2016-12-14 23:18:16 +00:00
|
|
|
#!/usr/bin/env python
|
2017-02-22 13:41:58 +00:00
|
|
|
# Python helper tool to add IPtables rule using the iptc library. This must
|
|
|
|
# of course run as root for iptc to work.
|
2016-12-14 23:18:16 +00:00
|
|
|
|
2017-03-06 15:03:57 +00:00
|
|
|
from sys import exit
|
2017-03-03 00:04:12 +00:00
|
|
|
from argparse import ArgumentParser, FileType
|
2016-12-14 23:18:16 +00:00
|
|
|
from pprint import pprint as pp
|
2017-03-03 00:04:12 +00:00
|
|
|
from configparser import RawConfigParser
|
2016-12-14 23:18:16 +00:00
|
|
|
|
2017-03-06 15:03:57 +00:00
|
|
|
import errors
|
|
|
|
from storage import StoragePostgres
|
2017-03-03 00:04:12 +00:00
|
|
|
from client import Client
|
2016-12-14 23:18:16 +00:00
|
|
|
|
|
|
|
parser = ArgumentParser()
|
|
|
|
|
2017-03-03 00:04:12 +00:00
|
|
|
parser.add_argument(
|
|
|
|
'--protocol',
|
|
|
|
required=True,
|
|
|
|
choices=['tcp', 'udp'],
|
|
|
|
help='Protocol for client'
|
|
|
|
)
|
|
|
|
|
|
|
|
parser.add_argument(
|
|
|
|
'--config',
|
|
|
|
type=FileType('r'),
|
|
|
|
required=True,
|
|
|
|
help='Configuration file'
|
|
|
|
)
|
|
|
|
|
|
|
|
parser.add_argument(
|
|
|
|
'src_ip',
|
|
|
|
help='Client source IP to add'
|
|
|
|
)
|
2016-12-14 23:18:16 +00:00
|
|
|
|
|
|
|
args = parser.parse_args()
|
|
|
|
|
2017-03-03 00:04:12 +00:00
|
|
|
config = RawConfigParser()
|
|
|
|
config.readfp(args.config)
|
|
|
|
|
2017-03-06 15:03:57 +00:00
|
|
|
sr = StoragePostgres(config=config)
|
|
|
|
try:
|
|
|
|
client = Client(
|
|
|
|
storage=sr,
|
|
|
|
ip_address=args.src_ip,
|
|
|
|
protocol=args.protocol,
|
|
|
|
chain=config.get('iptables', 'chain')
|
|
|
|
)
|
|
|
|
except errors.StorageNotFound:
|
|
|
|
print('Could not find client')
|
|
|
|
exit(1)
|
|
|
|
|
2017-03-07 15:41:41 +00:00
|
|
|
client.enabled = True
|
2017-03-06 15:03:57 +00:00
|
|
|
client.commit()
|