mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2025-01-11 02:34:28 +00:00
Merge branch 'firewall' into crans
This commit is contained in:
commit
48e83266b6
9 changed files with 115 additions and 16 deletions
|
@ -746,6 +746,30 @@ class SwitchPortSerializer(serializers.ModelSerializer):
|
|||
'interfaces_subnet', 'interfaces6_subnet', 'automatic_provision', 'rest_enabled',
|
||||
'web_management_enabled', 'get_radius_key_value', 'get_management_cred_value')
|
||||
|
||||
#Firewall
|
||||
|
||||
class FirewallPortListSerializer(serializers.ModelSerializer):
|
||||
class Meta:
|
||||
model = machines.OuverturePort
|
||||
fields = ('begin', 'end', 'protocole', 'io')
|
||||
|
||||
class FirewallOuverturePortListSerializer(serializers.ModelSerializer):
|
||||
tcp_ports_in = FirewallPortListSerializer(many=True, read_only=True)
|
||||
udp_ports_in = FirewallPortListSerializer(many=True, read_only=True)
|
||||
tcp_ports_out = FirewallPortListSerializer(many=True, read_only=True)
|
||||
udp_ports_out = FirewallPortListSerializer(many=True, read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = machines.OuverturePortList
|
||||
fields = ('tcp_ports_in', 'udp_ports_in', 'tcp_ports_out', 'udp_ports_out')
|
||||
|
||||
class SubnetPortsOpenSerializer(serializers.ModelSerializer):
|
||||
ouverture_ports = FirewallOuverturePortListSerializer(read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = machines.IpType
|
||||
fields = ('type', 'domaine_ip_start', 'domaine_ip_stop', 'prefix_v6', 'ouverture_ports')
|
||||
|
||||
# DHCP
|
||||
|
||||
|
||||
|
@ -878,6 +902,27 @@ class DNSZonesSerializer(serializers.ModelSerializer):
|
|||
'mx_records', 'txt_records', 'srv_records', 'a_records',
|
||||
'aaaa_records', 'cname_records')
|
||||
|
||||
|
||||
class DNSReverseZonesSerializer(serializers.ModelSerializer):
|
||||
"""Serialize the data about DNS Zones.
|
||||
"""
|
||||
soa = SOARecordSerializer(source='extension.soa')
|
||||
extension = serializers.CharField(source='extension.name', read_only=True)
|
||||
cidrs = serializers.ListField(child=serializers.CharField(), source='ip_set_cidrs_as_str', read_only=True)
|
||||
ns_records = NSRecordSerializer(many=True, source='extension.ns_set')
|
||||
mx_records = MXRecordSerializer(many=True, source='extension.mx_set')
|
||||
txt_records = TXTRecordSerializer(many=True, source='extension.txt_set')
|
||||
ptr_records = ARecordSerializer(many=True, source='get_associated_ptr_records')
|
||||
ptr_v6_records = AAAARecordSerializer(many=True, source='get_associated_ptr_v6_records')
|
||||
|
||||
|
||||
class Meta:
|
||||
model = machines.IpType
|
||||
fields = ('type', 'extension', 'soa', 'ns_records', 'mx_records',
|
||||
'txt_records', 'ptr_records', 'ptr_v6_records', 'cidrs',
|
||||
'prefix_v6')
|
||||
|
||||
|
||||
#REMINDER
|
||||
|
||||
|
||||
|
|
|
@ -106,8 +106,11 @@ router.register_view(r'switchs/role', views.RoleView),
|
|||
router.register_view(r'mail/alias', views.UserMailAliasView),
|
||||
# Reminder
|
||||
router.register_view(r'reminder/get-users', views.ReminderView),
|
||||
# Firewall
|
||||
router.register_view(r'firewall/subnet-ports', views.SubnetPortsOpenView),
|
||||
# DNS
|
||||
router.register_view(r'dns/zones', views.DNSZonesView),
|
||||
router.register_view(r'dns/reverse-zones', views.DNSReverseZonesView),
|
||||
# MAILING
|
||||
router.register_view(r'mailing/standard', views.StandardMailingView),
|
||||
router.register_view(r'mailing/club', views.ClubMailingView),
|
||||
|
|
15
api/views.py
15
api/views.py
|
@ -552,6 +552,12 @@ class HostMacIpView(generics.ListAPIView):
|
|||
serializer_class = serializers.HostMacIpSerializer
|
||||
|
||||
|
||||
#Firewall
|
||||
|
||||
class SubnetPortsOpenView(generics.ListAPIView):
|
||||
queryset = machines.IpType.objects.all()
|
||||
serializer_class = serializers.SubnetPortsOpenSerializer
|
||||
|
||||
# DNS
|
||||
|
||||
class DNSZonesView(generics.ListAPIView):
|
||||
|
@ -568,6 +574,15 @@ class DNSZonesView(generics.ListAPIView):
|
|||
.all())
|
||||
serializer_class = serializers.DNSZonesSerializer
|
||||
|
||||
class DNSReverseZonesView(generics.ListAPIView):
|
||||
"""Exposes the detailed information about each extension (hostnames,
|
||||
IPs, DNS records, etc.) in order to build the DNS zone files.
|
||||
"""
|
||||
queryset = (machines.IpType.objects.all())
|
||||
serializer_class = serializers.DNSReverseZonesSerializer
|
||||
|
||||
|
||||
|
||||
|
||||
# MAILING
|
||||
|
||||
|
|
|
@ -219,7 +219,8 @@ class IpTypeForm(FormRevMixin, ModelForm):
|
|||
model = IpType
|
||||
fields = ['type', 'extension', 'need_infra', 'domaine_ip_start',
|
||||
'domaine_ip_stop', 'dnssec_reverse_v4', 'prefix_v6',
|
||||
'dnssec_reverse_v6', 'vlan', 'ouverture_ports']
|
||||
'prefix_v6_length','dnssec_reverse_v6', 'vlan',
|
||||
'ouverture_ports']
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
||||
|
@ -231,8 +232,8 @@ class EditIpTypeForm(IpTypeForm):
|
|||
"""Edition d'un iptype. Pas d'edition du rangev4 possible, car il faudrait
|
||||
synchroniser les objets iplist"""
|
||||
class Meta(IpTypeForm.Meta):
|
||||
fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'vlan',
|
||||
'dnssec_reverse_v4', 'dnssec_reverse_v6',
|
||||
fields = ['extension', 'type', 'need_infra', 'prefix_v6', 'prefix_v6_length',
|
||||
'vlan', 'dnssec_reverse_v4', 'dnssec_reverse_v6',
|
||||
'ouverture_ports']
|
||||
|
||||
|
||||
|
|
21
machines/migrations/0095_iptype_prefix_v6_length.py
Normal file
21
machines/migrations/0095_iptype_prefix_v6_length.py
Normal file
|
@ -0,0 +1,21 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.10.7 on 2018-07-16 18:46
|
||||
from __future__ import unicode_literals
|
||||
|
||||
import django.core.validators
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('machines', '0094_role_specific_role'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='iptype',
|
||||
name='prefix_v6_length',
|
||||
field=models.IntegerField(default=64, validators=[django.core.validators.MaxValueValidator(128), django.core.validators.MinValueValidator(0)]),
|
||||
),
|
||||
]
|
|
@ -39,7 +39,7 @@ from django.dispatch import receiver
|
|||
from django.forms import ValidationError
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils import timezone
|
||||
from django.core.validators import MaxValueValidator
|
||||
from django.core.validators import MaxValueValidator, MinValueValidator
|
||||
|
||||
from macaddress.fields import MACAddressField
|
||||
|
||||
|
@ -343,6 +343,13 @@ class IpType(RevMixin, AclMixin, models.Model):
|
|||
null=True,
|
||||
blank=True
|
||||
)
|
||||
prefix_v6_length = models.IntegerField(
|
||||
default=64,
|
||||
validators=[
|
||||
MaxValueValidator(128),
|
||||
MinValueValidator(0)
|
||||
]
|
||||
)
|
||||
dnssec_reverse_v6 = models.BooleanField(
|
||||
default=False,
|
||||
help_text="Activer DNSSEC sur le reverse DNS IPv6",
|
||||
|
@ -405,7 +412,7 @@ class IpType(RevMixin, AclMixin, models.Model):
|
|||
return {
|
||||
'network' : str(self.prefix_v6),
|
||||
'netmask' : 'ffff:ffff:ffff:ffff::',
|
||||
'netmask_cidr' : '64',
|
||||
'netmask_cidr' : str(self.prefix_v6_length),
|
||||
'vlan': str(self.vlan),
|
||||
'vlan_id': self.vlan.vlan_id
|
||||
}
|
||||
|
@ -460,6 +467,17 @@ class IpType(RevMixin, AclMixin, models.Model):
|
|||
):
|
||||
ipv6.check_and_replace_prefix(prefix=self.prefix_v6)
|
||||
|
||||
def get_associated_ptr_records(self):
|
||||
from re2o.utils import all_active_assigned_interfaces
|
||||
return (all_active_assigned_interfaces()
|
||||
.filter(type__ip_type=self)
|
||||
.filter(ipv4__isnull=False))
|
||||
|
||||
def get_associated_ptr_v6_records(self):
|
||||
from re2o.utils import all_active_interfaces
|
||||
return (all_active_interfaces(full=True)
|
||||
.filter(type__ip_type=self))
|
||||
|
||||
def clean(self):
|
||||
""" Nettoyage. Vérifie :
|
||||
- Que ip_stop est après ip_start
|
||||
|
|
|
@ -45,7 +45,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<td>{{ type.extension }}</td>
|
||||
<td>{{ type.need_infra }}</td>
|
||||
<td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td>
|
||||
<td>{{ type.prefix_v6 }}</td>
|
||||
<td>{{ type.prefix_v6 }}/{{ type.prefix_v6_length }}</td>
|
||||
<td>{{ type.dnssec_reverse_v4 }}/{{ type.dnssec_reverse_v6 }}</td>
|
||||
<td>{{ type.vlan }}</td>
|
||||
<td>{{ type.ouverture_ports }}</td>
|
||||
|
|
|
@ -89,15 +89,7 @@ class EditPortForm(FormRevMixin, ModelForm):
|
|||
self.fields['machine_interface'].queryset = (
|
||||
Interface.objects.all().select_related('domain__extension')
|
||||
)
|
||||
self.fields['related'].queryset = (
|
||||
Port.objects.all()
|
||||
.prefetch_related(Prefetch(
|
||||
'switch__interface_set',
|
||||
queryset=(Interface.objects
|
||||
.select_related('ipv4__ip_type__extension')
|
||||
.select_related('domain__extension'))
|
||||
))
|
||||
)
|
||||
self.fields['related'].queryset = Port.objects.all().prefetch_related('switch__machine_ptr__interface_set__domain__extension')
|
||||
|
||||
|
||||
class AddPortForm(FormRevMixin, ModelForm):
|
||||
|
|
|
@ -359,8 +359,12 @@ class Switch(AclMixin, Machine):
|
|||
"""Return dict ip6:subnet for all ipv6 of the switch"""
|
||||
return dict((str(interface.ipv6().first()), interface.type.ip_type.ip6_set_full_info) for interface in self.interface_set.all())
|
||||
|
||||
@cached_property
|
||||
def get_name(self):
|
||||
return self.name or self.main_interface().domain.name
|
||||
|
||||
def __str__(self):
|
||||
return str(self.main_interface())
|
||||
return str(self.get_name)
|
||||
|
||||
|
||||
class ModelSwitch(AclMixin, RevMixin, models.Model):
|
||||
|
|
Loading…
Reference in a new issue