Merge pull request #109 from vycontrol/b20.05.04

B20.05.04

vycontrol/filters/vycontrol_filters.py

@@ -1,4 +1,5 @@
 from django.template.defaultfilters import register
+import random
 
 
 @register.filter
@@ -29,3 +30,8 @@ def get_item_network(dictionary, key):
     d = dictionary.get(key)    
     return d['network']
 
+@register.simple_tag
+def random_int(a, b=None):
+    if b is None:
+        a, b = 0, a
+    return random.randint(a, b)

vycontrol/firewall/templates/firewall/addrule.html

@@ -1,712 +0,0 @@
-{% extends "base.html" %}
-
-{% block header_title %}Firewall {{firewall_name}}{% endblock %}
-{% block section_title %}<a href="{% url 'firewall:show' firewall_name %}">Firewall {{firewall_name}}</a> - create new rule{% endblock %}
-{% block username %}{{ username }}{% endblock %}
-
-{% block debug %}
-
-{{ firewall_name }}
-
-{{ services }}
-
-{{ services_common }}
-
-{{ firewall_networkgroup }}
-
-{{ firewall_addressgroup }}
-
-
-{% endblock %}
-
-{% block content %}
-
-{% comment %}
-<script type="text/javascript">
-    var firewall_networkgroup_data = '{{firewall_networkgroup_js|safe}}';
-    console.log(firewall_networkgroup_data);
-
-    var firewall_addressgroup_data = '{{firewall_addressgroup_js|safe}}';
-    console.log(firewall_addressgroup_data);    
-
-    var netservices_js = '{{netservices_js|safe}}';
-    console.log(netservices_js);    
-
-</script>
-{% endcomment %}
-
-
-<p class="submenu1">
-    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
-
-    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
-    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
-</p>
-<p class="submenu2">
-    
-</p>
-
-
-
-<form action="{% url 'firewall:addrule' firewall_name %}" method="post" id="form_addrule">
-    {% csrf_token %}
-    
-
-    <h3>Rule Config</h3>
-    <div class="container">
-        <div class="row">
-            <div class="col">
-                <p>
-                    <label for="alias">rule number</label><br>
-                    <input type="text" name="rulenumber" id="rulenumber" value="{{ rulenumber }}" size="5">
-                </p>
-            </div>
-
-            <div class="col">
-                <p>
-                    <label for="status">status</label><br>
-                    <input type="radio" name="status" id="status" value="enabled" checked="checked"> enabled
-                    <input type="radio" name="status" id="status" value="disabled"> disabled
-                </p>
-            </div>         
-
-            <div class="col">
-                <p>
-                    <label for="action">action</label><br>
-                    <input type="radio" class="fwaction" name="ruleaction" id="action" value="accept"> accept
-                    <input type="radio" class="fwaction" name="ruleaction" id="action" value="drop"> drop
-                    <input type="radio" class="fwaction" name="ruleaction" id="action" value="reject"> reject        
-                </p>
-            </div>
-        </div>
-
-        <div class="row">
-            <div class="col">
-                <p>
-                    <label for="alias">description</label><br>
-                    <input type="text" name="description" id="description" value="{{ description }}" size="60">
-                </p>
-            </div>
-
-
-        </div>       
-    </div>
-
-
-    <h3 class="matching_criteria"><input type="checkbox" name="criteria_protocol" value="1" id="criteria_protocol"> <label for="criteria_protocol" class="label_for_h3">Matching criteria - protocol</label></h3>
-    <div class="container" id="criteria_protocol_block" style="display: none">
-
-        <div class="row">
-
-            <div class="col">
-                <p>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_all" value="all"> all protocols<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_tcp" value="tcp"> tcp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_udp" value="udp"> udp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_tcp_udp" value="tcp_udp"> tcp and udp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_icmp" value="icmp"> icmp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_other" value="other"> other  
-                </p>
-
-
-            </div>
-
-            <div class="col">
-                
-
-                <p id="protocol_custom_block" style="display: none">
-                    <label for="protocol_custom">other protocol</label><br>
-                    <input type="text" name="protocol_custom" id="protocol_custom" value="{{ protocol_custom }}" size="5"> 
-                </p>                     
-                    
-                {% comment %}
-                <!-- require https://phabricator.vyos.net/T2451 be fixed -->
-                <p>
-                    <input type="checkbox" name="protocol_negate" id="protocol_negate" value="1">
-                    <label for="protocol_negate">negate </label>
-                </p>
-                {% endcomment %}
-            </div>
-        </div>
-    </div>
-
-    <h3  class="matching_criteria" id="criteria_port_block_header" style="display: none"><input type="checkbox" name="criteria_port" value="1" id="criteria_port"> <label for="criteria_port" class="label_for_h3">Matching criteria - port</label></h3>
-    <div class="container" id="criteria_port_block" style="display: none">
-        <div class="row">  
-            <div class="col">
-
-                
-                <p>
-                    <label for="destinationport_common">common destinations ports to add</label><br>
-                    <select name="destinationport_common" id="destinationport_common" size="1">
-                        <option value="">select one</option>
-                        {% for p in services_common %}
-                        <option value="{{ services|get_item_port:p }}">{{ p }} - {{ services|get_item_port:p }} </option>
-                        {% endfor %}
-                    </select>
-
-                    {% comment %}
-                    <input type="checkbox" name="destinationport_common_negate" id="destinationport_common_negate" value="1">
-                    <label for="destinationport_common_negate">negate </label>
-                    {% endcomment %}
-
-                    <input type="button" name="destinationport_common_add" id="destinationport_common_add" value="add" />
-                </p>
-
-
-                <p>
-                    <label for="destinationport_custom">add custom destination ports (use single 100 or range 100-200)</label><br>
-                    <input type="text" name="destinationport_custom" id="destinationport_custom" value="{{ destinationport_custom }}" size="14"> 
-                    
-                    {% comment %}
-                    <input type="checkbox" name="destinationport_custom_negate" id="destinationport_custom_negate" value="1"> 
-                    <label for="destinationport_custom_negate">negate </label>
-                    {% endcomment %}
-
-                    <input type="button" name="destinationport_custom_add" id="destinationport_custom_add" value="add" />
-                </p>                     
-                
-                <p>
-                    <label for="destinationport">destination ports filtered (click to remove)</label><br>
-                    <select name="destinationport" id="destinationport" size="10" style="width: 200px;">
-                    </select>
-
-
-                    <input type="hidden" name="destinationport_json" id="destinationport_json" value="" >
-                </p>
-                
-
-            </div>
-          
-            <div class="col">
-                <p>
-                    <label for="sourceport_common">common source ports to add</label><br>
-                    <select name="sourceport_common" id="sourceport_common" size="1">
-                        <option value="">select one</option>
-                        {% for p in services_common %}
-                        <option value="{{ services|get_item_port:p }}">{{ p }} - {{ services|get_item_port:p }}</option>
-                        {% endfor %}
-                    </select>
-
-                    <input type="checkbox" name="sourceport_common_negate" id="sourceport_common_negate" value="1">
-                    <label for="sourceport_common_negate">negate </label>
-                    <input type="button" name="sourceport_common_add" id="sourceport_common_add" value="add" />
-                </p>   
-
-                <p>
-                    <label for="sourceport_custom">add custom destination ports (use single 100 or range 100-200)</label><br>
-                    <input type="text" name="sourceport_custom" id="sourceport_custom" value="{{ destinationport_custom }}" size="14"> 
-                    <input type="checkbox" name="sourceport_custom_negate" id="sourceport_custom_negate" value="1"> 
-                    <label for="sourceport_custom_negate">negate </label>
-                    <input type="button" name="sourceport_custom_add" id="sourceport_custom_add" value="add" />
-                </p>       
-               
-                <p>
-                    <label for="sourceport">source ports filtered (click to remove)</label><br>
-                    <select name="sourceport" size="10" style="width: 200px;" id="sourceport">
-                    </select>
-
-                    <input type="hidden" name="sourceport_json" id="sourceport_json" value="" >
-
-
-                </p>
-
-
-            </div>
-        </div>
-
-    </div>
-
-    <h3 class="matching_criteria" id="criteria_tcpflags_header" style="display: none"><input type="checkbox" id="criteria_tcpflags" value="1" name="criteria_tcpflags"> <label for="criteria_tcpflags" class="label_for_h3">Matching criteria - TCP Flags</label></h3>    
-    <div class="container" id="criteria_tcpflags_block" style="display: none">
-        <div class="row">
-            <div class="col">
-                <table width="100%">
-                    <tr>
-                        <th>Allow flag</th>
-                        <th>Negate flag</th>
-                    </tr>
-                    <tr>
-                        <td><input type="checkbox" name="tcpflags_syn" id="tcpflags_syn" value="1"> SYN</td>
-                        <td><input type="checkbox" name="tcpflags_isyn" id="tcpflags_isyn" value="1"> !SYN</td>
-                    </tr>
-                    <tr>
-                        <td><input type="checkbox" name="tcpflags_ack" id="tcpflags_ack" value="1"> ACK</td>
-                        <td><input type="checkbox" name="tcpflags_iack" id="tcpflags_iack" value="1"> !ACK</td>
-                    </tr>
-                    <tr>
-                        <td><input type="checkbox" name="tcpflags_fin" id="tcpflags_fin" value="1"> FIN</td>
-                        <td><input type="checkbox" name="tcpflags_ifin" id="tcpflags_ifin" value="1"> !FIN</td>
-                    </tr>
-                    <tr>
-                        <td><input type="checkbox" name="tcpflags_rst" id="tcpflags_rst" value="1"> RST</td>
-                        <td><input type="checkbox" name="tcpflags_irst" id="tcpflags_irst" value="1"> !RST</td>
-                    </tr>
-                    <tr>
-                        <td><input type="checkbox" name="tcpflags_urg" id="tcpflags_urg" value="1"> URG</td>
-                        <td><input type="checkbox" name="tcpflags_iurg" id="tcpflags_iurg" value="1"> !URG</td>
-                    </tr>
-                    <tr>
-                        <td><input type="checkbox" name="tcpflags_psh" id="tcpflags_psh" value="1"> PSH</td>
-                        <td><input type="checkbox" name="tcpflags_ipsh" id="tcpflags_ipsh" value="1"> !PSH</td>
-                    </tr>
-                    <tr>
-                        <td><input type="checkbox" name="tcpflags_all" id="tcpflags_all" value="1"> ALL</td>
-                        <td><input type="checkbox" name="tcpflags_iall" id="tcpflags_iall" value="1"> !ALL</td>
-                    </tr>                        
-                </table>
-            </div>
-
-        </div>
-    </div>
-
-    <h3 class="matching_criteria"><input type="checkbox" id="criteria_address" value="1" name="criteria_address"> <label for="criteria_address" class="label_for_h3">Matching criteria - address</label></h3>
-    <div class="container" id="criteria_address_block" style="display: none">
-
-        <div class="row">
-            <div class="col">
-                <p>
-                    <label for="sdaddress_source">source address</label><br>
-                    <input type="text" name="sdaddress_source" id="sdaddress_source" value="" size="30">
-                </p>
-
-                <p>
-                    <input type="checkbox" name="sdaddress_source_negate" id="sdaddress_source_negate" value="1"> <label for="sdaddress_source_negate">negate source address</label>
-                </p>         
-            </div>
-
-            <div class="col">
-                <p>
-                    <label for="sdaddress_destination">destination address</label><br>
-                    <input type="text" name="sdaddress_destination" id="sdaddress_destination" value="" size="30">
-                </p>
-
-                <p>
-                    <input type="checkbox" name="sdaddress_destination_negate" id="sdaddress_destination_negate" value="1"> <label for="sdaddress_destination_negate">negate destination address</label>
-                </p>         
-             </div>
-        </div>
-
-
-        <div class="row">
-            <div class="col">    
-                <h4>Valid address examples</h4>
-            </div>
-        </div>
-
-        <div class="row">
-            <div class="col">
-                <dl>
-                    <dt>address</dt>
-                    <dd>192.0.2.1</dd>
-                    <dt>address range</dt>
-                    <dd>192.0.2.0-192.0.2.10</dd>
-                    <dt>CIDR</dt>
-                    <dd>192.0.2.0/24</dd>   
-                </dl>
-            </div>
-        </div>
-    </div>
-    
-    <h3 class="matching_criteria"><input type="checkbox" id="criteria_addressgroup" value="1" name="criteria_addressgroup"> <label for="criteria_addressgroup" class="label_for_h3">Matching criteria - address-group</label></h3>    
-    <div class="container" id="criteria_addressgroup_block" style="display: none">    
-
-        <div class="row">
-            <div class="col">
-                <p>
-                    <label for="sdaddressgroup_source">select at most one source address-group</label><br>
-                    <select name="sdaddressgroup_source" size="10"  style="width: 200px;">
-                        {% for f in firewall_addressgroup %}
-                        <option>{{ f }}</option>
-                        {% endfor %}      
-                    </select>
-                </p>
-
-            </div>
-
-            <div class="col">
-                <p>
-                    <label for="sdaddressgroup_destination">select at most one destination address-group</label><br>
-                    <select name="sdaddressgroup_destination" size="10" style="width: 200px;">
-                        {% for f in firewall_addressgroup %}
-                        <option>{{ f }}</option>
-                        {% endfor %}        
-                    </select>
-                </p>
-
-
-          </div>
-        </div>
-
-    </div>
-
-    <h3 class="matching_criteria"><input type="checkbox" id="criteria_networkgroup" value="1" name="criteria_networkgroup"> <label for="criteria_networkgroup" class="label_for_h3">Matching criteria - network-group</label></h3>    
-    <div class="container" id="criteria_networkgroup_block" style="display: none">
-        <div class="row">
-            <div class="col">
-                <p>
-                    <label for="sdnetworkgroup_source">select at most one source network-group</label><br>
-                    <select name="sdnetworkgroup_source" size="10" style="width: 200px;">
-                        {% for f in firewall_networkgroup %}
-                        <option>{{ f }}</option>
-                        {% endfor %}
-                    </select>
-                </p>         
-                
-            </div>
-
-            <div class="col">
-                <p>
-                    <label for="sdnetworkgroup_destination">select at most one destination network-group</label><br>
-                    <select name="sdnetworkgroup_destination" size="10" style="width: 200px;">
-                        {% for f in firewall_networkgroup %}
-                        <option>{{ f }}</option>
-                        {% endfor %}
-                    </select>
-                </p>
-
-
-          </div>
-        </div>
-
-    </div>    
-
-    <h3 class="matching_criteria"><input type="checkbox" id="criteria_portgroup" value="1" name="criteria_portgroup"> <label for="criteria_portgroup" class="label_for_h3">Matching criteria - port group</label></h3>    
-    <div class="container" id="criteria_portgroup_block" style="display: none">
-        <div class="row">
-            <div class="col">
-                <p>
-                    <label for="sdportgroup_source">source port group (single choice)</label><br>
-                    <select name="sdportgroup_source" id="sdportgroup_source" size="10" style="width: 200px;">
-                        {% for f in portgroups_groups %}
-                        <option>{{ f }}</option>
-                        {% endfor %}
-                    </select>
-                </p>
-
-            </div>
-
-            <div class="col">
-                <p>
-                    <label for="sdportgroup_destination">destination port group (single choice)</label><br>
-                    <select name="sdportgroup_destination" id="sdportgroup_destination" size="10" style="width: 200px;">
-                        {% for f in portgroups_groups %}
-                        <option>{{ f }}</option>
-                        {% endfor %}
-                    </select>
-                </p>
-
-
-          </div>
-        </div>
-
-    </div>    
-
-    <h3 class="matching_criteria"><input type="checkbox" id="criteria_sourcemac" value="1" name="criteria_sourcemac"> <label for="criteria_sourcemac" class="label_for_h3">Matching criteria - source mac address</label></h3>    
-    <div class="container" id="criteria_sourcemac_block" style="display: none">
-        <div class="row">
-            <div class="col">
-                <p>
-                    <label for="smac_source">mac address</label><br>
-                    <input type="text" name="smac_source" id="smac_source" value="" size="30">
-                </p>
-
-                <p>
-                    <input type="checkbox" name="smac_source_negate" id="smac_source_negate" value="1"> <label for="smac_source_negate">negate source mac address</label>
-                </p>                         
-            </div>
-
-        </div>
-
-    </div>
-
-
-    <h3 class="matching_criteria"><input type="checkbox" id="criteria_packetstate" value="1" name="criteria_packetstate"> <label for="criteria_packetstate" class="label_for_h3">Matching criteria - Packet State</label></h3>    
-    <div class="container" id="criteria_packetstate_block" style="display: none">
-        <div class="row">
-            <div class="col">
-                <p>
-                    <input type="checkbox" name="packetstate_established" id="state_established" value="1"> established
-                    <input type="checkbox" name="packetstate_invalid" id="state_invalid" value="1"> invalid
-                    <input type="checkbox" name="packetstate_new" id="state_new" value="1"> new
-                    <input type="checkbox" name="packetstate_related" id="state_related" value="1"> releated        
-                </p>
-            </div>
-
-        </div>            
-    </div>
-    
-    <input type="submit" value="Add Rule">
-    </form>
-
-    
-<script>
-
-    function isNumeric(n) {
-            return !isNaN(parseFloat(n)) && isFinite(n);
-    }
-
-    $(document).ready(function () {                            
-        $(".protocol_criteria").change(function () {
-            if ($("#protocol_criteria_other").is(":checked")) {
-                $('#protocol_custom_block').show();
-            }
-            else if ($("#addresstype_range").not(":checked")) {
-                $('#protocol_custom_block').hide();
-            }
-
-            protocol_criteria = $('.protocol_criteria:checked').val();
-
-
-            if (['tcp', 'udp', 'tcp_udp'].includes(protocol_criteria) == false) {
-                $("#criteria_port").prop("checked", false);
-                $("#criteria_port_block_header").hide();
-                $("#criteria_port_block").hide();
-            } else {
-                $("#criteria_port_block_header").show("highlight", {color: '#FBE28A'}, 2000);
-            }
-
-            if (['tcp', 'tcp_udp'].includes(protocol_criteria) == false) {
-                $("#criteria_tcpflags_header").hide();
-                $("#criteria_tcpflags_block").hide();
-            } else {
-                $("#criteria_tcpflags_header").show("highlight", {color: '#FBE28A'}, 2000);
-            }
-            
-
-
-        });
-
-        $("#criteria_protocol").change(function () {
-            if ($("#criteria_protocol").is(":checked")) {
-                $('#criteria_protocol_block').show();
-            }
-            else if ($("#criteria_protocol").not(":checked")) {
-                $('#criteria_protocol_block').hide();
-            }
-        });
-
-        $("#criteria_port").change(function () {
-            if ($("#criteria_port").is(":checked")) {
-                $('#criteria_port_block').show();
-            }
-            else if ($("#criteria_port").not(":checked")) {
-                $('#criteria_port_block').hide();
-            }
-        });  
-
-        $("#criteria_address").change(function () {
-            if ($("#criteria_address").is(":checked")) {
-                $('#criteria_address_block').show();
-            }
-            else if ($("#criteria_address").not(":checked")) {
-                $('#criteria_address_block').hide();
-            }
-        });    
-
-        $("#criteria_addressgroup").change(function () {
-            if ($("#criteria_addressgroup").is(":checked")) {
-                $('#criteria_addressgroup_block').show();
-            }
-            else if ($("#criteria_addressgroup").not(":checked")) {
-                $('#criteria_addressgroup_block').hide();
-            }
-        });    
-
-        $("#criteria_networkgroup").change(function () {
-            if ($("#criteria_networkgroup").is(":checked")) {
-                $('#criteria_networkgroup_block').show();
-            }
-            else if ($("#criteria_networkgroup").not(":checked")) {
-                $('#criteria_networkgroup_block').hide();
-            }
-        });   
-
-        $("#criteria_portgroup").change(function () {
-            if ($("#criteria_portgroup").is(":checked")) {
-                $('#criteria_portgroup_block').show();
-            }
-            else if ($("#criteria_portgroup").not(":checked")) {
-                $('#criteria_portgroup_block').hide();
-            }
-        });                                        
-
-        $("#criteria_sourcemac").change(function () {
-            if ($("#criteria_sourcemac").is(":checked")) {
-                $('#criteria_sourcemac_block').show();
-            }
-            else if ($("#criteria_sourcemac").not(":checked")) {
-                $('#criteria_sourcemac_block').hide();
-            }
-        });     
-
-        $("#criteria_tcpflags").change(function () {
-            if ($("#criteria_tcpflags").is(":checked")) {
-                $('#criteria_tcpflags_block').show();
-            }
-            else if ($("#criteria_tcpflags").not(":checked")) {
-                $('#criteria_tcpflags_block').hide();
-            }
-        });
-
-        $("#criteria_packetstate").change(function () {
-            if ($("#criteria_packetstate").is(":checked")) {
-                $('#criteria_packetstate_block').show();
-            }
-            else if ($("#criteria_packetstate").not(":checked")) {
-                $('#criteria_packetstate_block').hide();
-            }
-        });   
-
-        // form basic validations
-        $("#form_addrule").submit(function(e){
-            rulenumber = $('#rulenumber').val();
-            
-
-            if (rulenumber == "" || isNumeric(rulenumber) == false) {
-                alert('Rule number must be definied and be numeric.');
-                e.preventDefault();
-                return false;
-            } else if (rulenumber < 1 && rulenumber > 9999) {
-                alert('Rule number must be between 1 and 9999.');
-                e.preventDefault();
-                return false;
-            }
-            
-            if (!$('.fwaction').is(':checked')){
-                alert('Rule action must be selected.');
-                e.preventDefault();
-                return false;
-            } 
-
-            var destinationport_values = []
-            $("#destinationport option").each(function() {
-                destinationport_values.push($(this).val());
-            });
-            var destinationport_json = JSON.stringify(destinationport_values);
-            $("#destinationport_json").val(destinationport_json);
-
-            var sourceport_values = []
-            $("#sourceport option").each(function() {
-                sourceport_values.push($(this).val());
-            });            
-            var sourceport_json = JSON.stringify(sourceport_values);
-            $("#sourceport_json").val(sourceport_json);
-
-            console.log(sourceport_json)
-
-
-            //e.preventDefault();
-        });
-     
-        $("#sourceport_common_add").click(function () {
-            port = $("#sourceport_common").children("option:selected").val();
-            text = $("#sourceport_common").children("option:selected").text();            
-            if (port == "") {
-                return false;
-            }
-
-            if ($("#sourceport_common_negate").is(":checked")) {
-                negate = "!";
-            } else {
-                negate = "";
-            }
-
-            v = negate + port;
-            t = negate + text;
-
-            if ($("#sourceport option[value='" + v + "']").length == 0) {
-                $('#sourceport').append($('<option>', {
-                    value: v,
-                    text: t
-                }));
-            }
-        });
-
-        $("#sourceport_custom_add").click(function () {
-            port = $("#sourceport_custom").val();
-            if (port == "") {
-                return false;
-            }
-
-            if ($("#sourceport_custom_negate").is(":checked")) {
-                negate = "!";
-            } else {
-                negate = "";
-            }
-
-            port_text = negate + port;
-
-            if ($("#sourceport option[value='" + port_text + "']").length == 0) {
-                $('#sourceport').append($('<option>', {
-                    value: port_text,
-                    text: port_text
-                }));
-            }
-        });
-
-        $("#destinationport_common_add").click(function () {
-            port = $("#destinationport_common").children("option:selected").val();
-            text = $("#destinationport_common").children("option:selected").text();
-            if (port == "") {
-                return false;
-            }
-
-            if ($("#destinationport_common_negate").is(":checked")) {
-                negate = "!";
-            } else {
-                negate = "";
-            }
-
-            v = negate + port;
-            t = negate + text;
-
-            if ($("#destinationport option[value='" + v + "']").length == 0) {
-                $('#destinationport').append($('<option>', {
-                    value: v,
-                    text: t
-                }));
-            }
-        });
-
-        $("#destinationport_custom_add").click(function () {
-            port = $("#destinationport_custom").val();
-            if (port == "") {
-                return false;
-            }
-
-            if ($("#destinationport_custom_negate").is(":checked")) {
-                negate = "!";
-            } else {
-                negate = "";
-            }
-
-            port_text = negate + port;
-
-            if ($("#destinationport option[value='" + port_text + "']").length == 0) {
-                $('#destinationport').append($('<option>', {
-                    value: port_text,
-                    text: port_text
-                }));
-            }
-        });
-
-        $('#sourceport').click(function() {
-            $(this).find('option:selected').remove();
-        });
-
-        $('#destinationport').click(function() {
-            $(this).find('option:selected').remove();
-        });        
-
- });
-</script>
-          
-
-
-{% endblock %}
-
-
-

vycontrol/firewall/templates/firewall/editrule.html

@@ -4,67 +4,36 @@
 {% block section_title %}<a href="{% url 'firewall:show' firewall_name %}">Firewall {{firewall_name}}</a> - edit rule {{ firewall_rulenumber }}{% endblock %}
 {% block username %}{{ username }}{% endblock %}
 
-{% block debug %}
-
-{{ firewall }}
-
-{{ mode }}
-
-{{ firewall_name }}
-
-{{ services }}
 
-{{ services_common }}
-
-{{ firewall_networkgroup }}
-
-{{ firewall_addressgroup }}
-
-{{ rulenumber }}
+{% block submenu %}
+<p class="submenu1">
+    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
 
-{{ firewall_name }}
+    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
+    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
+    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
+    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
+</p>
+<p class="submenu2">
+    <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>
+</p>
+{% endblock submenu %}
 
-{{ ruledata }}
 
+{% block debug %}
+{{ ruledata_pretty }}
 {% endblock %}
 
-{% block content %}
 
-{% comment %}
-<script type="text/javascript">
-    var firewall_networkgroup_data = '{{firewall_networkgroup_js|safe}}';
-    console.log(firewall_networkgroup_data);
+{% block content %}
 
-    var firewall_addressgroup_data = '{{firewall_addressgroup_js|safe}}';
-    console.log(firewall_addressgroup_data);    
 
-    var netservices_js = '{{netservices_js|safe}}';
-    console.log(netservices_js);   
-</script>
-{% endcomment %}
-
-{% if mode == "editrule" %}
 <script type="text/javascript">
     var ruledata_js = JSON.parse('{{ruledata_json|safe}}');
 </script>
-{% endif %}
-
 
 
 
-<p class="submenu1">
-    <a href="{% url 'firewall:firewall-list' %}">Firewall List</a> | 
-
-    <a href="{% url 'firewall:firewall-create' %}">Create new firewall</a> | 
-    <a href="{% url 'firewall:firewall-addressgroup-list' %}">Address Group</a> | 
-    <a href="{% url 'firewall:firewall-networkgroup-list' %}">Network Group</a> | 
-    <a href="{% url 'firewall:firewall-portgroup-list' %}">Port Group</a>
-</p>
-<p class="submenu2">
-    <a href="{% url 'firewall:addrule' firewall_name %}">Add new rule</a>
-</p>
-
-
 {% if mode == "editrule" %}
 <form action="{% url 'firewall:editrule' firewall_name rulenumber %}" method="post" id="form_change">
 {% elif mode == "addrule" %}
@@ -78,11 +47,11 @@
     <div class="container">
         <div class="row">
 
-            {% if mode == "addrule" %}
+            {% if mode != "editrule" and rulenumber == None %}
             <div class="col">
                 <p>
                     <label for="alias">rule number</label><br>
-                    <input type="text" name="rulenumber" id="rulenumber" value="{{ rulenumber }}" size="5">
+                    <input type="text" name="rulenumber" id="rulenumber" value="" size="5">
                 </p>
             </div>
             {% endif %}
@@ -90,8 +59,8 @@
             <div class="col">
                 <p>
                     <label for="status">status</label><br>
-                    <input type="radio" name="status" id="status_enabled" value="enabled" checked="checked"> enabled
-                    <input type="radio" name="status" id="status_disabled" value="disabled"> disabled
+                    <input type="radio" name="status" id="status_enabled" value="enable" checked="checked"> enabled
+                    <input type="radio" name="status" id="status_disabled" value="disable"> disabled
                 </p>
             </div>         
 
@@ -130,7 +99,8 @@
                     <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_udp" value="udp"> udp<br>
                     <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_tcp_udp" value="tcp_udp"> tcp and udp<br>
                     <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_icmp" value="icmp"> icmp<br>
-                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_other" value="other"> other  
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_other" value="other"> other<br>
+                    <input type="radio" class="protocol_criteria" name="protocol_criteria" id="protocol_criteria_none" value="none"> none  
                 </p>
 
 
@@ -242,7 +212,7 @@
 
     </div>
 
-    <h3 class="matching_criteria" id="criteria_tcpflags_header" style="display: none"><input type="checkbox" id="criteria_tcpflags" value="1" name="criteria_tcpflags"> <label for="criteria_tcpflags" class="label_for_h3">Matching criteria - TCP Flags</label></h3>    
+    <h3 class="matching_criteria" id="criteria_tcpflags_header" style="display: none"><input type="checkbox" id="criteria_tcpflags" value="1" name="criteria_tcpflags"> <label for="criteria_tcpflags" class="label_for_h3">Matching criteria - TCP flags</label></h3>    
     <div class="container" id="criteria_tcpflags_block" style="display: none">
         <div class="row">
             <div class="col">
@@ -291,23 +261,23 @@
         <div class="row">
             <div class="col">
                 <p>
-                    <label for="sdaddress_source">source address</label><br>
-                    <input type="text" name="sdaddress_source" id="sdaddress_source" value="" size="30">
+                    <label for="saddress">source address</label><br>
+                    <input type="text" name="saddress" id="saddress" value="{{ ruledata.source.address|default:"" }}" size="30">
                 </p>
 
                 <p>
-                    <input type="checkbox" name="sdaddress_source_negate" id="sdaddress_source_negate" value="1"> <label for="sdaddress_source_negate">negate source address</label>
+                    <input type="checkbox" name="saddress_negate" id="saddress_negate" value="1"> <label for="saddress_negate">negate source address</label>
                 </p>         
             </div>
 
             <div class="col">
                 <p>
-                    <label for="sdaddress_destination">destination address</label><br>
-                    <input type="text" name="sdaddress_destination" id="sdaddress_destination" value="" size="30">
+                    <label for="daddress">destination address</label><br>
+                    <input type="text" name="daddress" id="daddress" value="{{ ruledata.destination.address|default:"" }}" size="30">
                 </p>
 
                 <p>
-                    <input type="checkbox" name="sdaddress_destination_negate" id="sdaddress_destination_negate" value="1"> <label for="sdaddress_destination_negate">negate destination address</label>
+                    <input type="checkbox" name="daddress_negate" id="daddress_negate" value="1"> <label for="daddress_negate">negate destination address</label>
                 </p>         
              </div>
         </div>
@@ -339,24 +309,30 @@
         <div class="row">
             <div class="col">
                 <p>
-                    <label for="sdaddressgroup_source">single choice - you cannot set a group and an adresss together</label><br>
-                    <select name="sdaddressgroup_source" id="sdaddressgroup_source" size="10"  style="width: 200px;">
+                    <label for="saddressgroup"><b>source address group</b><br>single choice<br>can't mix group and an adresss together</label><br>
+                    <select name="saddressgroup" id="saddressgroup" size="10"  style="width: 200px;">
                         {% for f in firewall_addressgroup %}
                         <option value="{{ f }}">{{ f }}</option>
                         {% endfor %}      
                     </select>
+
+                    <br>
+                    <input type="button" id="saddressgroup_clear" value="clear">
                 </p>
 
             </div>
 
             <div class="col">
                 <p>
-                    <label for="sdaddressgroup_destination">single choice - you cannot set a group and an adresss together</label><br>
-                    <select name="sdaddressgroup_destination" id="sdaddressgroup_destination" size="10" style="width: 200px;">
+                    <label for="daddressgroup"><b>destination address group</b><br>single choice<br>can't mix group and an adresss together</label><br>
+                    <select name="daddressgroup" id="daddressgroup" size="10" style="width: 200px;">
                         {% for f in firewall_addressgroup %}
                         <option value="{{ f }}">{{ f }}</option>
                         {% endfor %}        
                     </select>
+
+                    <br>
+                    <input type="button" id="daddressgroup_clear" value="clear">
                 </p>
 
 
@@ -370,27 +346,32 @@
         <div class="row">
             <div class="col">
                 <p>
-                    <label for="sdnetworkgroup_source">select at most one source network-group (can't mix destination address group and address)</label><br>
-                    <select name="sdnetworkgroup_source" id="sdnetworkgroup_source" size="10" style="width: 200px;">
+                    <label for="snetworkgroup"><b>source network group</b><br>single choice<br>can't mix destination address group and address</label><br>
+                    <select name="snetworkgroup" id="snetworkgroup" size="10" style="width: 200px;">
                         {% for f in firewall_networkgroup %}
-                        <option>{{ f }}</option>
+                        <option value="{{ f }}">{{ f }}</option>
                         {% endfor %}
                     </select>
+
+                    <br>
+                    <input type="button" id="snetworkgroup_clear" value="clear">
                 </p>         
                 
             </div>
 
             <div class="col">
                 <p>
-                    <label for="sdnetworkgroup_destination">select at most one destination network-group (can't mix destination address group and address)</label><br>
-                    <select name="sdnetworkgroup_destination" id="sdnetworkgroup_destination" size="10" style="width: 200px;">
+                    <label for="dnetworkgroup"><b>destination network group</b><br>single choice<br>can't mix destination address group and address</label><br>
+                    <select name="dnetworkgroup" id="dnetworkgroup" size="10" style="width: 200px;">
                         {% for f in firewall_networkgroup %}
-                        <option>{{ f }}</option>
+                        <option value="{{ f }}">{{ f }}</option>
                         {% endfor %}
                     </select>
+              
+                    <br>
+                    <input type="button" id="dnetworkgroup_clear" value="clear">
                 </p>
 
-
           </div>
         </div>
 
@@ -401,24 +382,30 @@
         <div class="row">
             <div class="col">
                 <p>
-                    <label for="sdportgroup_source">source port group (single choice and can't mix source port group and port)</label><br>
-                    <select name="sdportgroup_source" id="sdportgroup_source" size="10" style="width: 200px;">
-                        {% for f in portgroups_groups %}
+                    <label for="sportgroup"><b>source port group</b><br>single choice<br>can't mix source port group and port</label><br>
+                    <select name="sportgroup" id="sportgroup" size="10" style="width: 200px;">
+                        {% for f in firewall_portgroup %}
                         <option value="{{ f }}">{{ f }}</option>
                         {% endfor %}
                     </select>
+
+                    <br>
+                    <input type="button" id="sportgroup_clear" value="clear">
                 </p>
 
             </div>
 
             <div class="col">
                 <p>
-                    <label for="sdportgroup_destination">destination port group (single choice and can't mix destination port group and port)</label><br>
-                    <select name="sdportgroup_destination" id="sdportgroup_destination" size="10" style="width: 200px;">
-                        {% for f in portgroups_groups %}
+                    <label for="dportgroup"><b>destination port group</b><br>single choice<br>can't mix destination port group and port</label><br>
+                    <select name="dportgroup" id="dportgroup" size="10" style="width: 200px;">
+                        {% for f in firewall_portgroup %}
                         <option value="{{ f }}">{{ f }}</option>
                         {% endfor %}
                     </select>
+
+                    <br>
+                    <input type="button" id="dportgroup_clear" value="clear">
                 </p>
 
 
@@ -446,7 +433,7 @@
     </div>
 
 
-    <h3 class="matching_criteria"><input type="checkbox" id="criteria_packetstate" value="1" name="criteria_packetstate"> <label for="criteria_packetstate" class="label_for_h3">Matching criteria - Packet State</label></h3>    
+    <h3 class="matching_criteria"><input type="checkbox" id="criteria_packetstate" value="1" name="criteria_packetstate"> <label for="criteria_packetstate" class="label_for_h3">Matching criteria - packet state</label></h3>    
     <div class="container" id="criteria_packetstate_block" style="display: none">
         <div class="row">
             <div class="col">
@@ -738,6 +725,34 @@
             $(this).find('option:selected').remove();
         });             
 
+        $('#daddressgroup_clear').click(function() {
+            $('#daddressgroup').val([]);
+        });     
+
+        $('#saddressgroup_clear').click(function() {
+            $('#saddressgroup').val([]);
+        });          
+
+        $('#dnetworkgroup_clear').click(function() {
+            $('#dnetworkgroup').val([]);
+        });     
+
+        $('#snetworkgroup_clear').click(function() {
+            $('#snetworkgroup').val([]);
+        });                             
+
+        $('#dportgroup_clear').click(function() {
+            $('#dportgroup').val([]);
+        });     
+
+        $('#sportgroup_clear').click(function() {
+            $('#sportgroup').val([]);
+        });                             
+
+        
+
+
+
         // json gives criteria_packetstate
         criteria_packetstate_lenght = 0
         for (state in ruledata_js['state']) {
@@ -759,6 +774,8 @@
         if (protocol && protocol.length > 0) {
                 $('#criteria_protocol_block').show();
                 $("#criteria_protocol").prop("checked", true);
+                $("#criteria_protocol").hide();
+                
 
                 if (protocol == "all") { $("#protocol_criteria_all").prop("checked", true); }
                 if (protocol == "tcp") { 
@@ -819,6 +836,7 @@
             // $("#criteria_protocol_header").show("highlight", {color: '#FBE28A'}, 2000);
             $("#criteria_port").prop("checked", true);
             $("#criteria_port_block").show();
+            $("#criteria_port").hide();            
         }
 
         // json gives criteria_tcpflags
@@ -841,6 +859,8 @@
             // $("#criteria_protocol_header").show("highlight", {color: '#FBE28A'}, 2000);
             $("#criteria_tcpflags").prop("checked", true);
             $("#criteria_tcpflags_block").show();
+            $("#criteria_tcpflags").hide();        
+
         }
 
         // json gives criteria_address
@@ -850,31 +870,33 @@
             ) {
             $("#criteria_address").prop("checked", true);
             $("#criteria_address_block").show(); 
+            $("#criteria_address").hide();        
 
 
-            var sdaddress_source = ruledata_js['source']['address'];
-            if (sdaddress_source.startsWith("!")) {
-                var sdaddress_source_inverse = 1;
-                sdaddress_source = sdaddress_source.replace("!", "");
+
+            var saddress = ruledata_js['source']['address'];
+            if (saddress.startsWith("!")) {
+                var saddress_inverse = 1;
+                saddress = saddress.replace("!", "");
             }
 
-            var sdaddress_destination = ruledata_js['destination']['address'];
-            if (sdaddress_destination.startsWith("!")) {
-                var sdaddress_destination_inverse = 1;
-                sdaddress_destination = sdaddress_destination.replace("!", "");
+            var daddress = ruledata_js['destination']['address'];
+            if (daddress.startsWith("!")) {
+                var daddress_inverse = 1;
+                daddress = daddress.replace("!", "");
             }            
 
-            if (sdaddress_source) {
-                $("#sdaddress_source").val(sdaddress_source)
+            if (saddress) {
+                $("#saddress").val(saddress)
             }
-            if (sdaddress_destination) {
-                $("#sdaddress_destination").val(sdaddress_destination)
+            if (daddress) {
+                $("#daddress").val(daddress)
             }            
-            if (sdaddress_source_inverse ==1 ) {
-                $("#sdaddress_source_negate").prop("checked", true);
+            if (saddress_inverse ==1 ) {
+                $("#saddress_negate").prop("checked", true);
             }
-            if (sdaddress_destination_inverse ==1 ) {
-                $("#sdaddress_destination_negate").prop("checked", true);
+            if (daddress_inverse ==1 ) {
+                $("#daddress_negate").prop("checked", true);
             }            
         }
 
@@ -887,21 +909,21 @@
             if ($.inArray("destination", ruledata_js)) {
     
                 if ($.inArray("group", ruledata_js["destination"])) {
-                    console.log("destination group");
+                    /* console.log("destination group"); */
                     if (ruledata_js["destination"] && ruledata_js["destination"]['group']) {
                         for (g in ruledata_js["destination"]["group"]) {
                             group_text = ruledata_js["destination"]["group"][g];
-                            // console.log(g + " = ", group_text)
+                            /* console.log(g + " = ", group_text) */
 
                             if (g == "address-group") {
                                 criteria_addressgroup_count++;
-                                $("#sdaddressgroup_destination option[value='" + group_text + "']").prop("selected", 'selected');
+                                $("#daddressgroup option[value='" + group_text + "']").prop("selected", 'selected');
                             } else if (g == "network-group") {
                                 criteria_networkgroup_count++;
-                                $("#sdaddressgroup_destination option[value='" + group_text + "']").prop("selected", 'selected');
+                                $("#dnetworkgroup option[value='" + group_text + "']").prop("selected", 'selected');
                             } else if (g == "port-group") {
                                 criteria_portgroup_count++;
-                                $("#sdportgroup_destination option[value='" + group_text + "']").prop("selected", 'selected');
+                                $("#dportgroup option[value='" + group_text + "']").prop("selected", 'selected');
                             }                                                
                         }
                     }                
@@ -909,21 +931,20 @@
             }
             if ($.inArray("source", ruledata_js)) {          
                 if ($.inArray("group", ruledata_js["source"])) {
-                    console.log("source group");
+                    /* console.log("source group"); */
                     if (ruledata_js["source"] && ruledata_js["source"]['group']) {
                         for (g in ruledata_js["source"]["group"]) {
                             group_text = ruledata_js["source"]["group"][g];
-                            console.log(g + " = ", group_text)
-
+                            /* console.log(g + " = ", group_text) */
                             if (g == "address-group") {
                                 criteria_addressgroup_count++;
-                                $("#sdnetworkgroup_source option[value='" + group_text + "']").prop("selected", 'selected');
+                                $("#saddressgroup option[value='" + group_text + "']").prop("selected", 'selected');
                             } else if (g == "network-group") {
                                 criteria_networkgroup_count++;
-                                $("#sdnetworkgroup_destination option[value='" + group_text + "']").prop("selected", 'selected');
+                                $("#snetworkgroup option[value='" + group_text + "']").prop("selected", 'selected');
                             } else if (g == "port-group") {
                                 criteria_networkgroup_count++;
-                                $("#sdportgroup_source option[value='" + group_text + "']").prop("selected", 'selected');
+                                $("#sportgroup option[value='" + group_text + "']").prop("selected", 'selected');
                             }   
                         }
                     }
@@ -932,11 +953,19 @@
             if (criteria_addressgroup_count > 0) {
                 $("#criteria_addressgroup").prop("checked", true);
                 $("#criteria_addressgroup_block").show(); 
+                $("#criteria_addressgroup").hide();
             }
 
+            if (criteria_networkgroup_count > 0) {
+                $("#criteria_networkgroup").prop("checked", true);
+                $("#criteria_networkgroup_block").show(); 
+                $("#criteria_networkgroup").hide();
+            }            
+
             if (criteria_portgroup_count > 0) {
                 $("#criteria_portgroup").prop("checked", true);
                 $("#criteria_portgroup_block").show(); 
+                $("#criteria_portgroup").hide();
             }            
 
             
@@ -956,6 +985,8 @@
                     $('#smac_source').val(macaddr);
                     $("#criteria_sourcemac").prop("checked", true);
                     $("#criteria_sourcemac_block").show(); 
+                    $("#criteria_sourcemac").hide(); 
+
                     console.log(macaddr);
                 }
             }
@@ -963,9 +994,12 @@
 
 
         // check status disable
-        if ($.inArray("disable", ruledata_js)) {
+        if (ruledata_js['status'] == "disabled") {
+            $('#status_disabled').prop("checked", true);
+        } else if (ruledata_js['status'] == "enabled") {
+            $('#status_enabled').prop("checked", true);
+        } else if ('disable' in ruledata_js) {
             $('#status_disabled').prop("checked", true);
-            $('#status_enabled').prop("checked", false);
         }
 
  });

vycontrol/manage.py

@@ -5,7 +5,7 @@ import sys
 
 
 def main():
-    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vycenter.settings')
+    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vycontrol.settings')
     try:
         from django.core.management import execute_from_command_line
     except ImportError as exc:

vycontrol/s/main.css

@@ -1,10 +1,13 @@
 body {
     background-color: #333;
     color: white;
-    
-    
+    font-size: 12px;    
+
 }
 
+
+
+
 .container {
     color: black;
 }
@@ -54,7 +57,7 @@ form.instancedefault {
   display: inline;
 }
 
-#vyos-id,  #vycenter-config-menu {
+#vyos-id,  #vycontrol-config-menu {
     margin-right: 10px;
 }
 
@@ -75,30 +78,27 @@ form.instancedefault {
   margin: 0;  
 }
 
-#central h1 {
+h1 {
   font-size: 18px;
 }
 
-#central h2 {
+h2 {
   margin-top: 20px;
   font-size: 16px;
 }
 
-#central h3 {
+h3 {
   margin-top: 20px;
   font-size: 14px;
 }
 
-#central h4 {
+h4 {
   margin-top: 10px;
   font-size: 13px;
   font-weight: bold;
 }
 
 
-#central {
-  font-size: 12px;
-}
 
 #rulenumber:disabled {
     background-color: #ddd;
@@ -161,4 +161,47 @@ input[type=submit] {
 
 .matching_criteria { 
   padding: 3px;
-}
+}
+
+
+#msgs {
+  background-color: rgb(228, 218, 181);  
+  padding: 10px 10px 10px 10px;
+  list-style-type: none;
+}
+#msgs li:last-child {
+  margin-bottom: 0;
+}
+
+#msgs li {
+  margin-bottom: 10px;
+  padding: 4px 6px;
+}
+
+#msgs-header {
+  font-size: 14px;
+  padding: 0;
+  margin: 0 0 10px 0;
+  margin-top: 0;
+  
+}
+
+.msgs_success {
+  background-color: rgb(108, 108, 163);
+}
+.msgs_info {
+  background-color: rgb(146, 106, 165);
+}
+.msgs_debug {
+  background-color: rgb(158, 109, 132);
+}
+.msgs_alert {
+  background-color: rgb(161, 153, 103);
+}
+.msgs_error {
+  background-color: rgb(160, 73, 73);
+}
+
+
+
+

vycontrol/s/vycontrol.js

@@ -0,0 +1,13 @@
+jQuery.fn.visible = function() {
+    return this.css('visibility', 'visible');
+};
+
+jQuery.fn.invisible = function() {
+    return this.css('visibility', 'hidden');
+};
+
+jQuery.fn.visibilityToggle = function() {
+    return this.css('visibility', function(i, visibility) {
+        return (visibility == 'visible') ? 'hidden' : 'visible';
+    });
+};

vycontrol/static/templates/static/add.html

@@ -19,7 +19,6 @@
 </p>
 
 
-{% if error_message %}<p><strong>{{ error_message }}</strong></p>{% endif %}
 
 
 <h2>Create new static route</h2>

vycontrol/static/views.py

@@ -6,6 +6,10 @@ from django.conf import settings
 from django.urls import reverse
 
 import vyos
+import vycontrol_messages as vmsg
+import vycontrol_vyos_api_lib as vapilib
+import vycontrol_vyos_api as vapi
+
 from perms import is_authenticated
 from filters.vycontrol_filters import routeunpack
 import perms
@@ -38,32 +42,30 @@ def static_list(request):
 
 @is_authenticated    
 def static_add(request):
-        
+    msg = vmsg.msg()
+
     all_instances = vyos.instance_getall()
     hostname_default = vyos.get_hostname_prefered(request)
     static_list = vyos.get_route_static(hostname_default)
     is_superuser = perms.get_is_superuser(request.user)
 
-
-    error_message = None
     if 'subnet' in request.POST and 'nexthop' in request.POST:
-        return1 = vyos.set_route_static(hostname_default, request.POST['subnet'], request.POST['nexthop'])
-        if return1 == False: 
-            error_message = 'Cannot add static route.'
+        v = vapi.set_route_static(hostname_default, request.POST['subnet'], request.POST['nexthop'])
+        if v.success == False: 
+            msg.add_error("Static route add fail - " + v.reason)
         else:
-           return redirect('static:static-list')
-
+            msg.add_success("Static route added")
 
     ippath = vyos.ip_route(hostname_default)
 
     template = loader.get_template('static/add.html')
     context = { 
-        'instances': all_instances,
-        'hostname_default': hostname_default,
-        'static_list' : static_list,
-        'error_message' : error_message,
-        'username': request.user,
-        'is_superuser' : is_superuser,     
+        'instances':                        all_instances,
+        'hostname_default':                 hostname_default,
+        'static_list' :                     static_list,
+        'username':                         request.user,
+        'is_superuser' :                    is_superuser,     
+        'msg' :                             msg.get_all(),
     }   
     return HttpResponse(template.render(context, request))
 

vycontrol/vycenter/asgi.py → vycontrol/vycontrol/asgi.py

@@ -1,5 +1,5 @@
 """
-ASGI config for vycenter project.
+ASGI config for vycontrol project.
 
 It exposes the ASGI callable as a module-level variable named ``application``.
 
@@ -11,6 +11,6 @@ import os
 
 from django.core.asgi import get_asgi_application
 
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vycenter.settings')
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vycontrol.settings')
 
 application = get_asgi_application()

vycontrol/vycenter/settings.py → vycontrol/vycontrol/settings.py

@@ -1,5 +1,5 @@
 """
-Django settings for vycenter project.
+Django settings for vycontrol project.
 
 Generated by 'django-admin startproject' using Django 3.0.5.
 
@@ -81,12 +81,12 @@ MIDDLEWARE = [
 
 SESSION_ENGINE = "django.contrib.sessions.backends.cache"
 
-ROOT_URLCONF = 'vycenter.urls'
+ROOT_URLCONF = 'vycontrol.urls'
 
 TEMPLATES = [
     {
         'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': ['vycenter/templates'],
+        'DIRS': ['vycontrol/templates'],
         'APP_DIRS': True,
         'OPTIONS': {
             'context_processors': [
@@ -117,7 +117,7 @@ TEMPLATE_CONTEXT_PROCESSORS = (
 )
 
 
-WSGI_APPLICATION = 'vycenter.wsgi.application'
+WSGI_APPLICATION = 'vycontrol.wsgi.application'
 
 
 # Database

vycontrol/vycenter/templates/base.html → vycontrol/vycontrol/templates/base.html

@@ -9,10 +9,12 @@
 
     <!-- Bootstrap CSS -->
     <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
-    <link rel="stylesheet" href="{% static "main.css" %}?20">
+    <link rel="stylesheet" href="{% static "main.css" %}?{% random_int 100000 500000 %} ">
     <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
 
     <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.min.js"></script>
+    <script src="{% static "vycontrol.js" %}?{% random_int 100000 500000 %} "></script>
+
     <link rel="stylesheet" href="https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css">
 
 
@@ -44,7 +46,7 @@
               </select>
             
 
-              <span id="menu-username">{% block username %}{% endblock %}</span> <span id="vycenter-config-menu"> <a href="{% url 'registration-logout' %}">Logout</a></span>
+              <span id="menu-username">{% block username %}{% endblock %}</span> <span id="vycontrol-config-menu"> <a href="{% url 'registration-logout' %}">Logout</a></span>
 
 
           </p>
@@ -125,6 +127,22 @@
     </div>
     <div class="col content">
         <h2>{% block section_title %}{% endblock %}</h2>
+
+        {% block submenu %}{% endblock %}
+
+        {% for m in msg %}
+          {% if forloop.first %}  
+          <h2 id="msgs-header">Save result</h2>
+          <ul id="msgs">
+          {% endif %}
+            <li class="msgs_{{ m.msg_type }}">{{ m.msg_type }} - {{ m.msg }}</li>
+          {% if forloop.last %}  
+          </ul>
+          {% endif %}        
+        {% endfor %}
+
+
+
         {% block content %}{% endblock %}
     </div>
   </div>

vycontrol/vycenter/templates/base_not_logged.html → vycontrol/vycontrol/templates/base_not_logged.html

@@ -32,7 +32,7 @@
 
             
 
-              <span id="vycenter-config-menu"><a href="{% url 'registration-login' %}">Login</a></span>
+              <span id="vycontrol-config-menu"><a href="{% url 'registration-login' %}">Login</a></span>
 
           </p>
         </div>

vycontrol/vycenter/urls.py → vycontrol/vycontrol/urls.py

@@ -1,4 +1,4 @@
-"""vycenter URL Configuration
+"""vycontrol URL Configuration
 
 The `urlpatterns` list routes URLs to views. For more information please see:
     https://docs.djangoproject.com/en/3.0/topics/http/urls/
@@ -29,13 +29,13 @@ from . import views
 from django.contrib.auth import views as auth_views
 
 
-app_name = 'vycenter'
+app_name = 'vycontrol'
 
 urlpatterns = [
     path('', include('accounts.urls'), name="main-page"),
     path('config/', include('config.urls')),
     path('dashboard/', include('dashboard.urls')),
-    #path('', views.vycenter_login, name='vycenter-login'),
+    #path('', views.vycontrol_login, name='vycontrol-login'),
     path('admin/', admin.site.urls, name="django-admin"),
     #path('change-password/', auth_views.PasswordChangeView.as_view()),
     path('login/', auth_views.LoginView.as_view(), name="registration-login"),

vycontrol/vycenter/views.py → vycontrol/vycontrol/views.py

@@ -7,9 +7,9 @@ import vyos
 from config.models import Instance
 
 
-def vycenter_login(request):
+def vycontrol_login(request):
     
-    template = loader.get_template('vycenter/vycenter_login.html')
+    template = loader.get_template('vycontrol/vycontrol_login.html')
     context = {
     }
     return HttpResponse(template.render(context, request))

vycontrol/vycenter/wsgi.py → vycontrol/vycontrol/wsgi.py

@@ -1,5 +1,5 @@
 """
-WSGI config for vycenter project.
+WSGI config for vycontrol project.
 
 It exposes the WSGI callable as a module-level variable named ``application``.
 
@@ -11,6 +11,6 @@ import os
 
 from django.core.wsgi import get_wsgi_application
 
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vycenter.settings')
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'vycontrol.settings')
 
 application = get_wsgi_application()

vycontrol/vycontrol_messages.py

@@ -0,0 +1,53 @@
+
+import pprint
+
+
+class msg:
+    TYPES               = (
+        'error',        # some really bad happened
+        'success',      # its everything fine
+        'alert',        # alert, you must pay attention
+        'info',         # just information
+        'debug',        # debug information
+    )
+
+    msgs                = []
+
+    def __init__(self):
+        self.msgs = []
+        
+    def add(self, t, m):
+        if t in self.TYPES:
+            self.msgs.append({
+                "msg_type":     t,
+                "msg":          m     
+            })
+    
+    def add_error(self, m):
+        self.add('error', m)
+
+    def add_success(self, m):
+        self.add('success', m)
+
+    def add_alert(self, m):
+        self.add('alert', m)
+    
+    def add_info(self, m):
+        self.add('info', m)
+
+    def add_debug(self, m):
+        self.add('debug', m)                
+
+    def get_all(self):
+        return self.msgs
+
+
+
+def log(area, value = [], end = True):
+    print("\n\n")
+    print("######################## START LOG " + area.upper())
+    pprint.pprint(value, indent=4, width=160) 
+
+    if end == True:
+        print("######################## END LOG " + area.upper())
+    print("\n\n")

vycontrol/vycontrol_vyos_api.py

@@ -0,0 +1,374 @@
+import requests
+import json
+import pprint
+import sys
+import logging
+
+import vycontrol_vyos_api_lib as vapilib
+import perms
+
+
+
+def get_firewall_rulenumber(hostname, firewall, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "get",
+        op =        "showConfig",
+        cmd =       ["firewall", "name", firewall, "rule", rulenumber],
+        description = "get_firewall_rulenumber",
+    )
+    return v
+
+
+def get_firewall_group(hostname):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "get",
+        op =        "showConfig",
+        cmd =       ["firewall", "group"],
+        description = "get_firewall_group",
+    )
+    return v
+
+
+def set_firewall_rule_action(hostname, firewall_name, rulenumber, action):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "action", action],
+        description = "set rule action",
+    )
+    return v
+
+def set_firewall_rule_disabled(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "disable"],
+        description = "disable rule",
+    )
+    return v    
+
+def set_firewall_rule_enabled(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "disable"],
+        description = "enable rule",
+    )
+    return v    
+
+def set_firewall_rule_description(hostname, firewall_name, rulenumber, description):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "description", description],
+        description = "set rule description",
+    )
+    return v
+
+def set_firewall_rule_protocol(hostname, firewall_name, rulenumber, protocol_criteria_txt):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "protocol", protocol_criteria_txt],
+        description = "set rule protocol",
+    ) 
+    return v
+
+def set_firewall_rule_protocol_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "protocol"],
+        description = "delete rule protocol",
+    ) 
+    return v
+
+def set_firewall_rule_destination_ports(hostname, firewall_name, rulenumber, ports):
+    ports_text = ','.join(ports)
+
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "port", ports_text],
+        description = "set destination ports",
+    ) 
+    return v
+
+def set_firewall_rule_source_ports(hostname, firewall_name, rulenumber, ports):
+    ports_text = ','.join(ports)
+
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "port", ports_text],
+        description = "set source ports",
+    ) 
+    return v
+
+
+def set_firewall_rule_destination_ports_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "port"],
+        description = "delete destination port",
+    ) 
+    return v
+
+
+def set_firewall_rule_source_ports_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "port"],
+        description = "delete source port",
+    ) 
+    return v    
+
+
+def set_firewall_rule_tcpflags(hostname, firewall_name, rulenumber, tcpflags):
+    if len(tcpflags) > 0:
+        tcpflags_txt = ",".join(tcpflags)
+        v = vapilib.api (
+            hostname=   hostname,
+            api =       "post",
+            op =        "set",
+            cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "tcp", "flags", tcpflags_txt],
+            description = "set tcpflags",
+        )
+    return v
+
+def set_firewall_rule_tcpflags_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "tcp", "flags"],
+        description = "delete tcpflags",
+    )
+    return v    
+
+
+def set_firewall_rule_source_address(hostname, firewall_name, rulenumber, address):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "address", address],
+        description = "set saddress",
+    )
+    return v
+
+def set_firewall_rule_destination_address(hostname, firewall_name, rulenumber, address):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "address", address],
+        description = "set daddress",
+    )
+    return v
+
+def set_firewall_rule_source_address_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "address"],
+        description = "set saddress",
+    )
+    return v
+
+def set_firewall_rule_destination_address_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "address"],
+        description = "set daddress",
+    )
+    return v    
+
+def set_firewall_rule_source_addressgroup(hostname, firewall_name, rulenumber, saddressgroup):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "group", "address-group", saddressgroup],
+        description = "set saddressgroup",
+    )
+    return v  
+
+def set_firewall_rule_destination_addressgroup(hostname, firewall_name, rulenumber, daddressgroup):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "group", "address-group", daddressgroup],
+        description = "set daddressgroup",
+    )
+    return v 
+
+def set_firewall_rule_source_addressgroup_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "group", "address-group"],
+        description = "delete saddressgroup",
+    )
+    return v  
+
+def set_firewall_rule_destination_addressgroup_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "group", "address-group"],
+        description = "delete daddressgroup",
+    )
+    return v     
+
+
+def set_firewall_rule_source_networkgroup(hostname, firewall_name, rulenumber, snetworkgroup):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "group", "network-group", snetworkgroup],
+        description = "set snetworkgroup",
+    )
+    return v  
+
+def set_firewall_rule_destination_networkgroup(hostname, firewall_name, rulenumber, dnetworkgroup):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "group", "network-group", dnetworkgroup],
+        description = "set dnetworkgroup",
+    )
+    return v 
+
+def set_firewall_rule_source_networkgroup_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "group", "network-group"],
+        description = "delete snetworkgroup",
+    )
+    return v  
+
+def set_firewall_rule_destination_networkgroup_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "group", "network-group"],
+        description = "delete dnetworkgroup",
+    )
+    return v         
+
+def set_firewall_rule_source_portgroup(hostname, firewall_name, rulenumber, sportgroup):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "group", "port-group", sportgroup],
+        description = "set sportgroup",
+    )
+    return v  
+
+def set_firewall_rule_destination_portgroup(hostname, firewall_name, rulenumber, dportgroup):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "group", "port-group", dportgroup],
+        description = "set dportgroup",
+    )
+    return v 
+
+def set_firewall_rule_source_portgroup_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "group", "port-group"],
+        description = "delete sportgroup",
+    )
+    return v  
+
+def set_firewall_rule_destination_portgroup_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "destination", "group", "port-group"],
+        description = "delete dportgroup",
+    )
+    return v             
+
+def set_firewall_rule_source_mac(hostname, firewall_name, rulenumber, smac_txt):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "mac-address", smac_txt],
+        description = "set source mac",
+    )
+    return v
+
+def set_firewall_rule_source_mac_delete(hostname, firewall_name, rulenumber):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "source", "mac-address"],
+        description = "delete dportgroup",
+    )
+    return v
+
+def set_firewall_rule_packetstate(hostname, firewall_name, rulenumber, packetstate):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "state", packetstate, "enable"],
+        description = "set packetstate",
+    )
+    return v
+
+def set_firewall_rule_packetstate_delete(hostname, firewall_name, rulenumber, packetstate):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "delete",
+        cmd =       ["firewall", "name", firewall_name, "rule", rulenumber, "state", packetstate],
+        description = "delete packetstate",
+    )
+    return v
+
+
+def set_route_static(hostname, subnet, nexthop):
+    v = vapilib.api (
+        hostname=   hostname,
+        api =       "post",
+        op =        "set",
+        cmd =       ["protocols", "static", "route", subnet, "next-hop", nexthop],
+        description = "set_route_static",
+    )
+    return v

vycontrol/vyos2.py → vycontrol/vycontrol_vyos_api_lib.py

@@ -11,6 +11,7 @@ from django.contrib.auth.models import Group
 from django.contrib.auth.models import User
 
 import perms
+from vycontrol_messages import log
 
 class vyapi:
     error =     None
@@ -28,17 +29,6 @@ class vyapi:
         self.data = data
         self.reason = reason
 
-
-def log(area, value = [], end = True):
-    print("\n\n")
-    print("######################## START LOG " + area.upper())
-    pprint.pprint(value, indent=4, width=160) 
-
-    if end == True:
-        print("######################## END LOG " + area.upper())
-    print("\n\n")
-
-
 log("api " + " !!!!!!!!!!!!!! START NEW WEB PROCESS", end=False)
 
 API_LIST = {}
@@ -160,6 +150,9 @@ def api(hostname, api, op, cmd, description = ""):
     except json.JSONDecodeError:
         respjson = {'success': False, 'error': None, 'data': None}
 
+    #log("api raw", respjson)
+
+
     v = vyapi(
         result =    respjson['success'],
         reason =    respjson['error'],

vycontrol/vyos.py

@@ -201,12 +201,6 @@ def get_route_static(hostname):
     result1 = api_get(hostname, cmd)
     return result1
 
-def set_route_static(hostname, subnet, nexthop):
-    cmd = {"op": "set", "path": ["protocols","static","route", subnet, "next-hop", nexthop]}
-
-    result1 = api_set(hostname, cmd)
-    return result1  
-
 
 def set_firewall_syncookies_enable(hostname):
     cmd = {"op": "set", "path": ["firewall","syn-cookies",'enable']}

vycontrol/vyos_common.py

@@ -1,31 +0,0 @@
-import requests
-import json
-import pprint
-import sys
-import logging
-import vyos2
-
-import perms
-
-
-
-def get_firewall_rulenumber(hostname, firewall, rulenumber):
-    v = vyos2.api (
-        hostname=   hostname,
-        api =       "get",
-        op =        "showConfig",
-        cmd =       ["firewall", "name", firewall, "rule", rulenumber],
-        description = "get_firewall_rulenumber",
-    )
-    return v
-
-
-def get_firewall_group(hostname):
-    v = vyos2.api (
-        hostname=   hostname,
-        api =       "get",
-        op =        "showConfig",
-        cmd =       ["firewall", "group"],
-        description = "get_firewall_group",
-    )
-    return v