1 # -*- coding: utf-8 -*-
3 # This file is part of Karesansui.
5 # Copyright (C) 2009-2010 HDE, Inc.
7 # This program is free software; you can redistribute it and/or
8 # modify it under the terms of the GNU General Public License
9 # as published by the Free Software Foundation; either version 2
10 # of the License, or (at your option) any later version.
19 from karesansui.lib.rest import Rest, auth
20 from karesansui.db.access.machine import findbyhost1
21 from karesansui.lib.utils import get_ifconfig_info, dict_ksort, is_param
22 from karesansui.lib.conf import read_conf, write_conf
23 from karesansui.lib.iptables import iptables_lint_contents
25 from karesansui.lib.checker import Checker, \
26 CHECK_EMPTY, CHECK_VALID
28 def validates_iptables_save(obj, host):
35 if not is_param(obj.input, 'iptables_save'):
37 checker.add_error(_('"%s" is required.') % _('Rule'))
40 check = checker.check_string(
42 obj.input.iptables_save,
43 CHECK_EMPTY | CHECK_VALID,
44 '[^-a-zA-Z0-9_\,\.\@\$\%\!\#\*\[\]\:\/\r\n\+ ]+',
50 ret = iptables_lint_contents(obj.input.iptables_save, obj, host)
53 checker.add_error(ret)
55 m = re.match(".* line (?P<line>[0-9]+).*",str(ret))
57 checker.add_error("LINE:"+m.group("line"))
60 obj.view.alert = checker.errors
65 class HostBy1Iptables(Rest):
68 def _GET(self, *param, **params):
69 host_id = self.chk_hostby1(param)
70 if host_id is None: return web.notfound()
72 self.view.host_id = host_id
73 self.view.current = get_ifconfig_info()
75 modules = ["iptables"]
77 host = findbyhost1(self.orm, host_id)
78 dop = read_conf(modules, self, host)
80 return web.internalerror('Internal Server Error. (Timeout)')
82 config = dop.get("iptables",["config"])
83 status = dop.get("iptables",["status"])
84 lint = dop.get("iptables",["lint"])
88 m = re.match("\*(?P<table>[a-z]+)",_aline.rstrip())
90 table = m.group("table")
93 m = re.match(":(?P<chain>[A-Z]+) +(?P<policy>[A-Z]+)",_aline.rstrip())
95 chain = m.group("chain")
96 policy = m.group("policy")
97 policies[table][chain] = policy
99 self.view.config = "\n".join(config)
100 self.view.status = "\n".join(status)
101 self.view.lint = lint
102 self.view.policies = policies
103 self.view.result_js = ""
108 def _PUT(self, *param, **params):
109 host_id = self.chk_hostby1(param)
110 if host_id is None: return web.notfound()
112 host = findbyhost1(self.orm, host_id)
113 if not validates_iptables_save(self, host):
114 return web.badrequest(self.view.alert)
116 from karesansui.lib.dict_op import DictOp
118 dop.addconf("iptables", {})
119 dop.set("iptables",["config"],self.input.iptables_save.split("\r\n"))
120 retval = write_conf(dop, self, host)
122 return web.internalerror('Internal Server Error. (Adding Task)')
124 return web.accepted(url=web.ctx.path)
128 '/host/(\d+)/iptables/?(\.part)$', HostBy1Iptables,