Hi,
I am trying to add an module to change iptable rules on slave1 and test
it with slave2. But when i restart func, i can not find my module with
"funcd --list-modules".
"port" and "ip" change iptable, drop from port ** and ip "slave2"
"portreset" and "ip" change iptable, accept from port ** and ip "slave2"
"test" run "sendip", which is a tool that sends ip packages with various
options. This is meant to run on slave2.
"tcpdump" run tcpdump with -c on slave1, to detect whether these
packages are received.
And here is my
module,"/usr/lib/python2.7/site-packages/func/minion/modules/fwtest.py"
I am a rookie, it may be silly..
#
# Copyright 2011
# Liu Jun <liujun.ee@xxxxxxxxx>
#
# This software may be freely redistributed under the terms of the GNU
# general public license.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
import func_module
from func.minion.codes import FuncException
from func.minion import sub_process
from func.minion.modules.iptables import *
import service
class Fwtest(func_module.FuncModule):
# Update these if need be.
version = "0.0.1"
api_version = "0.0.1"
description = "firewall test"
"""
A firewalltest example on target minion
example destination = slave1
example source = slave2
example port = 1725
You can also choose your own
"""
def port(self, sourceport):
"""
Set firewall input port rules
>func "*" call fwtest port 1725
"""
service.stop(iptables)
iptables.port.drop_from(sourceport)
iptables.save()
service.start(iptables)
return True
def portreset(self, sourceport):
"""
reset firewall input port rules
>func "*" call fwtest portreset 1725
"""
service.stop(iptables)
iptables.port.accept_from(sourceport)
iptables.save()
service.start(iptables)
return True
def ip(self, sourceip=slave2):
"""
Set firewall input ip rules
>func "*" call fwtest ip slave2
"""
service.stop(iptables)
iptables.drop_from(sourceip)
iptables.save()
service.start(iptables)
return True
def ipreset(self, sourceip=slave2):
"""
reset firewall input ip rules
>func "*" call fwtest ipreset slave2
"""
service.stop(iptables)
iptables.drop_from(sourceip)
iptables.save()
service.start(iptables)
return True
def tcpdump(self, *args):
"""
Tcpdump on slave1, host slave2
"""
if '-c' not in args:
raise(FuncException("You must define a count with -c!"))
return self.__run_command('/usr/sbin/tcpdump',
self.__args_to_list(args))
def test(self, *args):
"""
Test firewall input port rules
>func "*" call fwtest porttest 23
"""
return self.__run_command('/usr/bin/sendip',
self.__args_to_list(args))
def __args_to_list(self, args):
return [arg for arg in args]
def __run_command(self, command, opts=[]):
full_cmd = [command] + opts
cmd = sub_process.Popen(full_cmd, stdout=sub_process.PIPE,
close_fds=True)
return [line for line in cmd.communicate()[0].split('\n')]
_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
