1
# Gufw 9.04.0 - http://gufw.tuxfamily.org
2
# Copyright (C) 2009 Marcos Alvarez Costales
4
# Gufw is free software; you can redistribute it and/or modify
5
# it under the terms of the GNU General Public License as published by
6
# the Free Software Foundation; either version 3 of the License, or
7
# (at your option) any later version.
9
# Gufw is distributed in the hope that it will be useful,
10
# but WITHOUT ANY WARRANTY; without even the implied warranty of
11
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12
# GNU General Public License for more details.
14
# You should have received a copy of the GNU General Public License
15
# along with Gufw; if not, see http://www.gnu.org/licenses for more
20
from Variable import Variable
26
self.variable = Variable()
30
def set_status(self, status):
31
commands.getstatusoutput(self.variable.get_command(status))
37
l_status = commands.getstatusoutput(self.variable.get_command("status"))
38
if l_status[1].find("Status: active") != -1:
39
return self.variable.get_constant("enabled")
41
return self.variable.get_constant("disabled")
45
def set_default(self, default):
46
commands.getstatusoutput(self.variable.get_command(default))
51
def get_default(self):
52
l_default = commands.getstatusoutput(self.variable.get_command("search_policy"))
53
if l_default[1].find("ACCEPT") != -1:
54
return self.variable.get_constant("allow")
55
elif l_default[1].find("DROP") != -1:
56
return self.variable.get_constant("deny")
57
elif l_default[1].find("REJECT") != -1:
58
return self.variable.get_constant("reject")
61
# Get actual rules (NOT SPLIT BY ACTION)
63
l_rules = commands.getstatusoutput(self.variable.get_command("status"))
64
l_rule_lines = l_rules[1].split("\n")
67
for l_descomponent_rules in l_rule_lines:
69
if l_descomponent_rules.find(self.variable.get_constant("allow_upper")) != -1 or \
70
l_descomponent_rules.find(self.variable.get_constant("deny_upper")) != -1 or \
71
l_descomponent_rules.find(self.variable.get_constant("limit_upper")) != -1 or \
72
l_descomponent_rules.find(self.variable.get_constant("reject_upper")) != -1:
74
l_return_rules.append(l_descomponent_rules)
80
def set_ufw_log(self, status_ufw_log):
81
commands.getstatusoutput(self.variable.get_command(status_ufw_log))
86
def get_ufw_log(self):
87
l_status = commands.getstatusoutput(self.variable.get_command("status_verbose"))
88
if l_status[1].find("Logging: on (high)") != -1:
89
return self.variable.get_constant("ufw_log_high")
90
elif l_status[1].find("Logging: on (medium)") != -1:
91
return self.variable.get_constant("ufw_log_medium")
92
elif l_status[1].find("Logging: on (low)") != -1:
93
return self.variable.get_constant("ufw_log_low")
95
return self.variable.get_constant("ufw_log_off")
99
def set_gufw_log(self, status_gufw_log):
100
if not self.variable.dev:
101
l_status_gufw_log = status_gufw_log
103
l_status_gufw_log = status_gufw_log + "_dev"
105
commands.getstatusoutput(self.variable.get_command(l_status_gufw_log))
106
return status_gufw_log
110
def get_gufw_log(self):
111
if not self.variable.dev:
112
l_command = commands.getstatusoutput(self.variable.get_command("cfg_gufw_log"))
114
l_command = commands.getstatusoutput(self.variable.get_command("cfg_gufw_log_dev"))
116
if l_command[0] == 0:
117
return self.variable.get_constant("gufw_log_on")
119
return self.variable.get_constant("gufw_log_off")
123
def add_rule_component(self, service, action, protocol, fromip, fromport, toip, toport):
125
if service == self.variable.get_constant("service_no"):
126
l_rule = "LANG=en ufw &action proto &protocol from &fromIP port &fromPort to &toIP port &toPort"
128
l_rule = "LANG=en ufw &action &toPort"
131
l_rule = l_rule.replace("&action", action)
134
if protocol != self.variable.get_constant("both"):
135
l_rule = l_rule.replace("&protocol", protocol)
137
l_rule = l_rule.replace(" proto &protocol ", " ")
141
l_rule = l_rule.replace("&fromIP", fromip)
143
l_rule = l_rule.replace("&fromIP", self.variable.get_constant("any"))
146
l_rule = l_rule.replace("&fromPort", fromport)
148
l_rule = l_rule.replace(" port &fromPort ", " ")
152
l_rule = l_rule.replace("&toIP", toip)
154
l_rule = l_rule.replace("&toIP", self.variable.get_constant("any"))
157
l_rule = l_rule.replace("&toPort", toport)
159
l_rule = l_rule.replace(" port &toPort", "")
161
# Return rule command
166
def add_rule(self, rule):
167
l_result = commands.getstatusoutput(rule)
172
def remove_rule_component(self, rule_to, action, rule_from):
179
l_rule = "LANG=en ufw delete &action proto &protocol from &fromIP port &fromPort to &toIP port &toPort"
182
if rule_to.find("/tcp") != -1 or rule_from.find("/tcp") != -1:
183
protocol = self.variable.get_constant("tcp")
184
rule_to = rule_to.replace("/tcp","")
185
rule_from = rule_from.replace("/tcp","")
186
elif rule_to.find("/udp") != -1 or rule_from.find("/udp") != -1:
187
protocol = self.variable.get_constant("udp")
188
rule_to = rule_to.replace("/udp","")
189
rule_from = rule_from.replace("/udp","")
191
protocol = self.variable.get_constant("both")
195
l_to_aux = rule_to.split(" ")
196
if len(l_to_aux) == 1:
198
if l_to_aux[0] == self.variable.get_constant("anywhere"):
200
elif ( l_to_aux[0].find(".") != -1 ) or ( len(l_to_aux[0]) > 11 ):
204
elif len(l_to_aux) == 2:
207
elif len(l_to_aux) == 3:
209
l_rule = "LANG=en ufw delete " + l_to_aux[2]
213
l_from_aux = rule_from.split(" ")
214
if len(l_from_aux) == 1:
216
if l_from_aux[0] == self.variable.get_constant("anywhere"):
218
elif ( l_from_aux[0].find(".") != -1 ) or ( len(l_from_aux[0]) > 11 ):
219
fromip = l_from_aux[0]
221
fromport = l_from_aux[0]
222
elif len(l_from_aux) == 2:
223
fromip = l_from_aux[0]
224
fromport = l_from_aux[1]
225
elif len(l_from_aux) == 3:
227
l_rule = "LANG=en ufw delete " + l_from_aux[2]
232
l_rule = l_rule.replace("&action", action)
235
if protocol != self.variable.get_constant("both"):
236
l_rule = l_rule.replace("&protocol", protocol)
238
l_rule = l_rule.replace(" proto &protocol ", " ")
242
l_rule = l_rule.replace("&fromIP", fromip)
244
l_rule = l_rule.replace("&fromIP", self.variable.get_constant("any"))
247
l_rule = l_rule.replace("&fromPort", fromport)
249
l_rule = l_rule.replace(" port &fromPort ", " ")
253
l_rule = l_rule.replace("&toIP", toip)
255
l_rule = l_rule.replace("&toIP", self.variable.get_constant("any"))
258
l_rule = l_rule.replace("&toPort", toport)
260
l_rule = l_rule.replace(" port &toPort", "")
262
# Return rule command
267
def remove_rule(self, rule):
268
l_result = commands.getstatusoutput(rule)