8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-22 11:23:10 +00:00

Merge branch 'firewall' into crans

This commit is contained in:
Gabriel Detraz 2018-07-21 16:29:53 +02:00
commit 48e83266b6
9 changed files with 115 additions and 16 deletions

View file

@ -746,6 +746,30 @@ class SwitchPortSerializer(serializers.ModelSerializer):
'interfaces_subnet', 'interfaces6_subnet', 'automatic_provision', 'rest_enabled', 'interfaces_subnet', 'interfaces6_subnet', 'automatic_provision', 'rest_enabled',
'web_management_enabled', 'get_radius_key_value', 'get_management_cred_value') 'web_management_enabled', 'get_radius_key_value', 'get_management_cred_value')
#Firewall
class FirewallPortListSerializer(serializers.ModelSerializer):
class Meta:
model = machines.OuverturePort
fields = ('begin', 'end', 'protocole', 'io')
class FirewallOuverturePortListSerializer(serializers.ModelSerializer):
tcp_ports_in = FirewallPortListSerializer(many=True, read_only=True)
udp_ports_in = FirewallPortListSerializer(many=True, read_only=True)
tcp_ports_out = FirewallPortListSerializer(many=True, read_only=True)
udp_ports_out = FirewallPortListSerializer(many=True, read_only=True)
class Meta:
model = machines.OuverturePortList
fields = ('tcp_ports_in', 'udp_ports_in', 'tcp_ports_out', 'udp_ports_out')
class SubnetPortsOpenSerializer(serializers.ModelSerializer):
ouverture_ports = FirewallOuverturePortListSerializer(read_only=True)
class Meta:
model = machines.IpType
fields = ('type', 'domaine_ip_start', 'domaine_ip_stop', 'prefix_v6', 'ouverture_ports')
# DHCP # DHCP
@ -878,6 +902,27 @@ class DNSZonesSerializer(serializers.ModelSerializer):
'mx_records', 'txt_records', 'srv_records', 'a_records', 'mx_records', 'txt_records', 'srv_records', 'a_records',
'aaaa_records', 'cname_records') 'aaaa_records', 'cname_records')
class DNSReverseZonesSerializer(serializers.ModelSerializer):
"""Serialize the data about DNS Zones.
"""
soa = SOARecordSerializer(source='extension.soa')
extension = serializers.CharField(source='extension.name', read_only=True)
cidrs = serializers.ListField(child=serializers.CharField(), source='ip_set_cidrs_as_str', read_only=True)
ns_records = NSRecordSerializer(many=True, source='extension.ns_set')
mx_records = MXRecordSerializer(many=True, source='extension.mx_set')
txt_records = TXTRecordSerializer(many=True, source='extension.txt_set')
ptr_records = ARecordSerializer(many=True, source='get_associated_ptr_records')
ptr_v6_records = AAAARecordSerializer(many=True, source='get_associated_ptr_v6_records')
class Meta:
model = machines.IpType
fields = ('type', 'extension', 'soa', 'ns_records', 'mx_records',
'txt_records', 'ptr_records', 'ptr_v6_records', 'cidrs',
'prefix_v6')
#REMINDER #REMINDER

View file

@ -106,8 +106,11 @@ router.register_view(r'switchs/role', views.RoleView),
router.register_view(r'mail/alias', views.UserMailAliasView), router.register_view(r'mail/alias', views.UserMailAliasView),
# Reminder # Reminder
router.register_view(r'reminder/get-users', views.ReminderView), router.register_view(r'reminder/get-users', views.ReminderView),
# Firewall
router.register_view(r'firewall/subnet-ports', views.SubnetPortsOpenView),
# DNS # DNS
router.register_view(r'dns/zones', views.DNSZonesView), router.register_view(r'dns/zones', views.DNSZonesView),
router.register_view(r'dns/reverse-zones', views.DNSReverseZonesView),
# MAILING # MAILING
router.register_view(r'mailing/standard', views.StandardMailingView), router.register_view(r'mailing/standard', views.StandardMailingView),
router.register_view(r'mailing/club', views.ClubMailingView), router.register_view(r'mailing/club', views.ClubMailingView),

View file

@ -552,6 +552,12 @@ class HostMacIpView(generics.ListAPIView):
serializer_class = serializers.HostMacIpSerializer serializer_class = serializers.HostMacIpSerializer
#Firewall
class SubnetPortsOpenView(generics.ListAPIView):
queryset = machines.IpType.objects.all()
serializer_class = serializers.SubnetPortsOpenSerializer
# DNS # DNS
class DNSZonesView(generics.ListAPIView): class DNSZonesView(generics.ListAPIView):
@ -568,6 +574,15 @@ class DNSZonesView(generics.ListAPIView):
.all()) .all())
serializer_class = serializers.DNSZonesSerializer serializer_class = serializers.DNSZonesSerializer
class DNSReverseZonesView(generics.ListAPIView):
"""Exposes the detailed information about each extension (hostnames,
IPs, DNS records, etc.) in order to build the DNS zone files.
"""
queryset = (machines.IpType.objects.all())
serializer_class = serializers.DNSReverseZonesSerializer
# MAILING # MAILING

View file

@ -219,7 +219,8 @@ class IpTypeForm(FormRevMixin, ModelForm):
model = IpType model = IpType
fields = ['type', 'extension', 'need_infra', 'domaine_ip_start', fields = ['type', 'extension', 'need_infra', 'domaine_ip_start',
'domaine_ip_stop', 'dnssec_reverse_v4', 'prefix_v6', 'domaine_ip_stop', 'dnssec_reverse_v4', 'prefix_v6',
'dnssec_reverse_v6', 'vlan', 'ouverture_ports'] 'prefix_v6_length','dnssec_reverse_v6', 'vlan',
'ouverture_ports']
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__) prefix = kwargs.pop('prefix', self.Meta.model.__name__)
@ -231,8 +232,8 @@ class EditIpTypeForm(IpTypeForm):
"""Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait """Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait
synchroniser les objets iplist""" synchroniser les objets iplist"""
class Meta(IpTypeForm.Meta): class Meta(IpTypeForm.Meta):
fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'vlan', fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'prefix_v6_length',
'dnssec_reverse_v4', 'dnssec_reverse_v6', 'vlan', 'dnssec_reverse_v4', 'dnssec_reverse_v6',
'ouverture_ports'] 'ouverture_ports']

View file

@ -0,0 +1,21 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-07-16 18:46
from __future__ import unicode_literals
import django.core.validators
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('machines', '0094_role_specific_role'),
]
operations = [
migrations.AddField(
model_name='iptype',
name='prefix_v6_length',
field=models.IntegerField(default=64, validators=[django.core.validators.MaxValueValidator(128), django.core.validators.MinValueValidator(0)]),
),
]

View file

@ -39,7 +39,7 @@ from django.dispatch import receiver
from django.forms import ValidationError from django.forms import ValidationError
from django.utils.functional import cached_property from django.utils.functional import cached_property
from django.utils import timezone from django.utils import timezone
from django.core.validators import MaxValueValidator from django.core.validators import MaxValueValidator, MinValueValidator
from macaddress.fields import MACAddressField from macaddress.fields import MACAddressField
@ -343,6 +343,13 @@ class IpType(RevMixin, AclMixin, models.Model):
null=True, null=True,
blank=True blank=True
) )
prefix_v6_length = models.IntegerField(
default=64,
validators=[
MaxValueValidator(128),
MinValueValidator(0)
]
)
dnssec_reverse_v6 = models.BooleanField( dnssec_reverse_v6 = models.BooleanField(
default=False, default=False,
help_text="Activer DNSSEC sur le reverse DNS IPv6", help_text="Activer DNSSEC sur le reverse DNS IPv6",
@ -405,7 +412,7 @@ class IpType(RevMixin, AclMixin, models.Model):
return { return {
'network' : str(self.prefix_v6), 'network' : str(self.prefix_v6),
'netmask' : 'ffff:ffff:ffff:ffff::', 'netmask' : 'ffff:ffff:ffff:ffff::',
'netmask_cidr' : '64', 'netmask_cidr' : str(self.prefix_v6_length),
'vlan': str(self.vlan), 'vlan': str(self.vlan),
'vlan_id': self.vlan.vlan_id 'vlan_id': self.vlan.vlan_id
} }
@ -460,6 +467,17 @@ class IpType(RevMixin, AclMixin, models.Model):
): ):
ipv6.check_and_replace_prefix(prefix=self.prefix_v6) ipv6.check_and_replace_prefix(prefix=self.prefix_v6)
def get_associated_ptr_records(self):
from re2o.utils import all_active_assigned_interfaces
return (all_active_assigned_interfaces()
.filter(type__ip_type=self)
.filter(ipv4__isnull=False))
def get_associated_ptr_v6_records(self):
from re2o.utils import all_active_interfaces
return (all_active_interfaces(full=True)
.filter(type__ip_type=self))
def clean(self): def clean(self):
""" Nettoyage. Vérifie : """ Nettoyage. Vérifie :
- Que ip_stop est après ip_start - Que ip_stop est après ip_start

View file

@ -45,7 +45,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td>{{ type.extension }}</td> <td>{{ type.extension }}</td>
<td>{{ type.need_infra }}</td> <td>{{ type.need_infra }}</td>
<td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td> <td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td>
<td>{{ type.prefix_v6 }}</td> <td>{{ type.prefix_v6 }}/{{ type.prefix_v6_length }}</td>
<td>{{ type.dnssec_reverse_v4 }}/{{ type.dnssec_reverse_v6 }}</td> <td>{{ type.dnssec_reverse_v4 }}/{{ type.dnssec_reverse_v6 }}</td>
<td>{{ type.vlan }}</td> <td>{{ type.vlan }}</td>
<td>{{ type.ouverture_ports }}</td> <td>{{ type.ouverture_ports }}</td>

View file

@ -89,15 +89,7 @@ class EditPortForm(FormRevMixin, ModelForm):
self.fields['machine_interface'].queryset = ( self.fields['machine_interface'].queryset = (
Interface.objects.all().select_related('domain__extension') Interface.objects.all().select_related('domain__extension')
) )
self.fields['related'].queryset = ( self.fields['related'].queryset = Port.objects.all().prefetch_related('switch__machine_ptr__interface_set__domain__extension')
Port.objects.all()
.prefetch_related(Prefetch(
'switch__interface_set',
queryset=(Interface.objects
.select_related('ipv4__ip_type__extension')
.select_related('domain__extension'))
))
)
class AddPortForm(FormRevMixin, ModelForm): class AddPortForm(FormRevMixin, ModelForm):

View file

@ -359,8 +359,12 @@ class Switch(AclMixin, Machine):
"""Return dict ip6:subnet for all ipv6 of the switch""" """Return dict ip6:subnet for all ipv6 of the switch"""
return dict((str(interface.ipv6().first()), interface.type.ip_type.ip6_set_full_info) for interface in self.interface_set.all()) return dict((str(interface.ipv6().first()), interface.type.ip_type.ip6_set_full_info) for interface in self.interface_set.all())
@cached_property
def get_name(self):
return self.name or self.main_interface().domain.name
def __str__(self): def __str__(self):
return str(self.main_interface()) return str(self.get_name)
class ModelSwitch(AclMixin, RevMixin, models.Model): class ModelSwitch(AclMixin, RevMixin, models.Model):