code cleanup, adding firewall to interface (bugged yet)

vycenter/config/views.py

@@ -64,6 +64,7 @@ def instance_add(request):
         else:
             instance.https = False
         instance_id = instance.save()
+        return redirect('config:instances')
     else:
         instance_id = 0
 

vycenter/firewall/templates/firewall/list.html

@@ -36,7 +36,7 @@
 
 <h2>Create new rule</h2>
 
-<form action="{% url 'firewall:firewall-list' %}" method="post">
+<form action="{% url 'firewall:firewall-create' %}" method="post">
     {% csrf_token %}
     
     <p>

vycenter/interface/templates/interface/index.html

@@ -5,6 +5,7 @@
 
 {% block debug %}
     {{ interfaces }}
+    {{ firewall_all }}
 {% endblock %}
 
 
@@ -12,19 +13,47 @@
 {% block content %}
 
 {% if interfaces %}
-    <table border="1" width="100%">
-    <tr><th>type</th><th>name</th><th>address</th></tr>
-
-    {% for key, value in interfaces.items %}
-        <tr><td>{{ key }}</td>
-        {% for ifkey, ifvalue in value.items %}
-            <td>{% url 'interface:interface-show' key ifkey as url_interface %}
-            <a href="{{ url_interface }}">{{ ifkey }}</a></td><td>{{ ifvalue.address }}</td>
+    <form action="{% url 'interface:interface-list' %}" method="post">
+        {% csrf_token %}
+
+        <table border="1" width="100%">
+        <tr><th>type</th><th>name</th><th>address</th><th>firewall ipv4 in</th><th>firewall ipv4 out</th></th></tr>
+
+        {% for key, value in interfaces.items %}
+            <tr>
+                <td>{{ key }}</td>
+            {% for ifkey, ifvalue in value.items %}
+            <td>{% url 'interface:interface-show' key ifkey as url_interface %}<a href="{{ url_interface }}">{{ ifkey }}</a></td><td>{{ ifvalue.address }}</td>
+            <td><select id="firewall-ipv4-in" name="firewall-ipv4-in.{{ key }}.{{ ifkey }}"><option value="">None</option>
+                {% if firewall_all != False %}
+                    {% for fkey, fvalue in firewall_all.items %}    
+                        {% for fitemkey, fitemvalue in fvalue.items %}
+                        <option value="{{ fitemkey }}">{{ fitemkey }}</option>
+                        {% endfor %}
+                    {% endfor %}
+                {% endif %}
+            </select></td>
+            <td><select id="firewall-ipv4-out" name="firewall-ipv4-out.{{ key }}.{{ ifkey }}"><option value="">None</option>
+                {% if firewall_all != False %}
+                    {% for fkey, fvalue in firewall_all.items %}    
+                        {% for fitemkey, fitemvalue in fvalue.items %}
+                        <option value="{{ fitemkey }}">{{ fitemkey }}</option>
+                        {% endfor %}
+                    {% endfor %}
+                {% endif %}
+            </select></td>
+
+            {% endfor %}
+            </tr>
         {% endfor %}
-        </tr>
-    {% endfor %}
 
-    </table>
+        </table>
+
+        <div id="submit-firewall" class="text-right">
+            <input type="submit" value="Set interfaces firewall">
+        </div>
+    </form>
+
 {% else %}
     <p>No interfaces.</p>
 {% endif %}

vycenter/interface/views.py

@@ -6,19 +6,53 @@ import vyos
 
 from config.models import Instance
 
+import pprint
 
 def index(request):
     hostname_default = vyos.get_hostname_prefered(request)
-
     all_instances = vyos.instance_getall()
-
+    firewall_all = vyos.get_firewall_all(hostname_default)
     interfaces = vyos.get_interfaces(hostname_default)
-    
+
+    for el in request.POST:
+        if el.startswith('firewall-ipv4-in') and request.POST[el]:
+            pos = el.split(".")
+            
+            interface_type = pos[1]
+            interface_name = pos[2]
+            firewall_name = request.POST[el]
+            pprint.pprint(request.POST)
+
+            result1 = vyos.set_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "in", firewall_name)
+            print(result1)
+
+
+    """
+   if 'name' in request.POST:
+        
+        result1 = vyos.set_config(hostname_default, cmd)
+        print(result1)
+
+        if 'description' in request.POST:
+            cmd = {"op": "set", "path": ["firewall", "name", request.POST['name'], "description", request.POST['description']]}
+            result2 = vyos.set_config(hostname_default, cmd)
+            print(result2)
+
+        if 'action' in request.POST:
+            cmd = {"op": "set", "path": ["firewall", "name", request.POST['name'], "default-action", request.POST['action']]}
+            result3 = vyos.set_config(hostname_default, cmd)
+            print(result3)
+
+        return redirect('firewall:firewall-list')
+    """
+
+
     template = loader.get_template('interface/index.html')
     context = {
         'interfaces': interfaces,
         'instances': all_instances,
         'hostname_default': hostname_default,
+        'firewall_all' : firewall_all,
     }
     return HttpResponse(template.render(context, request))
 

vycenter/vycenter/templates/base.html

@@ -89,6 +89,9 @@
         background-color: #ddd;
     }
 
+    #submit-firewall {
+      margin-top: 20px;
+    }
     </style>
   </head>
   <body >

vycenter/vyos.py

@@ -3,10 +3,6 @@ import json
 import pprint
 import sys
 
-#curl -k -X POST -F data='{"op": "set", "path": ["interfaces", "dummy", "dum1", "address"], "value": "203.0.113.76/32"}' -F key=a6ffb742a8a631a65b07ab2026258629da2632fd https://179.127.12.142:44302/configure
-
-sys.path.append('/var/secrets')
-
 from config.models import Instance
 
 def get_url(hostname):
@@ -41,7 +37,7 @@ def get_key(hostname):
     instance = Instance.objects.get(hostname=hostname)
     return instance.key
 
-def api_get(type, hostname, cmd):
+def api(type, hostname, cmd):
     if type == "retrieve":
         url = get_url_retrieve(hostname)
     elif type == "manage":
@@ -56,7 +52,7 @@ def api_get(type, hostname, cmd):
     print(post)   
 
     try:
-        resp = requests.post(get_url_retrieve(hostname), verify=False, data=post, timeout=5)
+        resp = requests.post(url, verify=False, data=post, timeout=5)
     except requests.exceptions.ConnectionError:
         return False
 
@@ -79,6 +75,12 @@ def api_get(type, hostname, cmd):
 
     return result1['data']
 
+def api_get(hostname, cmd):
+    return api('retrieve', hostname, cmd)
+
+def api_set(hostname, cmd):
+    return api('configure', hostname, cmd)    
+
 def get_hostname_prefered(request):
     hostname = None
 
@@ -121,228 +123,52 @@ def conntry(hostname):
 
     return False
 
-
-
-
 def instance_getall():
     instances = Instance.objects.all()
     return instances
 
-
-
 def get_firewall_all(hostname):
     cmd = {"op": "showConfig", "path": ["firewall"]}
-    firewall_list = api_get("retrieve", hostname, cmd)
+    firewall_list = api_get(hostname, cmd)
     return firewall_list
 
-
-
-
-def getall(hostname="179.127.12.142"):
-    #cmd = {"op": "save", "file": "/config/config.boot"}
-    cmd = {"op": "showConfig", "path": ["interfaces", "dummy"]}
-
-    print(json.dumps(cmd))
+def set_interface_firewall_ipv4(hostname, interface_type, interface_name, direction, firewall_name):
+    cmd = {"op": "set", "path": ["interface", interface_type, interface_name, "firewall", direction, "name", firewall_name]}
     post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
-    print(post)
-
-    try:
-        resp = requests.post(get_url_retrieve(hostname), verify=False, data=post, timeout=15)
-    except requests.exceptions.ConnectionError:
-        return False
-
 
-    print(resp.status_code)
-    pprint.pprint(resp)
+    success = api_set(hostname, cmd)
+    return success
 
-    pprint.pprint(resp.json())
-
-
-    if resp.status_code != 200:
-        # This means something went wrong.
-        #raise ApiError('POST /tasks/ {}'.format(resp.status_code))
-        return "erro"
-    #for todo_item in resp.json():
-        #print('{} {}'.format(todo_item['id'], todo_item['summary']))
-
-    return resp
-
-
-def get_interfaces(hostname="179.127.12.142"):
+def get_interfaces(hostname):
     cmd = {"op": "showConfig", "path": ["interfaces"]}
 
-    print(json.dumps(cmd))
-    post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
-    print(post)
-
-    try:
-        resp = requests.post(get_url_retrieve(hostname), verify=False, data=post, timeout=15)
-    except requests.exceptions.ConnectionError:
-        return False
-
-    print(resp.status_code)
-    pprint.pprint(resp)
-
-    pprint.pprint(resp.json())
-
-
-    if resp.status_code != 200:
-        # This means something went wrong.
-        #raise ApiError('POST /tasks/ {}'.format(resp.status_code))
-        return "erro"
-    #for todo_item in resp.json():
-        #print('{} {}'.format(todo_item['id'], todo_item['summary']))
-
-    result1 = resp.json()
-    print(result1['data'])
-    #result2 = json.loads(result1['data'])
-    pprint.pprint(result1)
-
-    return result1['data']
+    result1 = api_get(hostname, cmd)
+    return result1
 
 def get_interface(interface_type, interface_name, hostname):
     cmd = {"op": "showConfig", "path": ["interfaces", interface_type, interface_name]}
 
-    print(json.dumps(cmd))
-    post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
-    print(post)
-
-    try:
-        resp = requests.post(get_url_retrieve(hostname), verify=False, data=post, timeout=15)
-    except requests.exceptions.ConnectionError:
-        return False
-
-    print(resp.status_code)
-    pprint.pprint(resp)
-
-    pprint.pprint(resp.json())
-
-
-    if resp.status_code != 200:
-        # This means something went wrong.
-        #raise ApiError('POST /tasks/ {}'.format(resp.status_code))
-        return "erro"
-    #for todo_item in resp.json():
-        #print('{} {}'.format(todo_item['id'], todo_item['summary']))
-
-    result1 = resp.json()
-    print(result1['data'])
-    #result2 = json.loads(result1['data'])
-    pprint.pprint(result1)
-
-    return result1['data']
-
-
-
-
-
+    result1 = api_get(hostname, cmd)
+    return result1
+  
 def get_firewall(hostname, name):
     cmd = {"op": "showConfig", "path": ["firewall", "name", name]}
 
-    print(json.dumps(cmd))
-    post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
-    print(post)
-
-
-    try:
-        resp = requests.post(get_url_retrieve(hostname), verify=False, data=post, timeout=15)
-    except requests.exceptions.ConnectionError:
-        return False
-
-    print(resp.status_code)
-    pprint.pprint(resp)
-
-    pprint.pprint(resp.json())
-
-
-    if resp.status_code != 200:
-        # This means something went wrong.
-        #raise ApiError('POST /tasks/ {}'.format(resp.status_code))
-        return "erro"
-    #for todo_item in resp.json():
-        #print('{} {}'.format(todo_item['id'], todo_item['summary']))
-
-    result1 = resp.json()
-    print(result1['data'])
-    #result2 = json.loads(result1['data'])
-    pprint.pprint(result1)
-
-    return result1['data']
-
-
+    result1 = api_get(hostname, cmd)
+    return result1
 
 def get_firewall_rule(hostname, name, rulenumber):
     cmd = {"op": "showConfig", "path": ["firewall", "name", name, "rule", rulenumber]}
 
-    print(json.dumps(cmd))
-    post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
-    print(post)
-
-
-    try:
-        resp = requests.post(get_url_retrieve(hostname), verify=False, data=post, timeout=15)
-    except requests.exceptions.ConnectionError:
-        return False
-
-    print(resp.status_code)
-    pprint.pprint(resp)
-
-    pprint.pprint(resp.json())
-
-
-    if resp.status_code != 200:
-        # This means something went wrong.
-        #raise ApiError('POST /tasks/ {}'.format(resp.status_code))
-        return "erro"
-    #for todo_item in resp.json():
-        #print('{} {}'.format(todo_item['id'], todo_item['summary']))
-
-    result1 = resp.json()
-    print(result1['data'])
-    #result2 = json.loads(result1['data'])
-    pprint.pprint(result1)
-
-    return result1['data']
-
-
+    result1 = api_get(hostname, cmd)
+    return result1
 
 def set_config(hostname, cmd):
-    print(json.dumps(cmd))
-    post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
-    print(post)
-
-
-    try:
-        resp = requests.post(get_url_configure(hostname), verify=False, data=post, timeout=15)
-    except requests.exceptions.ConnectionError:
-        return False
-
-    print(resp.status_code)
-    pprint.pprint(resp)
-
-    pprint.pprint(resp.json())
-
-
-    if resp.status_code != 200:
-        # This means something went wrong.
-        #raise ApiError('POST /tasks/ {}'.format(resp.status_code))
-        return "erro"
-    #for todo_item in resp.json():
-        #print('{} {}'.format(todo_item['id'], todo_item['summary']))
-
-    result1 = resp.json()
-    print(result1['data'])
-    #result2 = json.loads(result1['data'])
-    pprint.pprint(result1)
-
-    return result1['data']
-
-
-def insert_firewall_rules(hostname, firewall_name):
-    cmd = {"op": "set", "path": ["firewall", firewall_name, "rule", request.POST['rulenumber'], "action", request.POST['action']]}
-    result1 = set_config(hostname, cmd)
-
-
-
-#curl -k -X POST -F data='{"op": "set", "path": ["interfaces", "dummy", "dum1", "address"], "value": "203.0.113.76/32"}' -F key=a6ffb742a8a631a65b07ab2026258629da2632fd https://179.127.12.142:44302/configure
-
+    #cmd = {"op": "set", "path": ["interface", interface_type, interface_name, "firewall", direction, "name", firewall_name]}
+    result1 = api_set(hostname, cmd)
+    return result1
+
+def insert_firewall_rules(hostname, cmd):
+    pprint.pprint(cmd)
+    result1 = api_set(hostname, cmd)
+    return result1