升级

Author: netkiller

README.md

@@ -4,7 +4,7 @@ firewall
 Install
 -------
 	# cd /usr/local/src/
-    # yum install -y git python39
+	# yum install -y git python39
 	# git clone https://github.com/netkiller/firewall.git
 	# cd firewall
 	# bash install.sh

example/cisco.py

@@ -0,0 +1,11 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*- 
+########################################
+# Cisco ASA Style
+########################################
+from netkiller.firewall import Firewall
+gateway = Firewall()
+gateway.inside().accept()
+gateway.inside().state(('RELATED','ESTABLISHED')).accept('# match test')
+gateway.outside().drop()
+gateway.show()

example/example.py

@@ -22,7 +22,7 @@
 #  
 #  
 
-from firewall import * 
+from netkiller.firewall import * 
 
 def main():
 	########################################

example/juniper.py

@@ -0,0 +1,12 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*- 
+########################################
+# Juniper JunOS Style
+########################################
+from netkiller.firewall import Firewall
+gateway = Firewall()
+gateway.trust().accept()
+gateway.untrust().drop()
+gateway.input().protocol('icmp').drop()
+gateway.input().protocol('tcp').dport(('3389','5900')).accept()
+gateway.show()

example/pppoe.py

@@ -0,0 +1,13 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*- 
+########################################
+# Linux Gateway via pppoe
+########################################
+from netkiller.firewall import Firewall
+gateway = Firewall()
+gateway.input().drop()
+gateway.output().accept()
+gateway.inside().state(('RELATED','ESTABLISHED')).accept('# match test')
+gateway.forward().destination('127.16.0.0/24').accept()
+gateway.chain('POSTROUTING').inbound("ppp0").source('172.16.0.0/24').masquerade()
+gateway.show()

example/test.py

@@ -1,15 +1,14 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*- 
-
-from firewall import Firewall
-
-single = Firewall()
-single.policy(single.INPUT,single.DROP)
-single.policy(single.OUTPUT,single.ACCEPT)
-single.policy(single.FORWARD,single.DROP)
-single.input().protocol('icmp').drop()
-single.input().protocol('tcp').dport(('3389','5900')).accept()
-single.input().protocol('tcp').dport(('137','138','139','145')).accept()
-single.show()
-#single.run()
-#single.list()
+from netkiller.firewall import Firewall
+test = Firewall()
+test.flush()
+test.policy(test.INPUT,test.DROP)
+test.policy(test.OUTPUT,test.ACCEPT)
+test.policy(test.FORWARD,test.DROP)
+test.input().protocol('icmp').drop()
+test.input().protocol('tcp').dport(('3389','5900')).accept()
+test.input().protocol('tcp').dport(('137','138','139','145')).accept()
+test.show()
+#test.run()
+#test.list()

install.sh

@@ -1,4 +1,11 @@
 rm -rf /srv/firewall/
+
+dnf remove -y firewalld
+dnf install -y iptables
+
+python3 setup.py sdist
+python3 setup.py install
+
 install -dv /srv/firewall/{sbin,libexec}
 install -D -m 0700 -o root sbin/firewall  /srv/firewall/sbin/
 install -D -m 0700 -o root libexec/*.py  /srv/firewall/libexec/
@@ -8,10 +15,4 @@ install -D -m 0700 -o root systemd/firewall.service /usr/lib/systemd/system/
 install -D -m 0700 -o root systemd/firewall /etc/sysconfig/
 
 systemctl enable firewall
-systemctl start firewall
-
-cd firewall/
-python3 setup.py sdist
-python3 setup.py install
-cd -
-
+systemctl start firewall

libexec/db.py

@@ -22,7 +22,7 @@
 #  
 #  
 
-from firewall import *
+from netkiller.firewall import *
 
 ########################################
 # PostgreSQL Firewall

libexec/smtp.py

@@ -22,7 +22,7 @@
 #  
 #  
 
-from firewall import * 
+from netkiller.firewall import * 
 
 ######################################## 
 # Web Application

libexec/www.py

@@ -22,7 +22,7 @@
 #  
 #  
 
-from firewall import * 
+from netkiller.firewall import * 
 
 ######################################## 
 # Web Application

__init__.py renamed to netkiller/__init__.py

@@ -1,3 +1,3 @@
 name = "netkiller-firewall"
 __version__ = "0.0.1"
-# __author__ = 'Neo Chen'
+__author__ = 'Neo Chen'

firewall.py renamed to netkiller/firewall.py

@@ -1,24 +1,24 @@
 import setuptools
-# from firewall import __version__, __author__
+from netkiller import __version__, name, __author__
 
 with open("README.md", "r") as fh:
   long_description = fh.read()
 
 setuptools.setup(
-  name="netkiller-firewall",
-  version="0.0.1",
-  author="Neo Chen",
+  name=name,
+  version=__version__,
+  author=__author__,
   author_email="[email protected]",
-  description="Python firewall(iptables)",
+  description="Netkiller Python firewall",
   long_description=long_description,
   long_description_content_type="text/markdown",
   url="https://github.com/netkiller/firewall",
-  license='BSD',
+  license='MIT',
   # py_modules = ['firewall'],
-  # packages=setuptools.find_packages(),
-  packages=[''],
+  packages=setuptools.find_packages(),
+  # packages=[''],
   # packages=setuptools.find_packages('packages'),
-  # package_dir = {'':'packages'},
+  # package_dir = {'':'package'},
   classifiers=[
   "Programming Language :: Python :: 3",
   "License :: OSI Approved :: MIT License",