root / flowspec / forms.py @ d4e660c4
History | View | Annotate | Download (15 kB)
1 | 9f54980a | Leonidas Poulopoulos | #
|
---|---|---|---|
2 | 9f54980a | Leonidas Poulopoulos | # -*- coding: utf-8 -*- vim:fileencoding=utf-8:
|
3 | 9f54980a | Leonidas Poulopoulos | #Copyright © 2011-2013 Greek Research and Technology Network (GRNET S.A.)
|
4 | 9f54980a | Leonidas Poulopoulos | |
5 | 9f54980a | Leonidas Poulopoulos | #Developed by Leonidas Poulopoulos (leopoul-at-noc-dot-grnet-dot-gr),
|
6 | 9f54980a | Leonidas Poulopoulos | #GRNET NOC
|
7 | 9f54980a | Leonidas Poulopoulos | #
|
8 | 9f54980a | Leonidas Poulopoulos | #Permission to use, copy, modify, and/or distribute this software for any
|
9 | 9f54980a | Leonidas Poulopoulos | #purpose with or without fee is hereby granted, provided that the above
|
10 | 9f54980a | Leonidas Poulopoulos | #copyright notice and this permission notice appear in all copies.
|
11 | 9f54980a | Leonidas Poulopoulos | #
|
12 | 9f54980a | Leonidas Poulopoulos | #THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD
|
13 | 9f54980a | Leonidas Poulopoulos | #TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
|
14 | 9f54980a | Leonidas Poulopoulos | #FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
|
15 | 9f54980a | Leonidas Poulopoulos | #CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
|
16 | 9f54980a | Leonidas Poulopoulos | #DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
|
17 | 9f54980a | Leonidas Poulopoulos | #ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
|
18 | 9f54980a | Leonidas Poulopoulos | #SOFTWARE.
|
19 | 9f54980a | Leonidas Poulopoulos | #
|
20 | 9cad4715 | Leonidas Poulopoulos | from django import forms |
21 | 9cad4715 | Leonidas Poulopoulos | from django.utils.safestring import mark_safe |
22 | 9cad4715 | Leonidas Poulopoulos | from django.utils.translation import ugettext as _ |
23 | 9cad4715 | Leonidas Poulopoulos | from django.utils.translation import ugettext_lazy |
24 | 9cad4715 | Leonidas Poulopoulos | from django.template.defaultfilters import filesizeformat |
25 | 6d153302 | Leonidas Poulopoulos | from flowspy.flowspec.models import * |
26 | e12a9261 | Leonidas Poulopoulos | from flowspy.peers.models import * |
27 | 1698da77 | Leonidas Poulopoulos | from flowspy.accounts.models import * |
28 | 9cad4715 | Leonidas Poulopoulos | from ipaddr import * |
29 | 6d153302 | Leonidas Poulopoulos | from django.core.urlresolvers import reverse |
30 | 97e42c7d | Leonidas Poulopoulos | from django.contrib.auth.models import User |
31 | b4401a0c | Leonidas Poulopoulos | from django.conf import settings |
32 | 052c14aa | Leonidas Poulopoulos | import datetime |
33 | bfdfac23 | Leonidas Poulopoulos | from django.core.mail import mail_admins, mail_managers, send_mail |
34 | 6d153302 | Leonidas Poulopoulos | |
35 | 1698da77 | Leonidas Poulopoulos | class UserProfileForm(forms.ModelForm): |
36 | 1698da77 | Leonidas Poulopoulos | class Meta: |
37 | 1698da77 | Leonidas Poulopoulos | model = UserProfile |
38 | 9cad4715 | Leonidas Poulopoulos | |
39 | 9cad4715 | Leonidas Poulopoulos | class RouteForm(forms.ModelForm): |
40 | 9cad4715 | Leonidas Poulopoulos | # name = forms.CharField(help_text=ugettext_lazy("A unique route name,"
|
41 | 9cad4715 | Leonidas Poulopoulos | # " e.g. uoa_block_p80"), label=ugettext_lazy("Route Name"), required=False)
|
42 | 9cad4715 | Leonidas Poulopoulos | # source = forms.CharField(help_text=ugettext_lazy("A qualified IP Network address. CIDR notation,"
|
43 | 9cad4715 | Leonidas Poulopoulos | # " e.g.10.10.0.1/32"), label=ugettext_lazy("Source Address"), required=False)
|
44 | 9cad4715 | Leonidas Poulopoulos | # source_ports = forms.ModelMultipleChoiceField(queryset=MatchPort.objects.all(), help_text=ugettext_lazy("A set of source ports to block"), label=ugettext_lazy("Source Ports"), required=False)
|
45 | 9cad4715 | Leonidas Poulopoulos | # destination = forms.CharField(help_text=ugettext_lazy("A qualified IP Network address. CIDR notation,"
|
46 | 9cad4715 | Leonidas Poulopoulos | # " e.g.10.10.0.1/32"), label=ugettext_lazy("Destination Address"), required=False)
|
47 | 9cad4715 | Leonidas Poulopoulos | # destination_ports = forms.ModelMultipleChoiceField(queryset=MatchPort.objects.all(), help_text=ugettext_lazy("A set of destination ports to block"), label=ugettext_lazy("Destination Ports"), required=False)
|
48 | 9cad4715 | Leonidas Poulopoulos | # ports = forms.ModelMultipleChoiceField(queryset=MatchPort.objects.all(), help_text=ugettext_lazy("A set of ports to block"), label=ugettext_lazy("Ports"), required=False)
|
49 | 6d48c46c | Leonidas Poulopoulos | |
50 | 9cad4715 | Leonidas Poulopoulos | class Meta: |
51 | 9cad4715 | Leonidas Poulopoulos | model = Route |
52 | 88a6afb7 | Leonidas Poulopoulos | |
53 | 88a6afb7 | Leonidas Poulopoulos | def clean_applier(self): |
54 | 88a6afb7 | Leonidas Poulopoulos | applier = self.cleaned_data['applier'] |
55 | 88a6afb7 | Leonidas Poulopoulos | if applier:
|
56 | 88a6afb7 | Leonidas Poulopoulos | return self.cleaned_data["applier"] |
57 | 88a6afb7 | Leonidas Poulopoulos | else:
|
58 | 88a6afb7 | Leonidas Poulopoulos | raise forms.ValidationError('This field is required.') |
59 | 88a6afb7 | Leonidas Poulopoulos | |
60 | 9cad4715 | Leonidas Poulopoulos | def clean_source(self): |
61 | 20aafa59 | Leonidas Poulopoulos | user = User.objects.get(pk=self.data['applier']) |
62 | 20aafa59 | Leonidas Poulopoulos | peer = user.get_profile().peer |
63 | 9cad4715 | Leonidas Poulopoulos | data = self.cleaned_data['source'] |
64 | 34cff057 | Leonidas Poulopoulos | private_error = False
|
65 | bfdfac23 | Leonidas Poulopoulos | protected_error = False
|
66 | d4e660c4 | Leonidas Poulopoulos | networkaddr_error = False
|
67 | d4e660c4 | Leonidas Poulopoulos | broadcast_error = False
|
68 | 9cad4715 | Leonidas Poulopoulos | if data:
|
69 | 9cad4715 | Leonidas Poulopoulos | try:
|
70 | 9cad4715 | Leonidas Poulopoulos | address = IPNetwork(data) |
71 | bfdfac23 | Leonidas Poulopoulos | for net in settings.PROTECTED_SUBNETS: |
72 | bfdfac23 | Leonidas Poulopoulos | if address in IPNetwork(net): |
73 | bfdfac23 | Leonidas Poulopoulos | protected_error = True
|
74 | 20aafa59 | Leonidas Poulopoulos | mail_body = "User %s %s (%s) attempted to set %s as the source address in a firewall rule" %(user.username, user.email, peer.peer_name, data)
|
75 | bfdfac23 | Leonidas Poulopoulos | send_mail(settings.EMAIL_SUBJECT_PREFIX + "Caught an attempt to set a protected IP/network as a source address",
|
76 | bfdfac23 | Leonidas Poulopoulos | mail_body, settings.SERVER_EMAIL, |
77 | 0667633c | Leonidas Poulopoulos | settings.NOTIFY_ADMIN_MAILS, fail_silently=True)
|
78 | f289f4c8 | Leonidas Poulopoulos | raise Exception |
79 | 34cff057 | Leonidas Poulopoulos | if address.is_private:
|
80 | 34cff057 | Leonidas Poulopoulos | private_error = True
|
81 | f289f4c8 | Leonidas Poulopoulos | raise Exception |
82 | d4e660c4 | Leonidas Poulopoulos | if address.version == 4 and int(address.prefixlen) == 32: |
83 | d4e660c4 | Leonidas Poulopoulos | if int(address.network.compressed.split('.')[-1]) == 0: |
84 | d4e660c4 | Leonidas Poulopoulos | broadcast_error = True
|
85 | d4e660c4 | Leonidas Poulopoulos | raise Exception |
86 | d4e660c4 | Leonidas Poulopoulos | elif int(address.network.compressed.split('.')[-1]) == 255: |
87 | d4e660c4 | Leonidas Poulopoulos | networkaddr_error = True
|
88 | d4e660c4 | Leonidas Poulopoulos | raise Exception |
89 | d4e660c4 | Leonidas Poulopoulos | return self.cleaned_data["source"] |
90 | 9cad4715 | Leonidas Poulopoulos | except Exception: |
91 | ab02d61c | Leonidas Poulopoulos | error_text = _('Invalid network address format')
|
92 | 34cff057 | Leonidas Poulopoulos | if private_error:
|
93 | ab02d61c | Leonidas Poulopoulos | error_text = _('Private addresses not allowed')
|
94 | d4e660c4 | Leonidas Poulopoulos | if networkaddr_error:
|
95 | d4e660c4 | Leonidas Poulopoulos | error_text = _('Malformed address format. Cannot be ...255/32')
|
96 | d4e660c4 | Leonidas Poulopoulos | if broadcast_error:
|
97 | d4e660c4 | Leonidas Poulopoulos | error_text = _('Malformed address format. Cannot be ...0/32')
|
98 | bfdfac23 | Leonidas Poulopoulos | if protected_error:
|
99 | ab02d61c | Leonidas Poulopoulos | error_text = _('You have no authority on this subnet')
|
100 | 34cff057 | Leonidas Poulopoulos | raise forms.ValidationError(error_text)
|
101 | 9cad4715 | Leonidas Poulopoulos | |
102 | 9cad4715 | Leonidas Poulopoulos | def clean_destination(self): |
103 | 20aafa59 | Leonidas Poulopoulos | user = User.objects.get(pk=self.data['applier']) |
104 | f289f4c8 | Leonidas Poulopoulos | peer = user.get_profile().peer |
105 | 9cad4715 | Leonidas Poulopoulos | data = self.cleaned_data['destination'] |
106 | b4401a0c | Leonidas Poulopoulos | error = None
|
107 | bfdfac23 | Leonidas Poulopoulos | protected_error = False
|
108 | d4e660c4 | Leonidas Poulopoulos | networkaddr_error = False
|
109 | d4e660c4 | Leonidas Poulopoulos | broadcast_error = False
|
110 | 9cad4715 | Leonidas Poulopoulos | if data:
|
111 | 9cad4715 | Leonidas Poulopoulos | try:
|
112 | 9cad4715 | Leonidas Poulopoulos | address = IPNetwork(data) |
113 | bfdfac23 | Leonidas Poulopoulos | for net in settings.PROTECTED_SUBNETS: |
114 | bfdfac23 | Leonidas Poulopoulos | if address in IPNetwork(net): |
115 | bfdfac23 | Leonidas Poulopoulos | protected_error = True
|
116 | 20aafa59 | Leonidas Poulopoulos | mail_body = "User %s %s (%s) attempted to set %s as the destination address in a firewall rule" %(user.username, user.email, peer.peer_name, data)
|
117 | bfdfac23 | Leonidas Poulopoulos | send_mail(settings.EMAIL_SUBJECT_PREFIX + "Caught an attempt to set a protected IP/network as the destination address",
|
118 | bfdfac23 | Leonidas Poulopoulos | mail_body, settings.SERVER_EMAIL, |
119 | 0667633c | Leonidas Poulopoulos | settings.NOTIFY_ADMIN_MAILS, fail_silently=True)
|
120 | f289f4c8 | Leonidas Poulopoulos | raise Exception |
121 | b4401a0c | Leonidas Poulopoulos | if address.prefixlen < settings.PREFIX_LENGTH:
|
122 | ab02d61c | Leonidas Poulopoulos | error = _("Currently no prefix lengths < %s are allowed") %settings.PREFIX_LENGTH
|
123 | f289f4c8 | Leonidas Poulopoulos | raise Exception |
124 | d4e660c4 | Leonidas Poulopoulos | if address.version == 4 and int(address.prefixlen) == 32: |
125 | d4e660c4 | Leonidas Poulopoulos | if int(address.network.compressed.split('.')[-1]) == 0: |
126 | d4e660c4 | Leonidas Poulopoulos | broadcast_error = True
|
127 | d4e660c4 | Leonidas Poulopoulos | raise Exception |
128 | d4e660c4 | Leonidas Poulopoulos | elif int(address.network.compressed.split('.')[-1]) == 255: |
129 | d4e660c4 | Leonidas Poulopoulos | networkaddr_error = True
|
130 | d4e660c4 | Leonidas Poulopoulos | raise Exception |
131 | 9cad4715 | Leonidas Poulopoulos | return self.cleaned_data["destination"] |
132 | 9cad4715 | Leonidas Poulopoulos | except Exception: |
133 | ab02d61c | Leonidas Poulopoulos | error_text = _('Invalid network address format')
|
134 | b4401a0c | Leonidas Poulopoulos | if error:
|
135 | b4401a0c | Leonidas Poulopoulos | error_text = error |
136 | bfdfac23 | Leonidas Poulopoulos | if protected_error:
|
137 | ab02d61c | Leonidas Poulopoulos | error_text = _('You have no authority on this subnet')
|
138 | d4e660c4 | Leonidas Poulopoulos | if networkaddr_error:
|
139 | d4e660c4 | Leonidas Poulopoulos | error_text = _('Malformed address format. Cannot be ...255/32')
|
140 | d4e660c4 | Leonidas Poulopoulos | if broadcast_error:
|
141 | d4e660c4 | Leonidas Poulopoulos | error_text = _('Malformed address format. Cannot be ...0/32')
|
142 | b4401a0c | Leonidas Poulopoulos | raise forms.ValidationError(error_text)
|
143 | 052c14aa | Leonidas Poulopoulos | |
144 | 052c14aa | Leonidas Poulopoulos | def clean_expires(self): |
145 | 052c14aa | Leonidas Poulopoulos | date = self.cleaned_data['expires'] |
146 | 052c14aa | Leonidas Poulopoulos | if date:
|
147 | 052c14aa | Leonidas Poulopoulos | range_days = (date - datetime.date.today()).days |
148 | 052c14aa | Leonidas Poulopoulos | if range_days > 0 and range_days < 11: |
149 | 052c14aa | Leonidas Poulopoulos | return self.cleaned_data["expires"] |
150 | 052c14aa | Leonidas Poulopoulos | else:
|
151 | 052c14aa | Leonidas Poulopoulos | raise forms.ValidationError('Invalid date range') |
152 | 9cad4715 | Leonidas Poulopoulos | |
153 | 9cad4715 | Leonidas Poulopoulos | def clean(self): |
154 | f289f4c8 | Leonidas Poulopoulos | if self.errors: |
155 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Errors in form. Please review and fix them')) |
156 | 6d153302 | Leonidas Poulopoulos | name = self.cleaned_data.get('name', None) |
157 | 9cad4715 | Leonidas Poulopoulos | source = self.cleaned_data.get('source', None) |
158 | 9cad4715 | Leonidas Poulopoulos | sourceports = self.cleaned_data.get('sourceport', None) |
159 | 9cad4715 | Leonidas Poulopoulos | ports = self.cleaned_data.get('port', None) |
160 | e9592c36 | Leonidas Poulopoulos | fragmenttypes = self.cleaned_data.get('fragmenttype', None) |
161 | 6d153302 | Leonidas Poulopoulos | then = self.cleaned_data.get('then', None) |
162 | 9cad4715 | Leonidas Poulopoulos | destination = self.cleaned_data.get('destination', None) |
163 | 9cad4715 | Leonidas Poulopoulos | destinationports = self.cleaned_data.get('destinationport', None) |
164 | dbdc30ec | Leonidas Poulopoulos | protocols = self.cleaned_data.get('protocol', None) |
165 | 97e42c7d | Leonidas Poulopoulos | user = self.cleaned_data.get('applier', None) |
166 | 88a6afb7 | Leonidas Poulopoulos | try:
|
167 | 88a6afb7 | Leonidas Poulopoulos | issuperuser = self.data['issuperuser'] |
168 | 88a6afb7 | Leonidas Poulopoulos | su = User.objects.get(username=issuperuser) |
169 | 88a6afb7 | Leonidas Poulopoulos | except:
|
170 | 88a6afb7 | Leonidas Poulopoulos | issuperuser = None
|
171 | 6d153302 | Leonidas Poulopoulos | peer = user.get_profile().peer |
172 | 6d153302 | Leonidas Poulopoulos | networks = peer.networks.all() |
173 | 88a6afb7 | Leonidas Poulopoulos | if issuperuser:
|
174 | e12a9261 | Leonidas Poulopoulos | networks = PeerRange.objects.filter(peer__in=Peer.objects.all()).distinct() |
175 | 97e42c7d | Leonidas Poulopoulos | mynetwork = False
|
176 | 6d153302 | Leonidas Poulopoulos | route_pk_list = [] |
177 | 97e42c7d | Leonidas Poulopoulos | if destination:
|
178 | 97e42c7d | Leonidas Poulopoulos | for network in networks: |
179 | 97e42c7d | Leonidas Poulopoulos | net = IPNetwork(network.network) |
180 | 97e42c7d | Leonidas Poulopoulos | if IPNetwork(destination) in net: |
181 | 97e42c7d | Leonidas Poulopoulos | mynetwork = True
|
182 | 97e42c7d | Leonidas Poulopoulos | if not mynetwork: |
183 | 101d86ee | Leonidas Poulopoulos | raise forms.ValidationError(_('Destination address/network should belong to your administrative address space. Check My Profile to review your networks')) |
184 | 9cad4715 | Leonidas Poulopoulos | if (sourceports and ports): |
185 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Cannot create rule for source ports and ports at the same time. Select either ports or source ports')) |
186 | 9cad4715 | Leonidas Poulopoulos | if (destinationports and ports): |
187 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Cannot create rule for destination ports and ports at the same time. Select either ports or destination ports')) |
188 | 9cad4715 | Leonidas Poulopoulos | if sourceports and not source: |
189 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Once source port is matched, source has to be filled as well. Either deselect source port or fill source address')) |
190 | 9cad4715 | Leonidas Poulopoulos | if destinationports and not destination: |
191 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Once destination port is matched, destination has to be filled as well. Either deselect destination port or fill destination address')) |
192 | 9cad4715 | Leonidas Poulopoulos | if not (source or sourceports or ports or destination or destinationports): |
193 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Fill at least a Rule Match Condition')) |
194 | 6d48c46c | Leonidas Poulopoulos | if not user.is_superuser and then[0].action not in settings.UI_USER_THEN_ACTIONS: |
195 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('This action "%s" is not permitted') %(then[0].action)) |
196 | 40fe08b1 | Leonidas Poulopoulos | existing_routes = Route.objects.all() |
197 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(applier__userprofile__peer=peer) |
198 | 6d153302 | Leonidas Poulopoulos | if source:
|
199 | 6d153302 | Leonidas Poulopoulos | source = IPNetwork(source).compressed |
200 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(source=source) |
201 | 6d153302 | Leonidas Poulopoulos | else:
|
202 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(source=None)
|
203 | dbdc30ec | Leonidas Poulopoulos | if protocols:
|
204 | dbdc30ec | Leonidas Poulopoulos | route_pk_list=get_matchingprotocol_route_pks(protocols, existing_routes) |
205 | dbdc30ec | Leonidas Poulopoulos | if route_pk_list:
|
206 | dbdc30ec | Leonidas Poulopoulos | existing_routes = existing_routes.filter(pk__in=route_pk_list) |
207 | dbdc30ec | Leonidas Poulopoulos | else:
|
208 | dbdc30ec | Leonidas Poulopoulos | existing_routes = existing_routes.filter(protocol=None)
|
209 | dbdc30ec | Leonidas Poulopoulos | else:
|
210 | dbdc30ec | Leonidas Poulopoulos | existing_routes = existing_routes.filter(protocol=None)
|
211 | 6d153302 | Leonidas Poulopoulos | if sourceports:
|
212 | 6d153302 | Leonidas Poulopoulos | route_pk_list=get_matchingport_route_pks(sourceports, existing_routes) |
213 | 6d153302 | Leonidas Poulopoulos | if route_pk_list:
|
214 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(pk__in=route_pk_list) |
215 | 6d153302 | Leonidas Poulopoulos | else:
|
216 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(sourceport=None)
|
217 | 6d153302 | Leonidas Poulopoulos | if destinationports:
|
218 | 6d153302 | Leonidas Poulopoulos | route_pk_list=get_matchingport_route_pks(destinationports, existing_routes) |
219 | 6d153302 | Leonidas Poulopoulos | if route_pk_list:
|
220 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(pk__in=route_pk_list) |
221 | 6d153302 | Leonidas Poulopoulos | else:
|
222 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(destinationport=None)
|
223 | 6d153302 | Leonidas Poulopoulos | if ports:
|
224 | 6d153302 | Leonidas Poulopoulos | route_pk_list=get_matchingport_route_pks(ports, existing_routes) |
225 | 6d153302 | Leonidas Poulopoulos | if route_pk_list:
|
226 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(pk__in=route_pk_list) |
227 | 6d153302 | Leonidas Poulopoulos | else:
|
228 | 6d153302 | Leonidas Poulopoulos | existing_routes = existing_routes.filter(port=None)
|
229 | 6d153302 | Leonidas Poulopoulos | for route in existing_routes: |
230 | 6d153302 | Leonidas Poulopoulos | if name != route.name:
|
231 | 6d153302 | Leonidas Poulopoulos | existing_url = reverse('edit-route', args=[route.name])
|
232 | 7a0ac0d1 | Leonidas Poulopoulos | if IPNetwork(destination) in IPNetwork(route.destination) or IPNetwork(route.destination) in IPNetwork(destination): |
233 | 7a0ac0d1 | Leonidas Poulopoulos | raise forms.ValidationError('Found an exact %s rule, %s with destination prefix %s<br>To avoid overlapping try editing rule <a href=\'%s\'>%s</a>' %(route.status, route.name, route.destination, existing_url, route.name)) |
234 | 97e42c7d | Leonidas Poulopoulos | return self.cleaned_data |
235 | 97e42c7d | Leonidas Poulopoulos | |
236 | 97e42c7d | Leonidas Poulopoulos | class ThenPlainForm(forms.ModelForm): |
237 | 97e42c7d | Leonidas Poulopoulos | # action = forms.CharField(initial='rate-limit')
|
238 | 97e42c7d | Leonidas Poulopoulos | class Meta: |
239 | 97e42c7d | Leonidas Poulopoulos | model = ThenAction |
240 | 97e42c7d | Leonidas Poulopoulos | |
241 | 97e42c7d | Leonidas Poulopoulos | def clean_action_value(self): |
242 | 97e42c7d | Leonidas Poulopoulos | action_value = self.cleaned_data['action_value'] |
243 | 97e42c7d | Leonidas Poulopoulos | if action_value:
|
244 | 97e42c7d | Leonidas Poulopoulos | try:
|
245 | 97e42c7d | Leonidas Poulopoulos | assert(int(action_value)) |
246 | f12b3d54 | Leonidas Poulopoulos | if int(action_value) < 50: |
247 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Rate-limiting cannot be < 50kbps')) |
248 | 97e42c7d | Leonidas Poulopoulos | return "%s" %self.cleaned_data["action_value"] |
249 | 97e42c7d | Leonidas Poulopoulos | except:
|
250 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Rate-limiting should be an integer < 50')) |
251 | 97e42c7d | Leonidas Poulopoulos | else:
|
252 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Cannot be empty')) |
253 | 97e42c7d | Leonidas Poulopoulos | |
254 | 97e42c7d | Leonidas Poulopoulos | def clean_action(self): |
255 | 97e42c7d | Leonidas Poulopoulos | action = self.cleaned_data['action'] |
256 | 97e42c7d | Leonidas Poulopoulos | if action != 'rate-limit': |
257 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Cannot select something other than rate-limit')) |
258 | 97e42c7d | Leonidas Poulopoulos | else:
|
259 | 97e42c7d | Leonidas Poulopoulos | return self.cleaned_data["action"] |
260 | f12b3d54 | Leonidas Poulopoulos | |
261 | 97e42c7d | Leonidas Poulopoulos | |
262 | 97e42c7d | Leonidas Poulopoulos | class PortPlainForm(forms.ModelForm): |
263 | 97e42c7d | Leonidas Poulopoulos | # action = forms.CharField(initial='rate-limit')
|
264 | 97e42c7d | Leonidas Poulopoulos | class Meta: |
265 | 97e42c7d | Leonidas Poulopoulos | model = MatchPort |
266 | 97e42c7d | Leonidas Poulopoulos | |
267 | 97e42c7d | Leonidas Poulopoulos | def clean_port(self): |
268 | 97e42c7d | Leonidas Poulopoulos | port = self.cleaned_data['port'] |
269 | 97e42c7d | Leonidas Poulopoulos | if port:
|
270 | 97e42c7d | Leonidas Poulopoulos | try:
|
271 | d4e660c4 | Leonidas Poulopoulos | p = int(port)
|
272 | d4e660c4 | Leonidas Poulopoulos | if int(port) > 65535 or int(port) < 0: |
273 | d4e660c4 | Leonidas Poulopoulos | raise forms.ValidationError(_('')) |
274 | 97e42c7d | Leonidas Poulopoulos | return "%s" %self.cleaned_data["port"] |
275 | d4e660c4 | Leonidas Poulopoulos | except forms.ValidationError:
|
276 | d4e660c4 | Leonidas Poulopoulos | raise forms.ValidationError(_('Port should be < 65535 and >= 0')) |
277 | 97e42c7d | Leonidas Poulopoulos | except:
|
278 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Port should be an integer')) |
279 | 97e42c7d | Leonidas Poulopoulos | else:
|
280 | ab02d61c | Leonidas Poulopoulos | raise forms.ValidationError(_('Cannot be empty')) |
281 | 6d153302 | Leonidas Poulopoulos | |
282 | 6d153302 | Leonidas Poulopoulos | def value_list_to_list(valuelist): |
283 | 6d153302 | Leonidas Poulopoulos | vl = [] |
284 | 6d153302 | Leonidas Poulopoulos | for val in valuelist: |
285 | 6d153302 | Leonidas Poulopoulos | vl.append(val[0])
|
286 | 6d153302 | Leonidas Poulopoulos | return vl
|
287 | 6d153302 | Leonidas Poulopoulos | |
288 | 6d153302 | Leonidas Poulopoulos | def get_matchingport_route_pks(portlist, routes): |
289 | 6d153302 | Leonidas Poulopoulos | route_pk_list = [] |
290 | 6d153302 | Leonidas Poulopoulos | ports_value_list = value_list_to_list(portlist.values_list('port').order_by('port')) |
291 | 6d153302 | Leonidas Poulopoulos | for route in routes: |
292 | 6d153302 | Leonidas Poulopoulos | rsp = value_list_to_list(route.destinationport.all().values_list('port').order_by('port')) |
293 | 6d153302 | Leonidas Poulopoulos | if rsp and rsp == ports_value_list: |
294 | 6d153302 | Leonidas Poulopoulos | route_pk_list.append(route.pk) |
295 | dbdc30ec | Leonidas Poulopoulos | return route_pk_list
|
296 | dbdc30ec | Leonidas Poulopoulos | |
297 | dbdc30ec | Leonidas Poulopoulos | def get_matchingprotocol_route_pks(protocolist, routes): |
298 | dbdc30ec | Leonidas Poulopoulos | route_pk_list = [] |
299 | dbdc30ec | Leonidas Poulopoulos | protocols_value_list = value_list_to_list(protocolist.values_list('protocol').order_by('protocol')) |
300 | dbdc30ec | Leonidas Poulopoulos | for route in routes: |
301 | dbdc30ec | Leonidas Poulopoulos | rsp = value_list_to_list(route.protocol.all().values_list('protocol').order_by('protocol')) |
302 | dbdc30ec | Leonidas Poulopoulos | if rsp and rsp == protocols_value_list: |
303 | dbdc30ec | Leonidas Poulopoulos | route_pk_list.append(route.pk) |
304 | 6d153302 | Leonidas Poulopoulos | return route_pk_list |