Changeset - efaedc7f83c2
Parent rev.
Child rev.
[Not reviewed]
default
0 2 0
Branko Majic (branko) - 11 years ago 2013-03-24 00:06:22
branko@majic.rs
Added a template tag for rendering an iptables rule from communication object.
2 files changed with 22 insertions and 2 deletions:
conntrackt/templates/conntrackt/entity_iptables.html
2
1
conntrackt/templatetags/conntrackt.py
20
1
0 comments (0 inline, 0 general)
conntrackt/templates/conntrackt/entity_iptables.html
Show inline comments
 
{% load conntrackt %}
 
# iptables rules generated by conntrackt for {{entity}}
 
*filter
 
:INPUT ACCEPT [0:0]
 
@@ -9,7 +10,7 @@
 
# {{communication.description}}
 
      {% endif %}
 
    {% endifchanged %}
 
iptables -A INPUT -s {{communication.source.address}}/{{communication.source.netmask}} -p {{communication.protocol|lower}} -m {{communication.protocol|lower}} --dport {{communication.port}} -j ACCEPT
 
{% iptables communication %}
 
  {% endfor %}
 
{% endfor %}
 
:FORWARD ACCEPT [0:0]
conntrackt/templatetags/conntrackt.py
Show inline comments
 
@@ -10,7 +10,7 @@ register = template.Library()
 
@register.inclusion_tag('conntrackt/html_link.html')
 
def html_link(text, view, *args, **kwargs):
 
    """
 
    A small wrapper for showing HTML linnks.
 
    A small wrapper for showing HTML links.
 

			




	
	
	
		
 
    Positional arguments:

			




	
	
	
		
 

			




	
	
		
 
@@ -51,6 +51,25 @@ def html_link(text, view, *args, **kwarg

			




	
	
	
		
 

			




	
	
	
		
 
    return context

			




	
	
	
		
 

			




	
	
	
		
 
@register.simple_tag

			




	
	
	
		
 
def iptables(communication):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Produces an iptables rule based on the provided models.Communication object

			




	
	
	
		
 
    instance. The rule is appropriate for inclusion in the INPUT section of a

			




	
	
	
		
 
    file provided to the iptables-restore command.

			




	
	
	
		
 

			




	
	
	
		
 
    Arguments:

			




	
	
	
		
 

			




	
	
	
		
 
        communication - Instance of a models.Communication object.

			




	
	
	
		
 
    """

			




	
	
	
		
 
    values = (communication.source.address, communication.source.netmask, communication.protocol.lower(), communication.protocol.lower(), communication.port)

			




	
	
	
		
 
    if communication.protocol in ('TCP', 'UDP'):

			




	
	
	
		
 
        rule_template = "-A INPUT -s %s/%s -p %s -m %s --dport %s -j ACCEPT"

			




	
	
	
		
 
    elif communication.protocol in ('ICMP'):

			




	
	
	
		
 
        rule_template = "-A INPUT -s %s/%s -p %s -m %s --icmp-type %s -j ACCEPT"

			




	
	
	
		
 

			




	
	
	
		
 
    return rule_template % values

			




	
	
	
		
 

			




	
	
	
		
 
@register.simple_tag(takes_context = True)

			




	
	
	
		
 
def active_link(context, url_name, return_value='active', **kwargs):

			




	
	
	
		
 
    """

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.