-> firewall dans le cvs

darcs-hash:20041027192014-1d643-ab1724aa01fbf9cdb0f3278644685aa10bb2d2ef.gz
2004-10-27 21:20:14 +02:00 · 2004-10-27 21:20:14 +02:00 · 76bf5f8ab8
commit 76bf5f8ab8
parent 5151d148b8
3 changed files with 539 additions and 0 deletions
--- a/gestion/firewall.py
+++ b/gestion/firewall.py
@ -0,0 +1,99 @@
+#!/usr/bin/env python
+# -*- coding: iso-8859-1 -*- 
+# The author of this code is Manuel Sabban <manu@feyd-rautha.org>
+#
+# Copyright (c) 2004 Manuel Sabban.
+#
+# Permission to use, copy, and modify this software with or without fee
+# is hereby granted, provided that this entire notice is included in
+# all source code copies of any software which is or includes a copy or
+# modification of this software.
+#
+# THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
+# IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
+# REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
+# MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
+# PURPOSE.
+""" Firewall de Komaz """
+import sys,os
+import iptools,config
+from classe_firewall import *
+
+def usage():
+    """
+    Vérifie le contenu et le contenant  des arguments
+    de la ligne de commande.
+    En cas d'appel correct, apelle les fonctions de classe_firewall.py
+    """
+    fw=firewall()
+    if len(sys.argv) < 2:
+        raise ErrorArgument,"Il faut au moins deux arguments."
+    try:
+        i=1
+        if len(sys.argv) >= 2:
+            if ((sys.argv[1]=="start")or(sys.argv[1]=="restart"))\
+                   and(len(sys.argv)==2):
+                fw.stop()
+                try:
+                    fw.start()
+                except KeyboardInterrupt:
+                    fw.stop()
+                    print "Firewall arrêté."
+            elif ((sys.argv[1]=="stop")and(len(sys.argv)==2)):
+		fw.stop()
+	    else:
+                while (i<len(sys.argv)):
+                    j=0
+                    argument=False
+                    while (j<len(config.NETs["all"])):
+                        if (iptools.AddrInNet(sys.argv[i],\
+                                              config.NETs["all"][j])):
+                            argument=True
+                            fw.del_entree(sys.argv[i])
+                            try:
+                                fw.adherent(sys.argv[i])
+                            except ErrorNoSuchIp,ip:
+                                print "Ip effacée du firewall."
+                            except MoreThanOneIp,ip:
+                                print "La on est mal, les scripts de Fred"+\
+                                      "foirent de partout, cette portion"+\
+                                      "de code ne devrait jamais être"+\
+                                      "executée"
+                            except KeyboardInterrupt:
+                                fw.del_entree(sys.argv[i])
+                                print "Ip non mise à jour"
+                                exit()
+                        j=j+1
+                    if (not argument) :
+                        raise ErrorArgument,(sys.argv[i],i)
+                    i=i+1
+                
+    except ErrorArgument,(val,nb):
+        for i in range(0,nb):
+            fw.del_entree(sys.argv[i])
+        print "L'ip %s n'est pas valide"%val
+        print "Le firewall est inchangé."
+        print_usage()
+            
+def print_usage():
+    """
+    Manière dont s'utilise ce script
+    Pas d'arguments
+    """
+    usage = """
+        Usage:
+        firewall.py start   : Construction du firewall.
+        firewall.py restart : Reconstruction du firewall.
+	firewall.py stop    : Arrêt du firewall.
+	firewall.py IPs     : Reconstruction des règles concernant la liste d\'ip IPs.
+        """
+    print usage
+
+def main():
+    """
+    Fonction principale
+    """
+    usage()
+
+main()
+