# HG changeset patch
# User Branko Majic <branko@majic.rs>
# Date 2013-03-24 00:06:22
# Node ID efaedc7f83c2c1820e2282cfede8c7647caf51af
# Parent  18ff99706db578c90a62122404182ca1ef3d3f36

Added a template tag for rendering an iptables rule from communication object.

diff --git a/conntrackt/templates/conntrackt/entity_iptables.html b/conntrackt/templates/conntrackt/entity_iptables.html
--- a/conntrackt/templates/conntrackt/entity_iptables.html
+++ b/conntrackt/templates/conntrackt/entity_iptables.html
@@ -1,3 +1,4 @@
+{% load conntrackt %}
 # iptables rules generated by conntrackt for {{entity}}
 *filter
 :INPUT ACCEPT [0:0]
@@ -9,7 +10,7 @@
 # {{communication.description}}
       {% endif %}
     {% endifchanged %}
-iptables -A INPUT -s {{communication.source.address}}/{{communication.source.netmask}} -p {{communication.protocol|lower}} -m {{communication.protocol|lower}} --dport {{communication.port}} -j ACCEPT
+{% iptables communication %}
   {% endfor %}
 {% endfor %}
 :FORWARD ACCEPT [0:0]
diff --git a/conntrackt/templatetags/conntrackt.py b/conntrackt/templatetags/conntrackt.py
--- a/conntrackt/templatetags/conntrackt.py
+++ b/conntrackt/templatetags/conntrackt.py
@@ -10,7 +10,7 @@ register = template.Library()
 @register.inclusion_tag('conntrackt/html_link.html')
 def html_link(text, view, *args, **kwargs):
     """
-    A small wrapper for showing HTML linnks.
+    A small wrapper for showing HTML links.
 
     Positional arguments:
 
@@ -51,6 +51,25 @@ def html_link(text, view, *args, **kwarg
 
     return context
 
+@register.simple_tag
+def iptables(communication):
+    """
+    Produces an iptables rule based on the provided models.Communication object
+    instance. The rule is appropriate for inclusion in the INPUT section of a
+    file provided to the iptables-restore command.
+
+    Arguments:
+
+        communication - Instance of a models.Communication object.
+    """
+    values = (communication.source.address, communication.source.netmask, communication.protocol.lower(), communication.protocol.lower(), communication.port)
+    if communication.protocol in ('TCP', 'UDP'):
+        rule_template = "-A INPUT -s %s/%s -p %s -m %s --dport %s -j ACCEPT"
+    elif communication.protocol in ('ICMP'):
+        rule_template = "-A INPUT -s %s/%s -p %s -m %s --icmp-type %s -j ACCEPT"
+
+    return rule_template % values
+
 @register.simple_tag(takes_context = True)
 def active_link(context, url_name, return_value='active', **kwargs):
     """