diff --git a/api/serializers.py b/api/serializers.py
index e7f6e988..5c125130 100755
--- a/api/serializers.py
+++ b/api/serializers.py
@@ -746,6 +746,30 @@ class SwitchPortSerializer(serializers.ModelSerializer):
'interfaces_subnet', 'interfaces6_subnet', 'automatic_provision', 'rest_enabled',
'web_management_enabled', 'get_radius_key_value', 'get_management_cred_value')
+#Firewall
+
+class FirewallPortListSerializer(serializers.ModelSerializer):
+ class Meta:
+ model = machines.OuverturePort
+ fields = ('begin', 'end', 'protocole', 'io')
+
+class FirewallOuverturePortListSerializer(serializers.ModelSerializer):
+ tcp_ports_in = FirewallPortListSerializer(many=True, read_only=True)
+ udp_ports_in = FirewallPortListSerializer(many=True, read_only=True)
+ tcp_ports_out = FirewallPortListSerializer(many=True, read_only=True)
+ udp_ports_out = FirewallPortListSerializer(many=True, read_only=True)
+
+ class Meta:
+ model = machines.OuverturePortList
+ fields = ('tcp_ports_in', 'udp_ports_in', 'tcp_ports_out', 'udp_ports_out')
+
+class SubnetPortsOpenSerializer(serializers.ModelSerializer):
+ ouverture_ports = FirewallOuverturePortListSerializer(read_only=True)
+
+ class Meta:
+ model = machines.IpType
+ fields = ('type', 'domaine_ip_start', 'domaine_ip_stop', 'prefix_v6', 'ouverture_ports')
+
# DHCP
@@ -878,6 +902,27 @@ class DNSZonesSerializer(serializers.ModelSerializer):
'mx_records', 'txt_records', 'srv_records', 'a_records',
'aaaa_records', 'cname_records')
+
+class DNSReverseZonesSerializer(serializers.ModelSerializer):
+ """Serialize the data about DNS Zones.
+ """
+ soa = SOARecordSerializer(source='extension.soa')
+ extension = serializers.CharField(source='extension.name', read_only=True)
+ cidrs = serializers.ListField(child=serializers.CharField(), source='ip_set_cidrs_as_str', read_only=True)
+ ns_records = NSRecordSerializer(many=True, source='extension.ns_set')
+ mx_records = MXRecordSerializer(many=True, source='extension.mx_set')
+ txt_records = TXTRecordSerializer(many=True, source='extension.txt_set')
+ ptr_records = ARecordSerializer(many=True, source='get_associated_ptr_records')
+ ptr_v6_records = AAAARecordSerializer(many=True, source='get_associated_ptr_v6_records')
+
+
+ class Meta:
+ model = machines.IpType
+ fields = ('type', 'extension', 'soa', 'ns_records', 'mx_records',
+ 'txt_records', 'ptr_records', 'ptr_v6_records', 'cidrs',
+ 'prefix_v6')
+
+
#REMINDER
diff --git a/api/urls.py b/api/urls.py
index 24e8920c..a2dc166f 100755
--- a/api/urls.py
+++ b/api/urls.py
@@ -106,8 +106,11 @@ router.register_view(r'switchs/role', views.RoleView),
router.register_view(r'mail/alias', views.UserMailAliasView),
# Reminder
router.register_view(r'reminder/get-users', views.ReminderView),
+# Firewall
+router.register_view(r'firewall/subnet-ports', views.SubnetPortsOpenView),
# DNS
router.register_view(r'dns/zones', views.DNSZonesView),
+router.register_view(r'dns/reverse-zones', views.DNSReverseZonesView),
# MAILING
router.register_view(r'mailing/standard', views.StandardMailingView),
router.register_view(r'mailing/club', views.ClubMailingView),
diff --git a/api/views.py b/api/views.py
index bc4aa4d1..45bb0545 100755
--- a/api/views.py
+++ b/api/views.py
@@ -552,6 +552,12 @@ class HostMacIpView(generics.ListAPIView):
serializer_class = serializers.HostMacIpSerializer
+#Firewall
+
+class SubnetPortsOpenView(generics.ListAPIView):
+ queryset = machines.IpType.objects.all()
+ serializer_class = serializers.SubnetPortsOpenSerializer
+
# DNS
class DNSZonesView(generics.ListAPIView):
@@ -568,6 +574,15 @@ class DNSZonesView(generics.ListAPIView):
.all())
serializer_class = serializers.DNSZonesSerializer
+class DNSReverseZonesView(generics.ListAPIView):
+ """Exposes the detailed information about each extension (hostnames,
+ IPs, DNS records, etc.) in order to build the DNS zone files.
+ """
+ queryset = (machines.IpType.objects.all())
+ serializer_class = serializers.DNSReverseZonesSerializer
+
+
+
# MAILING
diff --git a/machines/forms.py b/machines/forms.py
index 6be9b2a2..5706d798 100644
--- a/machines/forms.py
+++ b/machines/forms.py
@@ -219,7 +219,8 @@ class IpTypeForm(FormRevMixin, ModelForm):
model = IpType
fields = ['type', 'extension', 'need_infra', 'domaine_ip_start',
'domaine_ip_stop', 'dnssec_reverse_v4', 'prefix_v6',
- 'dnssec_reverse_v6', 'vlan', 'ouverture_ports']
+ 'prefix_v6_length','dnssec_reverse_v6', 'vlan',
+ 'ouverture_ports']
def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
@@ -231,8 +232,8 @@ class EditIpTypeForm(IpTypeForm):
"""Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait
synchroniser les objets iplist"""
class Meta(IpTypeForm.Meta):
- fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'vlan',
- 'dnssec_reverse_v4', 'dnssec_reverse_v6',
+ fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'prefix_v6_length',
+ 'vlan', 'dnssec_reverse_v4', 'dnssec_reverse_v6',
'ouverture_ports']
diff --git a/machines/migrations/0095_iptype_prefix_v6_length.py b/machines/migrations/0095_iptype_prefix_v6_length.py
new file mode 100644
index 00000000..4d0cfc71
--- /dev/null
+++ b/machines/migrations/0095_iptype_prefix_v6_length.py
@@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.7 on 2018-07-16 18:46
+from __future__ import unicode_literals
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('machines', '0094_role_specific_role'),
+ ]
+
+ operations = [
+ migrations.AddField(
+ model_name='iptype',
+ name='prefix_v6_length',
+ field=models.IntegerField(default=64, validators=[django.core.validators.MaxValueValidator(128), django.core.validators.MinValueValidator(0)]),
+ ),
+ ]
diff --git a/machines/models.py b/machines/models.py
index d9a8cb5d..7d9d983c 100644
--- a/machines/models.py
+++ b/machines/models.py
@@ -39,7 +39,7 @@ from django.dispatch import receiver
from django.forms import ValidationError
from django.utils.functional import cached_property
from django.utils import timezone
-from django.core.validators import MaxValueValidator
+from django.core.validators import MaxValueValidator, MinValueValidator
from macaddress.fields import MACAddressField
@@ -343,6 +343,13 @@ class IpType(RevMixin, AclMixin, models.Model):
null=True,
blank=True
)
+ prefix_v6_length = models.IntegerField(
+ default=64,
+ validators=[
+ MaxValueValidator(128),
+ MinValueValidator(0)
+ ]
+ )
dnssec_reverse_v6 = models.BooleanField(
default=False,
help_text="Activer DNSSEC sur le reverse DNS IPv6",
@@ -405,7 +412,7 @@ class IpType(RevMixin, AclMixin, models.Model):
return {
'network' : str(self.prefix_v6),
'netmask' : 'ffff:ffff:ffff:ffff::',
- 'netmask_cidr' : '64',
+ 'netmask_cidr' : str(self.prefix_v6_length),
'vlan': str(self.vlan),
'vlan_id': self.vlan.vlan_id
}
@@ -460,6 +467,17 @@ class IpType(RevMixin, AclMixin, models.Model):
):
ipv6.check_and_replace_prefix(prefix=self.prefix_v6)
+ def get_associated_ptr_records(self):
+ from re2o.utils import all_active_assigned_interfaces
+ return (all_active_assigned_interfaces()
+ .filter(type__ip_type=self)
+ .filter(ipv4__isnull=False))
+
+ def get_associated_ptr_v6_records(self):
+ from re2o.utils import all_active_interfaces
+ return (all_active_interfaces(full=True)
+ .filter(type__ip_type=self))
+
def clean(self):
""" Nettoyage. Vérifie :
- Que ip_stop est après ip_start
diff --git a/machines/templates/machines/aff_iptype.html b/machines/templates/machines/aff_iptype.html
index 576c404d..d3e586d0 100644
--- a/machines/templates/machines/aff_iptype.html
+++ b/machines/templates/machines/aff_iptype.html
@@ -45,7 +45,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
| {{ type.extension }} |
{{ type.need_infra }} |
{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }} |
- {{ type.prefix_v6 }} |
+ {{ type.prefix_v6 }}/{{ type.prefix_v6_length }} |
{{ type.dnssec_reverse_v4 }}/{{ type.dnssec_reverse_v6 }} |
{{ type.vlan }} |
{{ type.ouverture_ports }} |
diff --git a/topologie/forms.py b/topologie/forms.py
index ba37d395..86b5c541 100644
--- a/topologie/forms.py
+++ b/topologie/forms.py
@@ -89,15 +89,7 @@ class EditPortForm(FormRevMixin, ModelForm):
self.fields['machine_interface'].queryset = (
Interface.objects.all().select_related('domain__extension')
)
- self.fields['related'].queryset = (
- Port.objects.all()
- .prefetch_related(Prefetch(
- 'switch__interface_set',
- queryset=(Interface.objects
- .select_related('ipv4__ip_type__extension')
- .select_related('domain__extension'))
- ))
- )
+ self.fields['related'].queryset = Port.objects.all().prefetch_related('switch__machine_ptr__interface_set__domain__extension')
class AddPortForm(FormRevMixin, ModelForm):
diff --git a/topologie/models.py b/topologie/models.py
index d22a0f75..00ed872e 100644
--- a/topologie/models.py
+++ b/topologie/models.py
@@ -359,8 +359,12 @@ class Switch(AclMixin, Machine):
"""Return dict ip6:subnet for all ipv6 of the switch"""
return dict((str(interface.ipv6().first()), interface.type.ip_type.ip6_set_full_info) for interface in self.interface_set.all())
+ @cached_property
+ def get_name(self):
+ return self.name or self.main_interface().domain.name
+
def __str__(self):
- return str(self.main_interface())
+ return str(self.get_name)
class ModelSwitch(AclMixin, RevMixin, models.Model):