developer.intra2net.com Git - pyi2ncommon/blob - src/mk_config.py

   1 # The software in this package is distributed under the GNU General
   2 # Public License version 2 (with a special exception described below).
   3 #
   4 # A copy of GNU General Public License (GPL) is included in this distribution,
   5 # in the file COPYING.GPL.
   6 #
   7 # As a special exception, if other files instantiate templates or use macros
   8 # or inline functions from this file, or you compile this file and link it
   9 # with other works to produce a work based on this file, this file
  10 # does not by itself cause the resulting work to be covered
  11 # by the GNU General Public License.
  12 #
  13 # However the source code for this file must still be made available
  14 # in accordance with section (3) of the GNU General Public License.
  15 #
  16 # This exception does not invalidate any other reasons why a work based
  17 # on this file might be covered by the GNU General Public License.
  18 #
  19 # Copyright (c) 2016-2018 Intra2net AG <info@intra2net.com>
  20
  21 """
  22
  23 SUMMARY
  24 ------------------------------------------------------
  25 Utility for one-step dynamic cnfvar configuration.
  26
  27 .. note:: DEPRECATED! Please do not extend this or add new uses of this module,
  28           use :py:mod:`pyi2ncommon.arnied_api` or :py:mod:`pyi2ncommon.cnfvar`
  29           instead!
  30
  31 Copyright: Intra2net AG
  32
  33
  34 CONTENTS
  35 ------------------------------------------------------
  36 Contains general as well as specialized versions of some of the main
  37 configurations performed by our tests.
  38
  39 INTERFACE
  40 ------------------------------------------------------
  41
  42 """
  43
  44 import time
  45 import logging
  46
  47 # custom imports
  48 from . import arnied_wrapper as aw
  49 from .arnied_wrapper import Delete, Update, Add, Child, batch_update_cnf, build_cnf
  50 from .cnfline import build_cnfvar, build_group, build_intraclient
  51 from .cnfline import build_nic, build_provider, build_user
  52
  53 log = logging.getLogger('pyi2ncommon.mk_config')
  54
  55 ###############################################################################
  56 # MINOR CONFIGURATION
  57 ###############################################################################
  58
  59
  60 def simple(varname, data, filename):
  61     """
  62     Generate and save a single-variable configuration file.
  63
  64     :param str varname: cnf variable name
  65     :param str data: cnf variable data
  66     :param str filename: config name
  67     :returns: generated config filename
  68     :rtype: str
  69     """
  70     log.info("Create single-variable configuration file")
  71     tmp = build_cnfvar.BuildCnfVar(name=varname, data=data)
  72     [filename] = aw.prep_config_paths([filename], aw.DUMP_CONFIG_DIR)
  73     logging.info("Saving simple configuration to %s", filename)
  74     tmp.save(filename)
  75     return filename
  76
  77
  78 def user(username="admin", instance=1, suffix="host"):
  79     """
  80     Generate and save a user configuration file.
  81
  82     :param str username: username for the user variable
  83     :param int instance: instance number (for multiple users, -1 for next available)
  84     :param str suffix: optional suffix to use for config identification
  85     :returns: generated config filename
  86     :rtype: str
  87     """
  88     log.info("Create arnied user configuration")
  89     user_obj = batch_update_cnf(
  90         build_user.BuildUser(data=username, instance=instance, line_no=1),
  91         [(Update, ("USER_FULLNAME", 0, username)),
  92          (Update, ("USER_GROUP_MEMBER_REF", 0, "1")),
  93          (Add, ("USER_GROUP_MEMBER_REF", 1, "2")),
  94          (Delete, "USER_WEBMAIL_MESSAGES_PER_PAGE"),
  95          (Delete, "USER_LOCALE"),
  96          (Delete, "USER_TRASH_DELETEDAYS"),
  97          (Delete, "USER_WEBMAIL_SIGNATURE")])
  98     user_cnf = "user-%d-%s.cnf" % (time.time(), suffix)
  99     [user_cnf] = aw.prep_config_paths([user_cnf], aw.DUMP_CONFIG_DIR)
 100     logging.info("Saving user configuration to %s", user_cnf)
 101     user_obj.save(user_cnf)
 102     return user_cnf
 103
 104
 105 def group_admins(proxy_profile="1", activesync_enable=False, xauth_enable=False, suffix="host"):
 106     """
 107     Generate and save an Administrators group configuration file.
 108
 109     :param str proxy_profile: proxy profile instance reference
 110     :param bool activesync_enable: whether to enable ActiveSync for the group
 111     :param bool xauth_enable: whether to enable XAUTH for the group
 112     :param str suffix: optional suffix to use for config identification
 113     :returns: generated config filename
 114     :rtype: str
 115     """
 116     log.info("Create arnied admin group configuration")
 117     group = batch_update_cnf(build_group.BuildGroup(data="Administratoren",
 118                                                     instance=1),
 119                              [(Update, ("GROUP_ACCESS_REMOTE_ADMINISTRATION_ALLOWED", 0, "1")),
 120                               (Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
 121                               (Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
 122                               (Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
 123                               (Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_INTRANET")),
 124                               (Update, ("GROUP_ACTIVESYNC_ENABLE", 0, "1" if activesync_enable else "0")),
 125                               (Update, ("GROUP_XAUTH_ENABLE", 0, "1" if xauth_enable else "0")),
 126                               (Delete, ("GROUP_COMMENT",))])
 127     group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
 128     [group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
 129     logging.info("Saving group configuration to %s", group_cnf)
 130     group.save(group_cnf)
 131     return group_cnf
 132
 133
 134 def group_all(proxy_profile="1", suffix="host"):
 135     """
 136     Generate and save an "All" group configuration file.
 137
 138     :param str proxy_profile: proxy profile instance reference
 139     :param str suffix: optional suffix to use for config identification
 140     :returns: generated config filename
 141     :rtype: str
 142     """
 143     log.info("Create arnied all group configuration")
 144     group = batch_update_cnf(build_group.BuildGroup(data="Alle",
 145                                                     instance=2),
 146                              [(Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
 147                               (Update, ("GROUP_ACCESS_INFORMATION_VERSION_ALLOWED", 0, "1")),
 148                               (Update, ("GROUP_ACCESS_MAINPAGE_ALLOWED", 0, "1")),
 149                               (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_FORWARDING_ALLOWED", 0, "1")),
 150                               (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_GROUPWARE_ALLOWED", 0, "1")),
 151                               (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SETTINGS_ALLOWED", 0, "1")),
 152                               (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SORTING_ALLOWED", 0, "1")),
 153                               (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SPAMFILTER_ALLOWED", 0, "1")),
 154                               (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_VACATION_ALLOWED", 0, "1")),
 155                               (Update, ("GROUP_ACCESS_GROUPWARE_ALLOWED", 0, "1")),
 156                               (Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
 157                               (Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_EVERYWHERE")),
 158                               (Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
 159                               (Delete, ("GROUP_COMMENT",))])
 160
 161     group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
 162     [group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
 163     logging.info("Saving group configuration to %s", group_cnf)
 164     group.save(group_cnf)
 165     return group_cnf
 166
 167
 168 def nic(instance=0, nictype="NATLAN",
 169         ip="1.2.3.4", netmask="255.255.0.0", mac="00:00:00:00:00:00",
 170         suffix="host"):
 171     """
 172     Generate and save a nic configuration file.
 173
 174     :param int instance: instance number (for multiple nics, -1 for next available)
 175     :param str nictype: type of the nic
 176     :param str ip: IP address of the nic
 177     :param str netmask: network mask of the nic
 178     :param str mac: MAC address of the nic
 179     :param str suffix: optional suffix to use for config identification
 180     :returns: generated config filename
 181     :rtype: str
 182     """
 183     log.info("Create arnied nic configuration")
 184     nic_obj = batch_update_cnf(
 185         build_nic.BuildNIC(data="", instance=instance, line_no=1),
 186         [(Update, ("NIC_TYPE", 0, nictype)),
 187          (Update, ("NIC_LAN_IP", 0, ip)),
 188          (Update, ("NIC_LAN_NETMASK", 0, netmask)),
 189          (Update, ("NIC_MAC", 0, mac))])
 190     nic_cnf = "nic-%d-%s.cnf" % (time.time(), suffix)
 191     [nic_cnf] = aw.prep_config_paths([nic_cnf], aw.DUMP_CONFIG_DIR)
 192     logging.info("Saving nic configuration to %s", nic_cnf)
 193     nic_obj.save(nic_cnf)
 194     return nic_cnf
 195
 196
 197 def intraclient(name="intraclient", instance=1,
 198                 ip="1.2.3.4", mac="00:00:00:00:00:00",
 199                 fwrules=5, suffix="host"):
 200     """
 201     Generate and save an intraclient configuration file.
 202
 203     :param str name: name of the intraclient
 204     :param int instance: instance number (for multiple clients, -1 for next available)
 205     :param str ip: IP address of the intraclient
 206     :param str mac: MAC address of the intraclient
 207     :param int fwrules: instance of the firewall rules to use
 208     :param str suffix: optional suffix to use for config identification
 209     :returns: generated config filename
 210     :rtype: str
 211     """
 212     log.info("Create arnied intraclient configuration")
 213     intraclient_obj = batch_update_cnf(
 214         build_intraclient.BuildIntraclient(data=name, instance=instance),
 215         [(Update, ("INTRACLIENT_IP", 0, ip)),
 216          (Update, ("INTRACLIENT_MAC", 0, mac)),
 217          (Update, ("INTRACLIENT_FIREWALL_RULESET_REF", 0, fwrules))])
 218
 219     intraclient_cnf = "intraclient-%d-%s.cnf" % (time.time(), suffix)
 220     [intraclient_cnf] = aw.prep_config_paths([intraclient_cnf], aw.DUMP_CONFIG_DIR)
 221     logging.info("Saving intraclient configuration to %s", intraclient_cnf)
 222     intraclient_obj.save(intraclient_cnf)
 223     return intraclient_cnf
 224
 225
 226 def provider(name="provider", instance=1, mode="ROUTER", ip="1.2.3.4", localip=None,
 227              netmask="255.255.0.0", dnsmode="IP", dns="1.2.3.4", fwrules=5,
 228              dialretry=None, timeout="", mtumode="AUTO",
 229              vlanid=None, mtusize=None, login=None, password=None,
 230              modemip=None, providerid=None, localdhcp=None,
 231              suffix="host"):
 232     """
 233     Generate and save a provider configuration file.
 234
 235     :param str name: name of the provider
 236     :param int instance: instance number (for multiple clients, -1 for next available)
 237     :param str mode: provider mode
 238     :param str ip: IP address of the provider
 239     :param localip: IP address of the configured machine (valid for some configurations)
 240     :type localip: str or None
 241     :param str netmask: netmask of the provider
 242     :param str dnsmode: dnsmode of the provider
 243     :param str dns: IP address of the DNS server
 244     :param int fwrules: instance of the firewall rules to use
 245     :param any args: lots of detailed configuration
 246     :param str suffix: optional suffix to use for config identification
 247     :returns: generated config filename
 248     :rtype: str
 249     """
 250     log.info("Create arnied provider configuration")
 251
 252     def add_or_del(var, field):
 253         if var is not None:
 254             return Add, (field, 0, str(var))
 255         return Delete, field
 256     provider_obj = batch_update_cnf(
 257         build_provider.BuildProvider(data=name, instance=instance),
 258         [(Update, ("PROVIDER_MODE", 0, mode)),
 259          ip and (Update, ("PROVIDER_IP", 0, ip))
 260              or (Delete, "PROVIDER_IP"),
 261          localip
 262          and (Update, ("PROVIDER_LOCALIP", 0, localip))
 263          or (Delete, "PROVIDER_LOCALIP"),
 264          netmask and (Update, ("PROVIDER_NETMASK", 0,
 265                                netmask))
 266                   or (Delete, "PROVIDER_NETMASK"),
 267          (Update, ("PROVIDER_TIMEOUT", 0, timeout)),
 268          (Update, ("PROVIDER_DNS_MODE", 0, dnsmode)),
 269          (Update, ("PROVIDER_DNS", 0,
 270                    dns if dnsmode == "IP" else "")),
 271          (Update, ("PROVIDER_MTU_MODE", 0, mtumode)),
 272          (Update, ("PROVIDER_MTU_SIZE", 0,
 273                    mtusize if mtumode != "AUTO" else "")),
 274          (Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules))),
 275          add_or_del(vlanid, "PROVIDER_VLAN_ID"),
 276          add_or_del(dialretry, "PROVIDER_DIAL_RETRY"),
 277          add_or_del(login, "PROVIDER_LOGIN"),
 278          add_or_del(password, "PROVIDER_PASSWORD"),
 279          add_or_del(modemip, "PROVIDER_MODEM_IP"),
 280          add_or_del(providerid, "PROVIDER_PROVIDERID"),
 281          add_or_del(localdhcp, "PROVIDER_LOCAL_DHCP")])
 282     provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
 283     [provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
 284     logging.info("Saving provider configuration to %s", provider_cnf)
 285     provider_obj.save(provider_cnf)
 286     return provider_cnf
 287
 288
 289 def provider_proxy(mode="ROUTER", ip="1.2.3.4", localip=None, proxy_port=3128, fwrules=7, suffix="host"):
 290     """
 291     Generate and save a provider configuration file for proxy.
 292
 293     :param str mode: provider mode
 294     :param str ip: IP address of the provider (and DNS server)
 295     :param localip: IP address of the configured machine (valid for some configurations)
 296     :type localip: str or None
 297     :param int proxy_port: port for the provider proxy
 298     :param int fwrules: instance of the firewall rules to use
 299     :param str suffix: optional suffix to use for config identification
 300     :returns: generated config filename
 301     :rtype: str
 302     """
 303     log.info("Create arnied provider configuration.")
 304     provider_obj = batch_update_cnf(
 305         build_provider.BuildProvider(),
 306         [(Update, ("PROVIDER_MODE", 0, mode)),
 307          (Update, ("PROVIDER_DNS", 0, ip)),
 308          (Update, ("PROVIDER_DYNDNS_ENABLE", 0, "0")),
 309          (Update, ("PROVIDER_IP", 0, ip)),
 310          (Update, ("PROVIDER_PROXY_SERVER", 0, ip)),
 311          (Update, ("PROVIDER_PROXY_PORT", 0, str(proxy_port))),
 312          localip
 313          and (Update, ("PROVIDER_LOCALIP", 0, localip))
 314          or (Delete, "PROVIDER_LOCALIP"),
 315          (Update, ("PROVIDER_DNS_MODE", 0, "IP")),
 316          (Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules)))])
 317     provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
 318     [provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
 319     logging.info("Saving provider configuration to %s", provider_cnf)
 320     provider_obj.save(provider_cnf)
 321     return provider_cnf
 322
 323
 324 def port_forwarding(src_port="1234", src_port_end="",
 325                     dst_port="1234", dst_port_end="",
 326                     dst_ip_ref="1", protocol_type="TCP",
 327                     suffix="host"):
 328     """
 329     Generate and save a port forwarding configuration file.
 330
 331     :param str src_port: forwarded source port
 332     :param str src_port_end: forwarded source port end for a port range
 333     :param str dst_port: forwarded destination port
 334     :param str dst_port_end: forwarded destination port end for a port range
 335     :param str dst_ip_ref: destination nic instance for a port range
 336     :param str protocol_type: port forwarding protocol type
 337     :param str suffix: optional suffix to use for config identification
 338     :returns: generated config filename
 339     :rtype: str
 340     """
 341     log.info("Create port forwarding configuration")
 342     value_id = "test"
 343     portforward_client_cnf = "portforward-%d-%s.cnf" % (time.time(), suffix)
 344     return build_cnf("PORT_FORWARDING",
 345                      data=value_id,
 346                      filename=portforward_client_cnf,
 347                      vals=[(Child, ("PORT_FORWARDING_DST_IP_REF", 0, dst_ip_ref)),
 348                            (Child, ("PORT_FORWARDING_DST_PORT", 0, dst_port)),
 349                            (Child, ("PORT_FORWARDING_DST_PORT_END", 0, dst_port_end)),
 350                            (Child, ("PORT_FORWARDING_PROTOCOL_TYPE", 0, protocol_type)),
 351                            (Child, ("PORT_FORWARDING_SRC_PORT", 0, src_port)),
 352                            (Child, ("PORT_FORWARDING_SRC_PORT_END", 0, src_port_end))])
 353
 354
 355 def firewall_ruleset_simple(suffix="host"):
 356     """
 357     Generate and save a simple firewall ruleset configuration file.
 358
 359     :param str suffix: optional suffix to use for config identification
 360     :returns: generated config filename
 361     :rtype: str
 362     """
 363     log.info("Create firewall ruleset")
 364     fw_cnf = "fw-%d-%s.cnf" % (time.time(), suffix)
 365     return build_cnf("FIREWALL_RULESET",
 366                      instance=101,
 367                      data="Port Forwarding libfirewall test",
 368                      filename=fw_cnf,
 369                      vals=[(Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "SIMPLE_PROVIDER")),
 370                            (Update, ("FIREWALL_RULESET_PROVIDER_HTTPS_OPEN", 0, "0")),
 371                            (Update, ("FIREWALL_RULESET_PROVIDER_POP3SIMAPS_OPEN", 0, "0")),
 372                            (Update, ("FIREWALL_RULESET_PROVIDER_PORT_FORWARDING_ENABLE", 0, "1")),
 373                            (Update, ("FIREWALL_RULESET_PROVIDER_SMTP_OPEN", 0, "0")),
 374                            (Update, ("FIREWALL_RULESET_PROVIDER_HTTP_OPEN", 0, "0")),
 375                            (Update, ("FIREWALL_RULESET_PROVIDER_VPN_OPEN", 0, "0"))])
 376
 377
 378 def firewall_ruleset_port(suffix="host"):
 379     """
 380     Generate and save a firewall ruleset configuration file for port forwarding.
 381
 382     :param str suffix: optional suffix to use for config identification
 383     :returns: generated config filename
 384     :rtype: str
 385     """
 386     log.info("Create firewall ruleset")
 387     fw_portforward_cnf = "fw-portforward-%d-%s.cnf" % (time.time(), suffix)
 388     return build_cnf("FIREWALL_RULESET",
 389                      instance=100,
 390                      data="Port forwarding only",
 391                      filename=fw_portforward_cnf,
 392                      vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
 393                            (Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
 394                            (Add, ("FIREWALL_RULESET_RULE", 1, "")),
 395                            (Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
 396                            (Child, ("FIREWALL_RULESET_RULE_CHECK_CONNECTION_STATUS", 0, "PORTFORWARDING")),
 397                            (Child, ("FIREWALL_RULESET_RULE_CHECK_TCP_FLAGS", 0, "DISABLED")),
 398                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
 399                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
 400                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
 401                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_PERIOD", 0, "SEC")),
 402                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
 403                            (Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
 404                            (Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
 405                            (Child, ("FIREWALL_RULESET_RULE_TIME_INCLUDE_TIME_REF", 0, "-1")),
 406                            (Update, ("FIREWALL_RULESET_USAGE", 0, "PROVIDER"))])
 407
 408
 409 def firewall_ruleset_dmz(suffix="host"):
 410     """
 411     Generate and save a firewall ruleset configuration file for DMZ.
 412
 413     :param str suffix: optional suffix to use for config identification
 414     :returns: generated config filename
 415     :rtype: str
 416     """
 417     log.info("Create firewall ruleset")
 418     fw_dmz_cnf = "fw-dmz-%d-%s.cnf" % (time.time(), suffix)
 419     return build_cnf("FIREWALL_RULESET",
 420                      instance=100,
 421                      data="DMZ firewall rules",
 422                      filename=fw_dmz_cnf,
 423                      vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
 424                            (Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
 425                            (Add, ("FIREWALL_RULESET_RULE", 1, "")),
 426                            (Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
 427                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
 428                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
 429                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
 430                            (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
 431                            (Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
 432                            (Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
 433                            (Child, ("FIREWALL_RULESET_RULE_SERVICE_INCLUDE_SERVICEGROUP_REF", 0, "6")),
 434                            (Child, ("FIREWALL_RULESET_RULE_DST_INCLUDE_CLIENT_REF", 0, "2")),
 435                            (Update, ("FIREWALL_RULESET_USAGE", 0, "LANVPN"))])