rule add - Matching criteria - protocol

vycontrol/firewall/templates/firewall/addrule.html

@@ -49,7 +49,7 @@
 
 
 
-<form action="{% url 'firewall:addrule' firewall_name %}" method="post">
+<form action="{% url 'firewall:addrule' firewall_name %}" method="post" id="form_addrule">
     {% csrf_token %}
     
 
@@ -67,7 +67,7 @@
             <div class="col">
                 <p>
                     <label for="status">status</label><br>
-                    <input type="radio" name="status" id="status" value="enabled"> enabled
+                    <input type="radio" name="status" id="status" value="enabled" checked="checked"> enabled
                     <input type="radio" name="status" id="status" value="disabled"> disabled
                 </p>
             </div>         
@@ -75,9 +75,9 @@
             <div class="col">
                 <p>
                     <label for="action">action</label><br>
-                    <input type="radio" name="action" id="action" value="accept"> accept
-                    <input type="radio" name="action" id="action" value="drop"> drop
-                    <input type="radio" name="action" id="action" value="reject"> reject        
+                    <input type="radio" class="fwaction" name="action" id="action" value="accept"> accept
+                    <input type="radio" class="fwaction" name="action" id="action" value="drop"> drop
+                    <input type="radio" class="fwaction" name="action" id="action" value="reject"> reject        
                 </p>
             </div>
         </div>
@@ -102,12 +102,12 @@
 
             <div class="col">
                 <p>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_all" value="1"> all protocols<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_tcp" value="1"> tcp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_udp" value="1"> udp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_tcp_udp" value="1"> tcp and udp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_icmp" value="1"> icmp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_other" value="1"> other  
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_all" value="all"> all protocols<br>
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_tcp" value="tcp"> tcp<br>
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_udp" value="udp"> udp<br>
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_tcp_udp" value="tcp_udp"> tcp and udp<br>
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_icmp" value="icmp"> icmp<br>
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_other" value="other"> other  
                 </p>
 
 
@@ -117,16 +117,17 @@
                 
 
                 <p id="protocol_custom_block" style="display: none">
-                    <label for="protocol_custom">add other protocol</label><br>
+                    <label for="protocol_custom">other protocol</label><br>
                     <input type="text" name="protocol_custom" id="protocol_custom" value="{{ protocol_custom }}" size="5"> 
-                    <input type="button" name="destinationport_custom_add" value="add" />
                 </p>                     
                     
-
+                {% comment %}
+                <!-- require https://phabricator.vyos.net/T2451 be fixed -->
                 <p>
-                    <input type="checkbox" name="protocols_negate" id="protocols_negate" value="1">
-                    <label for="protocols_negate">negate </label>
+                    <input type="checkbox" name="protocol_negate" id="protocol_negate" value="1">
+                    <label for="protocol_negate">negate </label>
                 </p>
+                {% endcomment %}
             </div>
         </div>
     </div>
@@ -541,9 +542,20 @@
             else if ($("#criteria_packetstate").not(":checked")) {
                 $('#criteria_packetstate_block').hide();
             }
-        });                                                        
+        });   
 
-           
+        // form basic validations
+        $("#form_addrule").submit(function(e){
+            if ($('#rulenumber').val() < 1){
+                alert('Rule numed must be definied.');
+                e.preventDefault();
+                return false;
+            } else if (!$('.fwaction').is(':checked')){
+                alert('Rule action must be selected.');
+                e.preventDefault();
+                return false;
+            } 
+        });
                      
         
 

vycontrol/firewall/templates/firewall/show.html

@@ -12,6 +12,7 @@
 {% block content %}
 
 <p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>

vycontrol/firewall/views.py

@@ -98,34 +98,94 @@ def addrule(request, firewall_name):
     netservices = network.get_services()
     netservices_js = json.dumps(netservices)
 
-
     changed = False
-    if 'action' in request.POST:
+
+    print("hereuyy")    
+    # verifing basic informations
+    if (request.POST.get('rulenumber',None) != None and 
+        request.POST.get('rulenumber') != "" and 
+        int(request.POST.get('rulenumber')) > 0 and
+        request.POST.get('status',None) != None and
+        request.POST.get('status',None) in ("enabled", "disabled") and
+        request.POST.get('action',None) in ("accept","drop","reject")):
+        
         cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "action", request.POST['action']]}
         result1 = vyos.set_config(hostname_default, cmd)
         print(result1)
-        changed = True
+        #if result1['success'] == True:
+        #    changed = True 
 
-    if 'protocol' in request.POST:
-        cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "protocol", request.POST['protocol']]}
-        result2 = vyos.set_config(hostname_default, cmd)
-        print(result2)
-        changed = True
+        cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "status", request.POST['status']]}
+        result1 = vyos.set_config(hostname_default, cmd)
+        print(result1)
+        #if result1['success'] == True:
+        #    changed = True 
 
-    if 'destinationport' in request.POST:
-        cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "destination", "port", request.POST['destinationport']]}
-        result3 = vyos.set_config(hostname_default, cmd)
-        print(result3)
-        changed = True
+        cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "description", request.POST['description']]}
+        result1 = vyos.set_config(hostname_default, cmd)
+        print(result1)
+        #if result1['success'] == True:
+        #    changed = True 
 
-    if 'sourceport' in request.POST:
-        cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "source", "port", request.POST['sourceport']]}
-        result3 = vyos.set_config(hostname_default, cmd)
-        print(result3)        
-        changed = True
+        print("herexxx")
 
-    if changed == True:
-        return redirect('firewall:show', firewall_name)
+
+        if request.POST.get('protocol_criteria', None) != None:
+            print("here",request.POST.get('protocol_criteria', None))
+            protocol_criteria = None
+            protocol_negate = False
+
+            if request.POST.get('protocol_criteria') == "other":
+                if request.POST.get('protocol_custom', None) != None:
+                    protocol_criteria = request.POST.get('protocol_custom')
+            else:
+                protocol_criteria = request.POST.get('protocol_criteria')
+
+            if request.POST.get('protocol_negate', None) == "1":
+                protocol_negate = True
+
+
+            print(protocol_criteria, protocol_negate)
+
+            if protocol_criteria != None:
+                protocol_criteria_txt = ""
+                if protocol_negate == True:
+                    protocol_criteria_txt = "!" + protocol_criteria
+                else:
+                    protocol_criteria_txt = protocol_criteria
+
+                cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "protocol", protocol_criteria_txt]}
+                result1 = vyos.set_config(hostname_default, cmd)
+                print(result1)
+                #if result1['success'] == True:
+                changed = True 
+
+
+            #set firewall name WAN-IN-v4 rule 11 protocol !tcp_udp
+
+
+
+
+        """if 'protocol' in request.POST:
+            cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "protocol", request.POST['protocol']]}
+            result2 = vyos.set_config(hostname_default, cmd)
+            print(result2)
+            changed = True
+
+        if 'destinationport' in request.POST:
+            cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "destination", "port", request.POST['destinationport']]}
+            result3 = vyos.set_config(hostname_default, cmd)
+            print(result3)
+            changed = True
+
+        if 'sourceport' in request.POST:
+            cmd = {"op": "set", "path": ["firewall", "name", firewall_name, "rule", request.POST['rulenumber'], "source", "port", request.POST['sourceport']]}
+            result3 = vyos.set_config(hostname_default, cmd)
+            print(result3)        
+            changed = True"""
+
+        if changed == True:
+            return redirect('firewall:show', firewall_name)