Skip to content
GitLab
Explorer
Connexion
S'inscrire
Navigation principale
Rechercher ou aller à…
Projet
P
profile-translator-blocklist
Gestion
Activité
Membres
Labels
Programmation
Tickets
Tableaux des tickets
Jalons
Wiki
Code
Requêtes de fusion
Dépôt
Branches
Validations
Étiquettes
Graphe du dépôt
Comparer les révisions
Extraits de code
Compilation
Pipelines
Jobs
Planifications de pipeline
Artéfacts
Déploiement
Releases
Registre de paquets
Registre de conteneur
Registre de modèles
Opération
Environnements
Modules Terraform
Surveillance
Incidents
Analyse
Données d'analyse des chaînes de valeur
Analyse des contributeurs
Données d'analyse CI/CD
Données d'analyse du dépôt
Expériences du modèle
Aide
Aide
Support
Documentation de GitLab
Comparer les forfaits GitLab
Forum de la communauté
Contribuer à GitLab
Donner votre avis
Conditions générales et politique de confidentialité
Raccourcis clavier
?
Extraits de code
Groupes
Projets
Afficher davantage de fils d'Ariane
smart-home-network-security
profile-translator-blocklist
Validations
11af9ee7
Valider
11af9ee7
rédigé
Il y a 8 mois
par
François De Keersmaeker
Parcourir les fichiers
Options
Téléchargements
Correctifs
Plain Diff
Translator: refactored Jinja2 loader
parent
51cfb04a
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Modifications
2
Masquer les modifications d'espaces
En ligne
Côte à côte
Affichage de
2 fichiers modifiés
profile_translator_blocklist/jinja_utils.py
+48
-0
48 ajouts, 0 suppression
profile_translator_blocklist/jinja_utils.py
profile_translator_blocklist/translator.py
+15
-16
15 ajouts, 16 suppressions
profile_translator_blocklist/translator.py
avec
63 ajouts
et
16 suppressions
profile_translator_blocklist/jinja_
filter
s.py
→
profile_translator_blocklist/jinja_
util
s.py
+
48
−
0
Voir le fichier @
11af9ee7
"""
Custom Jinja2 filters for the `profile-translator` package
.
Jinja2-related functions
.
"""
import
jinja2
def
is_list
(
value
:
any
)
->
bool
:
"""
Custom filter for Jinja2, to check whether a value is a list.
...
...
@@ -21,3 +24,25 @@ def debug(value: any) -> str:
"""
print
(
str
(
value
))
return
""
def
create_jinja_env
(
package
:
str
)
->
jinja2
.
Environment
:
"""
Create a Jinja2 environment with custom filters.
Args:
package (str): package name
Returns:
Jinja2 environment
"""
# Create Jinja2 environment
loader
=
jinja2
.
PackageLoader
(
package
,
"
templates
"
)
env
=
jinja2
.
Environment
(
loader
=
loader
,
trim_blocks
=
True
,
lstrip_blocks
=
True
)
# Add custom Jinja2 filters
env
.
filters
[
"
debug
"
]
=
debug
env
.
filters
[
"
is_list
"
]
=
is_list
env
.
filters
[
"
any
"
]
=
any
env
.
filters
[
"
all
"
]
=
all
return
env
Ce diff est replié.
Cliquez pour l'agrandir.
profile_translator_blocklist/translator.py
+
15
−
16
Voir le fichier @
11af9ee7
...
...
@@ -13,7 +13,7 @@ import jinja2
from
typing
import
Tuple
# Custom modules
from
.arg_types
import
uint16
,
proba
,
directory
from
.jinja_
filter
s
import
debug
,
is_list
from
.jinja_
util
s
import
create_jinja_env
from
.LogType
import
LogType
from
.Policy
import
Policy
from
.NFQueue
import
NFQueue
...
...
@@ -23,16 +23,6 @@ from pyyaml_loaders import IncludeLoader
# Package name
package
=
importlib
.
import_module
(
__name__
).
__name__
.
rpartition
(
"
.
"
)[
0
]
## Jinja2 config
loader
=
jinja2
.
PackageLoader
(
package
,
"
templates
"
)
env
=
jinja2
.
Environment
(
loader
=
loader
,
trim_blocks
=
True
,
lstrip_blocks
=
True
)
# Add custom Jinja2 filters
env
.
filters
[
"
debug
"
]
=
debug
env
.
filters
[
"
is_list
"
]
=
is_list
env
.
filters
[
"
any
"
]
=
any
env
.
filters
[
"
all
"
]
=
all
##### FUNCTIONS #####
...
...
@@ -185,6 +175,15 @@ def write_firewall(
args
=
validate_args
(
output_dir
=
output_dir
,
drop_proba
=
drop_proba
)
drop_proba
=
args
[
"
drop_proba
"
]
# Jinja2 environment
templates
=
{}
env
=
create_jinja_env
(
package
)
templates
[
"
firewall.nft
"
]
=
env
.
get_template
(
"
firewall.nft.j2
"
)
templates
[
"
header.c
"
]
=
env
.
get_template
(
"
header.c.j2
"
)
templates
[
"
callback.c
"
]
=
env
.
get_template
(
"
callback.c.j2
"
)
templates
[
"
main.c
"
]
=
env
.
get_template
(
"
main.c.j2
"
)
templates
[
"
CMakeLists.txt
"
]
=
env
.
get_template
(
"
CMakeLists.txt.j2
"
)
# Create nftables script
nft_dict
=
{
"
device
"
:
device
,
...
...
@@ -194,7 +193,7 @@ def write_firewall(
"
log_group
"
:
log_group
,
"
test
"
:
test
}
env
.
get_
template
(
"
firewall.nft
.j2
"
)
.
stream
(
nft_dict
).
dump
(
os
.
path
.
join
(
output_dir
,
"
firewall.nft
"
))
template
s
[
"
firewall.nft
"
]
.
stream
(
nft_dict
).
dump
(
os
.
path
.
join
(
output_dir
,
"
firewall.nft
"
))
# If needed, create NFQueue-related files
num_threads
=
len
([
q
for
q
in
global_accs
[
"
nfqueues
"
]
if
q
.
queue_num
>=
0
])
...
...
@@ -207,20 +206,20 @@ def write_firewall(
"
drop_proba
"
:
drop_proba
,
"
num_threads
"
:
num_threads
,
}
header
=
env
.
get_
template
(
"
header.c
.j2
"
)
.
render
(
header_dict
)
header
=
template
s
[
"
header.c
"
]
.
render
(
header_dict
)
callback_dict
=
{
"
nft_table
"
:
f
"
bridge
{
device
[
'
name
'
]
}
"
,
"
nfqueues
"
:
global_accs
[
"
nfqueues
"
],
"
drop_proba
"
:
drop_proba
}
callback
=
env
.
get_
template
(
"
callback.c
.j2
"
)
.
render
(
callback_dict
)
callback
=
template
s
[
"
callback.c
"
]
.
render
(
callback_dict
)
main_dict
=
{
"
custom_parsers
"
:
global_accs
[
"
custom_parsers
"
],
"
nfqueues
"
:
global_accs
[
"
nfqueues
"
],
"
domain_names
"
:
global_accs
[
"
domain_names
"
],
"
num_threads
"
:
num_threads
}
main
=
env
.
get_
template
(
"
main.c
.j2
"
)
.
render
(
main_dict
)
main
=
template
s
[
"
main.c
"
]
.
render
(
main_dict
)
# Write policy C file
with
open
(
os
.
path
.
join
(
output_dir
,
"
nfqueues.c
"
),
"
w+
"
)
as
fw
:
...
...
@@ -235,7 +234,7 @@ def write_firewall(
"
custom_parsers
"
:
global_accs
[
"
custom_parsers
"
],
"
domain_names
"
:
global_accs
[
"
domain_names
"
]
}
env
.
get_
template
(
"
CMakeLists.txt
.j2
"
)
.
stream
(
cmake_dict
).
dump
(
os
.
path
.
join
(
output_dir
,
"
CMakeLists.txt
"
))
template
s
[
"
CMakeLists.txt
"
]
.
stream
(
cmake_dict
).
dump
(
os
.
path
.
join
(
output_dir
,
"
CMakeLists.txt
"
))
def
translate_policy
(
...
...
Ce diff est replié.
Cliquez pour l'agrandir.
Aperçu
0%
Chargement en cours
Veuillez réessayer
ou
joindre un nouveau fichier
.
Annuler
You are about to add
0
people
to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Enregistrer le commentaire
Annuler
Veuillez vous
inscrire
ou vous
se connecter
pour commenter