Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gelencsér Szabolcs
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
4e1441d6
authored
Jan 30, 2013
by
Dányi Bence
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' of
ssh://giccero.cloud.ik.bme.hu/cloud
parents
33c3b2dd
e83122c8
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
98 additions
and
67 deletions
+98
-67
firewall/admin.py
+45
-9
firewall/fw.py
+12
-3
firewall/migrations/0022_auto__add_vlangroup__add_field_setting_description__add_field_group_de.py
+0
-0
firewall/migrations/0023_auto__add_field_rule_firewall.py
+0
-0
firewall/models.py
+38
-52
firewall/views.py
+2
-0
one/models.py
+1
-3
No files found.
firewall/admin.py
View file @
4e1441d6
# -*- coding: utf8 -*-
from
django.contrib
import
admin
from
django.contrib
import
admin
from
firewall.models
import
*
from
firewall.models
import
*
from
django
import
contrib
from
django
import
contrib
...
@@ -6,38 +8,72 @@ from django import contrib
...
@@ -6,38 +8,72 @@ from django import contrib
class
AliasInline
(
contrib
.
admin
.
TabularInline
):
class
AliasInline
(
contrib
.
admin
.
TabularInline
):
model
=
Alias
model
=
Alias
class
RuleInline
(
contrib
.
admin
.
TabularInline
):
model
=
Rule
class
HostAdmin
(
admin
.
ModelAdmin
):
class
HostAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'hostname'
,
'vlan'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'
groups_l'
,
'rules_l'
,
'
description'
,
'reverse'
)
list_display
=
(
'hostname'
,
'vlan'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'description'
,
'reverse'
)
ordering
=
(
'hostname'
,
)
ordering
=
(
'hostname'
,
)
list_filter
=
(
'owner'
,
'vlan'
,
'groups'
)
list_filter
=
(
'owner'
,
'vlan'
,
'groups'
)
search_fields
=
(
'hostname'
,
'description'
,
'ipv4'
,
'ipv6'
,
'mac'
)
search_fields
=
(
'hostname'
,
'description'
,
'ipv4'
,
'ipv6'
,
'mac'
)
filter_horizontal
=
(
'groups'
,
'rules'
,
)
filter_horizontal
=
(
'groups'
,
)
inlines
=
(
AliasInline
,
)
inlines
=
(
AliasInline
,
RuleInline
)
class
HostInline
(
contrib
.
admin
.
TabularInline
):
class
HostInline
(
contrib
.
admin
.
TabularInline
):
model
=
Host
model
=
Host
fields
=
(
'hostname'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'reverse'
)
fields
=
(
'hostname'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'reverse'
)
class
VlanAdmin
(
admin
.
ModelAdmin
):
class
VlanAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'vid'
,
'name'
,
'
rules_l'
,
'ipv4'
,
'net_ipv4'
,
'ipv6'
,
'net_ipv6'
,
'description'
,
'domain'
,
'snat_ip'
,
'snat_to_l'
)
list_display
=
(
'vid'
,
'name'
,
'
ipv4'
,
'net_ipv4'
,
'ipv6'
,
'net_ipv6'
,
'description'
,
'domain'
,
'snat_ip'
,
)
ordering
=
(
'vid'
,
)
ordering
=
(
'vid'
,
)
inlines
=
(
HostInline
,
)
inlines
=
(
HostInline
,
RuleInline
)
class
RuleAdmin
(
admin
.
ModelAdmin
):
class
RuleAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'r_type'
,
'color_desc'
,
'
description'
,
'vlan_l'
,
'owner'
,
'extra'
,
'direction'
,
'accept'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_dport
'
)
list_display
=
(
'r_type'
,
'color_desc'
,
'
owner'
,
'extra'
,
'direction'
,
'accept'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_dport'
,
'used_in
'
)
list_filter
=
(
'r_type'
,
'vlan'
,
'owner'
,
'direction'
,
'accept'
,
'proto'
,
'nat'
)
list_filter
=
(
'r_type'
,
'vlan'
,
'owner'
,
'direction'
,
'accept'
,
'proto'
,
'nat'
)
def
color_desc
(
self
,
instance
):
para
=
'</span>'
if
(
instance
.
dport
):
para
=
"dport=
%
s
%
s"
%
(
instance
.
dport
,
para
)
if
(
instance
.
sport
):
para
=
"sport=
%
s
%
s"
%
(
instance
.
sport
,
para
)
if
(
instance
.
proto
):
para
=
"proto=
%
s
%
s"
%
(
instance
.
proto
,
para
)
para
=
u'<span style="color: #00FF00;">'
+
para
return
u'<span style="color: #FF0000;">['
+
instance
.
r_type
+
u']</span> '
+
(
instance
.
foreign_network
.
name
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
instance
.
r_type
if
instance
.
direction
==
'1'
else
instance
.
r_type
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
instance
.
foreign_network
.
name
)
+
' '
+
para
+
' '
+
instance
.
description
color_desc
.
allow_tags
=
True
def
vlan_l
(
self
,
instance
):
retval
=
[]
for
vl
in
instance
.
foreign_network
.
vlans
.
all
():
retval
.
append
(
vl
.
name
)
return
u', '
.
join
(
retval
)
def
used_in
(
self
,
instance
):
for
field
in
[
instance
.
vlan
,
instance
.
vlangroup
,
instance
.
host
,
instance
.
hostgroup
,
instance
.
firewall
]:
if
field
is
not
None
:
return
unicode
(
field
)
+
' '
+
field
.
_meta
.
object_name
class
AliasAdmin
(
admin
.
ModelAdmin
):
class
AliasAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'alias'
,
'host'
)
list_display
=
(
'alias'
,
'host'
)
class
SettingAdmin
(
admin
.
ModelAdmin
):
class
SettingAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'key'
,
'value'
)
list_display
=
(
'key'
,
'value'
,
'description'
)
class
GroupAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'name'
,
'owner'
,
'description'
)
inlines
=
(
RuleInline
,
)
class
FirewallAdmin
(
admin
.
ModelAdmin
):
inlines
=
(
RuleInline
,
)
admin
.
site
.
register
(
Host
,
HostAdmin
)
admin
.
site
.
register
(
Host
,
HostAdmin
)
admin
.
site
.
register
(
Vlan
,
VlanAdmin
)
admin
.
site
.
register
(
Vlan
,
VlanAdmin
)
admin
.
site
.
register
(
Rule
,
RuleAdmin
)
admin
.
site
.
register
(
Rule
,
RuleAdmin
)
admin
.
site
.
register
(
Alias
,
AliasAdmin
)
admin
.
site
.
register
(
Alias
,
AliasAdmin
)
admin
.
site
.
register
(
Setting
,
SettingAdmin
)
admin
.
site
.
register
(
Setting
,
SettingAdmin
)
admin
.
site
.
register
(
Group
)
admin
.
site
.
register
(
Group
,
GroupAdmin
)
admin
.
site
.
register
(
Firewall
)
admin
.
site
.
register
(
VlanGroup
)
admin
.
site
.
register
(
Firewall
,
FirewallAdmin
)
firewall/fw.py
View file @
4e1441d6
...
@@ -38,6 +38,9 @@ class firewall:
...
@@ -38,6 +38,9 @@ class firewall:
self
.
SZABALYOK_NAT
.
append
(
s
)
self
.
SZABALYOK_NAT
.
append
(
s
)
def
host2vlan
(
self
,
host
,
rule
):
def
host2vlan
(
self
,
host
,
rule
):
if
rule
.
foreign_network
is
None
:
return
if
(
self
.
IPV6
and
host
.
ipv6
):
if
(
self
.
IPV6
and
host
.
ipv6
):
ipaddr
=
host
.
ipv6
+
"/112"
ipaddr
=
host
.
ipv6
+
"/112"
else
:
else
:
...
@@ -45,7 +48,7 @@ class firewall:
...
@@ -45,7 +48,7 @@ class firewall:
dport_sport
=
self
.
dportsport
(
rule
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
vlan
.
all
():
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
(
rule
.
accept
):
if
(
rule
.
accept
):
if
(
rule
.
direction
==
'0'
and
vlan
.
name
==
"PUB"
):
if
(
rule
.
direction
==
'0'
and
vlan
.
name
==
"PUB"
):
if
(
rule
.
dport
==
25
):
if
(
rule
.
dport
==
25
):
...
@@ -64,18 +67,24 @@ class firewall:
...
@@ -64,18 +67,24 @@ class firewall:
def
fw2vlan
(
self
,
rule
):
def
fw2vlan
(
self
,
rule
):
if
rule
.
foreign_network
is
None
:
return
dport_sport
=
self
.
dportsport
(
rule
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
vlan
.
all
():
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
(
rule
.
direction
==
'1'
):
# HOSTHOZ megy
if
(
rule
.
direction
==
'1'
):
# HOSTHOZ megy
self
.
iptables
(
"-A INPUT -i
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
self
.
iptables
(
"-A INPUT -i
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
else
:
else
:
self
.
iptables
(
"-A OUTPUT -o
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
self
.
iptables
(
"-A OUTPUT -o
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
def
vlan2vlan
(
self
,
l_vlan
,
rule
):
def
vlan2vlan
(
self
,
l_vlan
,
rule
):
if
rule
.
foreign_network
is
None
:
return
dport_sport
=
self
.
dportsport
(
rule
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
vlan
.
all
():
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
(
rule
.
accept
):
if
(
rule
.
accept
):
if
((
rule
.
direction
==
'0'
)
and
vlan
.
name
==
"PUB"
):
if
((
rule
.
direction
==
'0'
)
and
vlan
.
name
==
"PUB"
):
action
=
"PUB_OUT"
action
=
"PUB_OUT"
...
...
firewall/migrations/0022_auto__add_vlangroup__add_field_setting_description__add_field_group_de.py
0 → 100644
View file @
4e1441d6
This diff is collapsed.
Click to expand it.
firewall/migrations/0023_auto__add_field_rule_firewall.py
0 → 100644
View file @
4e1441d6
This diff is collapsed.
Click to expand it.
firewall/models.py
View file @
4e1441d6
...
@@ -12,6 +12,7 @@ from modeldict import ModelDict
...
@@ -12,6 +12,7 @@ from modeldict import ModelDict
class
Setting
(
models
.
Model
):
class
Setting
(
models
.
Model
):
key
=
models
.
CharField
(
max_length
=
32
)
key
=
models
.
CharField
(
max_length
=
32
)
value
=
models
.
CharField
(
max_length
=
200
)
value
=
models
.
CharField
(
max_length
=
200
)
description
=
models
.
TextField
(
blank
=
True
)
settings
=
ModelDict
(
Setting
,
key
=
'key'
,
value
=
'value'
,
instances
=
False
)
settings
=
ModelDict
(
Setting
,
key
=
'key'
,
value
=
'value'
,
instances
=
False
)
...
@@ -19,9 +20,10 @@ class Rule(models.Model):
...
@@ -19,9 +20,10 @@ class Rule(models.Model):
CHOICES_type
=
((
'host'
,
'host'
),
(
'firewall'
,
'firewall'
),
(
'vlan'
,
'vlan'
))
CHOICES_type
=
((
'host'
,
'host'
),
(
'firewall'
,
'firewall'
),
(
'vlan'
,
'vlan'
))
CHOICES_proto
=
((
'tcp'
,
'tcp'
),
(
'udp'
,
'udp'
),
(
'icmp'
,
'icmp'
))
CHOICES_proto
=
((
'tcp'
,
'tcp'
),
(
'udp'
,
'udp'
),
(
'icmp'
,
'icmp'
))
CHOICES_dir
=
((
'0'
,
'out'
),
(
'1'
,
'in'
))
CHOICES_dir
=
((
'0'
,
'out'
),
(
'1'
,
'in'
))
direction
=
models
.
CharField
(
max_length
=
1
,
choices
=
CHOICES_dir
,
blank
=
False
)
direction
=
models
.
CharField
(
max_length
=
1
,
choices
=
CHOICES_dir
,
blank
=
False
)
description
=
models
.
TextField
(
blank
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
vlan
=
models
.
ManyToManyField
(
'Vlan'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
foreign_network
=
models
.
ForeignKey
(
'VlanGroup'
,
related_name
=
"ForeignRules"
)
dport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
dport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
sport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
sport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
proto
=
models
.
CharField
(
max_length
=
10
,
choices
=
CHOICES_proto
,
blank
=
True
,
null
=
True
)
proto
=
models
.
CharField
(
max_length
=
10
,
choices
=
CHOICES_proto
,
blank
=
True
,
null
=
True
)
...
@@ -34,20 +36,22 @@ class Rule(models.Model):
...
@@ -34,20 +36,22 @@ class Rule(models.Model):
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
vlan
=
models
.
ForeignKey
(
'Vlan'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
vlangroup
=
models
.
ForeignKey
(
'VlanGroup'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
host
=
models
.
ForeignKey
(
'Host'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
hostgroup
=
models
.
ForeignKey
(
'Group'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
firewall
=
models
.
ForeignKey
(
'Firewall'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
def
__unicode__
(
self
):
def
__unicode__
(
self
):
return
self
.
desc
()
return
self
.
desc
()
def
color_desc
(
self
):
def
clean
(
self
):
para
=
'</span>'
count
=
0
if
(
self
.
dport
):
for
field
in
[
self
.
vlan
,
self
.
vlangroup
,
self
.
host
,
self
.
hostgroup
,
self
.
firewall
]:
para
=
"dport=
%
s
%
s"
%
(
self
.
dport
,
para
)
if
field
is
None
:
if
(
self
.
sport
):
count
=
count
+
1
para
=
"sport=
%
s
%
s"
%
(
self
.
sport
,
para
)
if
count
!=
4
:
if
(
self
.
proto
):
raise
ValidationError
(
'jaj'
)
para
=
"proto=
%
s
%
s"
%
(
self
.
proto
,
para
)
para
=
u'<span style="color: #00FF00;">'
+
para
return
u'<span style="color: #FF0000;">['
+
self
.
r_type
+
u']</span> '
+
(
self
.
vlan_l
()
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
self
.
r_type
if
self
.
direction
==
'1'
else
self
.
r_type
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
self
.
vlan_l
())
+
' '
+
para
+
' '
+
self
.
description
color_desc
.
allow_tags
=
True
def
desc
(
self
):
def
desc
(
self
):
para
=
u""
para
=
u""
...
@@ -57,12 +61,7 @@ class Rule(models.Model):
...
@@ -57,12 +61,7 @@ class Rule(models.Model):
para
=
"sport=
%
s
%
s"
%
(
self
.
sport
,
para
)
para
=
"sport=
%
s
%
s"
%
(
self
.
sport
,
para
)
if
(
self
.
proto
):
if
(
self
.
proto
):
para
=
"proto=
%
s
%
s"
%
(
self
.
proto
,
para
)
para
=
"proto=
%
s
%
s"
%
(
self
.
proto
,
para
)
return
u'['
+
self
.
r_type
+
u'] '
+
(
self
.
vlan_l
()
+
u' ▸ '
+
self
.
r_type
if
self
.
direction
==
'1'
else
self
.
r_type
+
u' ▸ '
+
self
.
vlan_l
())
+
u' '
+
para
+
u' '
+
self
.
description
return
u'['
+
self
.
r_type
+
u'] '
+
(
unicode
(
self
.
foreign_network
)
+
u' ▸ '
+
self
.
r_type
if
self
.
direction
==
'1'
else
self
.
r_type
+
u' ▸ '
+
unicode
(
self
.
foreign_network
))
+
u' '
+
para
+
u' '
+
self
.
description
def
vlan_l
(
self
):
retval
=
[]
for
vl
in
self
.
vlan
.
all
():
retval
.
append
(
vl
.
name
)
return
u', '
.
join
(
retval
)
class
Vlan
(
models
.
Model
):
class
Vlan
(
models
.
Model
):
vid
=
models
.
IntegerField
(
unique
=
True
)
vid
=
models
.
IntegerField
(
unique
=
True
)
...
@@ -76,34 +75,38 @@ class Vlan(models.Model):
...
@@ -76,34 +75,38 @@ class Vlan(models.Model):
ipv6
=
models
.
GenericIPAddressField
(
protocol
=
'ipv6'
,
unique
=
True
)
ipv6
=
models
.
GenericIPAddressField
(
protocol
=
'ipv6'
,
unique
=
True
)
snat_ip
=
models
.
GenericIPAddressField
(
protocol
=
'ipv4'
,
blank
=
True
,
null
=
True
)
snat_ip
=
models
.
GenericIPAddressField
(
protocol
=
'ipv4'
,
blank
=
True
,
null
=
True
)
snat_to
=
models
.
ManyToManyField
(
'self'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
snat_to
=
models
.
ManyToManyField
(
'self'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
related_name
=
"
%(app_label)
s_
%(class)
s_related"
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
comment
=
models
.
TextField
(
blank
=
True
)
comment
=
models
.
TextField
(
blank
=
True
)
domain
=
models
.
TextField
(
blank
=
True
,
validators
=
[
val_domain
])
domain
=
models
.
TextField
(
blank
=
True
,
validators
=
[
val_domain
])
dhcp_pool
=
models
.
TextField
(
blank
=
True
)
dhcp_pool
=
models
.
TextField
(
blank
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
owner
=
models
.
ForeignKey
(
User
,
blank
=
True
,
null
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
def
__unicode__
(
self
):
def
__unicode__
(
self
):
return
self
.
name
return
self
.
name
def
net_ipv6
(
self
):
def
net_ipv6
(
self
):
return
self
.
net6
+
"/"
+
unicode
(
self
.
prefix6
)
return
self
.
net6
+
"/"
+
unicode
(
self
.
prefix6
)
def
net_ipv4
(
self
):
def
net_ipv4
(
self
):
return
self
.
net4
+
"/"
+
unicode
(
self
.
prefix4
)
return
self
.
net4
+
"/"
+
unicode
(
self
.
prefix4
)
def
rules_l
(
self
):
retval
=
[]
class
VlanGroup
(
models
.
Model
):
for
rl
in
self
.
rules
.
all
():
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
retval
.
append
(
unicode
(
rl
))
vlans
=
models
.
ManyToManyField
(
'Vlan'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
return
', '
.
join
(
retval
)
description
=
models
.
TextField
(
blank
=
True
)
def
snat_to_l
(
self
):
owner
=
models
.
ForeignKey
(
User
,
blank
=
True
,
null
=
True
)
retval
=
[]
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
for
rl
in
self
.
snat_to
.
all
():
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
retval
.
append
(
unicode
(
rl
))
return
', '
.
join
(
retval
)
def
__unicode__
(
self
):
return
self
.
name
class
Group
(
models
.
Model
):
class
Group
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
owner
=
models
.
ForeignKey
(
User
,
blank
=
True
,
null
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
...
@@ -116,6 +119,7 @@ class Alias(models.Model):
...
@@ -116,6 +119,7 @@ class Alias(models.Model):
owner
=
models
.
ForeignKey
(
User
,
null
=
True
,
blank
=
True
)
owner
=
models
.
ForeignKey
(
User
,
null
=
True
,
blank
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
class
Meta
:
class
Meta
:
verbose_name_plural
=
'aliases'
verbose_name_plural
=
'aliases'
...
@@ -133,12 +137,12 @@ class Host(models.Model):
...
@@ -133,12 +137,12 @@ class Host(models.Model):
vlan
=
models
.
ForeignKey
(
'Vlan'
)
vlan
=
models
.
ForeignKey
(
'Vlan'
)
owner
=
models
.
ForeignKey
(
User
)
owner
=
models
.
ForeignKey
(
User
)
groups
=
models
.
ManyToManyField
(
'Group'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
groups
=
models
.
ManyToManyField
(
'Group'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
def
__unicode__
(
self
):
def
__unicode__
(
self
):
return
self
.
hostname
return
self
.
hostname
def
save
(
self
,
*
args
,
**
kwargs
):
def
save
(
self
,
*
args
,
**
kwargs
):
if
not
self
.
id
and
self
.
ipv6
==
"auto"
:
if
not
self
.
id
and
self
.
ipv6
==
"auto"
:
self
.
ipv6
=
ipv4_2_ipv6
(
self
.
ipv4
)
self
.
ipv6
=
ipv4_2_ipv6
(
self
.
ipv4
)
...
@@ -146,18 +150,9 @@ class Host(models.Model):
...
@@ -146,18 +150,9 @@ class Host(models.Model):
raise
ValidationError
(
"Ha a shared_ip be van pipalva, akkor egyedinek kell lennie a pub_ipv4-nek!"
)
raise
ValidationError
(
"Ha a shared_ip be van pipalva, akkor egyedinek kell lennie a pub_ipv4-nek!"
)
if
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
pub_ipv4
=
self
.
ipv4
):
if
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
pub_ipv4
=
self
.
ipv4
):
raise
ValidationError
(
"Egy masik host natolt cimet nem hasznalhatod sajat ipv4-nek"
)
raise
ValidationError
(
"Egy masik host natolt cimet nem hasznalhatod sajat ipv4-nek"
)
self
.
full_clean
()
super
(
Host
,
self
)
.
save
(
*
args
,
**
kwargs
)
super
(
Host
,
self
)
.
save
(
*
args
,
**
kwargs
)
def
groups_l
(
self
):
retval
=
[]
for
grp
in
self
.
groups
.
all
():
retval
.
append
(
grp
.
name
)
return
', '
.
join
(
retval
)
def
rules_l
(
self
):
retval
=
[]
for
rl
in
self
.
rules
.
all
():
retval
.
append
(
unicode
(
rl
.
color_desc
()))
return
'<br>'
.
join
(
retval
)
rules_l
.
allow_tags
=
True
def
enable_net
(
self
):
def
enable_net
(
self
):
self
.
groups
.
add
(
Group
.
objects
.
get
(
name
=
"netezhet"
))
self
.
groups
.
add
(
Group
.
objects
.
get
(
name
=
"netezhet"
))
...
@@ -168,17 +163,9 @@ class Host(models.Model):
...
@@ -168,17 +163,9 @@ class Host(models.Model):
for
host
in
Host
.
objects
.
filter
(
pub_ipv4
=
self
.
pub_ipv4
):
for
host
in
Host
.
objects
.
filter
(
pub_ipv4
=
self
.
pub_ipv4
):
if
host
.
rules
.
filter
(
nat
=
True
,
proto
=
proto
,
dport
=
public
):
if
host
.
rules
.
filter
(
nat
=
True
,
proto
=
proto
,
dport
=
public
):
raise
ValidationError
(
"A
%
s
%
s port mar hasznalva"
%
(
proto
,
public
))
raise
ValidationError
(
"A
%
s
%
s port mar hasznalva"
%
(
proto
,
public
))
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
d
escription
=
u"
%
s
%
s
%
s ▸
%
s"
%
(
self
.
hostname
,
proto
,
public
,
private
),
dport
=
public
,
proto
=
proto
,
nat
=
True
,
accept
=
True
,
r_type
=
"host"
,
nat_dport
=
private
)
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
d
port
=
public
,
proto
=
proto
,
nat
=
True
,
accept
=
True
,
r_type
=
"host"
,
nat_dport
=
private
,
host
=
host
,
foreign_network
=
VlanGroup
.
objects
.
get
(
name
=
settings
[
"default_vlangroup"
])
)
rule
.
full_clean
()
rule
.
full_clean
()
rule
.
save
()
rule
.
save
()
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"PUB"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"HOT"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"LAB"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"DMZ"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"VM-NET"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"WAR"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"OFF2"
))
self
.
rules
.
add
(
rule
)
def
del_port
(
self
,
proto
,
public
):
def
del_port
(
self
,
proto
,
public
):
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
nat
=
True
,
dport
=
public
)
.
delete
()
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
nat
=
True
,
dport
=
public
)
.
delete
()
...
@@ -194,7 +181,6 @@ class Host(models.Model):
...
@@ -194,7 +181,6 @@ class Host(models.Model):
class
Firewall
(
models
.
Model
):
class
Firewall
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
def
__unicode__
(
self
):
def
__unicode__
(
self
):
return
self
.
name
return
self
.
name
...
...
firewall/views.py
View file @
4e1441d6
...
@@ -17,6 +17,8 @@ import sys
...
@@ -17,6 +17,8 @@ import sys
def
reload_firewall
(
request
):
def
reload_firewall
(
request
):
if
request
.
user
.
is_authenticated
():
if
request
.
user
.
is_authenticated
():
if
(
request
.
user
.
is_superuser
):
if
(
request
.
user
.
is_superuser
):
ipv4
=
firewall
()
return
HttpResponse
(
ipv4
.
show
())
html
=
u"Be vagy jelentkezve es admin is vagy, kedves
%
s!"
%
request
.
user
.
username
html
=
u"Be vagy jelentkezve es admin is vagy, kedves
%
s!"
%
request
.
user
.
username
html
+=
"<br> 10 masodperc mulva ujratoltodik"
html
+=
"<br> 10 masodperc mulva ujratoltodik"
ReloadTask
.
delay
()
ReloadTask
.
delay
()
...
...
one/models.py
View file @
4e1441d6
...
@@ -392,8 +392,7 @@ class Instance(models.Model):
...
@@ -392,8 +392,7 @@ class Instance(models.Model):
host
.
hostname
=
u"id-
%
d_user-
%
s"
%
(
inst
.
id
,
owner
.
username
)
host
.
hostname
=
u"id-
%
d_user-
%
s"
%
(
inst
.
id
,
owner
.
username
)
host
.
mac
=
x
.
getElementsByTagName
(
"MAC"
)[
0
]
.
childNodes
[
0
]
.
nodeValue
host
.
mac
=
x
.
getElementsByTagName
(
"MAC"
)[
0
]
.
childNodes
[
0
]
.
nodeValue
host
.
ipv4
=
inst
.
ip
host
.
ipv4
=
inst
.
ip
host
.
pub_ipv4
=
"152.66.243.62"
host
.
pub_ipv4
=
Vlan
.
objects
.
get
(
name
=
template
.
network
.
name
)
.
snat_ip
host
.
full_clean
()
host
.
save
()
host
.
save
()
host
.
enable_net
()
host
.
enable_net
()
host
.
add_port
(
"tcp"
,
inst
.
get_port
(),
{
"rdp"
:
3389
,
"nx"
:
22
,
"ssh"
:
22
}[
inst
.
template
.
access_type
])
host
.
add_port
(
"tcp"
,
inst
.
get_port
(),
{
"rdp"
:
3389
,
"nx"
:
22
,
"ssh"
:
22
}[
inst
.
template
.
access_type
])
...
@@ -409,7 +408,6 @@ class Instance(models.Model):
...
@@ -409,7 +408,6 @@ class Instance(models.Model):
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"compute"
,
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"compute"
,
"delete"
,
"
%
d"
%
self
.
one_id
],
stdout
=
subprocess
.
PIPE
)
"delete"
,
"
%
d"
%
self
.
one_id
],
stdout
=
subprocess
.
PIPE
)
(
out
,
err
)
=
proc
.
communicate
()
(
out
,
err
)
=
proc
.
communicate
()
self
.
firewall_host
.
del_rules
()
self
.
firewall_host
.
delete
()
self
.
firewall_host
.
delete
()
reload_firewall_lock
()
reload_firewall_lock
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment