#! /usr/bin/python3 # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Copyright © 2019 Hugo Levy-Falk """ Creates the nat set. """ import logging from configparser import ConfigParser from re2oapi import Re2oAPIClient from firewall import NetfilterSet CONFIG = ConfigParser() CONFIG.read('config.ini') api_hostname = CONFIG.get('Re2o', 'hostname') api_password = CONFIG.get('Re2o', 'password') api_username = CONFIG.get('Re2o', 'username') api_client = Re2oAPIClient(api_hostname, api_username, api_password) api_client.list('dhcp/hostmacip') def gen_ip_mac_set(): """Generates the ip_mac set in nftables. Returns: A NetfilterSet object with the allowed ip - mac pairs. """ hosts = api_client.list('dhcp/hostmacip') content = [ (h['ipv4'], h['mac_address']) for h in hosts if h['ipv4'] and h['mac_address'] ] return NetfilterSet( target_content=content, type_=('IPv4', 'MAC'), name='ip_mac', table_name='firewall', ) def update_macip(): log = logging.getLogger(__name__) if not log.hasHandlers(): handler = logging.StreamHandler() formatter = logging.Formatter( "%(asctime)s %(levelname)s %(name)s %(message)s" ) handler.setFormatter(formatter) log.addHandler(handler) log.setLevel(logging.INFO) log.info('Updating the ip - mac set...') ip_mac = gen_ip_mac_set() log.info('Applying modifications...') ip_mac.manage() log.info('Done') if __name__=='__main__': update_macip()