Commit 913d71e9 authored by Joseph Nuthalapati's avatar Joseph Nuthalapati

firewall: Display information that a service is internal only

Signed-off-by: Joseph Nuthalapati's avatarJoseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa's avatarSunil Mohan Adapa <sunil@medhas.org>
parent 45253775
Pipeline #10673 passed with stages
in 15 minutes and 11 seconds
......@@ -42,12 +42,18 @@ def parse_arguments():
'--zone', help='Zone from which the list is to be retrieved',
required=True)
# Get interface status
get_interfaces = subparsers.add_parser(
'get-interfaces', help='Get list of interfaces in a zone')
get_interfaces.add_argument(
'--zone', help='Zone from which the list is to be retrieved',
required=True)
# Add a service
add_service = subparsers.add_parser('add-service', help='Add a service')
add_service.add_argument('service', help='Name of the service to add')
add_service.add_argument('--zone',
help='Zone to which service is to be added',
required=True)
add_service.add_argument(
'--zone', help='Zone to which service is to be added', required=True)
# Remove a service status
remove_service = subparsers.add_parser('remove-service',
......@@ -81,8 +87,14 @@ def subcommand_get_status(_):
def subcommand_get_enabled_services(arguments):
"""Print the status of variours services"""
subprocess.call(['firewall-cmd', '--zone', arguments.zone,
'--list-services'])
subprocess.call(
['firewall-cmd', '--zone', arguments.zone, '--list-services'])
def subcommand_get_interfaces(arguments):
"""Print the list of interfaces in a zone."""
subprocess.call(
['firewall-cmd', '--zone', arguments.zone, '--list-interfaces'])
def subcommand_add_service(arguments):
......@@ -93,16 +105,21 @@ def subcommand_add_service(arguments):
def add_service(zone, service):
"""Permit a service in the firewall."""
subprocess.call(['firewall-cmd', '--zone', zone, '--add-service', service])
subprocess.call(['firewall-cmd', '--zone', zone, '--permanent',
'--add-service', service])
subprocess.call([
'firewall-cmd', '--zone', zone, '--permanent', '--add-service', service
])
def subcommand_remove_service(arguments):
"""Block a service in the firewall"""
subprocess.call(['firewall-cmd', '--zone', arguments.zone,
'--remove-service', arguments.service])
subprocess.call(['firewall-cmd', '--zone', arguments.zone, '--permanent',
'--remove-service', arguments.service])
subprocess.call([
'firewall-cmd', '--zone', arguments.zone, '--remove-service',
arguments.service
])
subprocess.call([
'firewall-cmd', '--zone', arguments.zone, '--permanent',
'--remove-service', arguments.service
])
def main():
......
......@@ -78,6 +78,12 @@ def get_enabled_services(zone):
return output.split()
def get_interfaces(zone):
"""Return the list of interfaces in a zone."""
output = _run(['get-interfaces', '--zone', zone], superuser=True)
return output.split()
def add_service(port, zone):
"""Enable a service in firewall"""
_run(['add-service', port, '--zone', zone], superuser=True)
......
......@@ -74,7 +74,7 @@ def init():
if not needs_setup:
global socks_service
socks_service = service_module.Service(
'tor-socks', _('Tor Anonymity Network'), ports=['tor-socks'],
'tor-socks', _('Tor Socks Proxy'), ports=['tor-socks'],
is_external=False, is_enabled=utils.is_enabled,
is_running=utils.is_running)
......
......@@ -80,6 +80,8 @@
</table>
{% endif %}
{% include "internal-zone.html" with service=socks_service %}
<h3>{% trans "Configuration" %}</h3>
<form class="form form-configuration" method="post">
......
......@@ -57,7 +57,8 @@ def index(request):
'manual_page': tor.manual_page,
'status': status,
'config_running': bool(config_process),
'form': form
'form': form,
'socks_service': tor.socks_service
})
......@@ -66,10 +67,10 @@ def _apply_changes(request, old_status, new_status):
try:
__apply_changes(request, old_status, new_status)
except ActionError as exception:
messages.error(request,
_('Action error: {0} [{1}] [{2}]').format(
exception.args[0], exception.args[1],
exception.args[2]))
messages.error(
request,
_('Action error: {0} [{1}] [{2}]').format(
exception.args[0], exception.args[1], exception.args[2]))
def __apply_changes(request, old_status, new_status):
......
......@@ -110,6 +110,11 @@ class Service(object):
"""Returns is_enabled relying on a correct service_id"""
return action_utils.service_is_enabled(self.service_id)
def get_internal_interfaces(self):
"""Returns a list of interfaces in a firewall zone."""
from plinth.modules import firewall
return firewall.get_interfaces('internal')
def init():
"""Register some misc. services that don't fit elsewhere."""
......
{% comment %}
#
# This file is part of FreedomBox.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
{% endcomment %}
{% load i18n %}
{% block internal_zone_warning %}
{% if not service.is_external %}
<div class="bg-warning">
{% blocktrans trimmed with service_name=service.name %}
<em>{{ service_name }}</em> is available only on internal networks.
{% endblocktrans %}
<p>
{% with interfaces=service.get_internal_interfaces %}
{% if not interfaces %}
{% trans "Currently there are no network interfaces configured as internal." %}
{% else %}
{% blocktrans trimmed with interface_list=interfaces|join:", " %}
Currently the following network interfaces are configured as internal: {{ interface_list }}
{% endblocktrans %}
{% endif %}
{% endwith %}
</p>
</div>
{% endif %}
{% endblock %}
......@@ -73,6 +73,8 @@
{% endif %}
{% endblock %}
{% include "internal-zone.html" %}
{% block configuration %}
<h3>{% trans "Configuration" %}</h3>
......
......@@ -261,7 +261,7 @@ a.menu_link_active {
.card-title {
font-weight: bold;
font-size: 1.75rem
font-size: 1.75rem;
}
.card-description {
......@@ -278,10 +278,19 @@ a.menu_link_active {
.card-icon span {
width: 100px;
height: 100px;
font-size: 80px
font-size: 80px;
}
/* Button table - Tables with a list of actions as buttons on top */
.button-table > .button-row + .table {
margin-top: 10px;
}
.bg-warning {
margin: 10px 0;
padding: 15px;
}
.bg-warning p:last-child {
margin: 0;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment