import osimport subprocessimport sysimport timeimport io#def decider

1. import os
2. import subprocess
3. import sys
4. import time
5. import io
6.  
7. #def decider(ruleList, counter, line):
8. #IN: <direction> <ip> <port> <flag>
9. #ruleList = <direction> <action> <ip> <port> <flag>
10. # finalaction = "drop"
11. # if finalaction != ("allow" or "deny")"
12. # input= line.split()
13.  
14. # use AND for ip addresses
15.  
16.  
17. # return ""
18. #OUT: <action>(<rule number>) <direction> <ip> <port> <flag>
19.  
20. def ruleLine(line,counter):
21. #<direction> <action> <ip> <port> [flag]
22. split = line.split("#")[0].strip().lower().split(" ")
23. length = len(split)
24. returner = ""
25. test = 0
26. count = str(counter)
27. if line[0] == '#':
28. return ""
29. elif length not in range(4,6):
30. print(split)
31. sys.stderr.write("Line " + count + ": Invalid rule, Ignoring Line\n")
32. return ""
33. else:
34. direction = split[0]
35. if direction not in {"in", "out"}:
36. sys.stderr.write("Line " + count + ": Invalid Direction, Ignoring Line\n")
37. return ""
38. returner = direction + " "
39. #------------------------------
40. action = split[1]
41. if action not in {"accept", "deny"}:
42. sys.stderr.write("Line " + count + ": Invalid action, Ignoring Line\n")
43. return ""
44. returner = action + " "
45. #------------------------------
46. iprange = split[2].split("/")
47. if len(iprange) > 2:
48. sys.stderr.write("Line " + count + ": Invalid CIDR Notation, Ignoring Line\n")
49. return ""
50. elif (iprange[0] == "*"):
51. returner = returner + "* "
52. elif len(iprange) == 2:
53. try:
54. iprangeint = int(iprange[1])
55. except:
56. sys.stderr.write("Line " + count + ": Accepts IPv4 format only, Ignoring Line\n")
57. return ""
58. if (iprangeint < 0 or iprangeint > 32):
59. sys.stderr.write("Line " + count + ": Invalid IP Range, Ignoring Line\n")
60. return ""
61. elif (iprangeint == 0):
62. returner = returner + "* "
63. else:
64. ip4 = iprange[0].split(".")
65. if (len(ip4) != 4):
66. sys.stderr.write("Line " + count + ": Invalid IP Format, Ignoring Line\n")
67. return ""
68. else:
69. try:
70. i = 0
71. while (i < 4):
72. returner = returner + "{0:08b}".format(int(ip4[i]))
73. i = i+1
74. returner = returner + split[2] + " "
75. except:
76. sys.stderr.write(asdasd + "Line " + count + ": Accepts IPv4 format only2, Ignoring Line\n")
77. return ""
78. #------------------------------
79. try:
80. ports = split[3].split(",")
81. if (split[3] == "*"):
82. pass
83. else:
84. for port in ports:
85. test = int(port)
86. if test not in range(0, 65536):
87. sys.stderr.write("Line " + count + ": " + str(test) + " is not a valid port number, Ignoring Line\n")
88. return ""
89. except:
90. sys.stderr.write("Line " + count + ": Supplied port not a number, Ignoring Line\n")
91. return ""
92. returner = returner + split[3] + " "
93. #------------------------------
94. if (length == 5):
95. if (split[4] != "established"):
96. sys.stderr.write("Line " + count + ": Invalid Flag, Ignoring Line\n")
97. return ""
98. returner = returner + split[4]
99. return returner
100.  
101. if __name__ == "__main__":
102. if len(sys.argv) == 2:
103. config_file = sys.argv[1]
104. else:
105. sys.stderr.write("Usage: ./client fw.py [rule_file]\n")
106. sys.exit(1)
107.  
108. try:
109. f = open(sys.argv[1],'rb')
110. except:
111. sys.stderr.write("Error reading rule file\n")
112. sys.exit(1)
113.  
114. ruleList = []
115. counter = 0
116. #reading rules
117. sys.stderr.write("Rules parsed:" + "\n")
118. with open(sys.argv[1], 'r') as f:
119. for count,line in enumerate(f):
120. ruleList.append(ruleLine(line,(count+1)))
121. #ruleList= [[rule1 as a string, line 1],[rule2 as a string, line 2]....... etc]
122. for x in ruleList:
123. sys.stdout.write(x)
124.  
125. #for line in sys.stdin:
126. # sys.stdout.write(decider(ruleList,counter,line))