
"icon-arrow-right"
></i>
{{record.nat_dport}} ]
</span>
[ {{ record.dport }}
<i
class=
"icon-arrow-right"
></i>
{{record.nat_external_port}} ]
</span>
{% endif %}
circle/network/views.py
View file @
52795118
...
...
@@ -503,6 +503,11 @@ class RuleList(LoginRequiredMixin, SuperuserRequiredMixin, SingleTableView):
template_name
=
"network/rule-list.html"
table_pagination
=
False
def
get_table_data
(
self
):
return
Rule
.
objects
.
select_related
(
'host'
,
'hostgroup'
,
'vlan'
,
'vlangroup'
,
'firewall'
,
'foreign_network'
,
'owner'
)
class
RuleDetail
(
LoginRequiredMixin
,
SuperuserRequiredMixin
,
SuccessMessageMixin
,
UpdateView
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment