Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gelencsér Szabolcs
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
e83122c8
authored
Jan 30, 2013
by
Bach Dániel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
firewall: redesign model
parent
dce55ba2
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
89 additions
and
67 deletions
+89
-67
firewall/admin.py
+43
-9
firewall/fw.py
+12
-3
firewall/migrations/0022_auto__add_vlangroup__add_field_setting_description__add_field_group_de.py
+0
-0
firewall/migrations/0023_auto__add_field_rule_firewall.py
+0
-0
firewall/models.py
+31
-52
firewall/views.py
+2
-0
one/models.py
+1
-3
No files found.
firewall/admin.py
View file @
e83122c8
...
@@ -8,38 +8,72 @@ from django import contrib
...
@@ -8,38 +8,72 @@ from django import contrib
class
AliasInline
(
contrib
.
admin
.
TabularInline
):
class
AliasInline
(
contrib
.
admin
.
TabularInline
):
model
=
Alias
model
=
Alias
class
RuleInline
(
contrib
.
admin
.
TabularInline
):
model
=
Rule
class
HostAdmin
(
admin
.
ModelAdmin
):
class
HostAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'hostname'
,
'vlan'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'
groups_l'
,
'rules_l'
,
'
description'
,
'reverse'
)
list_display
=
(
'hostname'
,
'vlan'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'description'
,
'reverse'
)
ordering
=
(
'hostname'
,
)
ordering
=
(
'hostname'
,
)
list_filter
=
(
'owner'
,
'vlan'
,
'groups'
)
list_filter
=
(
'owner'
,
'vlan'
,
'groups'
)
search_fields
=
(
'hostname'
,
'description'
,
'ipv4'
,
'ipv6'
,
'mac'
)
search_fields
=
(
'hostname'
,
'description'
,
'ipv4'
,
'ipv6'
,
'mac'
)
filter_horizontal
=
(
'groups'
,
'rules'
,
)
filter_horizontal
=
(
'groups'
,
)
inlines
=
(
AliasInline
,
)
inlines
=
(
AliasInline
,
RuleInline
)
class
HostInline
(
contrib
.
admin
.
TabularInline
):
class
HostInline
(
contrib
.
admin
.
TabularInline
):
model
=
Host
model
=
Host
fields
=
(
'hostname'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'reverse'
)
fields
=
(
'hostname'
,
'ipv4'
,
'ipv6'
,
'pub_ipv4'
,
'mac'
,
'shared_ip'
,
'owner'
,
'reverse'
)
class
VlanAdmin
(
admin
.
ModelAdmin
):
class
VlanAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'vid'
,
'name'
,
'
rules_l'
,
'ipv4'
,
'net_ipv4'
,
'ipv6'
,
'net_ipv6'
,
'description'
,
'domain'
,
'snat_ip'
,
'snat_to_l'
)
list_display
=
(
'vid'
,
'name'
,
'
ipv4'
,
'net_ipv4'
,
'ipv6'
,
'net_ipv6'
,
'description'
,
'domain'
,
'snat_ip'
,
)
ordering
=
(
'vid'
,
)
ordering
=
(
'vid'
,
)
inlines
=
(
HostInline
,
)
inlines
=
(
HostInline
,
RuleInline
)
class
RuleAdmin
(
admin
.
ModelAdmin
):
class
RuleAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'r_type'
,
'color_desc'
,
'
description'
,
'vlan_l'
,
'owner'
,
'extra'
,
'direction'
,
'accept'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_dport
'
)
list_display
=
(
'r_type'
,
'color_desc'
,
'
owner'
,
'extra'
,
'direction'
,
'accept'
,
'proto'
,
'sport'
,
'dport'
,
'nat'
,
'nat_dport'
,
'used_in
'
)
list_filter
=
(
'r_type'
,
'vlan'
,
'owner'
,
'direction'
,
'accept'
,
'proto'
,
'nat'
)
list_filter
=
(
'r_type'
,
'vlan'
,
'owner'
,
'direction'
,
'accept'
,
'proto'
,
'nat'
)
def
color_desc
(
self
,
instance
):
para
=
'</span>'
if
(
instance
.
dport
):
para
=
"dport=
%
s
%
s"
%
(
instance
.
dport
,
para
)
if
(
instance
.
sport
):
para
=
"sport=
%
s
%
s"
%
(
instance
.
sport
,
para
)
if
(
instance
.
proto
):
para
=
"proto=
%
s
%
s"
%
(
instance
.
proto
,
para
)
para
=
u'<span style="color: #00FF00;">'
+
para
return
u'<span style="color: #FF0000;">['
+
instance
.
r_type
+
u']</span> '
+
(
instance
.
foreign_network
.
name
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
instance
.
r_type
if
instance
.
direction
==
'1'
else
instance
.
r_type
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
instance
.
foreign_network
.
name
)
+
' '
+
para
+
' '
+
instance
.
description
color_desc
.
allow_tags
=
True
def
vlan_l
(
self
,
instance
):
retval
=
[]
for
vl
in
instance
.
foreign_network
.
vlans
.
all
():
retval
.
append
(
vl
.
name
)
return
u', '
.
join
(
retval
)
def
used_in
(
self
,
instance
):
for
field
in
[
instance
.
vlan
,
instance
.
vlangroup
,
instance
.
host
,
instance
.
hostgroup
,
instance
.
firewall
]:
if
field
is
not
None
:
return
unicode
(
field
)
+
' '
+
field
.
_meta
.
object_name
class
AliasAdmin
(
admin
.
ModelAdmin
):
class
AliasAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'alias'
,
'host'
)
list_display
=
(
'alias'
,
'host'
)
class
SettingAdmin
(
admin
.
ModelAdmin
):
class
SettingAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'key'
,
'value'
)
list_display
=
(
'key'
,
'value'
,
'description'
)
class
GroupAdmin
(
admin
.
ModelAdmin
):
list_display
=
(
'name'
,
'owner'
,
'description'
)
inlines
=
(
RuleInline
,
)
class
FirewallAdmin
(
admin
.
ModelAdmin
):
inlines
=
(
RuleInline
,
)
admin
.
site
.
register
(
Host
,
HostAdmin
)
admin
.
site
.
register
(
Host
,
HostAdmin
)
admin
.
site
.
register
(
Vlan
,
VlanAdmin
)
admin
.
site
.
register
(
Vlan
,
VlanAdmin
)
admin
.
site
.
register
(
Rule
,
RuleAdmin
)
admin
.
site
.
register
(
Rule
,
RuleAdmin
)
admin
.
site
.
register
(
Alias
,
AliasAdmin
)
admin
.
site
.
register
(
Alias
,
AliasAdmin
)
admin
.
site
.
register
(
Setting
,
SettingAdmin
)
admin
.
site
.
register
(
Setting
,
SettingAdmin
)
admin
.
site
.
register
(
Group
)
admin
.
site
.
register
(
Group
,
GroupAdmin
)
admin
.
site
.
register
(
Firewall
)
admin
.
site
.
register
(
VlanGroup
)
admin
.
site
.
register
(
Firewall
,
FirewallAdmin
)
firewall/fw.py
View file @
e83122c8
...
@@ -38,6 +38,9 @@ class firewall:
...
@@ -38,6 +38,9 @@ class firewall:
self
.
SZABALYOK_NAT
.
append
(
s
)
self
.
SZABALYOK_NAT
.
append
(
s
)
def
host2vlan
(
self
,
host
,
rule
):
def
host2vlan
(
self
,
host
,
rule
):
if
rule
.
foreign_network
is
None
:
return
if
(
self
.
IPV6
and
host
.
ipv6
):
if
(
self
.
IPV6
and
host
.
ipv6
):
ipaddr
=
host
.
ipv6
+
"/112"
ipaddr
=
host
.
ipv6
+
"/112"
else
:
else
:
...
@@ -45,7 +48,7 @@ class firewall:
...
@@ -45,7 +48,7 @@ class firewall:
dport_sport
=
self
.
dportsport
(
rule
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
vlan
.
all
():
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
(
rule
.
accept
):
if
(
rule
.
accept
):
if
(
rule
.
direction
==
'0'
and
vlan
.
name
==
"PUB"
):
if
(
rule
.
direction
==
'0'
and
vlan
.
name
==
"PUB"
):
if
(
rule
.
dport
==
25
):
if
(
rule
.
dport
==
25
):
...
@@ -64,18 +67,24 @@ class firewall:
...
@@ -64,18 +67,24 @@ class firewall:
def
fw2vlan
(
self
,
rule
):
def
fw2vlan
(
self
,
rule
):
if
rule
.
foreign_network
is
None
:
return
dport_sport
=
self
.
dportsport
(
rule
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
vlan
.
all
():
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
(
rule
.
direction
==
'1'
):
# HOSTHOZ megy
if
(
rule
.
direction
==
'1'
):
# HOSTHOZ megy
self
.
iptables
(
"-A INPUT -i
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
self
.
iptables
(
"-A INPUT -i
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
else
:
else
:
self
.
iptables
(
"-A OUTPUT -o
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
self
.
iptables
(
"-A OUTPUT -o
%
s
%
s
%
s -g
%
s"
%
(
vlan
.
interface
,
dport_sport
,
rule
.
extra
,
"LOG_ACC"
if
rule
.
accept
else
"LOG_DROP"
))
def
vlan2vlan
(
self
,
l_vlan
,
rule
):
def
vlan2vlan
(
self
,
l_vlan
,
rule
):
if
rule
.
foreign_network
is
None
:
return
dport_sport
=
self
.
dportsport
(
rule
)
dport_sport
=
self
.
dportsport
(
rule
)
for
vlan
in
rule
.
vlan
.
all
():
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
(
rule
.
accept
):
if
(
rule
.
accept
):
if
((
rule
.
direction
==
'0'
)
and
vlan
.
name
==
"PUB"
):
if
((
rule
.
direction
==
'0'
)
and
vlan
.
name
==
"PUB"
):
action
=
"PUB_OUT"
action
=
"PUB_OUT"
...
...
firewall/migrations/0022_auto__add_vlangroup__add_field_setting_description__add_field_group_de.py
0 → 100644
View file @
e83122c8
This diff is collapsed.
Click to expand it.
firewall/migrations/0023_auto__add_field_rule_firewall.py
0 → 100644
View file @
e83122c8
This diff is collapsed.
Click to expand it.
firewall/models.py
View file @
e83122c8
...
@@ -23,7 +23,7 @@ class Rule(models.Model):
...
@@ -23,7 +23,7 @@ class Rule(models.Model):
direction
=
models
.
CharField
(
max_length
=
1
,
choices
=
CHOICES_dir
,
blank
=
False
)
direction
=
models
.
CharField
(
max_length
=
1
,
choices
=
CHOICES_dir
,
blank
=
False
)
description
=
models
.
TextField
(
blank
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
vlan
=
models
.
ManyToManyField
(
'Vlan'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
foreign_network
=
models
.
ForeignKey
(
'VlanGroup'
,
related_name
=
"ForeignRules"
)
dport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
dport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
sport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
sport
=
models
.
IntegerField
(
blank
=
True
,
null
=
True
,
validators
=
[
MinValueValidator
(
1
),
MaxValueValidator
(
65535
)])
proto
=
models
.
CharField
(
max_length
=
10
,
choices
=
CHOICES_proto
,
blank
=
True
,
null
=
True
)
proto
=
models
.
CharField
(
max_length
=
10
,
choices
=
CHOICES_proto
,
blank
=
True
,
null
=
True
)
...
@@ -36,20 +36,22 @@ class Rule(models.Model):
...
@@ -36,20 +36,22 @@ class Rule(models.Model):
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
vlan
=
models
.
ForeignKey
(
'Vlan'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
vlangroup
=
models
.
ForeignKey
(
'VlanGroup'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
host
=
models
.
ForeignKey
(
'Host'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
hostgroup
=
models
.
ForeignKey
(
'Group'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
firewall
=
models
.
ForeignKey
(
'Firewall'
,
related_name
=
"rules"
,
blank
=
True
,
null
=
True
)
def
__unicode__
(
self
):
def
__unicode__
(
self
):
return
self
.
desc
()
return
self
.
desc
()
def
color_desc
(
self
):
def
clean
(
self
):
para
=
'</span>'
count
=
0
if
(
self
.
dport
):
for
field
in
[
self
.
vlan
,
self
.
vlangroup
,
self
.
host
,
self
.
hostgroup
,
self
.
firewall
]:
para
=
"dport=
%
s
%
s"
%
(
self
.
dport
,
para
)
if
field
is
None
:
if
(
self
.
sport
):
count
=
count
+
1
para
=
"sport=
%
s
%
s"
%
(
self
.
sport
,
para
)
if
count
!=
4
:
if
(
self
.
proto
):
raise
ValidationError
(
'jaj'
)
para
=
"proto=
%
s
%
s"
%
(
self
.
proto
,
para
)
para
=
u'<span style="color: #00FF00;">'
+
para
return
u'<span style="color: #FF0000;">['
+
self
.
r_type
+
u']</span> '
+
(
self
.
vlan_l
()
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
self
.
r_type
if
self
.
direction
==
'1'
else
self
.
r_type
+
u'<span style="color: #0000FF;"> ▸ </span>'
+
self
.
vlan_l
())
+
' '
+
para
+
' '
+
self
.
description
color_desc
.
allow_tags
=
True
def
desc
(
self
):
def
desc
(
self
):
para
=
u""
para
=
u""
...
@@ -59,12 +61,7 @@ class Rule(models.Model):
...
@@ -59,12 +61,7 @@ class Rule(models.Model):
para
=
"sport=
%
s
%
s"
%
(
self
.
sport
,
para
)
para
=
"sport=
%
s
%
s"
%
(
self
.
sport
,
para
)
if
(
self
.
proto
):
if
(
self
.
proto
):
para
=
"proto=
%
s
%
s"
%
(
self
.
proto
,
para
)
para
=
"proto=
%
s
%
s"
%
(
self
.
proto
,
para
)
return
u'['
+
self
.
r_type
+
u'] '
+
(
self
.
vlan_l
()
+
u' ▸ '
+
self
.
r_type
if
self
.
direction
==
'1'
else
self
.
r_type
+
u' ▸ '
+
self
.
vlan_l
())
+
u' '
+
para
+
u' '
+
self
.
description
return
u'['
+
self
.
r_type
+
u'] '
+
(
unicode
(
self
.
foreign_network
)
+
u' ▸ '
+
self
.
r_type
if
self
.
direction
==
'1'
else
self
.
r_type
+
u' ▸ '
+
unicode
(
self
.
foreign_network
))
+
u' '
+
para
+
u' '
+
self
.
description
def
vlan_l
(
self
):
retval
=
[]
for
vl
in
self
.
vlan
.
all
():
retval
.
append
(
vl
.
name
)
return
u', '
.
join
(
retval
)
class
Vlan
(
models
.
Model
):
class
Vlan
(
models
.
Model
):
vid
=
models
.
IntegerField
(
unique
=
True
)
vid
=
models
.
IntegerField
(
unique
=
True
)
...
@@ -78,7 +75,6 @@ class Vlan(models.Model):
...
@@ -78,7 +75,6 @@ class Vlan(models.Model):
ipv6
=
models
.
GenericIPAddressField
(
protocol
=
'ipv6'
,
unique
=
True
)
ipv6
=
models
.
GenericIPAddressField
(
protocol
=
'ipv6'
,
unique
=
True
)
snat_ip
=
models
.
GenericIPAddressField
(
protocol
=
'ipv4'
,
blank
=
True
,
null
=
True
)
snat_ip
=
models
.
GenericIPAddressField
(
protocol
=
'ipv4'
,
blank
=
True
,
null
=
True
)
snat_to
=
models
.
ManyToManyField
(
'self'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
snat_to
=
models
.
ManyToManyField
(
'self'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
related_name
=
"
%(app_label)
s_
%(class)
s_related"
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
comment
=
models
.
TextField
(
blank
=
True
)
comment
=
models
.
TextField
(
blank
=
True
)
domain
=
models
.
TextField
(
blank
=
True
,
validators
=
[
val_domain
])
domain
=
models
.
TextField
(
blank
=
True
,
validators
=
[
val_domain
])
...
@@ -95,20 +91,22 @@ class Vlan(models.Model):
...
@@ -95,20 +91,22 @@ class Vlan(models.Model):
def
net_ipv4
(
self
):
def
net_ipv4
(
self
):
return
self
.
net4
+
"/"
+
unicode
(
self
.
prefix4
)
return
self
.
net4
+
"/"
+
unicode
(
self
.
prefix4
)
def
rules_l
(
self
):
retval
=
[]
class
VlanGroup
(
models
.
Model
):
for
rl
in
self
.
rules
.
all
():
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
retval
.
append
(
unicode
(
rl
))
vlans
=
models
.
ManyToManyField
(
'Vlan'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
return
', '
.
join
(
retval
)
description
=
models
.
TextField
(
blank
=
True
)
def
snat_to_l
(
self
):
owner
=
models
.
ForeignKey
(
User
,
blank
=
True
,
null
=
True
)
retval
=
[]
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
for
rl
in
self
.
snat_to
.
all
():
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
retval
.
append
(
unicode
(
rl
))
return
', '
.
join
(
retval
)
def
__unicode__
(
self
):
return
self
.
name
class
Group
(
models
.
Model
):
class
Group
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
description
=
models
.
TextField
(
blank
=
True
)
owner
=
models
.
ForeignKey
(
User
,
blank
=
True
,
null
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
...
@@ -139,7 +137,6 @@ class Host(models.Model):
...
@@ -139,7 +137,6 @@ class Host(models.Model):
vlan
=
models
.
ForeignKey
(
'Vlan'
)
vlan
=
models
.
ForeignKey
(
'Vlan'
)
owner
=
models
.
ForeignKey
(
User
)
owner
=
models
.
ForeignKey
(
User
)
groups
=
models
.
ManyToManyField
(
'Group'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
groups
=
models
.
ManyToManyField
(
'Group'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
created_at
=
models
.
DateTimeField
(
auto_now_add
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
modified_at
=
models
.
DateTimeField
(
auto_now
=
True
)
...
@@ -153,18 +150,9 @@ class Host(models.Model):
...
@@ -153,18 +150,9 @@ class Host(models.Model):
raise
ValidationError
(
"Ha a shared_ip be van pipalva, akkor egyedinek kell lennie a pub_ipv4-nek!"
)
raise
ValidationError
(
"Ha a shared_ip be van pipalva, akkor egyedinek kell lennie a pub_ipv4-nek!"
)
if
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
pub_ipv4
=
self
.
ipv4
):
if
Host
.
objects
.
exclude
(
id
=
self
.
id
)
.
filter
(
pub_ipv4
=
self
.
ipv4
):
raise
ValidationError
(
"Egy masik host natolt cimet nem hasznalhatod sajat ipv4-nek"
)
raise
ValidationError
(
"Egy masik host natolt cimet nem hasznalhatod sajat ipv4-nek"
)
self
.
full_clean
()
super
(
Host
,
self
)
.
save
(
*
args
,
**
kwargs
)
super
(
Host
,
self
)
.
save
(
*
args
,
**
kwargs
)
def
groups_l
(
self
):
retval
=
[]
for
grp
in
self
.
groups
.
all
():
retval
.
append
(
grp
.
name
)
return
', '
.
join
(
retval
)
def
rules_l
(
self
):
retval
=
[]
for
rl
in
self
.
rules
.
all
():
retval
.
append
(
unicode
(
rl
.
color_desc
()))
return
'<br>'
.
join
(
retval
)
rules_l
.
allow_tags
=
True
def
enable_net
(
self
):
def
enable_net
(
self
):
self
.
groups
.
add
(
Group
.
objects
.
get
(
name
=
"netezhet"
))
self
.
groups
.
add
(
Group
.
objects
.
get
(
name
=
"netezhet"
))
...
@@ -175,17 +163,9 @@ class Host(models.Model):
...
@@ -175,17 +163,9 @@ class Host(models.Model):
for
host
in
Host
.
objects
.
filter
(
pub_ipv4
=
self
.
pub_ipv4
):
for
host
in
Host
.
objects
.
filter
(
pub_ipv4
=
self
.
pub_ipv4
):
if
host
.
rules
.
filter
(
nat
=
True
,
proto
=
proto
,
dport
=
public
):
if
host
.
rules
.
filter
(
nat
=
True
,
proto
=
proto
,
dport
=
public
):
raise
ValidationError
(
"A
%
s
%
s port mar hasznalva"
%
(
proto
,
public
))
raise
ValidationError
(
"A
%
s
%
s port mar hasznalva"
%
(
proto
,
public
))
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
d
escription
=
u"
%
s
%
s
%
s ▸
%
s"
%
(
self
.
hostname
,
proto
,
public
,
private
),
dport
=
public
,
proto
=
proto
,
nat
=
True
,
accept
=
True
,
r_type
=
"host"
,
nat_dport
=
private
)
rule
=
Rule
(
direction
=
'1'
,
owner
=
self
.
owner
,
d
port
=
public
,
proto
=
proto
,
nat
=
True
,
accept
=
True
,
r_type
=
"host"
,
nat_dport
=
private
,
host
=
host
,
foreign_network
=
VlanGroup
.
objects
.
get
(
name
=
settings
[
"default_vlangroup"
])
)
rule
.
full_clean
()
rule
.
full_clean
()
rule
.
save
()
rule
.
save
()
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"PUB"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"HOT"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"LAB"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"DMZ"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"VM-NET"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"WAR"
))
rule
.
vlan
.
add
(
Vlan
.
objects
.
get
(
name
=
"OFF2"
))
self
.
rules
.
add
(
rule
)
def
del_port
(
self
,
proto
,
public
):
def
del_port
(
self
,
proto
,
public
):
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
nat
=
True
,
dport
=
public
)
.
delete
()
self
.
rules
.
filter
(
owner
=
self
.
owner
,
proto
=
proto
,
nat
=
True
,
dport
=
public
)
.
delete
()
...
@@ -201,7 +181,6 @@ class Host(models.Model):
...
@@ -201,7 +181,6 @@ class Host(models.Model):
class
Firewall
(
models
.
Model
):
class
Firewall
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
name
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
)
rules
=
models
.
ManyToManyField
(
'Rule'
,
symmetrical
=
False
,
blank
=
True
,
null
=
True
)
def
__unicode__
(
self
):
def
__unicode__
(
self
):
return
self
.
name
return
self
.
name
...
...
firewall/views.py
View file @
e83122c8
...
@@ -17,6 +17,8 @@ import sys
...
@@ -17,6 +17,8 @@ import sys
def
reload_firewall
(
request
):
def
reload_firewall
(
request
):
if
request
.
user
.
is_authenticated
():
if
request
.
user
.
is_authenticated
():
if
(
request
.
user
.
is_superuser
):
if
(
request
.
user
.
is_superuser
):
ipv4
=
firewall
()
return
HttpResponse
(
ipv4
.
show
())
html
=
u"Be vagy jelentkezve es admin is vagy, kedves
%
s!"
%
request
.
user
.
username
html
=
u"Be vagy jelentkezve es admin is vagy, kedves
%
s!"
%
request
.
user
.
username
html
+=
"<br> 10 masodperc mulva ujratoltodik"
html
+=
"<br> 10 masodperc mulva ujratoltodik"
ReloadTask
.
delay
()
ReloadTask
.
delay
()
...
...
one/models.py
View file @
e83122c8
...
@@ -392,8 +392,7 @@ class Instance(models.Model):
...
@@ -392,8 +392,7 @@ class Instance(models.Model):
host
.
hostname
=
u"id-
%
d_user-
%
s"
%
(
inst
.
id
,
owner
.
username
)
host
.
hostname
=
u"id-
%
d_user-
%
s"
%
(
inst
.
id
,
owner
.
username
)
host
.
mac
=
x
.
getElementsByTagName
(
"MAC"
)[
0
]
.
childNodes
[
0
]
.
nodeValue
host
.
mac
=
x
.
getElementsByTagName
(
"MAC"
)[
0
]
.
childNodes
[
0
]
.
nodeValue
host
.
ipv4
=
inst
.
ip
host
.
ipv4
=
inst
.
ip
host
.
pub_ipv4
=
"152.66.243.62"
host
.
pub_ipv4
=
Vlan
.
objects
.
get
(
name
=
template
.
network
.
name
)
.
snat_ip
host
.
full_clean
()
host
.
save
()
host
.
save
()
host
.
enable_net
()
host
.
enable_net
()
host
.
add_port
(
"tcp"
,
inst
.
get_port
(),
{
"rdp"
:
3389
,
"nx"
:
22
,
"ssh"
:
22
}[
inst
.
template
.
access_type
])
host
.
add_port
(
"tcp"
,
inst
.
get_port
(),
{
"rdp"
:
3389
,
"nx"
:
22
,
"ssh"
:
22
}[
inst
.
template
.
access_type
])
...
@@ -409,7 +408,6 @@ class Instance(models.Model):
...
@@ -409,7 +408,6 @@ class Instance(models.Model):
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"compute"
,
proc
=
subprocess
.
Popen
([
"/opt/occi.sh"
,
"compute"
,
"delete"
,
"
%
d"
%
self
.
one_id
],
stdout
=
subprocess
.
PIPE
)
"delete"
,
"
%
d"
%
self
.
one_id
],
stdout
=
subprocess
.
PIPE
)
(
out
,
err
)
=
proc
.
communicate
()
(
out
,
err
)
=
proc
.
communicate
()
self
.
firewall_host
.
del_rules
()
self
.
firewall_host
.
delete
()
self
.
firewall_host
.
delete
()
reload_firewall_lock
()
reload_firewall_lock
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment