[pyi2ncommon] / src / mk_config.py

# The software in this package is distributed under the GNU General
# Public License version 2 (with a special exception described below).
#
# A copy of GNU General Public License (GPL) is included in this distribution,
# in the file COPYING.GPL.
#
# As a special exception, if other files instantiate templates or use macros
# or inline functions from this file, or you compile this file and link it
# with other works to produce a work based on this file, this file
# does not by itself cause the resulting work to be covered
# by the GNU General Public License.
#
# However the source code for this file must still be made available
# in accordance with section (3) of the GNU General Public License.
#
# This exception does not invalidate any other reasons why a work based
# on this file might be covered by the GNU General Public License.
#
# Copyright (c) 2016-2018 Intra2net AG <info@intra2net.com>

"""

SUMMARY
------------------------------------------------------
Utility for one-step dynamic cnfvar configuration.

.. note:: DEPRECATED! Please do not extend this or add new uses of this module,
          use :py:mod:`pyi2ncommon.arnied_api` or :py:mod:`pyi2ncommon.cnfvar`
          instead!

Copyright: Intra2net AG


CONTENTS
------------------------------------------------------
Contains general as well as specialized versions of some of the main
configurations performed by our tests.

INTERFACE
------------------------------------------------------

"""

import time
import logging

# custom imports
from . import arnied_wrapper as aw
from .arnied_wrapper import Delete, Update, Add, Child, batch_update_cnf, build_cnf
from .cnfline import build_cnfvar, build_group, build_intraclient
from .cnfline import build_nic, build_provider, build_user

log = logging.getLogger('pyi2ncommon.mk_config')

###############################################################################
# MINOR CONFIGURATION
###############################################################################


def simple(varname, data, filename):
    """
    Generate and save a single-variable configuration file.

    :param str varname: cnf variable name
    :param str data: cnf variable data
    :param str filename: config name
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create single-variable configuration file")
    tmp = build_cnfvar.BuildCnfVar(name=varname, data=data)
    [filename] = aw.prep_config_paths([filename], aw.DUMP_CONFIG_DIR)
    logging.info("Saving simple configuration to %s", filename)
    tmp.save(filename)
    return filename


def user(username="admin", instance=1, suffix="host"):
    """
    Generate and save a user configuration file.

    :param str username: username for the user variable
    :param int instance: instance number (for multiple users, -1 for next available)
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create arnied user configuration")
    user_obj = batch_update_cnf(
        build_user.BuildUser(data=username, instance=instance, line_no=1),
        [(Update, ("USER_FULLNAME", 0, username)),
         (Update, ("USER_GROUP_MEMBER_REF", 0, "1")),
         (Add, ("USER_GROUP_MEMBER_REF", 1, "2")),
         (Delete, "USER_WEBMAIL_MESSAGES_PER_PAGE"),
         (Delete, "USER_LOCALE"),
         (Delete, "USER_TRASH_DELETEDAYS"),
         (Delete, "USER_WEBMAIL_SIGNATURE")])
    user_cnf = "user-%d-%s.cnf" % (time.time(), suffix)
    [user_cnf] = aw.prep_config_paths([user_cnf], aw.DUMP_CONFIG_DIR)
    logging.info("Saving user configuration to %s", user_cnf)
    user_obj.save(user_cnf)
    return user_cnf


def group_admins(proxy_profile="1", activesync_enable=False, xauth_enable=False, suffix="host"):
    """
    Generate and save an Administrators group configuration file.

    :param str proxy_profile: proxy profile instance reference
    :param bool activesync_enable: whether to enable ActiveSync for the group
    :param bool xauth_enable: whether to enable XAUTH for the group
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create arnied admin group configuration")
    group = batch_update_cnf(build_group.BuildGroup(data="Administratoren",
                                                    instance=1),
                             [(Update, ("GROUP_ACCESS_REMOTE_ADMINISTRATION_ALLOWED", 0, "1")),
                              (Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
                              (Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
                              (Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
                              (Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_INTRANET")),
                              (Update, ("GROUP_ACTIVESYNC_ENABLE", 0, "1" if activesync_enable else "0")),
                              (Update, ("GROUP_XAUTH_ENABLE", 0, "1" if xauth_enable else "0")),
                              (Delete, ("GROUP_COMMENT",))])
    group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
    [group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
    logging.info("Saving group configuration to %s", group_cnf)
    group.save(group_cnf)
    return group_cnf


def group_all(proxy_profile="1", suffix="host"):
    """
    Generate and save an "All" group configuration file.

    :param str proxy_profile: proxy profile instance reference
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create arnied all group configuration")
    group = batch_update_cnf(build_group.BuildGroup(data="Alle",
                                                    instance=2),
                             [(Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_INFORMATION_VERSION_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_MAINPAGE_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_FORWARDING_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_GROUPWARE_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SETTINGS_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SORTING_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SPAMFILTER_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_VACATION_ALLOWED", 0, "1")),
                              (Update, ("GROUP_ACCESS_GROUPWARE_ALLOWED", 0, "1")),
                              (Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
                              (Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_EVERYWHERE")),
                              (Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
                              (Delete, ("GROUP_COMMENT",))])

    group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
    [group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
    logging.info("Saving group configuration to %s", group_cnf)
    group.save(group_cnf)
    return group_cnf


def nic(instance=0, nictype="NATLAN",
        ip="1.2.3.4", netmask="255.255.0.0", mac="00:00:00:00:00:00",
        suffix="host"):
    """
    Generate and save a nic configuration file.

    :param int instance: instance number (for multiple nics, -1 for next available)
    :param str nictype: type of the nic
    :param str ip: IP address of the nic
    :param str netmask: network mask of the nic
    :param str mac: MAC address of the nic
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create arnied nic configuration")
    nic_obj = batch_update_cnf(
        build_nic.BuildNIC(data="", instance=instance, line_no=1),
        [(Update, ("NIC_TYPE", 0, nictype)),
         (Update, ("NIC_LAN_IP", 0, ip)),
         (Update, ("NIC_LAN_NETMASK", 0, netmask)),
         (Update, ("NIC_MAC", 0, mac))])
    nic_cnf = "nic-%d-%s.cnf" % (time.time(), suffix)
    [nic_cnf] = aw.prep_config_paths([nic_cnf], aw.DUMP_CONFIG_DIR)
    logging.info("Saving nic configuration to %s", nic_cnf)
    nic_obj.save(nic_cnf)
    return nic_cnf


def intraclient(name="intraclient", instance=1,
                ip="1.2.3.4", mac="00:00:00:00:00:00",
                fwrules=5, suffix="host"):
    """
    Generate and save an intraclient configuration file.

    :param str name: name of the intraclient
    :param int instance: instance number (for multiple clients, -1 for next available)
    :param str ip: IP address of the intraclient
    :param str mac: MAC address of the intraclient
    :param int fwrules: instance of the firewall rules to use
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create arnied intraclient configuration")
    intraclient_obj = batch_update_cnf(
        build_intraclient.BuildIntraclient(data=name, instance=instance),
        [(Update, ("INTRACLIENT_IP", 0, ip)),
         (Update, ("INTRACLIENT_MAC", 0, mac)),
         (Update, ("INTRACLIENT_FIREWALL_RULESET_REF", 0, fwrules))])

    intraclient_cnf = "intraclient-%d-%s.cnf" % (time.time(), suffix)
    [intraclient_cnf] = aw.prep_config_paths([intraclient_cnf], aw.DUMP_CONFIG_DIR)
    logging.info("Saving intraclient configuration to %s", intraclient_cnf)
    intraclient_obj.save(intraclient_cnf)
    return intraclient_cnf


def provider(name="provider", instance=1, mode="ROUTER", ip="1.2.3.4", localip=None,
             netmask="255.255.0.0", dnsmode="IP", dns="1.2.3.4", fwrules=5,
             dialretry=None, timeout="", mtumode="AUTO",
             vlanid=None, mtusize=None, login=None, password=None,
             modemip=None, providerid=None, localdhcp=None,
             suffix="host"):
    """
    Generate and save a provider configuration file.

    :param str name: name of the provider
    :param int instance: instance number (for multiple clients, -1 for next available)
    :param str mode: provider mode
    :param str ip: IP address of the provider
    :param localip: IP address of the configured machine (valid for some configurations)
    :type localip: str or None
    :param str netmask: netmask of the provider
    :param str dnsmode: dnsmode of the provider
    :param str dns: IP address of the DNS server
    :param int fwrules: instance of the firewall rules to use
    :param any args: lots of detailed configuration
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create arnied provider configuration")

    def add_or_del(var, field):
        if var is not None:
            return Add, (field, 0, str(var))
        return Delete, field
    provider_obj = batch_update_cnf(
        build_provider.BuildProvider(data=name, instance=instance),
        [(Update, ("PROVIDER_MODE", 0, mode)),
         ip and (Update, ("PROVIDER_IP", 0, ip))
             or (Delete, "PROVIDER_IP"),
         localip
         and (Update, ("PROVIDER_LOCALIP", 0, localip))
         or (Delete, "PROVIDER_LOCALIP"),
         netmask and (Update, ("PROVIDER_NETMASK", 0,
                               netmask))
                  or (Delete, "PROVIDER_NETMASK"),
         (Update, ("PROVIDER_TIMEOUT", 0, timeout)),
         (Update, ("PROVIDER_DNS_MODE", 0, dnsmode)),
         (Update, ("PROVIDER_DNS", 0,
                   dns if dnsmode == "IP" else "")),
         (Update, ("PROVIDER_MTU_MODE", 0, mtumode)),
         (Update, ("PROVIDER_MTU_SIZE", 0,
                   mtusize if mtumode != "AUTO" else "")),
         (Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules))),
         add_or_del(vlanid, "PROVIDER_VLAN_ID"),
         add_or_del(dialretry, "PROVIDER_DIAL_RETRY"),
         add_or_del(login, "PROVIDER_LOGIN"),
         add_or_del(password, "PROVIDER_PASSWORD"),
         add_or_del(modemip, "PROVIDER_MODEM_IP"),
         add_or_del(providerid, "PROVIDER_PROVIDERID"),
         add_or_del(localdhcp, "PROVIDER_LOCAL_DHCP")])
    provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
    [provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
    logging.info("Saving provider configuration to %s", provider_cnf)
    provider_obj.save(provider_cnf)
    return provider_cnf


def provider_proxy(mode="ROUTER", ip="1.2.3.4", localip=None, proxy_port=3128, fwrules=7, suffix="host"):
    """
    Generate and save a provider configuration file for proxy.

    :param str mode: provider mode
    :param str ip: IP address of the provider (and DNS server)
    :param localip: IP address of the configured machine (valid for some configurations)
    :type localip: str or None
    :param int proxy_port: port for the provider proxy
    :param int fwrules: instance of the firewall rules to use
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create arnied provider configuration.")
    provider_obj = batch_update_cnf(
        build_provider.BuildProvider(),
        [(Update, ("PROVIDER_MODE", 0, mode)),
         (Update, ("PROVIDER_DNS", 0, ip)),
         (Update, ("PROVIDER_DYNDNS_ENABLE", 0, "0")),
         (Update, ("PROVIDER_IP", 0, ip)),
         (Update, ("PROVIDER_PROXY_SERVER", 0, ip)),
         (Update, ("PROVIDER_PROXY_PORT", 0, str(proxy_port))),
         localip
         and (Update, ("PROVIDER_LOCALIP", 0, localip))
         or (Delete, "PROVIDER_LOCALIP"),
         (Update, ("PROVIDER_DNS_MODE", 0, "IP")),
         (Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules)))])
    provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
    [provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
    logging.info("Saving provider configuration to %s", provider_cnf)
    provider_obj.save(provider_cnf)
    return provider_cnf


def port_forwarding(src_port="1234", src_port_end="",
                    dst_port="1234", dst_port_end="",
                    dst_ip_ref="1", protocol_type="TCP",
                    suffix="host"):
    """
    Generate and save a port forwarding configuration file.

    :param str src_port: forwarded source port
    :param str src_port_end: forwarded source port end for a port range
    :param str dst_port: forwarded destination port
    :param str dst_port_end: forwarded destination port end for a port range
    :param str dst_ip_ref: destination nic instance for a port range
    :param str protocol_type: port forwarding protocol type
    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create port forwarding configuration")
    value_id = "test"
    portforward_client_cnf = "portforward-%d-%s.cnf" % (time.time(), suffix)
    return build_cnf("PORT_FORWARDING",
                     data=value_id,
                     filename=portforward_client_cnf,
                     vals=[(Child, ("PORT_FORWARDING_DST_IP_REF", 0, dst_ip_ref)),
                           (Child, ("PORT_FORWARDING_DST_PORT", 0, dst_port)),
                           (Child, ("PORT_FORWARDING_DST_PORT_END", 0, dst_port_end)),
                           (Child, ("PORT_FORWARDING_PROTOCOL_TYPE", 0, protocol_type)),
                           (Child, ("PORT_FORWARDING_SRC_PORT", 0, src_port)),
                           (Child, ("PORT_FORWARDING_SRC_PORT_END", 0, src_port_end))])


def firewall_ruleset_simple(suffix="host"):
    """
    Generate and save a simple firewall ruleset configuration file.

    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create firewall ruleset")
    fw_cnf = "fw-%d-%s.cnf" % (time.time(), suffix)
    return build_cnf("FIREWALL_RULESET",
                     instance=101,
                     data="Port Forwarding libfirewall test",
                     filename=fw_cnf,
                     vals=[(Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "SIMPLE_PROVIDER")),
                           (Update, ("FIREWALL_RULESET_PROVIDER_HTTPS_OPEN", 0, "0")),
                           (Update, ("FIREWALL_RULESET_PROVIDER_POP3SIMAPS_OPEN", 0, "0")),
                           (Update, ("FIREWALL_RULESET_PROVIDER_PORT_FORWARDING_ENABLE", 0, "1")),
                           (Update, ("FIREWALL_RULESET_PROVIDER_SMTP_OPEN", 0, "0")),
                           (Update, ("FIREWALL_RULESET_PROVIDER_HTTP_OPEN", 0, "0")),
                           (Update, ("FIREWALL_RULESET_PROVIDER_VPN_OPEN", 0, "0"))])


def firewall_ruleset_port(suffix="host"):
    """
    Generate and save a firewall ruleset configuration file for port forwarding.

    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create firewall ruleset")
    fw_portforward_cnf = "fw-portforward-%d-%s.cnf" % (time.time(), suffix)
    return build_cnf("FIREWALL_RULESET",
                     instance=100,
                     data="Port forwarding only",
                     filename=fw_portforward_cnf,
                     vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
                           (Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
                           (Add, ("FIREWALL_RULESET_RULE", 1, "")),
                           (Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
                           (Child, ("FIREWALL_RULESET_RULE_CHECK_CONNECTION_STATUS", 0, "PORTFORWARDING")),
                           (Child, ("FIREWALL_RULESET_RULE_CHECK_TCP_FLAGS", 0, "DISABLED")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_PERIOD", 0, "SEC")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
                           (Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
                           (Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
                           (Child, ("FIREWALL_RULESET_RULE_TIME_INCLUDE_TIME_REF", 0, "-1")),
                           (Update, ("FIREWALL_RULESET_USAGE", 0, "PROVIDER"))])


def firewall_ruleset_dmz(suffix="host"):
    """
    Generate and save a firewall ruleset configuration file for DMZ.

    :param str suffix: optional suffix to use for config identification
    :returns: generated config filename
    :rtype: str
    """
    log.info("Create firewall ruleset")
    fw_dmz_cnf = "fw-dmz-%d-%s.cnf" % (time.time(), suffix)
    return build_cnf("FIREWALL_RULESET",
                     instance=100,
                     data="DMZ firewall rules",
                     filename=fw_dmz_cnf,
                     vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
                           (Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
                           (Add, ("FIREWALL_RULESET_RULE", 1, "")),
                           (Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
                           (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
                           (Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
                           (Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
                           (Child, ("FIREWALL_RULESET_RULE_SERVICE_INCLUDE_SERVICEGROUP_REF", 0, "6")),
                           (Child, ("FIREWALL_RULESET_RULE_DST_INCLUDE_CLIENT_REF", 0, "2")),
                           (Update, ("FIREWALL_RULESET_USAGE", 0, "LANVPN"))])
Commit	Line	Data
11cbb815 PD	1	# The software in this package is distributed under the GNU General
	2	# Public License version 2 (with a special exception described below).
	3	#
	4	# A copy of GNU General Public License (GPL) is included in this distribution,
	5	# in the file COPYING.GPL.
	6	#
	7	# As a special exception, if other files instantiate templates or use macros
	8	# or inline functions from this file, or you compile this file and link it
	9	# with other works to produce a work based on this file, this file
	10	# does not by itself cause the resulting work to be covered
	11	# by the GNU General Public License.
	12	#
	13	# However the source code for this file must still be made available
	14	# in accordance with section (3) of the GNU General Public License.
	15	#
	16	# This exception does not invalidate any other reasons why a work based
	17	# on this file might be covered by the GNU General Public License.
	18	#
	19	# Copyright (c) 2016-2018 Intra2net AG <info@intra2net.com>
	20
f49f6323 PD	21	"""
	22
	23	SUMMARY
	24	------------------------------------------------------
	25	Utility for one-step dynamic cnfvar configuration.
	26
b7e04a3e CH	27	.. note:: DEPRECATED! Please do not extend this or add new uses of this module,
	28	use :py:mod:`pyi2ncommon.arnied_api` or :py:mod:`pyi2ncommon.cnfvar`
	29	instead!
	30
f49f6323 PD	31	Copyright: Intra2net AG
	32
	33
	34	CONTENTS
	35	------------------------------------------------------
	36	Contains general as well as specialized versions of some of the main
	37	configurations performed by our tests.
	38
	39	INTERFACE
	40	------------------------------------------------------
	41
	42	"""
	43
	44	import time
	45	import logging
f49f6323 PD	46
f49f6323 PD	47	# custom imports
30521dad PD	48	from . import arnied_wrapper as aw
	49	from .arnied_wrapper import Delete, Update, Add, Child, batch_update_cnf, build_cnf
	50	from .cnfline import build_cnfvar, build_group, build_intraclient
	51	from .cnfline import build_nic, build_provider, build_user
f49f6323	52
7628bc48	53	log = logging.getLogger('pyi2ncommon.mk_config')
f49f6323 PD	54
	55	###############################################################################
	56	# MINOR CONFIGURATION
	57	###############################################################################
	58
7628bc48	59
f49f6323 PD	60	def simple(varname, data, filename):
	61	"""
	62	Generate and save a single-variable configuration file.
	63
	64	:param str varname: cnf variable name
	65	:param str data: cnf variable data
	66	:param str filename: config name
	67	:returns: generated config filename
	68	:rtype: str
	69	"""
	70	log.info("Create single-variable configuration file")
	71	tmp = build_cnfvar.BuildCnfVar(name=varname, data=data)
	72	[filename] = aw.prep_config_paths([filename], aw.DUMP_CONFIG_DIR)
	73	logging.info("Saving simple configuration to %s", filename)
	74	tmp.save(filename)
	75	return filename
	76
	77
	78	def user(username="admin", instance=1, suffix="host"):
	79	"""
	80	Generate and save a user configuration file.
	81
	82	:param str username: username for the user variable
	83	:param int instance: instance number (for multiple users, -1 for next available)
	84	:param str suffix: optional suffix to use for config identification
	85	:returns: generated config filename
	86	:rtype: str
	87	"""
	88	log.info("Create arnied user configuration")
7628bc48	89	user_obj = batch_update_cnf(
f49f6323 PD	90	build_user.BuildUser(data=username, instance=instance, line_no=1),
	91	[(Update, ("USER_FULLNAME", 0, username)),
	92	(Update, ("USER_GROUP_MEMBER_REF", 0, "1")),
	93	(Add, ("USER_GROUP_MEMBER_REF", 1, "2")),
	94	(Delete, "USER_WEBMAIL_MESSAGES_PER_PAGE"),
	95	(Delete, "USER_LOCALE"),
	96	(Delete, "USER_TRASH_DELETEDAYS"),
	97	(Delete, "USER_WEBMAIL_SIGNATURE")])
	98	user_cnf = "user-%d-%s.cnf" % (time.time(), suffix)
	99	[user_cnf] = aw.prep_config_paths([user_cnf], aw.DUMP_CONFIG_DIR)
	100	logging.info("Saving user configuration to %s", user_cnf)
7628bc48	101	user_obj.save(user_cnf)
f49f6323 PD	102	return user_cnf
	103
	104
93b19891	105	def group_admins(proxy_profile="1", activesync_enable=False, xauth_enable=False, suffix="host"):
f49f6323 PD	106	"""
	107	Generate and save an Administrators group configuration file.
	108
93b19891	109	:param str proxy_profile: proxy profile instance reference
f49f6323 PD	110	:param bool activesync_enable: whether to enable ActiveSync for the group
	111	:param bool xauth_enable: whether to enable XAUTH for the group
	112	:param str suffix: optional suffix to use for config identification
	113	:returns: generated config filename
	114	:rtype: str
	115	"""
	116	log.info("Create arnied admin group configuration")
	117	group = batch_update_cnf(build_group.BuildGroup(data="Administratoren",
	118	instance=1),
	119	[(Update, ("GROUP_ACCESS_REMOTE_ADMINISTRATION_ALLOWED", 0, "1")),
	120	(Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
93b19891	121	(Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
f49f6323 PD	122	(Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
	123	(Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_INTRANET")),
	124	(Update, ("GROUP_ACTIVESYNC_ENABLE", 0, "1" if activesync_enable else "0")),
	125	(Update, ("GROUP_XAUTH_ENABLE", 0, "1" if xauth_enable else "0")),
7628bc48	126	(Delete, ("GROUP_COMMENT",))])
f49f6323 PD	127	group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
	128	[group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
	129	logging.info("Saving group configuration to %s", group_cnf)
	130	group.save(group_cnf)
	131	return group_cnf
	132
	133
	134	def group_all(proxy_profile="1", suffix="host"):
	135	"""
7628bc48	136	Generate and save an "All" group configuration file.
f49f6323 PD	137
	138	:param str proxy_profile: proxy profile instance reference
	139	:param str suffix: optional suffix to use for config identification
	140	:returns: generated config filename
	141	:rtype: str
	142	"""
	143	log.info("Create arnied all group configuration")
	144	group = batch_update_cnf(build_group.BuildGroup(data="Alle",
	145	instance=2),
	146	[(Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
	147	(Update, ("GROUP_ACCESS_INFORMATION_VERSION_ALLOWED", 0, "1")),
	148	(Update, ("GROUP_ACCESS_MAINPAGE_ALLOWED", 0, "1")),
	149	(Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_FORWARDING_ALLOWED", 0, "1")),
	150	(Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_GROUPWARE_ALLOWED", 0, "1")),
	151	(Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SETTINGS_ALLOWED", 0, "1")),
	152	(Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SORTING_ALLOWED", 0, "1")),
	153	(Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SPAMFILTER_ALLOWED", 0, "1")),
	154	(Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_VACATION_ALLOWED", 0, "1")),
	155	(Update, ("GROUP_ACCESS_GROUPWARE_ALLOWED", 0, "1")),
	156	(Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
	157	(Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_EVERYWHERE")),
	158	(Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
7628bc48	159	(Delete, ("GROUP_COMMENT",))])
f49f6323 PD	160
	161	group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
	162	[group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
	163	logging.info("Saving group configuration to %s", group_cnf)
	164	group.save(group_cnf)
	165	return group_cnf
	166
	167
93b19891 PD	168	def nic(instance=0, nictype="NATLAN",
	169	ip="1.2.3.4", netmask="255.255.0.0", mac="00:00:00:00:00:00",
	170	suffix="host"):
f49f6323 PD	171	"""
	172	Generate and save a nic configuration file.
	173
93b19891 PD	174	:param int instance: instance number (for multiple nics, -1 for next available)
93b19891 PD	175	:param str nictype: type of the nic
f49f6323 PD	176	:param str ip: IP address of the nic
	177	:param str netmask: network mask of the nic
	178	:param str mac: MAC address of the nic
	179	:param str suffix: optional suffix to use for config identification
	180	:returns: generated config filename
	181	:rtype: str
	182	"""
	183	log.info("Create arnied nic configuration")
7628bc48	184	nic_obj = batch_update_cnf(
93b19891 PD	185	build_nic.BuildNIC(data="", instance=instance, line_no=1),
93b19891 PD	186	[(Update, ("NIC_TYPE", 0, nictype)),
f49f6323 PD	187	(Update, ("NIC_LAN_IP", 0, ip)),
	188	(Update, ("NIC_LAN_NETMASK", 0, netmask)),
	189	(Update, ("NIC_MAC", 0, mac))])
	190	nic_cnf = "nic-%d-%s.cnf" % (time.time(), suffix)
	191	[nic_cnf] = aw.prep_config_paths([nic_cnf], aw.DUMP_CONFIG_DIR)
	192	logging.info("Saving nic configuration to %s", nic_cnf)
7628bc48	193	nic_obj.save(nic_cnf)
f49f6323 PD	194	return nic_cnf
	195
	196
93b19891 PD	197	def intraclient(name="intraclient", instance=1,
	198	ip="1.2.3.4", mac="00:00:00:00:00:00",
	199	fwrules=5, suffix="host"):
f49f6323 PD	200	"""
	201	Generate and save an intraclient configuration file.
	202
93b19891 PD	203	:param str name: name of the intraclient
93b19891 PD	204	:param int instance: instance number (for multiple clients, -1 for next available)
f49f6323 PD	205	:param str ip: IP address of the intraclient
	206	:param str mac: MAC address of the intraclient
	207	:param int fwrules: instance of the firewall rules to use
	208	:param str suffix: optional suffix to use for config identification
	209	:returns: generated config filename
	210	:rtype: str
	211	"""
	212	log.info("Create arnied intraclient configuration")
7628bc48 CH	213	intraclient_obj = batch_update_cnf(
	214	build_intraclient.BuildIntraclient(data=name, instance=instance),
	215	[(Update, ("INTRACLIENT_IP", 0, ip)),
	216	(Update, ("INTRACLIENT_MAC", 0, mac)),
	217	(Update, ("INTRACLIENT_FIREWALL_RULESET_REF", 0, fwrules))])
f49f6323 PD	218
	219	intraclient_cnf = "intraclient-%d-%s.cnf" % (time.time(), suffix)
	220	[intraclient_cnf] = aw.prep_config_paths([intraclient_cnf], aw.DUMP_CONFIG_DIR)
	221	logging.info("Saving intraclient configuration to %s", intraclient_cnf)
7628bc48	222	intraclient_obj.save(intraclient_cnf)
f49f6323 PD	223	return intraclient_cnf
	224
	225
93b19891	226	def provider(name="provider", instance=1, mode="ROUTER", ip="1.2.3.4", localip=None,
f49f6323	227	netmask="255.255.0.0", dnsmode="IP", dns="1.2.3.4", fwrules=5,
93b19891	228	dialretry=None, timeout="", mtumode="AUTO",
f49f6323 PD	229	vlanid=None, mtusize=None, login=None, password=None,
	230	modemip=None, providerid=None, localdhcp=None,
	231	suffix="host"):
	232	"""
	233	Generate and save a provider configuration file.
	234
93b19891 PD	235	:param str name: name of the provider
93b19891 PD	236	:param int instance: instance number (for multiple clients, -1 for next available)
f49f6323 PD	237	:param str mode: provider mode
	238	:param str ip: IP address of the provider
	239	:param localip: IP address of the configured machine (valid for some configurations)
	240	:type localip: str or None
93b19891 PD	241	:param str netmask: netmask of the provider
93b19891 PD	242	:param str dnsmode: dnsmode of the provider
f49f6323 PD	243	:param str dns: IP address of the DNS server
f49f6323 PD	244	:param int fwrules: instance of the firewall rules to use
93b19891	245	:param any args: lots of detailed configuration
f49f6323 PD	246	:param str suffix: optional suffix to use for config identification
	247	:returns: generated config filename
	248	:rtype: str
	249	"""
	250	log.info("Create arnied provider configuration")
7628bc48	251
f49f6323 PD	252	def add_or_del(var, field):
f49f6323 PD	253	if var is not None:
7628bc48 CH	254	return Add, (field, 0, str(var))
	255	return Delete, field
	256	provider_obj = batch_update_cnf(
	257	build_provider.BuildProvider(data=name, instance=instance),
	258	[(Update, ("PROVIDER_MODE", 0, mode)),
	259	ip and (Update, ("PROVIDER_IP", 0, ip))
	260	or (Delete, "PROVIDER_IP"),
	261	localip
	262	and (Update, ("PROVIDER_LOCALIP", 0, localip))
	263	or (Delete, "PROVIDER_LOCALIP"),
	264	netmask and (Update, ("PROVIDER_NETMASK", 0,
	265	netmask))
	266	or (Delete, "PROVIDER_NETMASK"),
	267	(Update, ("PROVIDER_TIMEOUT", 0, timeout)),
	268	(Update, ("PROVIDER_DNS_MODE", 0, dnsmode)),
	269	(Update, ("PROVIDER_DNS", 0,
	270	dns if dnsmode == "IP" else "")),
	271	(Update, ("PROVIDER_MTU_MODE", 0, mtumode)),
	272	(Update, ("PROVIDER_MTU_SIZE", 0,
	273	mtusize if mtumode != "AUTO" else "")),
	274	(Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules))),
	275	add_or_del(vlanid, "PROVIDER_VLAN_ID"),
	276	add_or_del(dialretry, "PROVIDER_DIAL_RETRY"),
	277	add_or_del(login, "PROVIDER_LOGIN"),
	278	add_or_del(password, "PROVIDER_PASSWORD"),
	279	add_or_del(modemip, "PROVIDER_MODEM_IP"),
	280	add_or_del(providerid, "PROVIDER_PROVIDERID"),
	281	add_or_del(localdhcp, "PROVIDER_LOCAL_DHCP")])
f49f6323 PD	282	provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
	283	[provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
	284	logging.info("Saving provider configuration to %s", provider_cnf)
7628bc48	285	provider_obj.save(provider_cnf)
f49f6323 PD	286	return provider_cnf
	287
	288
	289	def provider_proxy(mode="ROUTER", ip="1.2.3.4", localip=None, proxy_port=3128, fwrules=7, suffix="host"):
	290	"""
	291	Generate and save a provider configuration file for proxy.
	292
	293	:param str mode: provider mode
	294	:param str ip: IP address of the provider (and DNS server)
	295	:param localip: IP address of the configured machine (valid for some configurations)
	296	:type localip: str or None
	297	:param int proxy_port: port for the provider proxy
	298	:param int fwrules: instance of the firewall rules to use
	299	:param str suffix: optional suffix to use for config identification
	300	:returns: generated config filename
	301	:rtype: str
	302	"""
	303	log.info("Create arnied provider configuration.")
7628bc48 CH	304	provider_obj = batch_update_cnf(
	305	build_provider.BuildProvider(),
	306	[(Update, ("PROVIDER_MODE", 0, mode)),
	307	(Update, ("PROVIDER_DNS", 0, ip)),
	308	(Update, ("PROVIDER_DYNDNS_ENABLE", 0, "0")),
	309	(Update, ("PROVIDER_IP", 0, ip)),
	310	(Update, ("PROVIDER_PROXY_SERVER", 0, ip)),
	311	(Update, ("PROVIDER_PROXY_PORT", 0, str(proxy_port))),
	312	localip
	313	and (Update, ("PROVIDER_LOCALIP", 0, localip))
	314	or (Delete, "PROVIDER_LOCALIP"),
	315	(Update, ("PROVIDER_DNS_MODE", 0, "IP")),
	316	(Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules)))])
f49f6323 PD	317	provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
	318	[provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
	319	logging.info("Saving provider configuration to %s", provider_cnf)
7628bc48	320	provider_obj.save(provider_cnf)
f49f6323 PD	321	return provider_cnf
	322
	323
2d4e0297 PD	324	def port_forwarding(src_port="1234", src_port_end="",
2d4e0297 PD	325	dst_port="1234", dst_port_end="",
93b19891 PD	326	dst_ip_ref="1", protocol_type="TCP",
93b19891 PD	327	suffix="host"):
f49f6323 PD	328	"""
	329	Generate and save a port forwarding configuration file.
	330
2d4e0297 PD	331	:param str src_port: forwarded source port
	332	:param str src_port_end: forwarded source port end for a port range
	333	:param str dst_port: forwarded destination port
	334	:param str dst_port_end: forwarded destination port end for a port range
93b19891	335	:param str dst_ip_ref: destination nic instance for a port range
f49f6323	336	:param str protocol_type: port forwarding protocol type
f49f6323 PD	337	:param str suffix: optional suffix to use for config identification
	338	:returns: generated config filename
	339	:rtype: str
	340	"""
	341	log.info("Create port forwarding configuration")
	342	value_id = "test"
	343	portforward_client_cnf = "portforward-%d-%s.cnf" % (time.time(), suffix)
	344	return build_cnf("PORT_FORWARDING",
	345	data=value_id,
	346	filename=portforward_client_cnf,
93b19891	347	vals=[(Child, ("PORT_FORWARDING_DST_IP_REF", 0, dst_ip_ref)),
2d4e0297	348	(Child, ("PORT_FORWARDING_DST_PORT", 0, dst_port)),
f49f6323 PD	349	(Child, ("PORT_FORWARDING_DST_PORT_END", 0, dst_port_end)),
f49f6323 PD	350	(Child, ("PORT_FORWARDING_PROTOCOL_TYPE", 0, protocol_type)),
2d4e0297	351	(Child, ("PORT_FORWARDING_SRC_PORT", 0, src_port)),
f49f6323 PD	352	(Child, ("PORT_FORWARDING_SRC_PORT_END", 0, src_port_end))])
	353
	354
	355	def firewall_ruleset_simple(suffix="host"):
	356	"""
	357	Generate and save a simple firewall ruleset configuration file.
	358
	359	:param str suffix: optional suffix to use for config identification
	360	:returns: generated config filename
	361	:rtype: str
	362	"""
	363	log.info("Create firewall ruleset")
	364	fw_cnf = "fw-%d-%s.cnf" % (time.time(), suffix)
	365	return build_cnf("FIREWALL_RULESET",
	366	instance=101,
	367	data="Port Forwarding libfirewall test",
	368	filename=fw_cnf,
	369	vals=[(Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "SIMPLE_PROVIDER")),
	370	(Update, ("FIREWALL_RULESET_PROVIDER_HTTPS_OPEN", 0, "0")),
	371	(Update, ("FIREWALL_RULESET_PROVIDER_POP3SIMAPS_OPEN", 0, "0")),
	372	(Update, ("FIREWALL_RULESET_PROVIDER_PORT_FORWARDING_ENABLE", 0, "1")),
	373	(Update, ("FIREWALL_RULESET_PROVIDER_SMTP_OPEN", 0, "0")),
3156d622	374	(Update, ("FIREWALL_RULESET_PROVIDER_HTTP_OPEN", 0, "0")),
f49f6323 PD	375	(Update, ("FIREWALL_RULESET_PROVIDER_VPN_OPEN", 0, "0"))])
	376
	377
	378	def firewall_ruleset_port(suffix="host"):
	379	"""
	380	Generate and save a firewall ruleset configuration file for port forwarding.
	381
	382	:param str suffix: optional suffix to use for config identification
	383	:returns: generated config filename
	384	:rtype: str
	385	"""
	386	log.info("Create firewall ruleset")
	387	fw_portforward_cnf = "fw-portforward-%d-%s.cnf" % (time.time(), suffix)
	388	return build_cnf("FIREWALL_RULESET",
	389	instance=100,
	390	data="Port forwarding only",
	391	filename=fw_portforward_cnf,
	392	vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
	393	(Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
	394	(Add, ("FIREWALL_RULESET_RULE", 1, "")),
	395	(Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
	396	(Child, ("FIREWALL_RULESET_RULE_CHECK_CONNECTION_STATUS", 0, "PORTFORWARDING")),
	397	(Child, ("FIREWALL_RULESET_RULE_CHECK_TCP_FLAGS", 0, "DISABLED")),
	398	(Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
	399	(Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
	400	(Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
	401	(Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_PERIOD", 0, "SEC")),
	402	(Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
	403	(Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
	404	(Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
	405	(Child, ("FIREWALL_RULESET_RULE_TIME_INCLUDE_TIME_REF", 0, "-1")),
	406	(Update, ("FIREWALL_RULESET_USAGE", 0, "PROVIDER"))])
	407
	408
	409	def firewall_ruleset_dmz(suffix="host"):
	410	"""
	411	Generate and save a firewall ruleset configuration file for DMZ.
	412
	413	:param str suffix: optional suffix to use for config identification
	414	:returns: generated config filename
	415	:rtype: str
	416	"""
	417	log.info("Create firewall ruleset")
	418	fw_dmz_cnf = "fw-dmz-%d-%s.cnf" % (time.time(), suffix)
	419	return build_cnf("FIREWALL_RULESET",
	420	instance=100,
	421	data="DMZ firewall rules",
	422	filename=fw_dmz_cnf,
	423	vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
	424	(Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
	425	(Add, ("FIREWALL_RULESET_RULE", 1, "")),
	426	(Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
	427	(Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
	428	(Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
	429	(Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
	430	(Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
	431	(Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
	432	(Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
	433	(Child, ("FIREWALL_RULESET_RULE_SERVICE_INCLUDE_SERVICEGROUP_REF", 0, "6")),
	434	(Child, ("FIREWALL_RULESET_RULE_DST_INCLUDE_CLIENT_REF", 0, "2")),
	435	(Update, ("FIREWALL_RULESET_USAGE", 0, "LANVPN"))])