/usr/share/pyshared/reconfigure/items/iptables.py is in python-reconfigure 0.1.29-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 | from reconfigure.nodes import Node, PropertyNode
from reconfigure.items.bound import BoundData
class IPTablesData (BoundData):
pass
class TableData (BoundData):
def template(self):
return Node('custom')
class ChainData (BoundData):
def template(self):
return Node(
'CUSTOM',
PropertyNode('default', '-'),
)
class RuleData (BoundData):
def template(self):
return Node(
'append',
Node(
'option',
Node('argument', PropertyNode('value', 'ACCEPT')),
PropertyNode('negative', False),
PropertyNode('name', 'j'),
)
)
@property
def summary(self):
return ' '.join((
('! ' if x.negative else '') +
('-' if len(x.name) == 1 else '--') + x.name + ' ' +
' '.join(a.value for a in x.arguments))
for x in self.options
)
def verify(self):
protocol_option = None
for option in self.options:
if option.name in ['p', 'protocol']:
self.options.remove(option)
self.options.insert(0, option)
protocol_option = option
for option in self.options:
if 'port' in option.name:
if not protocol_option:
protocol_option = OptionData.create('protocol')
self.options.insert(0, protocol_option)
def get_option(self, *names):
for name in names:
for option in self.options:
if option.name == name:
return option
class OptionData (BoundData):
templates = {
'protocol': ['protocol', ['tcp']],
'match': ['match', ['multiport']],
'source': ['source', ['127.0.0.1']],
'mac-source': ['mac-source', ['00:00:00:00:00:00']],
'destination': ['destination', ['127.0.0.1']],
'in-interface': ['in-interface', ['lo']],
'out-interface': ['out-interface', ['lo']],
'source-port': ['source-port', ['80']],
'source-ports': ['source-ports', ['80,443']],
'destination-port': ['destination-port', ['80']],
'destination-ports': ['destination-ports', ['80,443']],
'state': ['state', ['NEW']],
'reject-with': ['reject-with', ['icmp-net-unreachable']],
'custom': ['name', ['value']],
}
@staticmethod
def create(template_id):
print 'new'
t = OptionData.templates[template_id]
return OptionData(Node(
'option',
*(
[Node('argument', PropertyNode('value', x)) for x in t[1]]
+ [PropertyNode('negative', False)]
+ [PropertyNode('name', t[0])]
)
))
@staticmethod
def create_destination():
print 'new'
return OptionData(Node(
'option',
Node('argument', PropertyNode('value', 'ACCEPT')),
PropertyNode('negative', False),
PropertyNode('name', 'j'),
))
class ArgumentData (BoundData):
pass
IPTablesData.bind_collection('tables', item_class=TableData)
TableData.bind_collection('chains', item_class=ChainData)
TableData.bind_name('name')
ChainData.bind_property('default', 'default')
ChainData.bind_collection('rules', selector=lambda x: x.name == 'append', item_class=RuleData)
ChainData.bind_name('name')
RuleData.bind_collection('options', item_class=OptionData)
RuleData.bind_attribute('comment', 'comment')
OptionData.bind_property('name', 'name')
OptionData.bind_property('negative', 'negative')
OptionData.bind_collection('arguments', selector=lambda x: x.name == 'argument', item_class=ArgumentData)
ArgumentData.bind_property('value', 'value')
|