set firewall group address-group #44

vycontrol/firewall/templates/firewall/addressgroup-add.html

@@ -0,0 +1,85 @@
+{% extends "base.html" %}
+
+{% block header_title %}Firewall Add New Address Group{% endblock %}
+{% block section_title %}Firewall Add New Address Group{% endblock %}
+
+{% block debug %}
+{% endblock %}
+
+{% block content %}
+
+
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
+    <a href="{% url 'firewall:firewall-networkbook' %}">Network Book</a>
+</p>
+<p class="submenu2"></p>
+
+
+<form action="{% url 'firewall:firewall-addressgroup-add' %}" method="post">
+    {% csrf_token %}
+
+
+    <p>
+    <label for="name">group name:</label><br>
+    <input type="input" name="name" id="name" value="" size="30" />
+    </p>
+
+    <p>
+    address type: <br>
+    <input type="radio" name="addresstype" value="single" id="addresstype_single" class="addresstype" /> <label for="addresstype">single address</label>
+    <input type="radio" name="addresstype" value="range" id="addresstype_range" class="addresstype"/> <label for="addresstype">range address</label>
+    </p>
+    
+
+
+    <div id="addresstype_single_block" style="display: none">
+        <table width="100%">
+            <tr>
+                <th width="25%">ip address:</td><td><input type="input" name="address" value=""/> </th>
+            </tr>
+        </table>
+    </div>
+
+    <div id="addresstype_range_block" style="display: none">
+        <table width="100%">
+            <tr>
+                <th width="25%">ip block address start:</td><td><input type="input" name="address-start" value=""/> (eg 10.10.10.1)</th>
+            </tr>
+            <tr>
+                <th width="25%">ip block address end:</td><td><input type="input" name="address-end" value=""/>  (eg 10.10.10.20)</th>
+            </tr>
+        </table>
+    </div>
+
+
+    <input type="submit" value="Add Group">
+</form>
+
+<script>
+$(document).ready(function () {                            
+    $(".addresstype").change(function () {
+        if ($("#addresstype_single").is(":checked")) {
+            $('#addresstype_single_block').show();
+            $('#addresstype_range_block').hide();
+        }
+        else if ($("#addresstype_range").is(":checked")) {
+            $('#addresstype_single_block').hide();
+            $('#addresstype_range_block').show();
+        }
+    });        
+});
+</script>
+
+
+
+
+
+
+
+{% endblock %}
+
+
+

vycontrol/firewall/templates/firewall/addressgroup-list.html

@@ -0,0 +1,46 @@
+{% extends "base.html" %}
+
+{% block header_title %}Firewall Group List{% endblock %}
+{% block section_title %}Firewall Group List{% endblock %}
+
+{% block debug %}
+{{ firewall_addressgroup }}
+{% endblock %}
+
+{% block content %}
+
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-networkbook' %}">Network Book</a>
+</p>
+<p class="submenu2">
+    <a href="{% url 'firewall:firewall-addressgroup-add' %}">Add Address Group</a>
+</p>
+
+
+{% if firewall_addressgroup %}
+    <table border="1" width="100%">
+    <tr><th>name</th><th>addresss</th></tr>
+
+    {% for key, value in firewall_addressgroup.items %}       
+        {% for ifkey, ifvalue in value.items %}
+            <tr>
+                <td>{{ ifkey }}</a></td>
+                <td>{{ ifvalue.address }}</td>
+            </tr>
+        {% endfor %}
+        
+    {% endfor %}
+
+    </table>
+{% else %}
+    <p>No firewalls.</p>
+{% endif %}
+
+
+
+{% endblock %}
+
+
+

vycontrol/firewall/templates/firewall/addrule.html

@@ -1,7 +1,7 @@
 {% extends "base.html" %}
 
 {% block header_title %}Firewall {{firewall_name}}{% endblock %}
-{% block section_title %}<a href="{% url 'firewall:show' firewall_name %}">Firewall {{firewall_name}}</a>{% endblock %}
+{% block section_title %}<a href="{% url 'firewall:show' firewall_name %}">Firewall {{firewall_name}}</a> - create new rule{% endblock %}
 
 {% block debug %}
 {{ firewall }}
@@ -11,8 +11,16 @@
 {% block content %}
 
 
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkbook' %}">Network Book</a>
+</p>
+<p class="submenu2">
+    
+</p>
+
 
-<h2>Create new rule</h2>
 
 <form action="{% url 'firewall:addrule' firewall_name %}" method="post">
     {% csrf_token %}

vycontrol/firewall/templates/firewall/create.html

@@ -9,7 +9,13 @@
 
 {% block content %}
 
-<h2>Create new Firewall</h2>
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-add' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkbook' %}">Network Book</a>
+</p>
+<p class="submenu2"></p>
+
 
 <form action="{% url 'firewall:firewall-create' %}" method="post">
     {% csrf_token %}

vycontrol/firewall/templates/firewall/list.html

@@ -10,9 +10,13 @@
 {% block content %}
 
 
-<p class="margin-topbottom">
-    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a>
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkbook' %}">Network Book</a>
 </p>
+<p class="submenu2"></p>
+
 
 
 {% if firewall_all %}

vycontrol/firewall/templates/firewall/show.html

@@ -10,11 +10,16 @@
 
 {% block content %}
 
-
-<p class="margin-topbottom">
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkbook' %}">Network Book</a>
+</p>
+<p class="submenu2">
     <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>
 </p>
 
+
 <h3>Firewall Properties</h3>
 
 <form action="{% url 'firewall:firewall-config' firewall_name %}" method="post">

vycontrol/firewall/urls.py

@@ -14,6 +14,11 @@ urlpatterns = [
     path('firewall-edit/<str:firewall_name>', views.firewall_edit, name='firewall-edit'),
     path('firewall-config/<str:firewall_name>', views.firewall_config, name='firewall-config'),
     path('firewall-global', views.firewall_global, name='firewall-global'),
+    path('firewall-addressgroup-list', views.firewall_addressgroup_list, name='firewall-addressgroup-list'),
+    path('firewall-addressgroup-add', views.firewall_addressgroup_add, name='firewall-addressgroup-add'),
+
+    path('firewall-networkbook', views.firewall_networkbook, name='firewall-networkbook'),
+
     path('addrule/<str:firewall_name>', views.addrule, name='addrule'),
     path('editrule/<str:firewall_name>/<str:firewall_rulenumber>', views.editrule, name='editrule'),
     path('firewall-removerule/<str:firewall_name>/<str:firewall_rulenumber>', views.firewall_removerule, name='firewall-removerule'),    

vycontrol/firewall/views.py

@@ -228,6 +228,55 @@ def show(request, firewall_name):
 
 
 
+def firewall_addressgroup_list(request):
+    if not request.user.is_authenticated:
+        return redirect('%s?next=%s' % (reverse('registration-login'), request.path))
+        
+    hostname_default = vyos.get_hostname_prefered(request)
+    firewall_addressgroup = vyos.get_firewall_addressgroup(hostname_default)
+
+    template = loader.get_template('firewall/addressgroup-list.html')
+    context = { 
+        'firewall_addressgroup': firewall_addressgroup,
+    }   
+    return HttpResponse(template.render(context, request))
+
+
+
+def firewall_addressgroup_add(request):
+    if not request.user.is_authenticated:
+        return redirect('%s?next=%s' % (reverse('registration-login'), request.path))
+        
+    hostname_default = vyos.get_hostname_prefered(request)
+
+    if request.POST.get('addresstype', None) == "single" and request.POST.get('name', None) != None and request.POST.get('address', None) != None:
+        vyos.set_firewall_addressgroup_add(hostname_default, request.POST.get('name'), request.POST.get('address'))
+        return redirect('firewall:firewall-addressgroup-list')
+    elif request.POST.get('addresstype', None) == "range" and request.POST.get('name', None) != None and request.POST.get('address-start', None) != None and request.POST.get('address-end', None) != None:
+        vyos.set_firewall_addressgroup_rangeadd(hostname_default, request.POST.get('name'), request.POST.get('address-start'), request.POST.get('address-end'))
+        return redirect('firewall:firewall-addressgroup-list')
+
+
+
+    template = loader.get_template('firewall/addressgroup-add.html')
+    context = { 
+    }   
+    return HttpResponse(template.render(context, request))
+
+
+
+
+def firewall_networkbook(request):
+    if not request.user.is_authenticated:
+        return redirect('%s?next=%s' % (reverse('registration-login'), request.path))
+        
+    return redirect('firewall:firewall-list')
+
+
+
+
+
+
 
 def firewall_config(request, firewall_name):
     if not request.user.is_authenticated:
@@ -240,12 +289,6 @@ def firewall_config(request, firewall_name):
     firewall = vyos.get_firewall(hostname_default, firewall_name)
     
 
-    if request.POST.get('allping') == 1:
-        pass
-
-    if request.POST.get('syncookies') == 1:
-        pass    
-
     template = loader.get_template('firewall/show.html')
     context = { 
         #'interfaces': interfaces,

vycontrol/s/main.css

@@ -118,6 +118,20 @@ input[type=submit] {
   margin: 20px 0;  
 }
 
+.submenu1 {
+  margin: 0;
+}
+.submenu2 {
+  margin: 4px 0 20px 0;
+  padding-top: 4px
+  border: 1px;
+  border-radius: 0px 0px 0px 0px;
+  -moz-border-radius: 0px 0px 0px 0px;
+  -webkit-border-radius: 0px 0px 0px 0px;
+  border-top: 1px dotted #000000;
+}
+
+
 .alert-nok {
   background-color: rgb(184, 78, 78); margin: 20px 0; padding: 2px 10px;
 }

vycontrol/vycenter/templates/base.html

@@ -8,7 +8,8 @@
 
     <!-- Bootstrap CSS -->
     <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
-    <link rel="stylesheet" href="{% static "main.css" %}?v11">
+    <link rel="stylesheet" href="{% static "main.css" %}?16">
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
 
     <title>{% block header_title %}{% endblock %} - VyControl</title>
   </head>
@@ -136,7 +137,6 @@
 
     <!-- Optional JavaScript -->
     <!-- jQuery first, then Popper.js, then Bootstrap JS -->
-    <script src="https://code.jquery.com/jquery-3.4.1.slim.min.js" integrity="sha384-J6qa4849blE2+poT4WnyKhv5vZF5SrPo0iEjwBvKU7imGFAV0wwj1yYfoRSJoZ+n" crossorigin="anonymous"></script>
     <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js" integrity="sha384-Q6E9RHvbIyZFJoft+2mJbHaEWldlvI9IOYy5n3zV9zzTtmI3UksdQRVvoxMfooAo" crossorigin="anonymous"></script>
     <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js" integrity="sha384-wfSDF2E50Y2D1uUdj0O3uMBJnjuUD4Ih7YwaYd1iqfktj0Uod8GCExl3Og8ifwB6" crossorigin="anonymous"></script>
   </body>

vycontrol/vyos.py

@@ -243,9 +243,25 @@ def set_firewall_allping_disable(hostname):
     result1 = api_set(hostname, cmd)
     return result1  
 
+def get_firewall_addressgroup(hostname):
+    cmd = {"op": "showConfig", "path": ["firewall","group","address-group"]}
 
+    result1 = api_get(hostname, cmd)
+    return result1
 
 
+def set_firewall_addressgroup_add(hostname, group_name, address):
+    cmd = {"op": "set", "path": ["firewall","group",'address-group', group_name, "address", address]}
+
+    result1 = api_set(hostname, cmd)
+    return result1 
+
+def set_firewall_addressgroup_rangeadd(hostname, group_name, address_start, address_end):
+    address = str(address_start) + "-" + str(address_end)
+    cmd = {"op": "set", "path": ["firewall","group",'address-group', group_name, "address", address]}
+
+    result1 = api_set(hostname, cmd)
+    return result1     
 
 
 def delete_route_static(hostname, subnet, nexthop):