set firewall group port-group #68

vycontrol/firewall/templates/firewall/addressgroup-add.html

@@ -14,7 +14,8 @@
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2"></p>
 

vycontrol/firewall/templates/firewall/addressgroup-desc.html

@@ -16,7 +16,8 @@
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>  | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2">
     <a href="{% url 'firewall:firewall-networkgroup-add' %}">Add network Group</a>

vycontrol/firewall/templates/firewall/addressgroup-list.html

@@ -13,7 +13,8 @@
 <p class="submenu1">
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2">
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Add Address Group</a>

vycontrol/firewall/templates/firewall/addrule.html

@@ -41,7 +41,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2">
     

vycontrol/firewall/templates/firewall/create.html

@@ -13,7 +13,8 @@
 <p class="submenu1">
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-add' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2"></p>
 

vycontrol/firewall/templates/firewall/edit.html

@@ -11,6 +11,14 @@
 
 {% block content %}
 
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-add' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
+</p>
+<p class="submenu2"></p>
+
 <h2>Firewall {{ firewall_name }}</h2>
 
 <form action="{% url 'firewall:firewall-edit' firewall_name %}" method="post">

vycontrol/firewall/templates/firewall/editrule.html

@@ -19,7 +19,8 @@
 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2">
     

vycontrol/firewall/templates/firewall/list.html

@@ -15,7 +15,8 @@
 <p class="submenu1">
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2"></p>
 

vycontrol/firewall/templates/firewall/networkgroup-add.html

@@ -14,7 +14,8 @@
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2"></p>
 

vycontrol/firewall/templates/firewall/networkgroup-desc.html

@@ -16,7 +16,8 @@
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a>     | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>  | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2">
     <a href="{% url 'firewall:firewall-networkgroup-add' %}">Add network Group</a>

vycontrol/firewall/templates/firewall/networkgroup-list.html

@@ -13,7 +13,8 @@
 <p class="submenu1">
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
-    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a>   
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2">
     <a href="{% url 'firewall:firewall-networkgroup-add' %}">Add network Group</a>

vycontrol/firewall/templates/firewall/portgroup-add.html

@@ -0,0 +1,190 @@
+{% extends "base.html" %}
+
+{% block header_title %}Firewall Add New Port Group{% endblock %}
+{% block section_title %}Firewall Add New Port Group{% endblock %}
+{% block username %}{{ username }}{% endblock %}
+
+{% block debug %}
+
+{{ services_common }
+}
+{% endblock %}
+
+{% block content %}
+
+
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
+</p>
+<p class="submenu2"></p>
+
+
+<form action="{% url 'firewall:firewall-portgroup-add' %}" method="post" id="form_addportgroup">
+    <input type="hidden" name="portgroup_ports_hidden" id="portgroup_ports_hidden" value="">
+    {% csrf_token %}
+
+
+    <p>
+    <label for="name">group name:</label><br>
+    <input type="input" name="name" id="name" value="" size="30" />
+    </p>
+
+    <p>
+        <label for="name">description:</label><br>
+        <input type="input" name="description" id="description" value="" size="100" />
+    </p>
+    
+
+    <h3>Ports inside group</h3>
+    <div class="container" id="criteria_port_block">
+        <div class="row">  
+          
+            <div class="col">
+                <p>
+                    <label for="portgroup_common">common source ports to add</label><br>
+                    <select name="portgroup_common" id="portgroup_common" size="1">
+                        <option value="">select one</option>
+                        {% for p in services_common %}
+                        <option value="{{ services|get_item_port:p }}">{{ p }} - {{ services|get_item_port:p }}</option>
+                        {% endfor %}
+                    </select>
+
+                    <input type="checkbox" name="portgroup_common_negate" id="portgroup_common_negate" value="1">
+                    <label for="portgroup_common_negate">negate </label>
+                    <input type="button" name="portgroup_common_add" id="portgroup_common_add" value="add" />
+                </p>   
+
+                <p>
+                    <label for="portgroup_custom">add custom destination ports (use single 100 or range 100-200)</label><br>
+                    <input type="text" name="portgroup_custom" id="portgroup_custom" value="{{ destinationport_custom }}" size="14"> 
+                    <input type="checkbox" name="portgroup_custom_negate" id="portgroup_custom_negate" value="1"> 
+                    <label for="portgroup_custom_negate">negate </label>
+                    <input type="button" name="portgroup_custom_add" id="portgroup_custom_add" value="add" />
+                </p>       
+               
+                <p>
+                    <label for="portgroup">source ports filtered (click to remove)</label><br>
+                    <select name="portgroup" size="10" style="width: 200px;" id="portgroup">
+                    </select>
+                </p>
+
+
+            </div>
+        </div>
+
+    </div>
+
+
+    <input type="submit" value="Add Group">
+</form>
+
+
+
+   
+<script>
+    $(document).ready(function () {            
+        $("#portgroup_common_add").click(function () {
+            port = $("#portgroup_common").children("option:selected").val();
+            if (port == "") {
+                return false;
+            }
+
+            if ($("#portgroup_common_negate").is(":checked")) {
+                negate = "!";
+            } else {
+                negate = "";
+            }
+
+            port_text = negate + port;
+
+            if ($("#portgroup option[value='" + port_text + "']").length == 0) {
+                $('#portgroup').append($('<option>', {
+                    value: port_text,
+                    text: port_text
+                }));
+            }
+        });
+
+        $("#portgroup_custom_add").click(function () {
+            port = $("#portgroup_custom").val();
+            if (port == "") {
+                return false;
+            }
+
+            if ($("#portgroup_custom_negate").is(":checked")) {
+                negate = "!";
+            } else {
+                negate = "";
+            }
+
+            port_text = negate + port;
+
+            if ($("#portgroup option[value='" + port_text + "']").length == 0) {
+                $('#portgroup').append($('<option>', {
+                    value: port_text,
+                    text: port_text
+                }));
+            }
+        });
+
+
+
+        $('#portgroup').click(function() {
+            $(this).find('option:selected').remove();
+        });
+
+
+        $("#portgroup_common, #portgroup_common_negate").keypress(function(event) { 
+            if (event.keyCode === 13) { 
+                $("#portgroup_common_add").click(); 
+                return false;
+            } 
+        }); 
+
+        $("#portgroup_custom, #portgroup_custom_negate").keypress(function(event) { 
+            if (event.keyCode === 13) { 
+                $("#portgroup_custom_add").click(); 
+                return false;
+            } 
+        }); 
+
+        // form basic validations
+        $("#form_addportgroup").submit(function(e){
+            if ($('#name').val().length < 1){
+                alert('Port Group must be definied.');
+                e.preventDefault();
+                return false;
+            }
+
+            var ports = [];
+
+            $("#portgroup option").each(function() {
+                x=$(this).val();
+                ports.push(x);
+            });
+
+            $('#portgroup_ports_hidden').val(JSON.stringify(ports));
+
+            if (ports.length <= 0) {
+                alert('Need at least one port.');
+                e.preventDefault();
+                return false;
+            }
+
+        });
+        
+
+
+
+    });
+</script>
+
+
+{% endblock %}
+
+
+

vycontrol/firewall/templates/firewall/portgroup-edit.html

@@ -0,0 +1,208 @@
+{% extends "base.html" %}
+
+{% block header_title %}Firewall Edit Port Group {{ groupname }}{% endblock %}
+{% block section_title %}Firewall Edit Port Group {{ groupname }}{% endblock %}
+{% block username %}{{ username }}{% endblock %}
+
+{% block debug %}
+
+{{ services_common }}
+
+{{ portgroups_json }}
+
+{{ description }}
+
+
+{% endblock %}
+
+{% block content %}
+
+
+
+<script type="text/javascript">
+    var portgroups_json = JSON.parse('{{portgroups_json|safe}}');
+    console.log(portgroups_json['port']);
+</script>
+
+
+
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
+</p>
+<p class="submenu2"></p>
+
+
+
+
+<form action="{% url 'firewall:firewall-portgroup-edit' groupname %}" method="post" id="form_addportgroup">
+    <input type="hidden" name="portgroup_ports_hidden" id="portgroup_ports_hidden" value="">
+    {% csrf_token %}
+
+
+    <p>
+        <label for="name">description:</label><br>
+        <input type="input" name="description" id="description" value="{{ description }}" size="100" />
+    </p>
+    
+
+
+    <h3>Ports inside group</h3>
+    <div class="container" id="criteria_port_block">
+        <div class="row">  
+          
+            <div class="col">
+                <p>
+                    <label for="portgroup_common">common source ports to add</label><br>
+                    <select name="portgroup_common" id="portgroup_common" size="1">
+                        <option value="">select one</option>
+                        {% for p in services_common %}
+                        <option value="{{ services|get_item_port:p }}">{{ p }} - {{ services|get_item_port:p }}</option>
+                        {% endfor %}
+                    </select>
+
+                    <input type="checkbox" name="portgroup_common_negate" id="portgroup_common_negate" value="1">
+                    <label for="portgroup_common_negate">negate </label>
+                    <input type="button" name="portgroup_common_add" id="portgroup_common_add" value="add" />
+                </p>   
+
+                <p>
+                    <label for="portgroup_custom">add custom destination ports (use single 100 or range 100-200)</label><br>
+                    <input type="text" name="portgroup_custom" id="portgroup_custom" value="{{ destinationport_custom }}" size="14"> 
+                    <input type="checkbox" name="portgroup_custom_negate" id="portgroup_custom_negate" value="1"> 
+                    <label for="portgroup_custom_negate">negate </label>
+                    <input type="button" name="portgroup_custom_add" id="portgroup_custom_add" value="add" />
+                </p>       
+               
+                <p>
+                    <label for="portgroup">source ports filtered (click to remove)</label><br>
+                    <select name="portgroup" size="10" style="width: 200px;" id="portgroup">
+                    </select>
+                </p>
+
+
+            </div>
+        </div>
+
+    </div>
+
+
+    <input type="submit" value="Edit Group">
+</form>
+
+
+
+   
+<script>
+    $(document).ready(function () {  
+        
+        for (var port in portgroups_json["port"]) {
+            port_text = portgroups_json["port"][port];
+
+            if ($("#portgroup option[value='" + port_text + "']").length == 0) {
+                $('#portgroup').append($('<option>', {
+                    value: port_text,
+                    text: port_text
+                }));
+            }
+        }
+
+
+        $("#portgroup_common_add").click(function () {
+            port = $("#portgroup_common").children("option:selected").val();
+            if (port == "") {
+                return false;
+            }
+
+            if ($("#portgroup_common_negate").is(":checked")) {
+                negate = "!";
+            } else {
+                negate = "";
+            }
+
+            port_text = negate + port;
+
+            if ($("#portgroup option[value='" + port_text + "']").length == 0) {
+                $('#portgroup').append($('<option>', {
+                    value: port_text,
+                    text: port_text
+                }));
+            }
+        });
+
+        $("#portgroup_custom_add").click(function () {
+            port = $("#portgroup_custom").val();
+            if (port == "") {
+                return false;
+            }
+
+            if ($("#portgroup_custom_negate").is(":checked")) {
+                negate = "!";
+            } else {
+                negate = "";
+            }
+
+            port_text = negate + port;
+
+            if ($("#portgroup option[value='" + port_text + "']").length == 0) {
+                $('#portgroup').append($('<option>', {
+                    value: port_text,
+                    text: port_text
+                }));
+            }
+        });
+
+
+
+        $('#portgroup').click(function() {
+            $(this).find('option:selected').remove();
+        });
+
+
+        $("#portgroup_common, #portgroup_common_negate").keypress(function(event) { 
+            if (event.keyCode === 13) { 
+                $("#portgroup_common_add").click(); 
+                return false;
+            } 
+        }); 
+
+        $("#portgroup_custom, #portgroup_custom_negate").keypress(function(event) { 
+            if (event.keyCode === 13) { 
+                $("#portgroup_custom_add").click(); 
+                return false;
+            } 
+        }); 
+
+        // form basic validations
+        $("#form_addportgroup").submit(function(e){
+            var ports = [];
+
+            $("#portgroup option").each(function() {
+                x=$(this).val();
+                ports.push(x);
+            });
+
+            $('#portgroup_ports_hidden').val(JSON.stringify(ports));
+
+            if (ports.length <= 0) {
+                alert('Need at least one port.');
+                e.preventDefault();
+                return false;
+            }
+
+        });
+        
+
+
+
+    });
+</script>
+
+
+{% endblock %}
+
+
+

vycontrol/firewall/templates/firewall/portgroup-list.html

@@ -0,0 +1,56 @@
+{% extends "base.html" %}
+
+{% block header_title %}Firewall Group List{% endblock %}
+{% block section_title %}Firewall Group List{% endblock %}
+{% block username %}{{ username }}{% endblock %}
+
+{% block debug %}
+{{ firewall_portgroup }}
+{% endblock %}
+
+{% block content %}
+
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> |
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> 
+</p>
+<p class="submenu2">
+    <a href="{% url 'firewall:firewall-portgroup-add' %}">Add port group</a>
+</p>
+
+
+{% if firewall_portgroup %}
+    <table border="1" width="100%">
+        <tr>
+            <th width="25%">name</th>
+            <th width="30%">description</th>
+            <th width="25%">actions</th>
+        </tr>
+
+    {% for key, value in firewall_portgroup.items %}       
+        {% for ifkey, ifvalue in value.items %}
+            <tr>
+                <td>{{ ifkey }}</a></td>
+                <td>{{ ifvalue.description }}</td>
+                <td>
+                    <a href="{% url 'firewall:firewall-portgroup-edit' ifkey %}">Edit</a> | 
+                    <a href="{% url 'firewall:firewall-portgroup-del' ifkey %}">Remove</a>
+                </td>                
+            </tr>
+        {% endfor %}
+        
+    {% endfor %}
+
+    </table>
+{% else %}
+    <p>No port groups.</p>
+{% endif %}
+
+
+
+{% endblock %}
+
+
+

vycontrol/firewall/templates/firewall/show.html

@@ -15,7 +15,8 @@
     <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
     <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
     <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a>
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
 </p>
 <p class="submenu2">
     <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>

vycontrol/firewall/urls.py

@@ -25,6 +25,10 @@ urlpatterns = [
     path('firewall-networkgroup-del/<str:groupname>', views.firewall_networkgroup_del, name='firewall-networkgroup-del'),
     path('firewall-networkgroup-desc/<str:groupname>', views.firewall_networkgroup_desc, name='firewall-networkgroup-desc'),    
 
+    path('firewall-portgroup-list', views.firewall_portgroup_list, name='firewall-portgroup-list'),
+    path('firewall-portgroup-add', views.firewall_portgroup_add, name='firewall-portgroup-add'),
+    path('firewall-portgroup-del/<str:groupname>', views.firewall_portgroup_del, name='firewall-portgroup-del'),
+    path('firewall-portgroup-edit/<str:groupname>', views.firewall_portgroup_edit, name='firewall-portgroup-edit'),
 
 
 

vycontrol/firewall/views.py

@@ -80,8 +80,6 @@ def create(request):
     }   
     return HttpResponse(template.render(context, request))
 
-
-
 @is_authenticated
 def addrule(request, firewall_name):
         
@@ -100,7 +98,6 @@ def addrule(request, firewall_name):
 
     changed = False
 
-    print("hereuyy")    
     # verifing basic informations
     if (request.POST.get('rulenumber',None) != None and 
         request.POST.get('rulenumber') != "" and 
@@ -127,11 +124,9 @@ def addrule(request, firewall_name):
         #if result1['success'] == True:
         #    changed = True 
 
-        print("herexxx")
 
 
         if request.POST.get('protocol_criteria', None) != None:
-            print("here",request.POST.get('protocol_criteria', None))
             protocol_criteria = None
             protocol_negate = False
 
@@ -145,7 +140,6 @@ def addrule(request, firewall_name):
                 protocol_negate = True
 
 
-            print(protocol_criteria, protocol_negate)
 
             if protocol_criteria != None:
                 protocol_criteria_txt = ""
@@ -186,11 +180,6 @@ def addrule(request, firewall_name):
 
         if changed == True:
             return redirect('firewall:show', firewall_name)
-        
-
-
-
-
 
     template = loader.get_template('firewall/addrule.html')
     context = { 
@@ -211,7 +200,6 @@ def addrule(request, firewall_name):
     }  
     return HttpResponse(template.render(context, request))
 
-
 @is_authenticated
 def firewall_removerule(request, firewall_name, firewall_rulenumber):
     all_instances = vyos.instance_getall()
@@ -279,7 +267,6 @@ def editrule(request, firewall_name, firewall_rulenumber):
     }  
     return HttpResponse(template.render(context, request))
 
-
 @is_authenticated
 def show(request, firewall_name):
         
@@ -303,6 +290,132 @@ def show(request, firewall_name):
     }   
     return HttpResponse(template.render(context, request))
 
+@is_authenticated
+def firewall_portgroup_list(request):
+        
+    hostname_default = vyos.get_hostname_prefered(request)
+    firewall_portgroup = vyos.get_firewall_portgroup(hostname_default)
+    all_instances = vyos.instance_getall_by_group(request)
+    is_superuser = perms.get_is_superuser(request.user)
+
+    template = loader.get_template('firewall/portgroup-list.html')
+    context = { 
+        'firewall_portgroup': firewall_portgroup,
+        'hostname_default': hostname_default,
+        'username': request.user, 
+        'instances': all_instances,
+        'is_superuser' : is_superuser,
+    }   
+    return HttpResponse(template.render(context, request))
+
+@is_authenticated
+def firewall_portgroup_del(request, groupname):
+    hostname_default = vyos.get_hostname_prefered(request)
+    vyos.set_firewall_portgroup_del(hostname_default, groupname)
+    return redirect('firewall:firewall-portgroup-list')
+
+@is_authenticated
+def firewall_portgroup_add(request):
+    hostname_default = vyos.get_hostname_prefered(request)
+    all_instances = vyos.instance_getall_by_group(request)
+    is_superuser = perms.get_is_superuser(request.user)
+    netservices = network.get_services()
+
+    if request.POST.get('name', None) != None and request.POST.get('portgroup_ports_hidden', None) != None and request.POST.get('portgroup_ports_hidden') != '':
+
+        try:
+            ports = json.loads(request.POST.get('portgroup_ports_hidden'))
+        except ValueError:
+            return redirect('firewall:firewall-portgroup-list')
+
+        for port in ports:
+            vyos.set_firewall_portgroup_add(hostname_default, request.POST.get('name'), port)
+
+        if request.POST.get('description', None) != None:
+            vyos.set_firewall_portgroup_description(hostname_default, request.POST.get('name'), request.POST.get('description'))
+
+        return redirect('firewall:firewall-portgroup-list')
+
+
+
+    template = loader.get_template('firewall/portgroup-add.html')
+    context = { 
+        'hostname_default': hostname_default,
+        'username': request.user,        
+        'instances': all_instances,
+        'is_superuser' : is_superuser,
+        'services_common' : netservices['common'],
+        'services' : netservices['services'],
+    }   
+    return HttpResponse(template.render(context, request))
+
+@is_authenticated
+def firewall_portgroup_edit(request, groupname):
+    hostname_default = vyos.get_hostname_prefered(request)
+    all_instances = vyos.instance_getall_by_group(request)
+    is_superuser = perms.get_is_superuser(request.user)
+    netservices = network.get_services()
+    portgroups = vyos.get_firewall_portgroup(hostname_default)
+    portgroups_json = json.dumps(portgroups['port-group'][groupname], separators=(',', ':'))
+    description = portgroups['port-group'][groupname]['description']
+
+    if request.POST.get('description', None) != None:
+        vyos.set_firewall_portgroup_description(hostname_default, groupname, request.POST.get('description'))
+
+    if request.POST.get('portgroup_ports_hidden', None) != None and request.POST.get('portgroup_ports_hidden') != '':
+
+        try:
+            ports = json.loads(request.POST.get('portgroup_ports_hidden'))
+        except ValueError:
+            return redirect('firewall:firewall-portgroup-list')
+
+        port_remove = []
+        port_add = []
+        # each port in vyos database
+        for port in portgroups['port-group'][groupname]['port']:
+            # vyos port not in form
+            if port not in ports:
+                # so mark to remove
+                port_remove.append(port)
+
+        # each port comming from form
+        for port in ports:
+            # form port not in vyos database
+            if port not in portgroups['port-group'][groupname]['port']:
+                # so mark to add
+                port_add.append(port)
+
+        # add ports to vyos database
+        for port in port_add:
+            vyos.set_firewall_portgroup_add(hostname_default, groupname, port)
+
+        # remove ports to vyos database
+        for port in port_remove:
+            vyos.set_firewall_portgroup_delete_port(hostname_default, groupname, port)
+
+        if request.POST.get('description', None) != None:
+            vyos.set_firewall_portgroup_description(hostname_default, request.POST.get('name'), request.POST.get('description'))
+
+        return redirect('firewall:firewall-portgroup-list')
+
+
+
+
+    template = loader.get_template('firewall/portgroup-edit.html')
+    context = { 
+        'hostname_default': hostname_default,
+        'username': request.user,        
+        'instances': all_instances,
+        'is_superuser' : is_superuser,
+        'groupname' : groupname,
+        'services_common' : netservices['common'],
+        'services' : netservices['services'],
+        'description' : description,
+        'portgroups_json' : portgroups_json,
+    }   
+    return HttpResponse(template.render(context, request))
+
+
 @is_authenticated
 def firewall_networkgroup_list(request):
         
@@ -321,8 +434,6 @@ def firewall_networkgroup_list(request):
     }   
     return HttpResponse(template.render(context, request))
 
-
-
 @is_authenticated
 def firewall_networkgroup_add(request):
     hostname_default = vyos.get_hostname_prefered(request)
@@ -348,16 +459,12 @@ def firewall_networkgroup_add(request):
     }   
     return HttpResponse(template.render(context, request))
 
-
 @is_authenticated
 def firewall_networkgroup_del(request, groupname):
     hostname_default = vyos.get_hostname_prefered(request)
     vyos.set_firewall_networkgroup_del(hostname_default, groupname)
     return redirect('firewall:firewall-networkgroup-list')
 
-
-
-
 @is_authenticated
 def firewall_addressgroup_list(request):
         
@@ -376,7 +483,6 @@ def firewall_addressgroup_list(request):
     }   
     return HttpResponse(template.render(context, request))
 
-
 @is_authenticated
 def firewall_addressgroup_add(request):
         
@@ -438,7 +544,6 @@ def firewall_addressgroup_desc(request, groupname):
         'groupname': groupname,
     }   
     return HttpResponse(template.render(context, request))
-        
 
 @is_authenticated
 def firewall_networkgroup_desc(request, groupname):
@@ -462,8 +567,6 @@ def firewall_networkgroup_desc(request, groupname):
     }   
     return HttpResponse(template.render(context, request))
 
-
-
 @is_authenticated
 def firewall_config(request, firewall_name):  
     #interfaces = vyos.get_interfaces()
@@ -486,7 +589,6 @@ def firewall_config(request, firewall_name):
     }   
     return HttpResponse(template.render(context, request))
 
-
 @is_authenticated
 def firewall_global(request):
    
@@ -507,7 +609,6 @@ def firewall_global(request):
     
     return redirect('firewall:firewall-list')
 
-
 @is_authenticated
 def firewall_remove(request, firewall_name):
        

vycontrol/vyos.py

@@ -233,6 +233,32 @@ def set_firewall_allping_disable(hostname):
     result1 = api_set(hostname, cmd)
     return result1  
 
+def get_firewall_portgroup(hostname):
+    cmd = {"op": "showConfig", "path": ["firewall","group","port-group"]}
+    result1 = api_get(hostname, cmd)
+    return result1
+
+def set_firewall_portgroup_del(hostname, group_name):
+    cmd = {"op": "delete", "path": ["firewall","group",'port-group', group_name]}
+    result1 = api_set(hostname, cmd)
+    return result1 
+
+def set_firewall_portgroup_description(hostname, group_name, description):
+    cmd = {"op": "set", "path": ["firewall","group",'port-group', group_name, "description", description]}
+    result1 = api_set(hostname, cmd)
+    return result1 
+
+def set_firewall_portgroup_add(hostname, group_name, port):
+    cmd = {"op": "set", "path": ["firewall","group",'port-group', group_name, "port", port]}
+
+    result1 = api_set(hostname, cmd)
+    return result1    
+
+def set_firewall_portgroup_delete_port(hostname, group_name, port):
+    cmd = {"op": "delete", "path": ["firewall","group",'port-group', group_name, "port", port]}
+
+    result1 = api_set(hostname, cmd)
+    return result1         
 
 def get_firewall_addressgroup(hostname):
     cmd = {"op": "showConfig", "path": ["firewall","group","address-group"]}