Acasă Explorează Ajutor
Înregistrare Autentificare
hongtu_zang
/
vycontrol
1
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Răsfoiți Sursa

Merge pull request #114 from vycontrol/b20.05.10

B20.05.10
Roberto Bertó 5 ani în urmă
părinte
3d7f526150 6f91ef0ed5
comite
d9efc9b760
24 a modificat fișierele cu 981 adăugiri și 86 ștergeri
Vedere unificată Arată Statisticile Diff
  1. 2 1
      vycontrol/firewall/templates/firewall/addressgroup-add.html
  2. 2 1
      vycontrol/firewall/templates/firewall/addressgroup-desc.html
  3. 2 1
      vycontrol/firewall/templates/firewall/addressgroup-list.html
  4. 2 1
      vycontrol/firewall/templates/firewall/create.html
  5. 5 4
      vycontrol/firewall/templates/firewall/edit.html
  6. 2 1
      vycontrol/firewall/templates/firewall/editrule.html
  7. 2 1
      vycontrol/firewall/templates/firewall/list.html
  8. 2 1
      vycontrol/firewall/templates/firewall/networkgroup-add.html
  9. 2 1
      vycontrol/firewall/templates/firewall/networkgroup-desc.html
  10. 2 1
      vycontrol/firewall/templates/firewall/networkgroup-list.html
  11. 2 1
      vycontrol/firewall/templates/firewall/portgroup-add.html
  12. 2 1
      vycontrol/firewall/templates/firewall/portgroup-edit.html
  13. 2 1
      vycontrol/firewall/templates/firewall/portgroup-list.html
  14. 3 1
      vycontrol/firewall/templates/firewall/show.html
  15. 123 0
      vycontrol/firewall/templates/firewall/zones-add.html
  16. 128 0
      vycontrol/firewall/templates/firewall/zones-edit.html
  17. 52 0
      vycontrol/firewall/templates/firewall/zones.html
  18. 3 0
      vycontrol/firewall/urls.py
  19. 321 12
      vycontrol/firewall/views.py
  20. 48 4
      vycontrol/interface/templates/interface/index.html
  21. 135 38
      vycontrol/interface/views.py
  22. 108 1
      vycontrol/vycontrol_vyos_api.py
  23. 6 1
      vycontrol/vycontrol_vyos_api_lib.py
  24. 25 13
      vycontrol/vyos.py

+ 2 - 1
vycontrol/firewall/templates/firewall/addressgroup-add.html
Vizualizați fișierul 

@@ -15,7 +15,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2"></p>
 
 <p class="submenu2"></p>

+ 2 - 1
vycontrol/firewall/templates/firewall/addressgroup-desc.html
Vizualizați fișierul 

@@ -23,7 +23,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a>     | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a>     | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>  | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>  | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2">
 
 <p class="submenu2">
 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Add network Group</a>
 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Add network Group</a>

+ 2 - 1
vycontrol/firewall/templates/firewall/addressgroup-list.html
Vizualizați fișierul 

@@ -14,7 +14,8 @@
 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2">
 
 <p class="submenu2">
 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Add Address Group</a>
 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Add Address Group</a>

+ 2 - 1
vycontrol/firewall/templates/firewall/create.html
Vizualizați fișierul 

@@ -14,7 +14,8 @@
 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2"></p>
 
 <p class="submenu2"></p>

+ 5 - 4
vycontrol/firewall/templates/firewall/edit.html
Vizualizați fișierul 

@@ -15,7 +15,8 @@
 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2"></p>
 
 <p class="submenu2"></p>
 
 
 
@@ -32,14 +33,14 @@
 
     <p>
 
     <p>
 
         <label for="hostname">default action</label><br>
 
         <label for="hostname">default action</label><br>
 
         <input type="radio" name="action" id="action" value="accept" {% if firewall.defaultaction == "accept" %}checked="checked"{% endif %}> accept
 
         <input type="radio" name="action" id="action" value="accept" {% if firewall.defaultaction == "accept" %}checked="checked"{% endif %}> accept
 
-        <input type="radio" name="action" id="action" value="drop" {% if firewall.defaultaction == "accept" %}checked="checked"{% endif %}> drop
 
-        <input type="radio" name="action" id="action" value="reject" {% if firewall.defaultaction == "accept" %}checked="checked"{% endif %}> reject        
+        <input type="radio" name="action" id="action" value="drop" {% if firewall.defaultaction == "drop" %}checked="checked"{% endif %}> drop
 
+        <input type="radio" name="action" id="action" value="reject" {% if firewall.defaultaction == "reject" %}checked="checked"{% endif %}> reject        
     </p>
 
     </p>
 
 
 
     
     
     
     
     <input type="submit" value="Edit Firewall">
 
     <input type="submit" value="Edit Firewall">
 
-    </form>
 
+</form>

+ 2 - 1
vycontrol/firewall/templates/firewall/editrule.html
Vizualizați fișierul 

@@ -12,7 +12,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2">
 
 <p class="submenu2">
 
     <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>
 
     <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>

+ 2 - 1
vycontrol/firewall/templates/firewall/list.html
Vizualizați fișierul 

@@ -16,7 +16,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a> 
 </p>
 
 </p>
 
 <p class="submenu2"></p>
 
 <p class="submenu2"></p>

+ 2 - 1
vycontrol/firewall/templates/firewall/networkgroup-add.html
Vizualizați fișierul 

@@ -15,7 +15,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2"></p>
 
 <p class="submenu2"></p>

+ 2 - 1
vycontrol/firewall/templates/firewall/networkgroup-desc.html
Vizualizați fișierul 

@@ -23,7 +23,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a>     | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a>     | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>  | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>  | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2">
 
 <p class="submenu2">
 
     <a href="{% url 'firewall:firewall-networkgroup-add' %}">Add network Group</a>
 
     <a href="{% url 'firewall:firewall-networkgroup-add' %}">Add network Group</a>

+ 2 - 1
vycontrol/firewall/templates/firewall/networkgroup-list.html
Vizualizați fișierul 

@@ -14,7 +14,8 @@
 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2">
 
 <p class="submenu2">
 
     <a href="{% url 'firewall:firewall-networkgroup-add' %}">Add network Group</a>
 
     <a href="{% url 'firewall:firewall-networkgroup-add' %}">Add network Group</a>

+ 2 - 1
vycontrol/firewall/templates/firewall/portgroup-add.html
Vizualizați fișierul 

@@ -18,7 +18,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2"></p>
 
 <p class="submenu2"></p>

+ 2 - 1
vycontrol/firewall/templates/firewall/portgroup-edit.html
Vizualizați fișierul 

@@ -31,7 +31,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2"></p>
 
 <p class="submenu2"></p>

+ 2 - 1
vycontrol/firewall/templates/firewall/portgroup-list.html
Vizualizați fișierul 

@@ -14,7 +14,8 @@
 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
 </p>
 
 </p>
 
 <p class="submenu2">
 
 <p class="submenu2">
 
     <a href="{% url 'firewall:firewall-portgroup-add' %}">Add port group</a>
 
     <a href="{% url 'firewall:firewall-portgroup-add' %}">Add port group</a>

+ 3 - 1
vycontrol/firewall/templates/firewall/show.html
Vizualizați fișierul 

@@ -16,7 +16,9 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
     <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> |
 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
+
 
 </p>
 
 </p>
 
 <p class="submenu2">
 
 <p class="submenu2">
 
     <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>
 
     <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>

+ 123 - 0
vycontrol/firewall/templates/firewall/zones-add.html
Vizualizați fișierul 

@@ -0,0 +1,123 @@
 
+{% extends "base.html" %}
 
+
 
+{% block header_title %}Firewall Zone{% endblock %}
 
+{% block section_title %}Firewall Zone{% endblock %}
 
+{% block username %}{{ username }}{% endblock %}
 
+
 
+{% block debug %}
 
+
 
+{{ allzones }}
 
+
 
+{{ interfaces_defined }}
 
+
 
+{{ interfaces_zone }}
 
+
 
+{{ interfaces_pretty }}
 
+
 
+{{ interfaces_all_names_pretty }}
 
+
 
+{% endblock %}
 
+
 
+{% block content %}
 
+
 
+<p class="submenu1">
 
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> | 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
+</p>
 
+
 
+
 
+{% if form_added == False %}
 
+    <h3>Create new zone</h3>
 
+
 
+    <form action="{% url 'firewall:firewall-zones-add' %}" method="post">
 
+        {% csrf_token %}
 
+    
+        <p>
 
+            <label for="alias">name</label><br>
 
+            <input type="text" name="name" id="name" value="" size="60">
 
+        </p>    
+
 
+        <p>
 
+            <label for="alias">description</label><br>
 
+            <input type="text" name="description" id="description" value="" size="60">
 
+        </p>    
+        
+        <p>
 
+            <label for="hostname">default action</label><br>
 
+            <input type="radio" name="action" id="action" value="drop" {% if firewall.defaultaction == "drop" %}checked="checked"{% endif %}> drop
 
+            <input type="radio" name="action" id="action" value="reject" {% if firewall.defaultaction == "accept" %}checked="checked"{% endif %}> reject        
+        </p>
 
+
 
+        {% comment %}
 
+        <h2>Local-zone</h2>
 
+        <p>Local zones cannot bellong to any other interface and will be applied to the router itself.<br>
 
+            <input type="checkbox" name="localzone" value="1" id="localzone">
 
+            <label for="localzone">set as local-zone</label><br>
 
+        </p> 
+        {% endcomment %}
 
+
 
+
 
+
 
+    
+
 
+
 
+        <div id="interfacesdiv">
 
+            <h2>Interfaces to apply</h2>
 
+                    {% for iface in interfaces_all_names %}
 
+                        {% if iface.type != "loopback" %}
 
+                            {% if iface.vif %}
 
+                                {% with iface_id="interface_"|add:iface.interface_name|add:"."|add:iface.vif iface_js="interface_"|add:iface.interface_name|add:"_"|add:iface.vif  %}
 
+                                    {% if iface_id not in interfaces_defined_form %}
 
+                                        <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}">
 
+                                        <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %}</label><br>
 
+                                    {% else %}
 
+                                        <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}" disabled>
 
+                                        <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %} belongs to another zone</label><br>                            
+                                    {% endif %}
 
+                                {% endwith %}
 
+                            {% else %}
 
+                                {% with iface_id="interface_"|add:iface.interface_name iface_js="interface_"|add:iface.interface_name %}
 
+                                    {% if iface_id not in interfaces_defined_form %}
 
+                                        <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}">
 
+                                        <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %}</label><br>
 
+                                    {% else %}
 
+                                        <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}" disabled>
 
+                                        <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %} belongs to another zone</label><br>
 
+                                    {% endif %}
 
+                                {% endwith %}                    
+                            {% endif %}
 
+                        {% endif %}
 
+                    {% endfor %}
 
+        </div>    
+        
+
 
+        
+        <input type="submit" value="Add Firewall">
 
+    </form>
 
+
 
+
 
+    
+    <script>
 
+        $(document).ready(function () {                            
+            $("#localzone").change(function () {
 
+                if ($("#localzone").is(":checked")) {
 
+                    $('#interfacesdiv').hide();
 
+                }
 
+                else if ($("#localzone").not(":checked")) {
 
+                    $('#interfacesdiv').show();
 
+                }
 
+            });
 
+        });
 
+
 
+    </script>
 
+{% endif %}
 
+
 
+
 
+{% endblock %}
 
+
 
+
 
+

+ 128 - 0
vycontrol/firewall/templates/firewall/zones-edit.html
Vizualizați fișierul 

@@ -0,0 +1,128 @@
 
+{% extends "base.html" %}
 
+
 
+{% block header_title %}Firewall Zone{% endblock %}
 
+{% block section_title %}Firewall Zone{% endblock %}
 
+{% block username %}{{ username }}{% endblock %}
 
+
 
+{% block debug %}
 
+
 
+{{ zoneinfo }}
 
+
 
+
 
+{{ allzones }}
 
+
 
+{{ interfaces_defined }}
 
+
 
+{{ interfaces_zone }}
 
+
 
+{{ interfaces_pretty }}
 
+
 
+{{ interfaces_all_names_pretty }}
 
+
 
+{% endblock %}
 
+
 
+{% block content %}
 
+
 
+<p class="submenu1">
 
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a> | 
+    <a href="{% url 'firewall:firewall-zones' %}">Zones</a>
 
+</p>
 
+
 
+
 
+{% if exists == True %} 
+    {% if form_added == False %}
 
+        <h3>Edit zone {{ zonename }}</h3>
 
+
 
+        <form action="{% url 'firewall:firewall-zones-add' %}" method="post">
 
+            {% csrf_token %}
 
+        
+            <p>
 
+                <label for="alias">name</label><br>
 
+                <input type="text" name="name" id="name" value="" size="60">
 
+            </p>    
+
 
+            <p>
 
+                <label for="alias">description</label><br>
 
+                <input type="text" name="description" id="description" value="" size="60">
 
+            </p>    
+            
+            <p>
 
+                <label for="hostname">default action</label><br>
 
+                <input type="radio" name="action" id="action" value="drop" {% if firewall.defaultaction == "drop" %}checked="checked"{% endif %}> drop
 
+                <input type="radio" name="action" id="action" value="reject" {% if firewall.defaultaction == "accept" %}checked="checked"{% endif %}> reject        
+            </p>
 
+
 
+            {% comment %}
 
+            <h2>Local-zone</h2>
 
+            <p>Local zones cannot bellong to any other interface and will be applied to the router itself.<br>
 
+                <input type="checkbox" name="localzone" value="1" id="localzone">
 
+                <label for="localzone">set as local-zone</label><br>
 
+            </p> 
+            {% endcomment %}
 
+
 
+
 
+
 
+        
+
 
+
 
+            <div id="interfacesdiv">
 
+                <h2>Interfaces to apply</h2>
 
+                        {% for iface in interfaces_all_names %}
 
+                            {% if iface.type != "loopback" %}
 
+                                {% if iface.vif %}
 
+                                    {% with iface_id="interface_"|add:iface.interface_name|add:"."|add:iface.vif iface_js="interface_"|add:iface.interface_name|add:"_"|add:iface.vif  %}
 
+                                        {% if iface_id not in interfaces_defined_form %}
 
+                                            <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}">
 
+                                            <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %}</label><br>
 
+                                        {% else %}
 
+                                            <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}" disabled>
 
+                                            <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %} belongs to another zone</label><br>                            
+                                        {% endif %}
 
+                                    {% endwith %}
 
+                                {% else %}
 
+                                    {% with iface_id="interface_"|add:iface.interface_name iface_js="interface_"|add:iface.interface_name %}
 
+                                        {% if iface_id not in interfaces_defined_form %}
 
+                                            <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}">
 
+                                            <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %}</label><br>
 
+                                        {% else %}
 
+                                            <input type="checkbox" name="{{ iface_id }}" value="{{ iface_id  }}" id="{{ iface_js }}" disabled>
 
+                                            <label for="{{ iface_id }}">{{ iface.type }} {{ iface.interface_name }}{% if iface.vif %}.{{ iface.vif }}{% endif %} belongs to another zone</label><br>
 
+                                        {% endif %}
 
+                                    {% endwith %}                    
+                                {% endif %}
 
+                            {% endif %}
 
+                        {% endfor %}
 
+            </div>    
+            
+
 
+            
+            <input type="submit" value="Add Firewall">
 
+        </form>
 
+
 
+
 
+        
+        <script>
 
+            $(document).ready(function () {                            
+                $("#localzone").change(function () {
 
+                    if ($("#localzone").is(":checked")) {
 
+                        $('#interfacesdiv').hide();
 
+                    }
 
+                    else if ($("#localzone").not(":checked")) {
 
+                        $('#interfacesdiv').show();
 
+                    }
 
+                });
 
+            });
 
+
 
+        </script>
 
+    {% endif %}
 
+{% endif %}
 
+
 
+
 
+{% endblock %}
 
+
 
+
 
+

+ 52 - 0
vycontrol/firewall/templates/firewall/zones.html
Vizualizați fișierul 

@@ -0,0 +1,52 @@
 
+{% extends "base.html" %}
 
+
 
+{% block header_title %}Firewall Zones{% endblock %}
 
+{% block section_title %}Firewall Zones{% endblock %}
 
+{% block username %}{{ username }}{% endblock %}
 
+
 
+{% block debug %}
 
+
 
+{{ allzones_pretty }}
 
+{% endblock %}
 
+
 
+{% block content %}
 
+
 
+<p class="submenu1">
 
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 
+</p>
 
+<p class="submenu2">
 
+    <a href="{% url 'firewall:firewall-zones-add' %}">Add Zone</a>
 
+</p>
 
+
 
+
 
+<h3>Firewall Zones</h3>
 
+
 
+{% if allzones %}
 
+
 
+    <table border="1" width="100%">
 
+    <tr>
 
+        <th>zone</th>
 
+        <th>description</th>
 
+    </tr>    
+    {% for zone in allzones %}
 
+        <tr>
 
+        <td><a href="{% url 'firewall:firewall-zones-edit' zone.name %}">{{ zone.name }}</a></td>
 
+        <td>{{ zone.description }}</td>
 
+        </tr>
 
+    {% endfor %}
 
+
 
+    </table>
 
+
 
+{% else %}
 
+<p>No firewall zone exists.</p>
 
+{% endif %}    
+
 
+
 
+{% endblock %}
 
+
 
+
 
+

+ 3 - 0
vycontrol/firewall/urls.py
Vizualizați fișierul 

@@ -30,6 +30,9 @@ urlpatterns = [
 
     path('firewall-portgroup-del/<str:groupname>', views.firewall_portgroup_del, name='firewall-portgroup-del'),
 
     path('firewall-portgroup-del/<str:groupname>', views.firewall_portgroup_del, name='firewall-portgroup-del'),
 
     path('firewall-portgroup-edit/<str:groupname>', views.firewall_portgroup_edit, name='firewall-portgroup-edit'),
 
     path('firewall-portgroup-edit/<str:groupname>', views.firewall_portgroup_edit, name='firewall-portgroup-edit'),
 
 
 
+    path('zones', views.firewall_zones, name='firewall-zones'),
 
+    path('zones/add', views.firewall_zones_add, name='firewall-zones-add'),
 
+    path('zones/edit<str:zonename>', views.firewall_zones_edit, name='firewall-zones-edit'),
 
 
 
 
 
     path('addrule/<str:firewall_name>', views.addrule, name='addrule'),
 
     path('addrule/<str:firewall_name>', views.addrule, name='addrule'),

+ 321 - 12
vycontrol/firewall/views.py
Vizualizați fișierul 

@@ -28,7 +28,6 @@ from filters.vycontrol_filters import get_item_network
 
 
 
 
 
 
 
-
 
 @is_authenticated
 
 @is_authenticated
 
 def index(request):
 
 def index(request):
 
     #interfaces = vyos.get_interfaces()
 
     #interfaces = vyos.get_interfaces()
 
@@ -118,8 +117,7 @@ def firewall_removerule(request, firewall_name, firewall_rulenumber):
 
 
 
     return redirect('firewall:show', firewall_name)
 
     return redirect('firewall:show', firewall_name)
 
 
 
-
 
-def changerule(request, firewall_name, mode, template_name="firewall/addrule.html", rulenumber = None):
 
+def changerule(request, firewall_name, mode, rulenumber=None):
 
     msg = vmsg.msg()
 
     msg = vmsg.msg()
 
 
 
     #interfaces = vyos.get_interfaces()
 
     #interfaces = vyos.get_interfaces()
 
@@ -132,11 +130,14 @@ def changerule(request, firewall_name, mode, template_name="firewall/addrule.htm
 
     changed = False
 
     changed = False
 
     rulenumber_valid = False
 
     rulenumber_valid = False
 
     ruledata = {}
 
     ruledata = {}
 
-            
+
 
+    # netservices /etc/services parser
 
+    netservices = network.get_services()
 
+
 
+    # firewall groups         
     firewall_group['network-group'] = {}
 
     firewall_group['network-group'] = {}
 
     firewall_group['address-group'] = {}
 
     firewall_group['address-group'] = {}
 
     firewall_group['port-group'] = {}
 
     firewall_group['port-group'] = {}
 
-
 
     firewall_group_raw = vapi.get_firewall_group(hostname_default)
 
     firewall_group_raw = vapi.get_firewall_group(hostname_default)
 
     if firewall_group_raw.success:
 
     if firewall_group_raw.success:
 
         if 'network-group' in firewall_group_raw.data:
 
         if 'network-group' in firewall_group_raw.data:
 
@@ -148,8 +149,6 @@ def changerule(request, firewall_name, mode, template_name="firewall/addrule.htm
 
         if 'port-group' in firewall_group_raw.data:
 
         if 'port-group' in firewall_group_raw.data:
 
             firewall_group['port-group'] = firewall_group_raw.data['port-group']
 
             firewall_group['port-group'] = firewall_group_raw.data['port-group']
 
     
     
-    netservices = network.get_services()
 
-
 
     # edit rule without valid rulenumber
 
     # edit rule without valid rulenumber
 
     if mode == "editrule":
 
     if mode == "editrule":
 
         if rulenumber == None:
 
         if rulenumber == None:
 
@@ -179,7 +178,6 @@ def changerule(request, firewall_name, mode, template_name="firewall/addrule.htm
 
                 rulenumber_valid = False
 
                 rulenumber_valid = False
 
                 msg.add_error("Rule number must be between 1 and 9999")
 
                 msg.add_error("Rule number must be between 1 and 9999")
 
 
 
-
 
     ###############################################################################################################################################################
 
     ###############################################################################################################################################################
 
     # update rule action
 
     # update rule action
 
     if rulenumber_valid and request.POST.get('ruleaction', None) != None:
 
     if rulenumber_valid and request.POST.get('ruleaction', None) != None:
 
@@ -941,7 +939,7 @@ def changerule(request, firewall_name, mode, template_name="firewall/addrule.htm
 
     ruledata_json = json.dumps(ruledata)
 
     ruledata_json = json.dumps(ruledata)
 
     #vmsg.log("json", ruledata_json)
 
     #vmsg.log("json", ruledata_json)
 
 
 
-    template = loader.get_template(template_name)
 
+    template = loader.get_template("firewall/editrule.html")
 
     context = { 
     context = { 
         #'interfaces': interfaces,
 
         #'interfaces': interfaces,
 
         'instances':                        all_instances,
 
         'instances':                        all_instances,
 
@@ -966,11 +964,11 @@ def changerule(request, firewall_name, mode, template_name="firewall/addrule.htm
 
     
     
 @is_authenticated
 
 @is_authenticated
 
 def addrule(request, firewall_name):
 
 def addrule(request, firewall_name):
 
-    return changerule(request, firewall_name, mode="addrule", template_name="firewall/editrule.html", rulenumber = None)
 
+    return changerule(request, firewall_name, mode="addrule", rulenumber=None)
 
 
 
 @is_authenticated
 
 @is_authenticated
 
 def editrule(request, firewall_name, rulenumber):
 
 def editrule(request, firewall_name, rulenumber):
 
-    return changerule(request, firewall_name, mode="editrule", template_name="firewall/editrule.html", rulenumber=rulenumber)
 
+    return changerule(request, firewall_name, mode="editrule", rulenumber=rulenumber)
 
 
 
 @is_authenticated
 
 @is_authenticated
 
 def show(request, firewall_name):
 
 def show(request, firewall_name):
 
@@ -1558,4 +1556,315 @@ def firewall_edit(request, firewall_name):
 
         'username': request.user,
 
         'username': request.user,
 
         'is_superuser' : is_superuser,
 
         'is_superuser' : is_superuser,
 
     }   
     }   
-    return HttpResponse(template.render(context, request))
 
+    return HttpResponse(template.render(context, request))
 
+
 
+@is_authenticated
 
+def firewall_zones(request):
 
+    # basic methods all views should call
 
+    all_instances = vyos.instance_getall()
 
+    hostname_default = vyos.get_hostname_prefered(request)
 
+    is_superuser = perms.get_is_superuser(request.user)
 
+
 
+    # local methods to prepare env
 
+    get_firewall_zones      = vapi.get_firewall_zones(hostname_default) # get all zones since we cannot allow an interface belongs more than one zone
 
+
 
+    interfaces_defined          = []
 
+    interfaces_defined_form     = []
 
+    interfaces_zone             = {}
 
+    allzones                    = []
 
+
 
+    if get_firewall_zones.success:
 
+        allzones = get_firewall_zones.data
 
+        if 'zone' in allzones:
 
+            for zone in allzones['zone']:
 
+                if 'interface' in allzones['zone'][zone]:
 
+                    for zoneinterface in allzones['zone'][zone]['interface']:
 
+                        interfaces_defined.append(zoneinterface)
 
+                        interfaces_defined_form.append("interface_" + zoneinterface)
 
+                        interfaces_zone[zoneinterface] = zone
 
+
 
+
 
+    
+    if 'zone' in allzones:
 
+        allzones2 = []
 
+        for zone in allzones['zone']:
 
+            zonec = allzones['zone'][zone]
 
+            zonec['name'] = zone
 
+            allzones2.append(zonec)
 
+            
+
 
+    template = loader.get_template('firewall/zones.html')
 
+    context = { 
+        #'interfaces': interfaces,
 
+        'instances':                                all_instances,
 
+        'hostname_default':                         hostname_default,
 
+        'username':                                 request.user,
 
+        'is_superuser' :                            is_superuser,
 
+        'allzones':                                 allzones2,
 
+        'allzones_pretty':                          pprint.pformat(allzones2, indent=4, width=120),
 
+
 
+    }   
+    return HttpResponse(template.render(context, request))
 
+
 
+
 
+
 
+@is_authenticated
 
+def firewall_zones_add(request):
 
+    msg = vmsg.msg()
 
+
 
+    # basic methods all views should call
 
+    all_instances       = vyos.instance_getall()
 
+    hostname_default    = vyos.get_hostname_prefered(request)
 
+    is_superuser        = perms.get_is_superuser(request.user)
 
+
 
+    # local methods to prepare env
 
+    interfaces              = vyos.get_interfaces(hostname_default)
 
+    interfaces_all_names    = vyos.get_interfaces_all_names(hostname_default)
 
+    get_firewall_zones      = vapi.get_firewall_zones(hostname_default) # get all zones since we cannot allow an interface belongs more than one zone
 
+
 
+    interfaces_defined          = []
 
+    interfaces_defined_form     = []
 
+    interfaces_zone             = {}
 
+    allzones                    = []
 
+
 
+    if get_firewall_zones.success:
 
+        allzones = get_firewall_zones.data
 
+        if 'zone' in allzones:
 
+            for zone in allzones['zone']:
 
+                if 'interface' in allzones['zone'][zone]:
 
+                    for zoneinterface in allzones['zone'][zone]['interface']:
 
+                        interfaces_defined.append(zoneinterface)
 
+                        interfaces_defined_form.append("interface_" + zoneinterface)
 
+                        interfaces_zone[zoneinterface] = zone
 
+
 
+    # local control vars
 
+    valid               = False
 
+    localzone           = False
 
+
 
+    if request.POST.get('name', None) != None:
 
+        zonename = request.POST.get('name')
 
+        zonename = zonename.strip()
 
+
 
+        if request.POST.get('localzone', None) != None:
 
+            # set local-zone
 
+            v = vapi.set_firewall_zone_localzone(hostname_default, zonename)
 
+            if v.success:   
+                valid = True
 
+                msg.add_success("Local-zone defined")       
+            else:
 
+                msg.add_success("Local-zone failed to set") 
+        else:
 
+            # add all interfaces
 
+            interfaces_form = []
 
+            for rv in request.POST:
 
+                iface_form = None
 
+                if rv.startswith("interface_"):
 
+                    rvprefixlen = len("interface_")
 
+                    iface_form = rv[rvprefixlen:]
 
+                    interfaces_form.append(iface_form)
 
+
 
+                    v = vapi.set_firewall_zone_interface(hostname_default, zonename, iface_form)
 
+                    if v.success:   
+                        valid = True
 
+                        msg.add_success("Interface added to zone: " +  iface_form)
 
+                    else:
 
+                        msg.add_success("Interface not added to zone: " +  iface_form + " - "  + v.reason)
 
+
 
+            if valid == True:
 
+                # if editing remove localzone if set
 
+                pass
 
+
 
+
 
+        if valid == True:
 
+            if request.POST.get('description', None) != None:
 
+                zonedescription = request.POST.get('description')
 
+                zonedescription = zonedescription.strip()
 
+                if len(zonedescription) > 0:
 
+                    v = vapi.set_firewall_zone_description(hostname_default, zonename, zonedescription)
 
+                    if v.success:   
+                        valid = True
 
+                        msg.add_success("Description defined")
 
+                    else:
 
+                        msg.add_success("Description failed to set")
 
+
 
+            if request.POST.get('action', None) != None:
 
+                zoneaction = request.POST.get('action')
 
+                zoneaction = zonedescription.strip()
 
+                if zoneaction in ['drop', 'reject']:
 
+                    v = vapi.set_firewall_zone_defaultaction(hostname_default, zonename, zoneaction)
 
+                    if v.success:   
+                        valid = True
 
+                        msg.add_success("Default action defined")       
+                    else:
 
+                        msg.add_success("Default action failed to set")                        
+
 
+
 
+            msg.add_success("Zone added") 
+
 
+    template = loader.get_template('firewall/zones-add.html')
 
+    context = { 
+        #'interfaces': interfaces,
 
+        'instances':                    all_instances,
 
+        'hostname_default':             hostname_default,
 
+        'username':                     request.user,
 
+        'is_superuser':                 is_superuser,
 
+        'interfaces':                   interfaces,
 
+        'interfaces_pretty':            pprint.pformat(interfaces, indent=4, width=120),
 
+        'interfaces_all_names_pretty':  pprint.pformat(interfaces_all_names, indent=4, width=120),
 
+        'interfaces_all_names':         interfaces_all_names,
 
+        'msg' :                         msg.get_all(),
 
+        'allzones':                     allzones,
 
+        'interfaces_defined':           interfaces_defined,
 
+        'interfaces_defined_form':      interfaces_defined_form,
 
+        'interfaces_zone':              interfaces_zone,
 
+        'form_added':                   valid,
 
+    }   
+    return HttpResponse(template.render(context, request))
 
+
 
+
 
+
 
+
 
+
 
+
 
+
 
+@is_authenticated
 
+def firewall_zones_edit(request, zonename):
 
+    msg = vmsg.msg()
 
+
 
+    # basic methods all views should call
 
+    all_instances       = vyos.instance_getall()
 
+    hostname_default    = vyos.get_hostname_prefered(request)
 
+    is_superuser        = perms.get_is_superuser(request.user)
 
+
 
+    # local methods to prepare env
 
+    interfaces              = vyos.get_interfaces(hostname_default)
 
+    interfaces_all_names    = vyos.get_interfaces_all_names(hostname_default)
 
+    get_firewall_zones      = vapi.get_firewall_zones(hostname_default) # get all zones since we cannot allow an interface belongs more than one zone
 
+    get_firewall_zone       = vapi.get_firewall_zone(hostname_default, zonename)
 
+    zoneinfo                = get_firewall_zone.data
 
+
 
+    if zoneinfo == None:
 
+        msg.add_error("Zone not exists")
 
+        template = loader.get_template('firewall/zones-edit.html')
 
+        context = { 
+            #'interfaces': interfaces,
 
+            'instances':                    all_instances,
 
+            'hostname_default':             hostname_default,
 
+            'username':                     request.user,
 
+            'is_superuser':                 is_superuser,
 
+            'interfaces':                   interfaces,
 
+            'interfaces_all_names_pretty':  pprint.pformat(interfaces_all_names, indent=4, width=120),
 
+            'interfaces_all_names':         interfaces_all_names,
 
+            'msg' :                         msg.get_all(),
 
+            "zoneinfo":                     zoneinfo,
 
+            "exists":                       False
 
+        }   
+        return HttpResponse(template.render(context, request))
 
+
 
+
 
+
 
+    interfaces_defined          = []
 
+    interfaces_defined_form     = []
 
+    interfaces_zone             = {}
 
+    allzones                    = []
 
+
 
+    if get_firewall_zones.success:
 
+        allzones = get_firewall_zones.data
 
+        if 'zone' in allzones:
 
+            for zone in allzones['zone']:
 
+                if 'interface' in allzones['zone'][zone]:
 
+                    for zoneinterface in allzones['zone'][zone]['interface']:
 
+                        interfaces_defined.append(zoneinterface)
 
+                        interfaces_defined_form.append("interface_" + zoneinterface)
 
+                        interfaces_zone[zoneinterface] = zone
 
+
 
+    # local control vars
 
+    valid               = False
 
+    localzone           = False
 
+
 
+    if request.POST.get('name', None) != None or len(zonename) > 0:
 
+        if len(zonename) == 0:
 
+            zonename = request.POST.get('name')
 
+            zonename = zonename.strip()
 
+
 
+        if request.POST.get('localzone', None) != None:
 
+            # set local-zone
 
+            v = vapi.set_firewall_zone_localzone(hostname_default, zonename)
 
+            if v.success:   
+                valid = True
 
+                msg.add_success("Local-zone defined")       
+            else:
 
+                msg.add_success("Local-zone failed to set") 
+        else:
 
+            # add all interfaces
 
+            interfaces_form = []
 
+            for rv in request.POST:
 
+                iface_form = None
 
+                if rv.startswith("interface_"):
 
+                    rvprefixlen = len("interface_")
 
+                    iface_form = rv[rvprefixlen:]
 
+                    interfaces_form.append(iface_form)
 
+
 
+                    v = vapi.set_firewall_zone_interface(hostname_default, zonename, iface_form)
 
+                    if v.success:   
+                        valid = True
 
+                        msg.add_success("Interface added to zone: " +  iface_form)
 
+                    else:
 
+                        msg.add_success("Interface not added to zone: " +  iface_form + " - "  + v.reason)
 
+
 
+            if valid == True:
 
+                # if editing remove localzone if set
 
+                pass
 
+
 
+
 
+        if valid == True:
 
+            if request.POST.get('description', None) != None:
 
+                zonedescription = request.POST.get('description')
 
+                zonedescription = zonedescription.strip()
 
+                if len(zonedescription) > 0:
 
+                    v = vapi.set_firewall_zone_description(hostname_default, zonename, zonedescription)
 
+                    if v.success:   
+                        valid = True
 
+                        msg.add_success("Description defined")
 
+                    else:
 
+                        msg.add_success("Description failed to set")
 
+
 
+            if request.POST.get('action', None) != None:
 
+                zoneaction = request.POST.get('action')
 
+                zoneaction = zonedescription.strip()
 
+                if zoneaction in ['drop', 'reject']:
 
+                    v = vapi.set_firewall_zone_defaultaction(hostname_default, zonename, zoneaction)
 
+                    if v.success:   
+                        valid = True
 
+                        msg.add_success("Default action defined")       
+                    else:
 
+                        msg.add_success("Default action failed to set")                        
+
 
+
 
+            msg.add_success("Zone added") 
+
 
+    template = loader.get_template('firewall/zones-edit.html')
 
+    context = { 
+        #'interfaces': interfaces,
 
+        'instances':                    all_instances,
 
+        'hostname_default':             hostname_default,
 
+        'username':                     request.user,
 
+        'is_superuser':                 is_superuser,
 
+        'interfaces':                   interfaces,
 
+        'interfaces_pretty':            pprint.pformat(interfaces, indent=4, width=120),
 
+        'interfaces_all_names_pretty':  pprint.pformat(interfaces_all_names, indent=4, width=120),
 
+        'interfaces_all_names':         interfaces_all_names,
 
+        'msg' :                         msg.get_all(),
 
+        'allzones':                     allzones,
 
+        'interfaces_defined':           interfaces_defined,
 
+        'interfaces_defined_form':      interfaces_defined_form,
 
+        'interfaces_zone':              interfaces_zone,
 
+        'form_added':                   valid,
 
+        "zoneinfo":                     zoneinfo,
 
+        "zonename":                     zonename,
 
+        "exists":                       True,
 
+
 
+    }   
+    return HttpResponse(template.render(context, request))
 
+
 
+

+ 48 - 4
vycontrol/interface/templates/interface/index.html
Vizualizați fișierul 

@@ -6,13 +6,16 @@
 
 
 
 {% block debug %}
 
 {% block debug %}
 
     {{ interfaces }}
 
     {{ interfaces }}
 
+    {{ firewall_names }}
 
     {{ firewall_all }}
 
     {{ firewall_all }}
 
-    {{ interface_firewall_in }}
 
-    {{ interface_firewall_out }}
 
+    {{ interface_firewall_in_pretty }}
 
+    {{ interface_firewall_out_pretty }}
 
+    {{ interfaces_pretty }}
 
+    --------------
 
+    {{ interfaces_all_names_pretty }}
 
 {% endblock %}
 
 {% endblock %}
 
 
 
 
 
-
 
 {% block content %}
 
 {% block content %}
 
 
 
 {% if interfaces %}
 
 {% if interfaces %}
 
@@ -22,7 +25,46 @@
 
         <table border="1" width="100%">
 
         <table border="1" width="100%">
 
         <tr><th>type</th><th>name</th><th>address</th><th>firewall ipv4 in</th><th>firewall ipv4 out</th></th></tr>
 
         <tr><th>type</th><th>name</th><th>address</th><th>firewall ipv4 in</th><th>firewall ipv4 out</th></th></tr>
 
 
 
-        {% for key, value in interfaces.items %}
 
+
 
+        {% for iname in interfaces_all_names %}
 
+            
+            <tr>
 
+                <td>{{ iname.type }}</td>
 
+                <td>{{ iname.interface_alias }}</td>
 
+                <td>
 
+                    {% for address in iname.address %}
 
+                        {{ address }}<br>
 
+                    {% endfor %}
 
+                </td>
 
+                <td>
 
+                    {% if iname.type == "loopback" or iname.type == "dummy" %}
 
+                        -
 
+                    {% else %}
 
+                        <select id="firewall-ipv4-in" name="firewall-ipv4-in.{{ iname.type }}.{{ iname.interface_alias }}"><option value="--remove--">None</option>
 
+                        {% for fname in firewall_names %}    
+                            <option value="{{ fname }}" {% if iname.firewall_in == fname %}selected="selected"{% endif %} >{{ fname }}</option>
 
+                        {% endfor %}
 
+                        </select>
 
+                    {% endif %}
 
+                </td>
 
+
 
+                <td>
 
+                    {% if iname.type == "loopback" or iname.type == "dummy" %}
 
+                        -
 
+                    {% else %}
 
+                        <select id="firewall-ipv4-out" name="firewall-ipv4-out.{{ iname.type }}.{{ iname.interface_alias }}"><option value="--remove--">None</option>
 
+                        {% for fname in firewall_names %}    
+                            <option value="{{ fname }}" {% if iname.firewall_out == fname %}selected="selected"{% endif %} >{{ fname }}</option>
 
+                        {% endfor %}
 
+                        </select>
 
+                    {% endif %}
 
+                </td>
 
+
 
+            </tr>
 
+        {% endfor %}
 
+
 
+        {% comment %}
 
+        {% for key, value in interfaces_all_names.items %}
 
             <tr>
 
             <tr>
 
                 
                 
                 <td>{{ key }} </td>
 
                 <td>{{ key }} </td>
 
@@ -62,6 +104,8 @@
 
             {% endfor %}
 
             {% endfor %}
 
             </tr>
 
             </tr>
 
         {% endfor %}
 
         {% endfor %}
 
+        {% endcomment %}
 
+
 
 
 
         </table>
 
         </table>

+ 135 - 38
vycontrol/interface/views.py
Vizualizați fișierul 

@@ -10,6 +10,7 @@ from django.template.defaultfilters import register
 
 import vyos
 
 import vyos
 
 from perms import is_authenticated
 
 from perms import is_authenticated
 
 import perms
 
 import perms
 
+import vycontrol_vyos_api as vapi
 
 
 
 
 
 from config.models import Instance
 
 from config.models import Instance
 
@@ -23,19 +24,32 @@ def get_item(dictionary, key):
 
 
 
 @is_authenticated    
 @is_authenticated    
 def index(request):
 
 def index(request):
 
-       
+    
     hostname_default = vyos.get_hostname_prefered(request)
 
     hostname_default = vyos.get_hostname_prefered(request)
 
     all_instances = vyos.instance_getall()
 
     all_instances = vyos.instance_getall()
 
     firewall_all = vyos.get_firewall_all(hostname_default)
 
     firewall_all = vyos.get_firewall_all(hostname_default)
 
     interfaces = vyos.get_interfaces(hostname_default)
 
     interfaces = vyos.get_interfaces(hostname_default)
 
     is_superuser = perms.get_is_superuser(request.user)
 
     is_superuser = perms.get_is_superuser(request.user)
 
+    interfaces_all_names    = vyos.get_interfaces_all_names(hostname_default)
 
 
 
     interface_firewall_in = {}
 
     interface_firewall_in = {}
 
     interface_firewall_out = {}
 
     interface_firewall_out = {}
 
 
 
+    interface_address = {}
 
+    firewall_names = []
 
+
 
+
 
+    # set interface_alias in format eth0 if has not vif and eth0.vlan if has vlan
 
+    for iname in interfaces_all_names:
 
+        if 'vif' in iname:
 
+            iname['interface_alias'] = "{interface_name}.{vif}".format(interface_name=iname['interface_name'], vif=iname['vif'])
 
+        else:
 
+            iname['interface_alias'] = iname['interface_name']
 
+
 
+
 
+    # create firewall_in and firewall_out vars
 
     for interface_type in interfaces:
 
     for interface_type in interfaces:
 
         for interface_name in interfaces[interface_type]:
 
         for interface_name in interfaces[interface_type]:
 
-            pprint.pprint(interface_name)
 
             try:
 
             try:
 
                 interface_firewall_in[interface_name] = interfaces[interface_type][interface_name]['firewall']['in']['name']
 
                 interface_firewall_in[interface_name] = interfaces[interface_type][interface_name]['firewall']['in']['name']
 
             except:
 
             except:
 
@@ -45,69 +59,152 @@ def index(request):
 
             except:
 
             except:
 
                 pass
 
                 pass
 
 
 
+            if interface_name not in interface_address:
 
+                interface_address[interface_name] = []
 
+            try:
 
+                interface_address[interface_name].append(interfaces[interface_type][interface_name]['address'])
 
+            except:
 
+                pass
 
+
 
+
 
+            if 'vif' in interfaces[interface_type][interface_name]:
 
+                for vif in interfaces[interface_type][interface_name]['vif']:
 
+                    interface_name_full = "{interface_name}.{vif}".format(interface_name=interface_name, vif=vif)
 
+                    try:
 
+                        interface_firewall_in[interface_name_full] = interfaces[interface_type][interface_name]['vif'][vif]['firewall']['in']['name']
 
+                    except:
 
+                        pass
 
+                    try:
 
+                        interface_firewall_out[interface_name_full] = interfaces[interface_type][interface_name]['vif'][vif]['firewall']['out']['name']
 
+                    except:
 
+                        pass
 
+
 
+                    if interface_name_full not in interface_address:
 
+                        interface_address[interface_name_full] = []
 
+                    try:
 
+                        interface_address[interface_name_full].append(interfaces[interface_type][interface_name]['vif'][vif]['address'])
 
+                    except:
 
+                        pass
 
+
 
+
 
+    # put all information in a single var: interface_all_names
 
+    for iname in interfaces_all_names:
 
+        if 'vif' in iname:
 
+            ialias = "{interface_name}.{vif}".format(interface_name=iname['interface_name'], vif=iname['vif'])
 
+        else:
 
+            ialias = iname['interface_name']
 
+
 
+        if ialias in interface_firewall_out:
 
+            iname['firewall_out'] = interface_firewall_out[ialias]
 
+
 
+        if ialias in interface_firewall_in:
 
+            iname['firewall_in'] = interface_firewall_in[ialias]
 
+
 
+        if ialias in interface_address:
 
+            iname['address'] = interface_address[ialias]
 
+
 
+
 
+    if 'name' in firewall_all:
 
+        for fname in firewall_all['name']:
 
+            firewall_names.append(fname)
 
+
 
+    # create a dict
 
+    interfaces_all_names_dict = {}
 
+    for iname in interfaces_all_names:
 
+        if 'vif' in iname:
 
+            ialias = "{interface_name}.{vif}".format(interface_name=iname['interface_name'], vif=iname['vif'])
 
+        else:
 
+            ialias = iname['interface_name']
 
+
 
+        interfaces_all_names_dict[ialias] = iname
 
+
 
+
 
+
 
     fw_changed = False
 
     fw_changed = False
 
     for el in request.POST:
 
     for el in request.POST:
 
-        pprint.pprint(request.POST)
 
- 
-        if el.startswith('firewall-ipv4-in') and request.POST[el]:
 
+        interface_vif = None
 
+
 
+        if el.startswith('firewall-ipv4-in'):
 
             pos = el.split(".")
 
             pos = el.split(".")
 
             
             
             interface_type = pos[1]
 
             interface_type = pos[1]
 
             interface_name = pos[2]
 
             interface_name = pos[2]
 
+
 
+            if len(pos) >= 4:
 
+                interface_vif = pos[3]
 
+                ialias = "{interface_name}.{vif}".format(interface_name=interface_name, vif=interface_vif)
 
+            else:
 
+                ialias = interface_name
 
+
 
+
 
             firewall_name = request.POST[el]
 
             firewall_name = request.POST[el]
 
             if firewall_name == "--remove--":
 
             if firewall_name == "--remove--":
 
-                result1 = vyos.delete_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "in")         
+                if 'firewall_in' in interfaces_all_names_dict[ialias]:
 
+                    v = vapi.delete_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "in", interface_vif)
 
+                    #print("@@@@@@@@@@@@@@@@@ in delete", hostname_default, interface_type, interface_name, "in", firewall_name, interface_vif)
 
+                else:
 
+                    pass
 
+                    #print("@@@@@ not 1", interfaces_all_names_dict[ialias], firewall_name)
 
             else:
 
             else:
 
-                result1 = vyos.set_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "in", firewall_name)         
+                if 'firewall_in' not in interfaces_all_names_dict[ialias] or interfaces_all_names_dict[ialias]['firewall_in'] != firewall_name:
 
+                    v = vapi.set_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "in", firewall_name, interface_vif)         
+                    #print("@@@@@@@@@@@@@@@@@ in add", hostname_default, interface_type, interface_name, "in", firewall_name, interface_vif)
 
+                else:
 
+                    pass
 
+                    #print("@@@@@ not 2", interfaces_all_names_dict[ialias], firewall_name )
 
 
 
-            pprint.pprint(result1)  
             fw_changed = True
 
             fw_changed = True
 
-        elif el.startswith('firewall-ipv4-out') and request.POST[el]:
 
+        elif el.startswith('firewall-ipv4-out'):
 
+
 
             pos = el.split(".")
 
             pos = el.split(".")
 
             
             
             interface_type = pos[1]
 
             interface_type = pos[1]
 
             interface_name = pos[2]
 
             interface_name = pos[2]
 
+            if len(pos) >= 4:
 
+                interface_vif = pos[3]
 
+                ialias = "{interface_name}.{vif}".format(interface_name=interface_name, vif=interface_vif)
 
+            else:
 
+                ialias = interface_name                
+
 
             firewall_name = request.POST[el]
 
             firewall_name = request.POST[el]
 
             if firewall_name == "--remove--":
 
             if firewall_name == "--remove--":
 
-                result1 = vyos.delete_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "out")
 
+                if 'firewall_out' in interfaces_all_names_dict[ialias]:
 
+                    v = vapi.delete_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "out", interface_vif)
 
+                    #print("@@@@@@@@@@@@@@@@@ out delete", hostname_default, interface_type, interface_name, "out", firewall_name, interface_vif)
 
+                else:
 
+                    #print("@@@@@ not 3", interfaces_all_names_dict[ialias], firewall_name)                    
+                    pass
 
             else:
 
             else:
 
-                result1 = vyos.set_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "out", firewall_name)
 
-            pprint.pprint(result1)              
+                if 'firewall_out' not in interfaces_all_names_dict[ialias] or interfaces_all_names_dict[ialias]['firewall_out'] != firewall_name:
 
+                    v = vapi.set_interface_firewall_ipv4(hostname_default, interface_type, interface_name, "out", firewall_name, interface_vif)
 
+                    #print("@@@@@@@@@@@@@@@@@ out add", hostname_default, interface_type, interface_name, "out", firewall_name, interface_vif)
 
+                else:
 
+                    #print("@@@@@ not 4", interfaces_all_names_dict[ialias], firewall_name)
 
+                    pass
 
+
 
             fw_changed = True
 
             fw_changed = True
 
             
             
     if fw_changed == True:
 
     if fw_changed == True:
 
         return redirect('interface:interface-list')
 
         return redirect('interface:interface-list')
 
 
 
-    """
 
-   if 'name' in request.POST:
 
-        
-        result1 = vyos.set_config(hostname_default, cmd)
 
-        print(result1)
 
-
 
-        if 'description' in request.POST:
 
-            cmd = {"op": "set", "path": ["firewall", "name", request.POST['name'], "description", request.POST['description']]}
 
-            result2 = vyos.set_config(hostname_default, cmd)
 
-            print(result2)
 
-
 
-        if 'action' in request.POST:
 
-            cmd = {"op": "set", "path": ["firewall", "name", request.POST['name'], "default-action", request.POST['action']]}
 
-            result3 = vyos.set_config(hostname_default, cmd)
 
-            print(result3)
 
-
 
-        return redirect('firewall:firewall-list')
 
-    """
 
 
 
 
 
     template = loader.get_template('interface/index.html')
 
     template = loader.get_template('interface/index.html')
 
     context = {
 
     context = {
 
-        'interfaces': interfaces,
 
-        'instances': all_instances,
 
-        'hostname_default': hostname_default,
 
-        'firewall_all' : firewall_all,
 
-        'interface_firewall_in' : interface_firewall_in,
 
-        'interface_firewall_out' : interface_firewall_out,
 
-        'username': request.user,   
-        'is_superuser' : is_superuser,     
+        'interfaces':                               interfaces,
 
+        'interfaces_pretty':                        pprint.pformat(interfaces, indent=4, width=120),
 
+        'interfaces_all_names':                     interfaces_all_names,
 
+        'interfaces_all_names_pretty':              pprint.pformat(interfaces_all_names, indent=4, width=120),
 
+        'instances':                                all_instances,
 
+        'hostname_default':                         hostname_default,
 
+        'firewall_all' :                            firewall_all,
 
+        'firewall_names' :                          firewall_names,
 
+        'interface_firewall_in' :                   interface_firewall_in,
 
+        'interface_firewall_out' :                  interface_firewall_out,
 
+        'interface_firewall_in_pretty' :            pprint.pformat(interface_firewall_in, indent=4, width=120),
 
+        'interface_firewall_out_pretty' :           pprint.pformat(interface_firewall_out, indent=4, width=120),
 
+        'username':                                 request.user,   
+        'is_superuser' :                            is_superuser,     
     }
 
     }
 
     return HttpResponse(template.render(context, request))
 
     return HttpResponse(template.render(context, request))

+ 108 - 1
vycontrol/vycontrol_vyos_api.py
Vizualizați fișierul 

@@ -371,4 +371,111 @@ def set_route_static(hostname, subnet, nexthop):
 
         cmd =       ["protocols", "static", "route", subnet, "next-hop", nexthop],
 
         cmd =       ["protocols", "static", "route", subnet, "next-hop", nexthop],
 
         description = "set_route_static",
 
         description = "set_route_static",
 
     )
 
     )
 
-    return v
 
+    return v
 
+
 
+
 
+def set_firewall_zone_localzone(hostname, zonename):
 
+    v = vapilib.api (
 
+        hostname=   hostname,
 
+        api =       "post",
 
+        op =        "set",
 
+        cmd =       ["zone-policy", "zone", zonename, "local-zone"],
 
+        description = "set_firewall_zone_localzone",
 
+    )
 
+    return v    
+
 
+
 
+def set_firewall_zone_description(hostname, zonename, description):
 
+    v = vapilib.api (
 
+        hostname=   hostname,
 
+        api =       "post",
 
+        op =        "set",
 
+        cmd =       ["zone-policy", "zone", zonename, "description", description],
 
+        description = "set_firewall_zone_description",
 
+    )
 
+    return v    
+
 
+def set_firewall_zone_defaultaction(hostname, zonename, defaultaction):
 
+    v = vapilib.api (
 
+        hostname=   hostname,
 
+        api =       "post",
 
+        op =        "set",
 
+        cmd =       ["zone-policy", "zone", zonename, "default-action", defaultaction],
 
+        description = "set_firewall_zone_defaultaction",
 
+    )
 
+    return v  
+
 
+def set_firewall_zone_interface(hostname, zonename, interface):
 
+    v = vapilib.api (
 
+        hostname=   hostname,
 
+        api =       "post",
 
+        op =        "set",
 
+        cmd =       ["zone-policy", "zone", zonename, "interface", interface],
 
+        description = "set_firewall_zone_interface",
 
+    )
 
+    return v    
+
 
+def get_firewall_zones(hostname):
 
+    v = vapilib.api (
 
+        hostname=   hostname,
 
+        api =       "get",
 
+        op =        "showConfig",
 
+        cmd =       ["zone-policy"],
 
+        description = "get_firewall_zones",
 
+    )
 
+    return v
 
+
 
+
 
+def get_firewall_zone(hostname, zone):
 
+    v = vapilib.api (
 
+        hostname=   hostname,
 
+        api =       "get",
 
+        op =        "showConfig",
 
+        cmd =       ["zone-policy", "zone", zone],
 
+        description = "get_firewall_zone",
 
+    )
 
+    return v
 
+
 
+
 
+def set_interface_firewall_ipv4(hostname, interface_type, interface_name, direction, firewall_name, vif=None):
 
+    if vif == None:
 
+        v = vapilib.api (
 
+            hostname=   hostname,
 
+            api =       "post",
 
+            op =        "set",
 
+            cmd =       ["interfaces", interface_type, interface_name, "firewall", direction, "name", firewall_name],
 
+            description = "set_interface_firewall_ipv4",
 
+        )
 
+    else:
 
+        v = vapilib.api (
 
+            hostname=   hostname,
 
+            api =       "post",
 
+            op =        "set",
 
+            cmd =       ["interfaces", interface_type, interface_name, "vif", vif, "firewall", direction, "name", firewall_name],
 
+            description = "set_interface_firewall_ipv4",
 
+        )
 
+    return v    
+
 
+def delete_interface_firewall_ipv4(hostname, interface_type, interface_name, direction, vif=None):
 
+    if vif == None:
 
+        v = vapilib.api (
 
+            hostname=   hostname,
 
+            api =       "post",
 
+            op =        "delete",
 
+            cmd =       ["interfaces", interface_type, interface_name, "firewall", direction],
 
+            description = "delete_interface_firewall_ipv4",
 
+        )
 
+    else:
 
+        v = vapilib.api (
 
+            hostname=   hostname,
 
+            api =       "post",
 
+            op =        "delete",
 
+            cmd =       ["interfaces", interface_type, interface_name, "vif", vif, "firewall", direction],
 
+            description = "delete_interface_firewall_ipv4",
 
+        )
 
+    return v    
+
 
+
 
+
 
+
 
+

+ 6 - 1
vycontrol/vycontrol_vyos_api_lib.py
Vizualizați fișierul 

@@ -135,9 +135,14 @@ def api(hostname, api, op, cmd, description = ""):
 
     try:
 
     try:
 
         resp = requests.post(api_data['api_url'], verify=False, data=post, timeout=10)
 
         resp = requests.post(api_data['api_url'], verify=False, data=post, timeout=10)
 
     except requests.exceptions.ConnectionError:
 
     except requests.exceptions.ConnectionError:
 
+        try:
 
+            status_code = resp.status_code
 
+        except UnboundLocalError:
 
+            status_code = 0
 
+        
         v = vyapi(result = False, reason= {
 
         v = vyapi(result = False, reason= {
 
             'exception'     : 'requests.exceptions.ConnectionError',
 
             'exception'     : 'requests.exceptions.ConnectionError',
 
-            'respcode'      : resp.status_code
 
+            'respcode'      : status_code
 
         })
 
         })
 
         log("failed to post url", api_data['api_url'])
 
         log("failed to post url", api_data['api_url'])

+ 25 - 13
vycontrol/vyos.py
Vizualizați fișierul 

@@ -13,6 +13,7 @@ import perms
 
 def instance_getall(*args, **kwargs):
 
 def instance_getall(*args, **kwargs):
 
     return perms.instance_getall(*args, **kwargs)
 
     return perms.instance_getall(*args, **kwargs)
 
 
 
+
 
 def get_hostname_prefered(*args, **kwargs):
 
 def get_hostname_prefered(*args, **kwargs):
 
     return perms.get_hostname_prefered(*args, **kwargs)
 
     return perms.get_hostname_prefered(*args, **kwargs)
 
 
 
@@ -147,19 +148,7 @@ def get_firewall_all(hostname):
 
 
 
     return nfirewall_list
 
     return nfirewall_list
 
 
 
-def set_interface_firewall_ipv4(hostname, interface_type, interface_name, direction, firewall_name):
 
-    cmd = {"op": "set", "path": ["interfaces", interface_type, interface_name, "firewall", direction, "name", firewall_name]}
 
-    post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
 
-
 
-    success = api_set(hostname, cmd)
 
-    return success
 
-
 
-def delete_interface_firewall_ipv4(hostname, interface_type, interface_name, direction):
 
-    cmd = {"op": "delete", "path": ["interfaces", interface_type, interface_name, "firewall", direction]}
 
-    post = {'key': get_key(hostname), 'data': json.dumps(cmd)}
 
-
 
-    success = api_set(hostname, cmd)
 
-    return success    
+  
 
 
 def get_interfaces(hostname):
 
 def get_interfaces(hostname):
 
     cmd = {"op": "showConfig", "path": ["interfaces"]}
 
     cmd = {"op": "showConfig", "path": ["interfaces"]}
 
@@ -167,6 +156,29 @@ def get_interfaces(hostname):
 
     result1 = api_get(hostname, cmd)
 
     result1 = api_get(hostname, cmd)
 
     return result1
 
     return result1
 
 
 
+def get_interfaces_all_names(hostname):
 
+    interfaces = get_interfaces(hostname)
 
+
 
+    all_names = []
 
+
 
+    for itype in interfaces:
 
+        for iname in interfaces[itype]:
 
+            all_names.append({
 
+                'interface_name':           iname,
 
+                'type':                     itype              
+            })
 
+            if 'vif' in interfaces[itype][iname]:
 
+                for vif in interfaces[itype][iname]['vif']:
 
+
 
+                    all_names.append({
 
+                        'interface_name':   iname,
 
+                        'type':             itype,
 
+                        'vif':              vif
 
+                    })                    
+    
+    return all_names
 
+
 
+
 
 def get_interface(interface_type, interface_name, hostname):
 
 def get_interface(interface_type, interface_name, hostname):
 
     cmd = {"op": "showConfig", "path": ["interfaces", interface_type, interface_name]}
 
     cmd = {"op": "showConfig", "path": ["interfaces", interface_type, interface_name]}