102 lines
3.5 KiB
Python
Executable file
102 lines
3.5 KiB
Python
Executable file
#!/usr/bin/env python
|
|
# -*- coding: iso-8859-1 -*-
|
|
# The author of this code is Manuel Sabban <manu@feyd-rautha.org>
|
|
#
|
|
# Copyright (c) 2004 Manuel Sabban.
|
|
#
|
|
# Permission to use, copy, and modify this software with or without fee
|
|
# is hereby granted, provided that this entire notice is included in
|
|
# all source code copies of any software which is or includes a copy or
|
|
# modification of this software.
|
|
#
|
|
# THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
|
|
# IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
|
|
# REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
|
|
# MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
|
|
# PURPOSE.
|
|
""" Firewall de Komaz """
|
|
import sys,os
|
|
import iptools,config
|
|
from classe_firewall import *
|
|
from ldap_crans import crans_ldap
|
|
|
|
def usage():
|
|
"""
|
|
Vérifie le contenu et le contenant des arguments
|
|
de la ligne de commande.
|
|
En cas d'appel correct, appelle les fonctions de classe_firewall.py
|
|
"""
|
|
fw=firewall()
|
|
db=crans_ldap()
|
|
if len(sys.argv) < 2:
|
|
raise ErrorArgument,"Il faut au moins deux arguments."
|
|
try:
|
|
i=1
|
|
if len(sys.argv) >= 2:
|
|
if ((sys.argv[1]=="start")or(sys.argv[1]=="restart"))\
|
|
and(len(sys.argv)==2):
|
|
fw.stop()
|
|
try:
|
|
fw.start()
|
|
except KeyboardInterrupt:
|
|
fw.stop()
|
|
print "Firewall arrêté."
|
|
elif ((sys.argv[1]=="stop")and(len(sys.argv)==2)):
|
|
fw.stop()
|
|
else:
|
|
while (i<len(sys.argv)):
|
|
j=0
|
|
argument=False
|
|
while (j<len(config.NETs["all"])):
|
|
if (iptools.AddrInNet(sys.argv[i],\
|
|
config.NETs["all"][j])):
|
|
argument=True
|
|
fw.del_entree(sys.argv[i])
|
|
try:
|
|
search=db.search('ip='+sys.argv[i])['machine']
|
|
fw.add_machine(search)
|
|
except ErrorNoSuchIp,ip:
|
|
print "Ip effacée du firewall."
|
|
except MoreThanOneIp,ip:
|
|
print "La on est mal, les scripts de Fred"+\
|
|
"foirent de partout, cette portion"+\
|
|
"de code ne devrait jamais être"+\
|
|
"executée"
|
|
except KeyboardInterrupt:
|
|
fw.del_entree(sys.argv[i])
|
|
print "Ip non mise à jour"
|
|
exit()
|
|
j=j+1
|
|
if (not argument) :
|
|
raise ErrorArgument,(sys.argv[i],i)
|
|
i=i+1
|
|
|
|
except ErrorArgument,(val,nb):
|
|
for i in range(0,nb):
|
|
fw.del_entree(sys.argv[i])
|
|
print "L'ip %s n'est pas valide"%val
|
|
print "Le firewall est inchangé."
|
|
print_usage()
|
|
|
|
def print_usage():
|
|
"""
|
|
Manière dont s'utilise ce script
|
|
Pas d'arguments
|
|
"""
|
|
usage = """
|
|
Usage:
|
|
firewall.py start : Construction du firewall.
|
|
firewall.py restart : Reconstruction du firewall.
|
|
firewall.py stop : Arrêt du firewall.
|
|
firewall.py IPs : Reconstruction des règles concernant la liste d\'ip IPs.
|
|
"""
|
|
print usage
|
|
|
|
def main():
|
|
"""
|
|
Fonction principale
|
|
"""
|
|
usage()
|
|
|
|
main()
|
|
|