/ - Diff - Firewall on Demand - Greek Research and Technology Network's projects

Revision b10e01d6

             applier = PR.Applier(route_objects=queryset)
             commit, response = applier.apply(configuration=applier.delete_routes())
             if commit:
                 rows = queryset.update(is_online=False)
                 rows = queryset.update(is_online=False, is_active=False)
                 queryset.update(response="Successfully removed route from network")
                 self.message_user(request, "Successfully removed %s routes from network" % rows)
             else:
                 self.message_user(request, "Could not remove routes from network")
         deactivate.short_description = "Remove selected routes from network"
         list_display = ('name', 'get_match', 'get_then', 'is_online', 'applier', 'response')
         fields = ('name', 'match','then','applier', 'expires')
         deactivate.short_description = "Deactivate selected routes from network"
         list_display = ('name', 'is_online', 'applier', 'get_match', 'get_then', 'response')
         fieldsets = [
             (None,               {'fields': ['name',]}),
             ("Match",               {'fields': ['source', 'sourceport', 'destination', 'destinationport', 'port']}),
             ('Advanced Match Statements', {'fields': ['dscp', 'fragmenttype', 'icmpcode', 'icmptype', 'packetlength', 'protocol', 'tcpflag'], 'classes': ['collapse']}),
             ("Then",               {'fields': ['then' ]}),
             (None,               {'fields': ['comments',]}),
+        ]
     #    fields = ('name', 'applier', 'expires')
         #def formfield_for_dbfield(self, db_field, **kwargs):
         #    if db_field.name == 'password':
         #        kwargs['widget'] = PasswordInput
         #    return db_field.formfield(**kwargs)
     admin.site.register(MatchAddress)
     #admin.site.register(MatchAddress)
     admin.site.register(MatchPort)
     admin.site.register(MatchDscp)
     admin.site.register(MatchFragmentType)
     admin.site.register(MatchIcmpCode)
     admin.site.register(MatchIcmpType)
     admin.site.register(MatchPacketLength)
     admin.site.register(MatchProtocol)
     admin.site.register(MatchTcpFlag)
     #admin.site.register(MatchFragmentType)
     #admin.site.register(MatchIcmpCode)
     #admin.site.register(MatchIcmpType)
     #admin.site.register(MatchPacketLength)
     #admin.site.register(MatchProtocol)
     #admin.site.register(MatchTcpFlag)
     admin.site.register(ThenAction)
     admin.site.register(ThenStatement)
     admin.site.register(MatchStatement)
     #admin.site.register(ThenStatement)
     #admin.site.register(MatchStatement)
     admin.site.register(Route, RouteAdmin)
     admin.site.disable_action('delete_selected')

     # vim: tabstop=4:shiftwidth=4:softtabstop=4:expandtab
     from django.db import models
     from django.conf import settings
     from django.contrib.auth.models import User
     from utils import proxy as PR
     from ipaddr import *
     from datetime import *
     import logging
     FORMAT = '%(asctime)s %(levelname)s: %(message)s'
-...
+    )
     def days_offset(): return datetime.now() + timedelta(days = settings.EXPIRATION_DAYS_OFFSET)
     class MatchAddress(models.Model):
         address = models.CharField(max_length=255, help_text=u"Network address. Use address/CIDR notation")
         def __unicode__(self):
             return self.address
         def clean(self, *args, **kwargs):
             from django.core.exceptions import ValidationError
             try:
                 address = IPNetwork(self.address)
                 self.address = address.exploded
             except Exception:
                 raise ValidationError('Invalid network address format')
         class Meta:
             db_table = u'match_address'
     class MatchPort(models.Model):
         port = models.CharField(max_length=24)
         def __unicode__(self):
-...
     class ThenAction(models.Model):
         action = models.CharField(max_length=60, choices=THEN_CHOICES)
         action_value = models.CharField(max_length=255, blank=True, null=True)
         action = models.CharField(max_length=60, choices=THEN_CHOICES, verbose_name="Action")
         action_value = models.CharField(max_length=255, blank=True, null=True, verbose_name="Action Value")
         def __unicode__(self):
             return "%s %s" %(self.action, self.action_value)
             return "%s: %s" %(self.action, self.action_value)
         class Meta:
             db_table = u'then_action'
     class Route(models.Model):
         name = models.CharField(max_length=128)
         applier = models.ForeignKey(User)
         destination = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation")
         destinationport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchDestinationPort")
         dscp = models.ManyToManyField(MatchDscp, blank=True, null=True)
         fragmenttype = models.CharField(max_length=20, choices=FRAGMENT_CODES, blank=True, null=True)
         icmpcode = models.CharField(max_length=32, blank=True, null=True)
         icmptype = models.CharField(max_length=32, blank=True, null=True)
         packetlength = models.IntegerField(blank=True, null=True)
         port = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchPort")
         protocol = models.CharField(max_length=32, blank=True, null=True)
         source = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation")
         sourceport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchSourcePort")
         tcpflag = models.CharField(max_length=128, blank=True, null=True)
         then = models.ManyToManyField(ThenAction)
         source = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation", verbose_name="Source Address")
         sourceport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchSourcePort", verbose_name="Source Port")
         destination = models.CharField(max_length=32, blank=True, null=True, help_text=u"Network address. Use address/CIDR notation", verbose_name="Destination Address")
         destinationport = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchDestinationPort", verbose_name="Destination Port")
         port = models.ManyToManyField(MatchPort, blank=True, null=True, related_name="matchPort", verbose_name="Port" )
         dscp = models.ManyToManyField(MatchDscp, blank=True, null=True, verbose_name="DSCP")
         fragmenttype = models.CharField(max_length=20, choices=FRAGMENT_CODES, blank=True, null=True, verbose_name="Fragment Type")
         icmpcode = models.CharField(max_length=32, blank=True, null=True, verbose_name="ICMP Code")
         icmptype = models.CharField(max_length=32, blank=True, null=True, verbose_name="ICMP Type")
         packetlength = models.IntegerField(blank=True, null=True, verbose_name="Packet Length")
         protocol = models.CharField(max_length=32, blank=True, null=True, verbose_name="Protocol")
         tcpflag = models.CharField(max_length=128, blank=True, null=True, verbose_name="TCP flag")
         then = models.ManyToManyField(ThenAction, verbose_name="Then")
         filed = models.DateTimeField(auto_now_add=True)
         last_updated = models.DateTimeField(auto_now=True)
         is_online = models.BooleanField(default=False)
         is_active = models.BooleanField(default=False)
         expires = models.DateTimeField()
         expires = models.DateField(default=days_offset)
         response = models.CharField(max_length=512, blank=True, null=True)
         comments = models.TextField(null=True, blank=True)
         comments = models.TextField(null=True, blank=True, verbose_name="Comments")
         def __unicode__(self):
             return self.name
         class Meta:
             unique_together = (("name", "is_active"),)
             db_table = u'route'
         def clean(self, *args, **kwargs):
             from django.core.exceptions import ValidationError
             if self.destination:
                 try:
                     address = IPNetwork(self.address)
                     self.address = address.exploded
                     address = IPNetwork(self.destination)
                     self.destination = address.exploded
                 except Exception:
                     raise ValidationError('Invalid network address format')
                     raise ValidationError('Invalid network address format at Destination Field')
             if self.source:
                 try:
                     address = IPNetwork(self.address)
                     self.address = address.exploded
                     address = IPNetwork(self.source)
                     self.source = address.exploded
                 except Exception:
                     raise ValidationError('Invalid network address format')
                     raise ValidationError('Invalid network address format at Source Field')
         def save(self, *args, **kwargs):
             applier = PR.Applier(route_object=self)
             commit, response = applier.apply()
             if commit:
                 self.is_online = True
                 self.is_active = True
                 self.response = response
             else:
                 self.is_online = False
                 self.response = response
             super(Route, self).save(*args, **kwargs)
         def is_synced(self):
             found = False
-...
                     found = True
                     logger.info('Found a matching route name')
                     devicematch = route.match
                     routematch = self.match
                     try:
                         assert(routematch.matchDestination.address)
                         assert(self.destination)
                         assert(devicematch['destination'][0])
                         if routematch.matchDestination.address == devicematch['destination'][0]:
                         if self.destination == devicematch['destination'][0]:
                             found = found and True
                             logger.info('Found a matching destination')
                         else:
-...
                     except:
                         pass
                     try:
                         assert(routematch.matchSource.address)
                         assert(self.source)
                         assert(devicematch['source'][0])
                         if routematch.matchSource.address == devicematch['source'][0]:
                         if self.source == devicematch['source'][0]:
                             found = found and True
                             logger.info('Found a matching source')
                         else:
-...
                     except:
                         pass
                     try:
                         assert(routematch.matchfragmenttype.fragmenttype)
                         assert(self.fragmenttype)
                         assert(devicematch['fragment'][0])
                         if routematch.matchfragmenttype.fragmenttype == devicematch['fragment'][0]:
                         if self.fragmenttype == devicematch['fragment'][0]:
                             found = found and True
                             logger.info('Found a matching fragment type')
                         else:
-...
                     except:
                         pass
                     try:
                         assert(routematch.matchicmpcode.icmp_code)
                         assert(self.icmpcode)
                         assert(devicematch['icmp-code'][0])
                         if routematch.matchicmpcode.icmp_code == devicematch['icmp-code'][0]:
                         if self.icmpcode == devicematch['icmp-code'][0]:
                             found = found and True
                             logger.info('Found a matching icmp code')
                         else:
-...
                     except:
                         pass
                     try:
                         assert(routematch.matchicmptype.icmp_type)
                         assert(self.icmptype)
                         assert(devicematch['icmp-type'][0])
                         if routematch.matchicmpcode.icmp_type == devicematch['icmp-type'][0]:
                         if self.icmptype == devicematch['icmp-type'][0]:
                             found = found and True
                             logger.info('Found a matching icmp type')
                         else:
-...
                     except:
                         pass
                     try:
                         assert(routematch.matchprotocol.protocol)
                         assert(self.protocol)
                         assert(devicematch['protocol'][0])
                         if routematch.matchprotocol.protocol == devicematch['protocol'][0]:
                         if self.protocol == devicematch['protocol'][0]:
                             found = found and True
                             logger.info('Found a matching protocol')
                         else:
-...
             return found
         def get_then(self):
             ret = ''
             then_statements = self.then.thenaction.all()
             then_statements = self.then.all()
             for statement in then_statements:
                 if statement.action_value:
                     ret = "%s %s:<strong>%s</strong><br/>" %(ret, statement.action, statement.action_value)
-...
         get_then.short_description = 'Then statement'
         get_then.allow_tags = True
+    #
         def get_match(self):
             ret = ''
             match = self.match
             if match.matchDestination:
                 ret = ret = '%s Destination Address:<strong>%s</strong><br/>' %(ret, match.matchDestination)
             if match.matchfragmenttype:
                 ret = ret = "%s Fragment Type:<strong>%s</strong><br/>" %(ret, match.matchfragmenttype)
             if match.matchicmpcode:
                 ret = ret = "%s ICMP code:<strong>%s</strong><br/>" %(ret, match.matchicmpcode)
             if match.matchicmptype:
                 ret = ret = "%s ICMP Type:<strong>%s</strong><br/>" %(ret, match.matchicmptype)
             if match.matchpacketlength:
                 ret = ret = "%s Packet Length:<strong>%s</strong><br/>" %(ret, match.matchpacketlength)
             if match.matchprotocol:
                 ret = ret = "%s Protocol:<strong>%s</strong><br/>" %(ret, match.matchprotocol)
             if match.matchSource:
                 ret = ret = "%s Source Address:<strong>%s</strong><br/>" %(ret, match.matchSource)
             if match.matchTcpFlag:
                 ret = ret = "%s TCP flag:<strong>%s</strong><br/>" %(ret, match.matchTcpFlag)
             if match.matchport:
                 for port in match.matchport.all():
             if self.destination:
                 ret = ret = '%s Destination Address:<strong>%s</strong><br/>' %(ret, self.destination)
             if self.fragmenttype:
                 ret = ret = "%s Fragment Type:<strong>%s</strong><br/>" %(ret, self.fragmenttype)
             if self.icmpcode:
                 ret = ret = "%s ICMP code:<strong>%s</strong><br/>" %(ret, self.icmpcode)
             if self.icmptype:
                 ret = ret = "%s ICMP Type:<strong>%s</strong><br/>" %(ret, self.icmptype)
             if self.packetlength:
                 ret = ret = "%s Packet Length:<strong>%s</strong><br/>" %(ret, self.packetlength)
             if self.protocol:
                 ret = ret = "%s Protocol:<strong>%s</strong><br/>" %(ret, self.protocol)
             if self.source:
                 ret = ret = "%s Source Address:<strong>%s</strong><br/>" %(ret, self.source)
             if self.tcpflag:
                 ret = ret = "%s TCP flag:<strong>%s</strong><br/>" %(ret, self.tcpflag)
             if self.port:
                 for port in self.port.all():
                         ret = "%s Port:<strong>%s</strong><br/>" %(ret, port)
             if match.matchDestinationPort:
                 for port in match.matchDestinationPort.all():
             if self.destinationport:
                 for port in self.destinationport.all():
                         ret = "%s Port:<strong>%s</strong><br/>" %(ret, port)
             if match.matchSourcePort:
                 for port in match.matchSourcePort.all():
             if self.sourceport:
                 for port in self.sourceport.all():
                         ret = "%s Port:<strong>%s</strong><br/>" %(ret, port)
             if match.matchdscp:
                 for dscp in match.matchdscp.all():
             if self.dscp:
                 for dscp in self.dscp.all():
                         ret = "%s Port:<strong>%s</strong><br/>" %(ret, dscp)
             return ret.rstrip('<br/>')

                 flow.routes.append(route)
                 device.routing_options.append(flow)
                 route.name = route_obj.name
                 match = route_obj.match
                 if match.matchSource:
                     route.match['source'].append(match.matchSource.address)
                 if match.matchDestination:
                     route.match['destination'].append(match.matchDestination.address)
                 if match.matchprotocol:
                     route.match['protocol'].append(match.matchprotocol.protocol)
                 if match.matchport:
                     for port in match.matchport.all():
                         route.match['port'].append(port.port)
                 if match.matchDestinationPort:
                     for port in match.matchDestinationPort.all():
                         route.match['destination-port'].append(port.port)
                 if match.matchSourcePort:
                     for port in match.matchSourcePort.all():
                         route.match['source-port'].append(port.port)
                 if match.matchicmpcode:
                     route.match['icmp-code'].append(match.matchicmpcode.icmp_code)
                 if match.matchicmptype:
                     route.match['icmp-type'].append(match.matchicmptype.icmp_type)
                 if match.matchTcpFlag:
                     route.match['tcp-flags'].append(match.matchTcpFlag.tcp_flags)
                 if match.matchdscp:
                     for dscp in match.matchdscp.all():
                         route.match['dscp'].append(dscp.dscp)
                 if match.matchfragmenttype:
                     route.match['fragment'].append(match.matchfragmenttype.fragmenttype)
                 then = route_obj.then
                 for thenaction in then.thenaction.all():
                 if route_obj.source:
                     route.match['source'].append(route_obj.source)
                 if route_obj.destination:
                     route.match['destination'].append(route_obj.destination)
                 if route_obj.protocol:
                     route.match['protocol'].append(route_obj.protocol)
                 try:
                     if route_obj.port:
                         for port in route_obj.port.all():
                             route.match['port'].append(port.port)
                 except:
                     pass
                 try:
                     if route_obj.destinationport:
                         for port in route_obj.destinationport.all():
                             route.match['destination-port'].append(port.port)
                 except:
                     pass
                 try:
                     if route_obj.sourceport:
                         for port in route_obj.sourceport.all():
                             route.match['source-port'].append(port.port)
                 except:
                     pass
                 if route_obj.icmpcode:
                     route.match['icmp-code'].append(route_obj.icmpcode)
                 if route_obj.icmptype:
                     route.match['icmp-type'].append(route_obj.icmptype)
                 if route_obj.tcpflag:
                     route.match['tcp-flags'].append(route_obj.tcpflag)
                 try:
                     if route_obj.dscp:
                         for dscp in route_obj.dscp.all():
                             route.match['dscp'].append(dscp.dscp)
                 except:
                     pass
                 if route_obj.fragmenttype:
                     route.match['fragment'].append(route_obj.fragmenttype)
                 for thenaction in route_obj.then.all():
                     if thenaction.action_value:
                         route.then[thenaction.action] = thenaction.action_value
                     else:

Also available in: Unified diff