Support for forwardtype and srcports in qubesdb, define dproperty dependecies and basic checks
This commit is contained in:
parent
a366eec201
commit
dc615dae7f
@ -292,13 +292,28 @@ class Rule(qubes.PropertyHolder):
|
|||||||
if self.icmptype:
|
if self.icmptype:
|
||||||
self.on_set_icmptype('property-set:icmptype', 'icmptype',
|
self.on_set_icmptype('property-set:icmptype', 'icmptype',
|
||||||
self.icmptype, None)
|
self.icmptype, None)
|
||||||
|
# dependencies for forwarding
|
||||||
|
if self.forwardtype:
|
||||||
|
self.on_set_forwardtype('property-set:forwardtype', 'forwardtype',
|
||||||
|
self.forwardtype, None)
|
||||||
|
if self.srcports:
|
||||||
|
self.on_set_srcports('property-set:srcports', 'srcports',
|
||||||
|
self.srcports, None)
|
||||||
self.property_require('action', False, True)
|
self.property_require('action', False, True)
|
||||||
|
if self.action is 'forward':
|
||||||
|
self.property_require('forwardtype', False, True)
|
||||||
|
self.property_require('srcports', False, True)
|
||||||
|
|
||||||
action = qubes.property('action',
|
action = qubes.property('action',
|
||||||
type=Action,
|
type=Action,
|
||||||
order=0,
|
order=0,
|
||||||
doc='rule action')
|
doc='rule action')
|
||||||
|
|
||||||
|
forwardtype = qubes.property('forwardtype',
|
||||||
|
type=Action,
|
||||||
|
order=0,
|
||||||
|
doc='forwarding type (\'internal\' or \'external\')')
|
||||||
|
|
||||||
proto = qubes.property('proto',
|
proto = qubes.property('proto',
|
||||||
type=Proto,
|
type=Proto,
|
||||||
default=None,
|
default=None,
|
||||||
@ -317,6 +332,12 @@ class Rule(qubes.PropertyHolder):
|
|||||||
order=2,
|
order=2,
|
||||||
doc='Destination port(s) (for \'tcp\' and \'udp\' protocol only)')
|
doc='Destination port(s) (for \'tcp\' and \'udp\' protocol only)')
|
||||||
|
|
||||||
|
srcports = qubes.property('srcports',
|
||||||
|
type=DstPorts,
|
||||||
|
default=None,
|
||||||
|
order=2,
|
||||||
|
doc='Inbound port(s) (for forwarding only)')
|
||||||
|
|
||||||
icmptype = qubes.property('icmptype',
|
icmptype = qubes.property('icmptype',
|
||||||
type=IcmpType,
|
type=IcmpType,
|
||||||
default=None,
|
default=None,
|
||||||
@ -363,6 +384,20 @@ class Rule(qubes.PropertyHolder):
|
|||||||
if newvalue not in ('icmp',):
|
if newvalue not in ('icmp',):
|
||||||
self.icmptype = qubes.property.DEFAULT
|
self.icmptype = qubes.property.DEFAULT
|
||||||
|
|
||||||
|
@qubes.events.handler('property-pre-set:forwardtype')
|
||||||
|
def on_set_forwardtype(self, event, name, newvalue, oldvalue=None):
|
||||||
|
# pylint: disable=unused-argument
|
||||||
|
if self.action not 'forward':
|
||||||
|
raise ValueError(
|
||||||
|
'forwardtype valid only for forward action')
|
||||||
|
|
||||||
|
@qubes.events.handler('property-pre-set:srcports')
|
||||||
|
def on_set_srcports(self, event, name, newvalue, oldvalue=None):
|
||||||
|
# pylint: disable=unused-argument
|
||||||
|
if self.action not 'forward':
|
||||||
|
raise ValueError(
|
||||||
|
'srcports valid only for forward action')
|
||||||
|
|
||||||
@qubes.events.handler('property-reset:proto')
|
@qubes.events.handler('property-reset:proto')
|
||||||
def on_reset_proto(self, event, name, oldvalue):
|
def on_reset_proto(self, event, name, oldvalue):
|
||||||
# pylint: disable=unused-argument
|
# pylint: disable=unused-argument
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user