Added copypasted srcports= support
This commit is contained in:
parent
70bf9f6f8c
commit
0256ec981d
@ -195,6 +195,31 @@ class DstPorts(RuleOption):
|
|||||||
return 'dstports=' + '{!s}-{!s}'.format(*self.range)
|
return 'dstports=' + '{!s}-{!s}'.format(*self.range)
|
||||||
|
|
||||||
|
|
||||||
|
class SrcPorts(RuleOption):
|
||||||
|
'''Source port(s), for TCP/UDP forwarding only'''
|
||||||
|
def __init__(self, value):
|
||||||
|
if isinstance(value, int):
|
||||||
|
value = str(value)
|
||||||
|
if value.count('-') == 1:
|
||||||
|
self.range = [int(x) for x in value.split('-', 1)]
|
||||||
|
elif not value.count('-'):
|
||||||
|
self.range = [int(value), int(value)]
|
||||||
|
else:
|
||||||
|
raise ValueError(value)
|
||||||
|
if any(port < 0 or port > 65536 for port in self.range):
|
||||||
|
raise ValueError('Ports out of range')
|
||||||
|
if self.range[0] > self.range[1]:
|
||||||
|
raise ValueError('Invalid port range')
|
||||||
|
super().__init__(
|
||||||
|
str(self.range[0]) if self.range[0] == self.range[1]
|
||||||
|
else '{!s}-{!s}'.format(*self.range))
|
||||||
|
|
||||||
|
@property
|
||||||
|
def rule(self):
|
||||||
|
'''API representation of this rule element'''
|
||||||
|
return 'srcports=' + '{!s}-{!s}'.format(*self.range)
|
||||||
|
|
||||||
|
|
||||||
class IcmpType(RuleOption):
|
class IcmpType(RuleOption):
|
||||||
'''ICMP packet type'''
|
'''ICMP packet type'''
|
||||||
def __init__(self, value):
|
def __init__(self, value):
|
||||||
|
|||||||
@ -91,7 +91,8 @@ Both formats, positional and keyword arguments, can be used
|
|||||||
interchangeably.
|
interchangeably.
|
||||||
|
|
||||||
Available matches:
|
Available matches:
|
||||||
action: accept, drop or forward
|
action accept, drop or forward
|
||||||
|
forwardtype internal or external (only with action=forward)
|
||||||
dst4 synonym for dsthost
|
dst4 synonym for dsthost
|
||||||
dst6 synonym for dsthost
|
dst6 synonym for dsthost
|
||||||
dsthost IP, network or hostname
|
dsthost IP, network or hostname
|
||||||
@ -99,6 +100,7 @@ Available matches:
|
|||||||
www.example.com, fd00::/8)
|
www.example.com, fd00::/8)
|
||||||
dstports port or port range
|
dstports port or port range
|
||||||
(e.g. 443 or 1200-1400)
|
(e.g. 443 or 1200-1400)
|
||||||
|
srcports port in input (only with action=forward)
|
||||||
icmptype icmp type number (e.g. 8 for echo requests)
|
icmptype icmp type number (e.g. 8 for echo requests)
|
||||||
proto icmp, tcp or udp
|
proto icmp, tcp or udp
|
||||||
specialtarget only the value dns is currently supported,
|
specialtarget only the value dns is currently supported,
|
||||||
@ -146,15 +148,17 @@ def rules_list_table(vm):
|
|||||||
:param vm: VM object
|
:param vm: VM object
|
||||||
:return: None
|
:return: None
|
||||||
'''
|
'''
|
||||||
header = ['NO', 'ACTION', 'HOST', 'PROTOCOL', 'PORT(S)',
|
header = ['NO', 'ACTION', 'FORWARD TYPE', 'HOST', 'PROTOCOL', 'SRCPORT', 'PORT(S)',
|
||||||
'SPECIAL TARGET', 'ICMP TYPE', 'EXPIRE', 'COMMENT']
|
'SPECIAL TARGET', 'ICMP TYPE', 'EXPIRE', 'COMMENT']
|
||||||
rows = []
|
rows = []
|
||||||
for (rule, rule_no) in zip(vm.firewall.rules, itertools.count()):
|
for (rule, rule_no) in zip(vm.firewall.rules, itertools.count()):
|
||||||
row = [x.pretty_value if x is not None else '-' for x in [
|
row = [x.pretty_value if x is not None else '-' for x in [
|
||||||
rule.action,
|
rule.action,
|
||||||
|
rule.forwardtype,
|
||||||
rule.dsthost,
|
rule.dsthost,
|
||||||
rule.proto,
|
rule.proto,
|
||||||
rule.dstports,
|
rule.dstports,
|
||||||
|
rule.srcports,
|
||||||
rule.specialtarget,
|
rule.specialtarget,
|
||||||
rule.icmptype,
|
rule.icmptype,
|
||||||
rule.expire,
|
rule.expire,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user