Smart Home firewall
Profile-based Smart Home firewall
|
Public Member Functions | |
None | __init__ (self, str name, list nft_matches, int queue_num=-1) |
bool | __eq__ (self, object other) |
bool | contains_policy_matches (self, Policy policy) |
None | update_rate_match (self, str new_match) |
def | update_size_match (self, str new_match) |
def | update_match (self, str stat, str new_match) |
bool | add_policy (self, int interaction_idx, int policy_idx, int state, Policy policy) |
str | get_nft_rule (self, LogType log_type=LogType.NONE, int log_group=100) |
Static Public Member Functions | |
dict | parse_rate_match (str match) |
tuple | parse_size_match (str match) |
Public Attributes | |
name | |
queue_num | |
policies | |
nft_matches | |
nft_stats | |
Static Public Attributes | |
dictionary | time_units |
Class which represents a single nfqueue.
None NFQueue.NFQueue.__init__ | ( | self, | |
str | name, | ||
list | nft_matches, | ||
int | queue_num = -1 |
||
) |
Initialize a new NFQueue object. :param name: descriptive name for the nfqueue :param nft_matches: list of nftables matches corresponding to this queue :param queue_num: number of the nfqueue queue corresponding to this policy, or a negative number if the policy is simply `accept`
bool NFQueue.NFQueue.__eq__ | ( | self, | |
object | other | ||
) |
Compare another object to this NFQueue object. :param other: object to compare to this NFQueue object :return: True if the other object is an NFQueue object with the same nftables match, False otherwise
bool NFQueue.NFQueue.add_policy | ( | self, | |
int | interaction_idx, | ||
int | policy_idx, | ||
int | state, | ||
Policy | policy | ||
) |
Add a policy to this NFQueue object. :param interaction_idx: index of the interaction for which the policy must be added :param policy_idx: index of the policy inside the interaction :param state: state for which the policy must be added :param policy: policy to add :param timeout: the timeout of the policy :return: True if the nfqueue queue number has been updated, False otherwise
bool NFQueue.NFQueue.contains_policy_matches | ( | self, | |
Policy | policy | ||
) |
Check if this NFQueue object contains the nftables matches of the given policy. :param policy: policy to check :return: True if this NFQueue object contains the nftables matches of the given policy, False otherwise
str NFQueue.NFQueue.get_nft_rule | ( | self, | |
LogType | log_type = LogType.NONE , |
||
int | log_group = 100 |
||
) |
Retrieve the complete nftables rule, composed of the complete nftables match and the action, for this nfqueue. :return: complete nftables rule for this nfqueue
|
static |
Parse the rate match and return a dictionary containing the rate and burst values. :param match: rate match to parse :return: dictionary containing the rate and burst values, or None if the match could not be parsed
|
static |
Parse the packet size match and return a tuple containing the lower and upper bounds. :param match: packet size match to parse :return: tuple containing the lower and upper bounds of the packet size match, or None if the match could not be parsed
def NFQueue.NFQueue.update_match | ( | self, | |
str | stat, | ||
str | new_match | ||
) |
Update the match for the given stat, if needed. Stat match is set to the least restrictive match between the current and the new one. :param stat: name of the stat to update :param new_match: new match to set, if needed
None NFQueue.NFQueue.update_rate_match | ( | self, | |
str | new_match | ||
) |
Update the rate NFTables match for this NFQueue object, if needed. :param new_match: new match to be compared to the current one
def NFQueue.NFQueue.update_size_match | ( | self, | |
str | new_match | ||
) |
Update the packet size NFTables match for this NFQueue object, if needed. :param new_match: new match to be compared to the current one
|
static |