2017-10-24 19:16:36 +05:00
|
|
|
import sys
|
|
|
|
|
import subprocess
|
|
|
|
|
import shutil
|
|
|
|
|
import installLog as logging
|
|
|
|
|
import argparse
|
|
|
|
|
import os
|
|
|
|
|
import shlex
|
|
|
|
|
import socket
|
2018-11-14 13:39:53 -05:00
|
|
|
import install
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class FirewallUtilities:
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
|
def addRule(proto,port):
|
|
|
|
|
try:
|
2018-11-14 13:39:53 -05:00
|
|
|
command = 'sudo firewall-cmd --permanent --zone=public --add-port=' + port + '/' + proto
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-11-14 12:39:42 -05:00
|
|
|
#if port == "21":
|
|
|
|
|
# command = "sudo firewall-cmd --add-service=ftp --permanent"
|
|
|
|
|
# cmd = shlex.split(command)
|
|
|
|
|
# res = subprocess.call(cmd)
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-11-14 12:39:42 -05:00
|
|
|
#ipAddress = "0.0.0.0/0"
|
2017-11-02 02:09:47 +05:00
|
|
|
|
2018-11-14 12:39:42 -05:00
|
|
|
#ruleFamily = 'rule family="ipv4"'
|
|
|
|
|
#sourceAddress = 'source address="' + ipAddress + '"'
|
|
|
|
|
#ruleProtocol = 'port protocol="' + proto + '"'
|
|
|
|
|
#rulePort = 'port="' + port + '"'
|
|
|
|
|
|
|
|
|
|
#command = "sudo firewall-cmd --permanent --zone=public --add-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
|
|
|
|
res = subprocess.call(cmd)
|
|
|
|
|
|
2017-12-09 22:30:10 +05:00
|
|
|
command = 'sudo firewall-cmd --reload'
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
|
|
|
|
res = subprocess.call(cmd)
|
|
|
|
|
|
2018-11-14 13:39:53 -05:00
|
|
|
if install.preFlightsChecks.resFailed(install.get_distro(), res):
|
|
|
|
|
install.preFlightsChecks.stdOut("Failed to install rule: " + command + " Error #" + str(res), 1)
|
|
|
|
|
return 0
|
|
|
|
|
|
2017-10-24 19:16:36 +05:00
|
|
|
except OSError, msg:
|
|
|
|
|
logging.InstallLog.writeToFile(str(msg) + " [addRule]")
|
|
|
|
|
return 0
|
|
|
|
|
except ValueError, msg:
|
|
|
|
|
logging.InstallLog.writeToFile(str(msg) + " [addRule]")
|
|
|
|
|
return 0
|
|
|
|
|
|
|
|
|
|
return 1
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
|
def deleteRule(proto, port):
|
|
|
|
|
try:
|
2018-11-14 12:39:42 -05:00
|
|
|
command = 'sudo firewall-cmd --permanent --zone-public --remove-port=' + port + '/' + proto
|
|
|
|
|
|
|
|
|
|
#if port=="21":
|
|
|
|
|
# command = "sudo firewall-cmd --remove-service=ftp --permanent"
|
|
|
|
|
# cmd = shlex.split(command)
|
|
|
|
|
# res = subprocess.call(cmd)
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-11-14 12:39:42 -05:00
|
|
|
#ipAddress = "0.0.0.0/0"
|
2017-11-02 02:09:47 +05:00
|
|
|
|
2018-11-14 12:39:42 -05:00
|
|
|
#ruleFamily = 'rule family="ipv4"'
|
|
|
|
|
#sourceAddress = 'source address="' + ipAddress + '"'
|
|
|
|
|
#ruleProtocol = 'port protocol="' + proto + '"'
|
|
|
|
|
#rulePort = 'port="' + port + '"'
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-11-14 12:39:42 -05:00
|
|
|
#command = "sudo firewall-cmd --permanent --zone=public --remove-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
|
|
|
|
res = subprocess.call(cmd)
|
|
|
|
|
|
2017-12-09 22:30:10 +05:00
|
|
|
command = 'sudo firewall-cmd --reload'
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
cmd = shlex.split(command)
|
|
|
|
|
|
|
|
|
|
res = subprocess.call(cmd)
|
|
|
|
|
|
|
|
|
|
except OSError, msg:
|
|
|
|
|
logging.InstallLog.writeToFile(str(msg) + " [deleteRule]")
|
|
|
|
|
return 0
|
|
|
|
|
except ValueError, msg:
|
|
|
|
|
logging.InstallLog.writeToFile(str(msg) + " [deleteRule]")
|
|
|
|
|
return 0
|
|
|
|
|
|
|
|
|
|
return 1
|
