Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gelencsér Szabolcs
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
e5b2f5f3
authored
Feb 05, 2013
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
firewall: remove ModelDict
parent
654d72c9
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
28 additions
and
28 deletions
+28
-28
cloud/settings.py
+10
-0
firewall/admin.py
+0
-4
firewall/fw.py
+15
-14
firewall/models.py
+1
-8
firewall/tasks.py
+1
-1
one/models.py
+1
-1
No files found.
cloud/settings.py
View file @
e5b2f5f3
...
...
@@ -186,6 +186,16 @@ store_settings = {
"store_url"
:
"http://localhost:9000"
,
}
firewall_settings
=
{
"default_vlangroup"
:
"publikus"
,
"reload_sleep"
:
"10"
,
"dns_hostname"
:
"dns1.ik.bme.hu"
,
"rdns_ip"
:
"152.66.243.60"
,
"dns_ip"
:
"152.66.243.60"
,
"dns_ttl"
:
"300"
,
}
try
:
from
cloud.local_settings
import
*
except
:
...
...
firewall/admin.py
View file @
e5b2f5f3
...
...
@@ -65,9 +65,6 @@ class RuleAdmin(admin.ModelAdmin):
class
AliasAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'alias'
,
'host'
)
class
SettingAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'key'
,
'value'
,
'description'
)
class
GroupAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'name'
,
'owner'
,
'description'
)
inlines
=
(
RuleInline
,
)
...
...
@@ -79,7 +76,6 @@ admin.site.register(Host, HostAdmin)
admin
.
site
.
register
(
Vlan
,
VlanAdmin
)
admin
.
site
.
register
(
Rule
,
RuleAdmin
)
admin
.
site
.
register
(
Alias
,
AliasAdmin
)
admin
.
site
.
register
(
Setting
,
SettingAdmin
)
admin
.
site
.
register
(
Group
,
GroupAdmin
)
admin
.
site
.
register
(
VlanGroup
)
admin
.
site
.
register
(
Firewall
,
FirewallAdmin
)
firewall/fw.py
View file @
e5b2f5f3
...
...
@@ -2,6 +2,7 @@ from django.contrib import auth
from
firewall
import
models
from
modeldict
import
*
import
os
from
cloud.settings
import
firewall_settings
as
settings
import
subprocess
import
re
...
...
@@ -350,13 +351,13 @@ def dns():
for
i_vlan
in
vlans
:
m
=
regex
.
search
(
i_vlan
.
net4
)
if
(
i_vlan
.
name
!=
"DMZ"
and
i_vlan
.
name
!=
"PUB"
):
DNS
.
append
(
"Z
%
s.
%
s.in-addr.arpa:
%
s:support.ik.bme.hu::::::
%
s"
%
(
m
.
group
(
2
),
m
.
group
(
1
),
models
.
settings
[
'dns_hostname'
],
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"&
%
s.
%
s.in-addr.arpa::
%
s:
%
s:"
%
(
m
.
group
(
2
),
m
.
group
(
1
),
models
.
settings
[
'dns_hostname'
],
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"Z
%
s:
%
s:support.ik.bme.hu::::::
%
s"
%
(
i_vlan
.
domain
,
models
.
settings
[
'dns_hostname'
],
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"&
%
s::
%
s:
%
s"
%
(
i_vlan
.
domain
,
models
.
settings
[
'dns_hostname'
],
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"Z
%
s.
%
s.in-addr.arpa:
%
s:support.ik.bme.hu::::::
%
s"
%
(
m
.
group
(
2
),
m
.
group
(
1
),
settings
[
'dns_hostname'
],
settings
[
'dns_ttl'
]))
DNS
.
append
(
"&
%
s.
%
s.in-addr.arpa::
%
s:
%
s:"
%
(
m
.
group
(
2
),
m
.
group
(
1
),
settings
[
'dns_hostname'
],
settings
[
'dns_ttl'
]))
DNS
.
append
(
"Z
%
s:
%
s:support.ik.bme.hu::::::
%
s"
%
(
i_vlan
.
domain
,
settings
[
'dns_hostname'
],
settings
[
'dns_ttl'
]))
DNS
.
append
(
"&
%
s::
%
s:
%
s"
%
(
i_vlan
.
domain
,
settings
[
'dns_hostname'
],
settings
[
'dns_ttl'
]))
if
(
i_vlan
.
name
==
"WAR"
):
DNS
.
append
(
"Zdns1.
%
s.
%
s.
%
s.in-addr.arpa:
%
s:support.ik.bme.hu::::::
%
s"
%
(
m
.
group
(
3
),
m
.
group
(
2
),
m
.
group
(
1
),
models
.
settings
[
'dns_hostname'
],
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"&dns1.
%
s.
%
s.
%
s.in-addr.arpa::
%
s:
%
s::"
%
(
m
.
group
(
3
),
m
.
group
(
2
),
m
.
group
(
1
),
models
.
settings
[
'dns_hostname'
],
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"Zdns1.
%
s.
%
s.
%
s.in-addr.arpa:
%
s:support.ik.bme.hu::::::
%
s"
%
(
m
.
group
(
3
),
m
.
group
(
2
),
m
.
group
(
1
),
settings
[
'dns_hostname'
],
settings
[
'dns_ttl'
]))
DNS
.
append
(
"&dns1.
%
s.
%
s.
%
s.in-addr.arpa::
%
s:
%
s::"
%
(
m
.
group
(
3
),
m
.
group
(
2
),
m
.
group
(
1
),
settings
[
'dns_hostname'
],
settings
[
'dns_ttl'
]))
for
i_host
in
i_vlan
.
host_set
.
all
():
ipv4
=
(
i_host
.
pub_ipv4
if
i_host
.
pub_ipv4
and
not
i_host
.
shared_ip
else
i_host
.
ipv4
)
reverse
=
i_host
.
reverse
if
(
i_host
.
reverse
and
len
(
i_host
.
reverse
))
else
i_host
.
hostname
+
u'.'
+
i_vlan
.
domain
...
...
@@ -365,24 +366,24 @@ def dns():
# ipv4
if
i_host
.
ipv4
:
# A record
DNS
.
append
(
"+
%
s:
%
s:
%
s"
%
(
hostname
,
ipv4
,
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"+
%
s:
%
s:
%
s"
%
(
hostname
,
ipv4
,
settings
[
'dns_ttl'
]))
# PTR record 4.3.2.1.in-addr.arpa
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
ipv4_to_arpa
(
ipv4
),
reverse
,
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
ipv4_to_arpa
(
ipv4
),
reverse
,
settings
[
'dns_ttl'
]))
# PTR record 4.dns1.3.2.1.in-addr.arpa
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
ipv4_to_arpa
(
ipv4
,
cname
=
True
),
reverse
,
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
ipv4_to_arpa
(
ipv4
,
cname
=
True
),
reverse
,
settings
[
'dns_ttl'
]))
# ipv6
if
i_host
.
ipv6
:
# AAAA record
DNS
.
append
(
":
%
s:28:
%
s:
%
s"
%
(
hostname
,
ipv6_to_octal
(
i_host
.
ipv6
),
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
":
%
s:28:
%
s:
%
s"
%
(
hostname
,
ipv6_to_octal
(
i_host
.
ipv6
),
settings
[
'dns_ttl'
]))
# PTR record
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
ipv6_to_arpa
(
i_host
.
ipv6
),
reverse
,
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"^
%
s:
%
s:
%
s"
%
(
ipv6_to_arpa
(
i_host
.
ipv6
),
reverse
,
settings
[
'dns_ttl'
]))
# cname
for
i_alias
in
i_host
.
alias_set
.
all
():
DNS
.
append
(
"C
%
s:
%
s:
%
s"
%
(
i_alias
.
alias
,
hostname
,
models
.
settings
[
'dns_ttl'
]))
DNS
.
append
(
"C
%
s:
%
s:
%
s"
%
(
i_alias
.
alias
,
hostname
,
settings
[
'dns_ttl'
]))
process
=
subprocess
.
Popen
([
'/usr/bin/ssh'
,
'tinydns@
%
s'
%
models
.
settings
[
'dns_hostname'
]],
shell
=
False
,
stdin
=
subprocess
.
PIPE
)
process
=
subprocess
.
Popen
([
'/usr/bin/ssh'
,
'tinydns@
%
s'
%
settings
[
'dns_hostname'
]],
shell
=
False
,
stdin
=
subprocess
.
PIPE
)
process
.
communicate
(
"
\n
"
.
join
(
DNS
)
+
"
\n
"
)
# print "\n".join(DNS)+"\n"
...
...
@@ -425,7 +426,7 @@ def dhcp():
'domain'
:
i_vlan
.
domain
,
'router'
:
i_vlan
.
ipv4
,
'ntp'
:
i_vlan
.
ipv4
,
'dnsserver'
:
models
.
settings
[
'rdns_ip'
],
'dnsserver'
:
settings
[
'rdns_ip'
],
'extra'
:
"range
%
s"
%
i_vlan
.
dhcp_pool
if
m
else
"deny unknown-clients"
,
'interface'
:
i_vlan
.
interface
,
'name'
:
i_vlan
.
name
,
...
...
firewall/models.py
View file @
e5b2f5f3
...
...
@@ -7,14 +7,7 @@ from django.utils.translation import ugettext_lazy as _
from
firewall.fields
import
*
from
south.modelsinspector
import
add_introspection_rules
from
django.core.validators
import
MinValueValidator
,
MaxValueValidator
from
modeldict
import
ModelDict
class
Setting
(
models
.
Model
):
key
=
models
.
CharField
(
max_length
=
32
)
value
=
models
.
CharField
(
max_length
=
200
)
description
=
models
.
TextField
(
blank
=
True
)
settings
=
ModelDict
(
Setting
,
key
=
'key'
,
value
=
'value'
,
instances
=
False
)
from
cloud.settings
import
firewall_settings
as
settings
class
Rule
(
models
.
Model
):
CHOICES_type
=
((
'host'
,
'host'
),
(
'firewall'
,
'firewall'
),
(
'vlan'
,
'vlan'
))
...
...
firewall/tasks.py
View file @
e5b2f5f3
...
...
@@ -3,7 +3,7 @@ from django.core.cache import cache
import
os
import
time
from
firewall.fw
import
*
from
firewall.models
import
settings
from
cloud.settings
import
firewall_settings
as
settings
def
reload_firewall_lock
():
acquire_lock
=
lambda
:
cache
.
add
(
"reload_lock1"
,
"true"
,
9
)
...
...
one/models.py
View file @
e5b2f5f3
...
...
@@ -7,7 +7,7 @@ from django.db import transaction
from
django.db.models.signals
import
post_save
from
django
import
forms
from
django.utils.translation
import
ugettext_lazy
as
_
from
firewall.models
import
Host
,
Rule
,
Vlan
,
settings
from
firewall.models
import
Host
,
Rule
,
Vlan
from
firewall.tasks
import
reload_firewall_lock
from
one.util
import
keygen
from
school.models
import
Person
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment