iptables-converter - pythonic view

module: iptables_conv

class iptables_conv.iptables_converter.ConverterError
class iptables_conv.iptables_converter.Chains(name, tables, sloppy=False)

chains are grouped in iptables

Parameters:
  • name (str) – chain group name, ‘filter’, ‘nat’, …
  • tables (list) – list of chains
  • sloppy (bool) – needs ‘-N’(default) or not
Returns:

object representing chain group

Return type:

Chains

Raises:

ConverterError – on some illegal conditions

put_into_fgr(content)

fill this line into this tabular

Parameters:content (str) – one line of inputfile
Returns:None
Raises:ConverterError – on some illegal conditions
reset()

action method for iptables -F

class iptables_conv.iptables_converter.Tables(destfile, sourcefile='reference-one', sloppy=False, ipversion=4)

some chaingroups in tables are predef: filter, nat, mangle, raw

Parameters:
  • destfile (str) – which file or pathname is to be written
  • sourcefile (str) – which file or pathname is to be read
  • sloppy (bool) – ‘-N’ is needed(default) or not
  • ipversion (int) – 4(default) or 6
Returns:

Tables after read sourcefile written into destfile

Return type:

Tables

Raises:

ConverterError – on some illegal conditions

put_into_tables(line)

put line into matching Chains-object

Parameters:line – one line of inputfile
Returns:None
read(file_descriptor)

read data from file like object into Tables-object

Parameters:file_descriptor – filedescriptor of file to be read
Returns:None
Raises:ConverterError – on some illegal conditions
read_file(sourcefile)

open file or error

Parameters:sourcefile – file or pathname of file to be read
Returns:file_descriptor
Raises:ConverterError – on IOError
reset(sourcefile, ipversion)

all predefined Chains aka lists are setup as new here

Parameters:
  • sourcefile (str) – file to be read
  • ipversion (int) – 4 or 6
Returns:

None

table_printout()

printout nonempty tabulars in fixed sequence

module: tests

From 0.9.10 on all future tests will be run by pytest. Prior tests are written to use the unittest module.

class tests.test_iptables_converter.Chains_Test(methodName='runTest')

some tests for class Chain

test_01_create_a_chain_object()

Chain 01: create a Filter group, f.e. filter

test_02_prove_policies()

Chain 02: check 3 valid policies, 1 exception

test_03_tables_names()

Chain 03: 3 cases OK, 1 Exception

test_04_flush()

Chain 04: flush filter group, 2 rules and an invalid chain

test_05_new_chain()

Chain 05: create a new chain in filtergroup,

test_06_new_existing_chain_fails()

Chain 06: create an exsiting chain should fail

test_07_insert_rule_fail()

Chain 07: insert a rule into an empty chain fails

test_08_insert_rule_fail()

Chain 08: insert a rule into a non_existing chain fails

test_09_insert_rule_works()

Chain 09: insert a rule into a nonempty chain works at start

test_10_append_rule()

Chain 10: append a rule to a chain

test_11_remove_predef_chain()

Chain 11: try to remove a prefined chain

test_12_remove_chain()

Chain 12: try to remove an existing chain

test_13_illegal_command()

Chain 13: try an ilegal command

class tests.test_iptables_converter.Tables_Test(methodName='runTest')

Tables: some first tests for the class

test_01_create_a_tables_object()

Tables 01: create a Tables object, check chains

test_02_nat_prerouting()

Tables 02: nat PREROUTING entry

test_03_mangle_table()

Tables 03: mangle INPUT entry

test_04_raw_table()

Tables 04: raw OUTPUT entry

test_05_not_existing_chain()

Tables 05: INPUT to not existing chain

test_06_read_not_existing_file()

Tables 06: read non existing file

test_07_read_empty_file()

Tables 07: read empty file (in relation to iptables-commands)

test_08_reference_one()

Tables 08: read default file: reference-one, check chains

test_09_shell_variables()

Tables 09: read buggy file with shell variables

test_10_shell_functions()

Tables 10: read buggy file with shell functions

test_11_reference_sloppy_one()

Tables 11: read sloppy input file: reference-sloppy-one, check chains

test_12_create_a_tables6_object()

Tables 12: create an ipv6 Tables object, check chains

test_13_re6ference_one()

Tables 13: read default file: re6ference-one, check chains

test_14_re6ference_sloppy_one()

Tables 14: read sloppy input file: re6ference-sloppy-one, check chains

tests.test_iptables_converter.test_15_tables_printout(capsys)

Tables 15: check table_printout as well