Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
R
router_services
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
1
Issues
1
List
Boards
Labels
Service Desk
Milestones
Iterations
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Code Review
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nova
router_services
Commits
3acadd65
Commit
3acadd65
authored
Dec 04, 2013
by
Sigmund Augdal
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor to remove code duplication
parent
b0791944
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
11 additions
and
18 deletions
+11
-18
iptables_configurator.py
iptables_configurator.py
+11
-18
No files found.
iptables_configurator.py
View file @
3acadd65
...
...
@@ -50,6 +50,15 @@ class Generator(object):
self
.
output
(
"create {} {} family {}"
.
format
(
setname
,
set_type
,
family
))
return
name
def
add_ipset_member_family
(
self
,
name
,
member
,
family
,
suffix
,
source
,
addresses
):
setname
=
self
.
set_name
(
name
,
family
)
if
source
is
not
None
:
if
source
in
self
.
addresses_v4
:
suffix
=
"{},{}"
.
format
(
suffix
,
addresses
[
source
])
self
.
output
(
"add {} {}{}"
.
format
(
setname
,
addresses
[
member
],
suffix
))
else
:
self
.
output
(
"add {} {}{}"
.
format
(
setname
,
addresses
[
member
],
suffix
))
def
add_ipset_member
(
self
,
name
,
member
,
protocol
=
"tcp"
,
port
=
None
,
net
=
None
,
source
=
None
):
suffix
=
""
if
port
is
not
None
:
...
...
@@ -58,26 +67,10 @@ class Generator(object):
suffix
+=
",{}"
.
format
(
net
)
member
=
member
.
lower
()
if
member
in
self
.
addresses_v4
and
(
net
is
None
or
"."
in
net
):
setname
=
self
.
set_name
(
name
,
"inet"
)
if
source
is
not
None
:
if
source
in
self
.
addresses_v4
:
suffix4
=
"{},{}"
.
format
(
suffix
,
self
.
addresses_v4
[
source
])
self
.
output
(
"add {} {}{}"
.
format
(
setname
,
self
.
addresses_v4
[
member
],
suffix4
))
else
:
self
.
output
(
"add {} {}{}"
.
format
(
setname
,
self
.
addresses_v4
[
member
],
suffix
))
self
.
add_ipset_member_family
(
name
,
member
,
"inet"
,
suffix
,
source
,
self
.
addresses_v4
)
if
member
in
self
.
addresses_v6
and
(
net
is
None
or
":"
in
net
):
setname
=
self
.
set_name
(
name
,
"inet6"
)
if
source
is
not
None
:
if
source
in
self
.
addresses_v6
:
suffix6
=
"{},{}"
.
format
(
suffix
,
self
.
addresses_v6
[
source
])
self
.
output
(
"add {} {}{}"
.
format
(
setname
,
self
.
addresses_v6
[
member
],
suffix6
))
else
:
self
.
output
(
"add {} {}{}"
.
format
(
setname
,
self
.
addresses_v6
[
member
],
suffix
))
self
.
add_ipset_member_family
(
name
,
member
,
"inet6"
,
suffix
,
source
,
self
.
addresses_v6
)
def
process_security_group
(
self
,
group_id
,
name
):
rules
=
security_groups
.
get_group_rules
(
self
.
etcd_client
,
group_id
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
