6 from firewall.core.rich import Rich_Rule
10 sys.path.insert(0, "bin/python")
12 if __name__ == "__main__":
13 parser = optparse.OptionParser('firewall-cmd [options]')
14 parser.add_option('--list-interfaces', default=False, action="store_true")
15 parser.add_option('--permanent', default=False, action="store_true")
16 parser.add_option('--new-zone')
17 parser.add_option('--get-zones', default=False, action="store_true")
18 parser.add_option('--delete-zone')
19 parser.add_option('--zone')
20 parser.add_option('--add-interface')
21 parser.add_option('--add-rich-rule')
22 parser.add_option('--remove-rich-rule')
23 parser.add_option('--list-rich-rules', default=False, action="store_true")
25 (opts, args) = parser.parse_args()
27 # Use a dir we can write to in the testenv
28 if 'LOCAL_PATH' in os.environ:
29 data_dir = os.path.realpath(os.environ.get('LOCAL_PATH'))
31 data_dir = os.path.dirname(os.path.realpath(__file__))
32 dump_file = os.path.join(data_dir, 'firewall-cmd.dump')
33 if os.path.exists(dump_file):
34 with open(dump_file, 'rb') as r:
39 if opts.list_interfaces:
40 if not opts.zone: # default zone dummy interface
43 assert 'zone_interfaces' in data
44 assert opts.zone in data['zone_interfaces'].keys()
45 for interface in data['zone_interfaces'][opts.zone]:
46 sys.stdout.write('%s ' % interface)
49 if 'zones' not in data:
51 if opts.new_zone not in data['zones']:
52 data['zones'].append(opts.new_zone)
55 for zone in data['zones']:
56 sys.stdout.write('%s ' % zone)
58 elif opts.delete_zone:
59 assert 'zones' in data
60 assert opts.delete_zone in data['zones']
61 data['zones'].remove(opts.delete_zone)
62 if len(data['zones']) == 0:
64 if 'zone_interfaces' in data and opts.zone in data['zone_interfaces'].keys():
65 del data['zone_interfaces'][opts.zone]
66 elif opts.add_interface:
68 assert 'zones' in data
69 assert opts.zone in data['zones']
70 if 'zone_interfaces' not in data:
71 data['zone_interfaces'] = {}
72 if opts.zone not in data['zone_interfaces'].keys():
73 data['zone_interfaces'][opts.zone] = []
74 if opts.add_interface not in data['zone_interfaces'][opts.zone]:
75 data['zone_interfaces'][opts.zone].append(opts.add_interface)
76 elif opts.add_rich_rule:
78 if 'rules' not in data:
80 if opts.zone not in data['rules']:
81 data['rules'][opts.zone] = []
82 # Test rule parsing if firewalld is installed
84 # Parsing failure will throw an exception
85 rule = str(Rich_Rule(rule_str=opts.add_rich_rule))
87 rule = opts.add_rich_rule
88 if rule not in data['rules'][opts.zone]:
89 data['rules'][opts.zone].append(rule)
90 elif opts.remove_rich_rule:
92 assert 'rules' in data
93 assert opts.zone in data['rules'].keys()
95 rich_rule = str(Rich_Rule(rule_str=opts.remove_rich_rule))
96 assert rich_rule in data['rules'][opts.zone]
97 data['rules'][opts.zone].remove(rich_rule)
99 assert opts.remove_rich_rule in data['rules'][opts.zone]
100 data['rules'][opts.zone].remove(opts.remove_rich_rule)
101 elif opts.list_rich_rules:
103 assert 'rules' in data
104 assert opts.zone in data['rules'].keys()
105 for rule in data['rules'][opts.zone]:
110 if os.path.exists(dump_file):
113 with open(dump_file, 'wb') as w: