/flowspec/forms.py - Annotate - Firewall on Demand - Greek Research and Technology Network's projects

root / flowspec / forms.py @ d4e660c4

History | View | Annotate | Download (15 kB)

1	9f54980a	Leonidas Poulopoulos	#
2	9f54980a	Leonidas Poulopoulos	# -- coding: utf-8 -- vim:fileencoding=utf-8:
3	9f54980a	Leonidas Poulopoulos	#Copyright © 2011-2013 Greek Research and Technology Network (GRNET S.A.)
4	9f54980a	Leonidas Poulopoulos
5	9f54980a	Leonidas Poulopoulos	#Developed by Leonidas Poulopoulos (leopoul-at-noc-dot-grnet-dot-gr),
6	9f54980a	Leonidas Poulopoulos	#GRNET NOC
7	9f54980a	Leonidas Poulopoulos	#
8	9f54980a	Leonidas Poulopoulos	#Permission to use, copy, modify, and/or distribute this software for any
9	9f54980a	Leonidas Poulopoulos	#purpose with or without fee is hereby granted, provided that the above
10	9f54980a	Leonidas Poulopoulos	#copyright notice and this permission notice appear in all copies.
11	9f54980a	Leonidas Poulopoulos	#
12	9f54980a	Leonidas Poulopoulos	#THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD
13	9f54980a	Leonidas Poulopoulos	#TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
14	9f54980a	Leonidas Poulopoulos	#FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
15	9f54980a	Leonidas Poulopoulos	#CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
16	9f54980a	Leonidas Poulopoulos	#DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
17	9f54980a	Leonidas Poulopoulos	#ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
18	9f54980a	Leonidas Poulopoulos	#SOFTWARE.
19	9f54980a	Leonidas Poulopoulos	#
20	9cad4715	Leonidas Poulopoulos	from django import forms
21	9cad4715	Leonidas Poulopoulos	from django.utils.safestring import mark_safe
22	9cad4715	Leonidas Poulopoulos	from django.utils.translation import ugettext as _
23	9cad4715	Leonidas Poulopoulos	from django.utils.translation import ugettext_lazy
24	9cad4715	Leonidas Poulopoulos	from django.template.defaultfilters import filesizeformat
25	6d153302	Leonidas Poulopoulos	from flowspy.flowspec.models import *
26	e12a9261	Leonidas Poulopoulos	from flowspy.peers.models import *
27	1698da77	Leonidas Poulopoulos	from flowspy.accounts.models import *
28	9cad4715	Leonidas Poulopoulos	from ipaddr import *
29	6d153302	Leonidas Poulopoulos	from django.core.urlresolvers import reverse
30	97e42c7d	Leonidas Poulopoulos	from django.contrib.auth.models import User
31	b4401a0c	Leonidas Poulopoulos	from django.conf import settings
32	052c14aa	Leonidas Poulopoulos	import datetime
33	bfdfac23	Leonidas Poulopoulos	from django.core.mail import mail_admins, mail_managers, send_mail
34	6d153302	Leonidas Poulopoulos
35	1698da77	Leonidas Poulopoulos	class UserProfileForm(forms.ModelForm):
36	1698da77	Leonidas Poulopoulos	class Meta:
37	1698da77	Leonidas Poulopoulos	model = UserProfile
38	9cad4715	Leonidas Poulopoulos
39	9cad4715	Leonidas Poulopoulos	class RouteForm(forms.ModelForm):
40	9cad4715	Leonidas Poulopoulos	# name = forms.CharField(help_text=ugettext_lazy("A unique route name,"
41	9cad4715	Leonidas Poulopoulos	# " e.g. uoa_block_p80"), label=ugettext_lazy("Route Name"), required=False)
42	9cad4715	Leonidas Poulopoulos	# source = forms.CharField(help_text=ugettext_lazy("A qualified IP Network address. CIDR notation,"
43	9cad4715	Leonidas Poulopoulos	# " e.g.10.10.0.1/32"), label=ugettext_lazy("Source Address"), required=False)
44	9cad4715	Leonidas Poulopoulos	# source_ports = forms.ModelMultipleChoiceField(queryset=MatchPort.objects.all(), help_text=ugettext_lazy("A set of source ports to block"), label=ugettext_lazy("Source Ports"), required=False)
45	9cad4715	Leonidas Poulopoulos	# destination = forms.CharField(help_text=ugettext_lazy("A qualified IP Network address. CIDR notation,"
46	9cad4715	Leonidas Poulopoulos	# " e.g.10.10.0.1/32"), label=ugettext_lazy("Destination Address"), required=False)
47	9cad4715	Leonidas Poulopoulos	# destination_ports = forms.ModelMultipleChoiceField(queryset=MatchPort.objects.all(), help_text=ugettext_lazy("A set of destination ports to block"), label=ugettext_lazy("Destination Ports"), required=False)
48	9cad4715	Leonidas Poulopoulos	# ports = forms.ModelMultipleChoiceField(queryset=MatchPort.objects.all(), help_text=ugettext_lazy("A set of ports to block"), label=ugettext_lazy("Ports"), required=False)
49	6d48c46c	Leonidas Poulopoulos
50	9cad4715	Leonidas Poulopoulos	class Meta:
51	9cad4715	Leonidas Poulopoulos	model = Route
52	88a6afb7	Leonidas Poulopoulos
53	88a6afb7	Leonidas Poulopoulos	def clean_applier(self):
54	88a6afb7	Leonidas Poulopoulos	applier = self.cleaned_data['applier']
55	88a6afb7	Leonidas Poulopoulos	if applier:
56	88a6afb7	Leonidas Poulopoulos	return self.cleaned_data["applier"]
57	88a6afb7	Leonidas Poulopoulos	else:
58	88a6afb7	Leonidas Poulopoulos	raise forms.ValidationError('This field is required.')
59	88a6afb7	Leonidas Poulopoulos
60	9cad4715	Leonidas Poulopoulos	def clean_source(self):
61	20aafa59	Leonidas Poulopoulos	user = User.objects.get(pk=self.data['applier'])
62	20aafa59	Leonidas Poulopoulos	peer = user.get_profile().peer
63	9cad4715	Leonidas Poulopoulos	data = self.cleaned_data['source']
64	34cff057	Leonidas Poulopoulos	private_error = False
65	bfdfac23	Leonidas Poulopoulos	protected_error = False
66	d4e660c4	Leonidas Poulopoulos	networkaddr_error = False
67	d4e660c4	Leonidas Poulopoulos	broadcast_error = False
68	9cad4715	Leonidas Poulopoulos	if data:
69	9cad4715	Leonidas Poulopoulos	try:
70	9cad4715	Leonidas Poulopoulos	address = IPNetwork(data)
71	bfdfac23	Leonidas Poulopoulos	for net in settings.PROTECTED_SUBNETS:
72	bfdfac23	Leonidas Poulopoulos	if address in IPNetwork(net):
73	bfdfac23	Leonidas Poulopoulos	protected_error = True
74	20aafa59	Leonidas Poulopoulos	mail_body = "User %s %s (%s) attempted to set %s as the source address in a firewall rule" %(user.username, user.email, peer.peer_name, data)
75	bfdfac23	Leonidas Poulopoulos	send_mail(settings.EMAIL_SUBJECT_PREFIX + "Caught an attempt to set a protected IP/network as a source address",
76	bfdfac23	Leonidas Poulopoulos	mail_body, settings.SERVER_EMAIL,
77	0667633c	Leonidas Poulopoulos	settings.NOTIFY_ADMIN_MAILS, fail_silently=True)
78	f289f4c8	Leonidas Poulopoulos	raise Exception
79	34cff057	Leonidas Poulopoulos	if address.is_private:
80	34cff057	Leonidas Poulopoulos	private_error = True
81	f289f4c8	Leonidas Poulopoulos	raise Exception
82	d4e660c4	Leonidas Poulopoulos	if address.version == 4 and int(address.prefixlen) == 32:
83	d4e660c4	Leonidas Poulopoulos	if int(address.network.compressed.split('.')[-1]) == 0:
84	d4e660c4	Leonidas Poulopoulos	broadcast_error = True
85	d4e660c4	Leonidas Poulopoulos	raise Exception
86	d4e660c4	Leonidas Poulopoulos	elif int(address.network.compressed.split('.')[-1]) == 255:
87	d4e660c4	Leonidas Poulopoulos	networkaddr_error = True
88	d4e660c4	Leonidas Poulopoulos	raise Exception
89	d4e660c4	Leonidas Poulopoulos	return self.cleaned_data["source"]
90	9cad4715	Leonidas Poulopoulos	except Exception:
91	ab02d61c	Leonidas Poulopoulos	error_text = _('Invalid network address format')
92	34cff057	Leonidas Poulopoulos	if private_error:
93	ab02d61c	Leonidas Poulopoulos	error_text = _('Private addresses not allowed')
94	d4e660c4	Leonidas Poulopoulos	if networkaddr_error:
95	d4e660c4	Leonidas Poulopoulos	error_text = _('Malformed address format. Cannot be ...255/32')
96	d4e660c4	Leonidas Poulopoulos	if broadcast_error:
97	d4e660c4	Leonidas Poulopoulos	error_text = _('Malformed address format. Cannot be ...0/32')
98	bfdfac23	Leonidas Poulopoulos	if protected_error:
99	ab02d61c	Leonidas Poulopoulos	error_text = _('You have no authority on this subnet')
100	34cff057	Leonidas Poulopoulos	raise forms.ValidationError(error_text)
101	9cad4715	Leonidas Poulopoulos
102	9cad4715	Leonidas Poulopoulos	def clean_destination(self):
103	20aafa59	Leonidas Poulopoulos	user = User.objects.get(pk=self.data['applier'])
104	f289f4c8	Leonidas Poulopoulos	peer = user.get_profile().peer
105	9cad4715	Leonidas Poulopoulos	data = self.cleaned_data['destination']
106	b4401a0c	Leonidas Poulopoulos	error = None
107	bfdfac23	Leonidas Poulopoulos	protected_error = False
108	d4e660c4	Leonidas Poulopoulos	networkaddr_error = False
109	d4e660c4	Leonidas Poulopoulos	broadcast_error = False
110	9cad4715	Leonidas Poulopoulos	if data:
111	9cad4715	Leonidas Poulopoulos	try:
112	9cad4715	Leonidas Poulopoulos	address = IPNetwork(data)
113	bfdfac23	Leonidas Poulopoulos	for net in settings.PROTECTED_SUBNETS:
114	bfdfac23	Leonidas Poulopoulos	if address in IPNetwork(net):
115	bfdfac23	Leonidas Poulopoulos	protected_error = True
116	20aafa59	Leonidas Poulopoulos	mail_body = "User %s %s (%s) attempted to set %s as the destination address in a firewall rule" %(user.username, user.email, peer.peer_name, data)
117	bfdfac23	Leonidas Poulopoulos	send_mail(settings.EMAIL_SUBJECT_PREFIX + "Caught an attempt to set a protected IP/network as the destination address",
118	bfdfac23	Leonidas Poulopoulos	mail_body, settings.SERVER_EMAIL,
119	0667633c	Leonidas Poulopoulos	settings.NOTIFY_ADMIN_MAILS, fail_silently=True)
120	f289f4c8	Leonidas Poulopoulos	raise Exception
121	b4401a0c	Leonidas Poulopoulos	if address.prefixlen < settings.PREFIX_LENGTH:
122	ab02d61c	Leonidas Poulopoulos	error = _("Currently no prefix lengths < %s are allowed") %settings.PREFIX_LENGTH
123	f289f4c8	Leonidas Poulopoulos	raise Exception
124	d4e660c4	Leonidas Poulopoulos	if address.version == 4 and int(address.prefixlen) == 32:
125	d4e660c4	Leonidas Poulopoulos	if int(address.network.compressed.split('.')[-1]) == 0:
126	d4e660c4	Leonidas Poulopoulos	broadcast_error = True
127	d4e660c4	Leonidas Poulopoulos	raise Exception
128	d4e660c4	Leonidas Poulopoulos	elif int(address.network.compressed.split('.')[-1]) == 255:
129	d4e660c4	Leonidas Poulopoulos	networkaddr_error = True
130	d4e660c4	Leonidas Poulopoulos	raise Exception
131	9cad4715	Leonidas Poulopoulos	return self.cleaned_data["destination"]
132	9cad4715	Leonidas Poulopoulos	except Exception:
133	ab02d61c	Leonidas Poulopoulos	error_text = _('Invalid network address format')
134	b4401a0c	Leonidas Poulopoulos	if error:
135	b4401a0c	Leonidas Poulopoulos	error_text = error
136	bfdfac23	Leonidas Poulopoulos	if protected_error:
137	ab02d61c	Leonidas Poulopoulos	error_text = _('You have no authority on this subnet')
138	d4e660c4	Leonidas Poulopoulos	if networkaddr_error:
139	d4e660c4	Leonidas Poulopoulos	error_text = _('Malformed address format. Cannot be ...255/32')
140	d4e660c4	Leonidas Poulopoulos	if broadcast_error:
141	d4e660c4	Leonidas Poulopoulos	error_text = _('Malformed address format. Cannot be ...0/32')
142	b4401a0c	Leonidas Poulopoulos	raise forms.ValidationError(error_text)
143	052c14aa	Leonidas Poulopoulos
144	052c14aa	Leonidas Poulopoulos	def clean_expires(self):
145	052c14aa	Leonidas Poulopoulos	date = self.cleaned_data['expires']
146	052c14aa	Leonidas Poulopoulos	if date:
147	052c14aa	Leonidas Poulopoulos	range_days = (date - datetime.date.today()).days
148	052c14aa	Leonidas Poulopoulos	if range_days > 0 and range_days < 11:
149	052c14aa	Leonidas Poulopoulos	return self.cleaned_data["expires"]
150	052c14aa	Leonidas Poulopoulos	else:
151	052c14aa	Leonidas Poulopoulos	raise forms.ValidationError('Invalid date range')
152	9cad4715	Leonidas Poulopoulos
153	9cad4715	Leonidas Poulopoulos	def clean(self):
154	f289f4c8	Leonidas Poulopoulos	if self.errors:
155	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Errors in form. Please review and fix them'))
156	6d153302	Leonidas Poulopoulos	name = self.cleaned_data.get('name', None)
157	9cad4715	Leonidas Poulopoulos	source = self.cleaned_data.get('source', None)
158	9cad4715	Leonidas Poulopoulos	sourceports = self.cleaned_data.get('sourceport', None)
159	9cad4715	Leonidas Poulopoulos	ports = self.cleaned_data.get('port', None)
160	e9592c36	Leonidas Poulopoulos	fragmenttypes = self.cleaned_data.get('fragmenttype', None)
161	6d153302	Leonidas Poulopoulos	then = self.cleaned_data.get('then', None)
162	9cad4715	Leonidas Poulopoulos	destination = self.cleaned_data.get('destination', None)
163	9cad4715	Leonidas Poulopoulos	destinationports = self.cleaned_data.get('destinationport', None)
164	dbdc30ec	Leonidas Poulopoulos	protocols = self.cleaned_data.get('protocol', None)
165	97e42c7d	Leonidas Poulopoulos	user = self.cleaned_data.get('applier', None)
166	88a6afb7	Leonidas Poulopoulos	try:
167	88a6afb7	Leonidas Poulopoulos	issuperuser = self.data['issuperuser']
168	88a6afb7	Leonidas Poulopoulos	su = User.objects.get(username=issuperuser)
169	88a6afb7	Leonidas Poulopoulos	except:
170	88a6afb7	Leonidas Poulopoulos	issuperuser = None
171	6d153302	Leonidas Poulopoulos	peer = user.get_profile().peer
172	6d153302	Leonidas Poulopoulos	networks = peer.networks.all()
173	88a6afb7	Leonidas Poulopoulos	if issuperuser:
174	e12a9261	Leonidas Poulopoulos	networks = PeerRange.objects.filter(peer__in=Peer.objects.all()).distinct()
175	97e42c7d	Leonidas Poulopoulos	mynetwork = False
176	6d153302	Leonidas Poulopoulos	route_pk_list = []
177	97e42c7d	Leonidas Poulopoulos	if destination:
178	97e42c7d	Leonidas Poulopoulos	for network in networks:
179	97e42c7d	Leonidas Poulopoulos	net = IPNetwork(network.network)
180	97e42c7d	Leonidas Poulopoulos	if IPNetwork(destination) in net:
181	97e42c7d	Leonidas Poulopoulos	mynetwork = True
182	97e42c7d	Leonidas Poulopoulos	if not mynetwork:
183	101d86ee	Leonidas Poulopoulos	raise forms.ValidationError(_('Destination address/network should belong to your administrative address space. Check My Profile to review your networks'))
184	9cad4715	Leonidas Poulopoulos	if (sourceports and ports):
185	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Cannot create rule for source ports and ports at the same time. Select either ports or source ports'))
186	9cad4715	Leonidas Poulopoulos	if (destinationports and ports):
187	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Cannot create rule for destination ports and ports at the same time. Select either ports or destination ports'))
188	9cad4715	Leonidas Poulopoulos	if sourceports and not source:
189	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Once source port is matched, source has to be filled as well. Either deselect source port or fill source address'))
190	9cad4715	Leonidas Poulopoulos	if destinationports and not destination:
191	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Once destination port is matched, destination has to be filled as well. Either deselect destination port or fill destination address'))
192	9cad4715	Leonidas Poulopoulos	if not (source or sourceports or ports or destination or destinationports):
193	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Fill at least a Rule Match Condition'))
194	6d48c46c	Leonidas Poulopoulos	if not user.is_superuser and then[0].action not in settings.UI_USER_THEN_ACTIONS:
195	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('This action "%s" is not permitted') %(then[0].action))
196	40fe08b1	Leonidas Poulopoulos	existing_routes = Route.objects.all()
197	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(applier__userprofile__peer=peer)
198	6d153302	Leonidas Poulopoulos	if source:
199	6d153302	Leonidas Poulopoulos	source = IPNetwork(source).compressed
200	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(source=source)
201	6d153302	Leonidas Poulopoulos	else:
202	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(source=None)
203	dbdc30ec	Leonidas Poulopoulos	if protocols:
204	dbdc30ec	Leonidas Poulopoulos	route_pk_list=get_matchingprotocol_route_pks(protocols, existing_routes)
205	dbdc30ec	Leonidas Poulopoulos	if route_pk_list:
206	dbdc30ec	Leonidas Poulopoulos	existing_routes = existing_routes.filter(pk__in=route_pk_list)
207	dbdc30ec	Leonidas Poulopoulos	else:
208	dbdc30ec	Leonidas Poulopoulos	existing_routes = existing_routes.filter(protocol=None)
209	dbdc30ec	Leonidas Poulopoulos	else:
210	dbdc30ec	Leonidas Poulopoulos	existing_routes = existing_routes.filter(protocol=None)
211	6d153302	Leonidas Poulopoulos	if sourceports:
212	6d153302	Leonidas Poulopoulos	route_pk_list=get_matchingport_route_pks(sourceports, existing_routes)
213	6d153302	Leonidas Poulopoulos	if route_pk_list:
214	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(pk__in=route_pk_list)
215	6d153302	Leonidas Poulopoulos	else:
216	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(sourceport=None)
217	6d153302	Leonidas Poulopoulos	if destinationports:
218	6d153302	Leonidas Poulopoulos	route_pk_list=get_matchingport_route_pks(destinationports, existing_routes)
219	6d153302	Leonidas Poulopoulos	if route_pk_list:
220	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(pk__in=route_pk_list)
221	6d153302	Leonidas Poulopoulos	else:
222	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(destinationport=None)
223	6d153302	Leonidas Poulopoulos	if ports:
224	6d153302	Leonidas Poulopoulos	route_pk_list=get_matchingport_route_pks(ports, existing_routes)
225	6d153302	Leonidas Poulopoulos	if route_pk_list:
226	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(pk__in=route_pk_list)
227	6d153302	Leonidas Poulopoulos	else:
228	6d153302	Leonidas Poulopoulos	existing_routes = existing_routes.filter(port=None)
229	6d153302	Leonidas Poulopoulos	for route in existing_routes:
230	6d153302	Leonidas Poulopoulos	if name != route.name:
231	6d153302	Leonidas Poulopoulos	existing_url = reverse('edit-route', args=[route.name])
232	7a0ac0d1	Leonidas Poulopoulos	if IPNetwork(destination) in IPNetwork(route.destination) or IPNetwork(route.destination) in IPNetwork(destination):
233	7a0ac0d1	Leonidas Poulopoulos	raise forms.ValidationError('Found an exact %s rule, %s with destination prefix %s<br>To avoid overlapping try editing rule <a href=\'%s\'>%s</a>' %(route.status, route.name, route.destination, existing_url, route.name))
234	97e42c7d	Leonidas Poulopoulos	return self.cleaned_data
235	97e42c7d	Leonidas Poulopoulos
236	97e42c7d	Leonidas Poulopoulos	class ThenPlainForm(forms.ModelForm):
237	97e42c7d	Leonidas Poulopoulos	# action = forms.CharField(initial='rate-limit')
238	97e42c7d	Leonidas Poulopoulos	class Meta:
239	97e42c7d	Leonidas Poulopoulos	model = ThenAction
240	97e42c7d	Leonidas Poulopoulos
241	97e42c7d	Leonidas Poulopoulos	def clean_action_value(self):
242	97e42c7d	Leonidas Poulopoulos	action_value = self.cleaned_data['action_value']
243	97e42c7d	Leonidas Poulopoulos	if action_value:
244	97e42c7d	Leonidas Poulopoulos	try:
245	97e42c7d	Leonidas Poulopoulos	assert(int(action_value))
246	f12b3d54	Leonidas Poulopoulos	if int(action_value) < 50:
247	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Rate-limiting cannot be < 50kbps'))
248	97e42c7d	Leonidas Poulopoulos	return "%s" %self.cleaned_data["action_value"]
249	97e42c7d	Leonidas Poulopoulos	except:
250	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Rate-limiting should be an integer < 50'))
251	97e42c7d	Leonidas Poulopoulos	else:
252	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Cannot be empty'))
253	97e42c7d	Leonidas Poulopoulos
254	97e42c7d	Leonidas Poulopoulos	def clean_action(self):
255	97e42c7d	Leonidas Poulopoulos	action = self.cleaned_data['action']
256	97e42c7d	Leonidas Poulopoulos	if action != 'rate-limit':
257	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Cannot select something other than rate-limit'))
258	97e42c7d	Leonidas Poulopoulos	else:
259	97e42c7d	Leonidas Poulopoulos	return self.cleaned_data["action"]
260	f12b3d54	Leonidas Poulopoulos
261	97e42c7d	Leonidas Poulopoulos
262	97e42c7d	Leonidas Poulopoulos	class PortPlainForm(forms.ModelForm):
263	97e42c7d	Leonidas Poulopoulos	# action = forms.CharField(initial='rate-limit')
264	97e42c7d	Leonidas Poulopoulos	class Meta:
265	97e42c7d	Leonidas Poulopoulos	model = MatchPort
266	97e42c7d	Leonidas Poulopoulos
267	97e42c7d	Leonidas Poulopoulos	def clean_port(self):
268	97e42c7d	Leonidas Poulopoulos	port = self.cleaned_data['port']
269	97e42c7d	Leonidas Poulopoulos	if port:
270	97e42c7d	Leonidas Poulopoulos	try:
271	d4e660c4	Leonidas Poulopoulos	p = int(port)
272	d4e660c4	Leonidas Poulopoulos	if int(port) > 65535 or int(port) < 0:
273	d4e660c4	Leonidas Poulopoulos	raise forms.ValidationError(_(''))
274	97e42c7d	Leonidas Poulopoulos	return "%s" %self.cleaned_data["port"]
275	d4e660c4	Leonidas Poulopoulos	except forms.ValidationError:
276	d4e660c4	Leonidas Poulopoulos	raise forms.ValidationError(_('Port should be < 65535 and >= 0'))
277	97e42c7d	Leonidas Poulopoulos	except:
278	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Port should be an integer'))
279	97e42c7d	Leonidas Poulopoulos	else:
280	ab02d61c	Leonidas Poulopoulos	raise forms.ValidationError(_('Cannot be empty'))
281	6d153302	Leonidas Poulopoulos
282	6d153302	Leonidas Poulopoulos	def value_list_to_list(valuelist):
283	6d153302	Leonidas Poulopoulos	vl = []
284	6d153302	Leonidas Poulopoulos	for val in valuelist:
285	6d153302	Leonidas Poulopoulos	vl.append(val[0])
286	6d153302	Leonidas Poulopoulos	return vl
287	6d153302	Leonidas Poulopoulos
288	6d153302	Leonidas Poulopoulos	def get_matchingport_route_pks(portlist, routes):
289	6d153302	Leonidas Poulopoulos	route_pk_list = []
290	6d153302	Leonidas Poulopoulos	ports_value_list = value_list_to_list(portlist.values_list('port').order_by('port'))
291	6d153302	Leonidas Poulopoulos	for route in routes:
292	6d153302	Leonidas Poulopoulos	rsp = value_list_to_list(route.destinationport.all().values_list('port').order_by('port'))
293	6d153302	Leonidas Poulopoulos	if rsp and rsp == ports_value_list:
294	6d153302	Leonidas Poulopoulos	route_pk_list.append(route.pk)
295	dbdc30ec	Leonidas Poulopoulos	return route_pk_list
296	dbdc30ec	Leonidas Poulopoulos
297	dbdc30ec	Leonidas Poulopoulos	def get_matchingprotocol_route_pks(protocolist, routes):
298	dbdc30ec	Leonidas Poulopoulos	route_pk_list = []
299	dbdc30ec	Leonidas Poulopoulos	protocols_value_list = value_list_to_list(protocolist.values_list('protocol').order_by('protocol'))
300	dbdc30ec	Leonidas Poulopoulos	for route in routes:
301	dbdc30ec	Leonidas Poulopoulos	rsp = value_list_to_list(route.protocol.all().values_list('protocol').order_by('protocol'))
302	dbdc30ec	Leonidas Poulopoulos	if rsp and rsp == protocols_value_list:
303	dbdc30ec	Leonidas Poulopoulos	route_pk_list.append(route.pk)
304	6d153302	Leonidas Poulopoulos	return route_pk_list