1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143 |
"""
This file is part of Mokonnect.
Mokonnect is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License Version 3
as published by the Free Software Foundation.
Mokonnect is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Mokonnect. If not, see <http://www.gnu.org/licenses/>.
"""
#
# mkdev_gprs.py
# mokonnect device gprs network
#
import pyptables
import mkbase
class NATPanel(mkbase.MKPanel):
def __init__(self,win,iface_list):
mkbase.MKPanel.__init__(self,win)
self.iface_list = iface_list
self.gui = {
"type": "table",
"cols": 2,
"align": (-1,0),
"content": [[{
"type": "frame",
"align": (-1,0),
"weight": (1,1),
"label": "Internal",
"content": {
"type": "box",
"content": []
}
},{
"type": "frame",
"align": (-1,0),
"weight": (1,1),
"label": "External",
"content": {
"type": "box",
"content": []
}
}]]
}
self.config = {}
for iface in self.iface_list:
self.gui["content"][0][0]["content"]["content"].append({
"type":"check",
"label": iface,
"config_link": "intern_%s" % iface,
})
self.config["intern_%s" % iface] = False
self.gui["content"][0][1]["content"]["content"].append({
"type":"check",
"label": iface,
"config_link": "extern_%s" % iface,
})
self.config["extern_%s" % iface] = False
class NATDevice(mkbase.MKDevice):
def __init__(self,win,pager,qdbus):
mkbase.MKDevice.__init__(self,win)
self.iface_list = {
"GPRS": "ppp0",
"Wifi": "eth0",
"UsbNet": "usb0"
}
self.panels = [NATPanel(win,self.iface_list)]
self.name = "NAT"
self.bus = qdbus
self.ipt = pyptables.IPTables()
self.panels[0].config["rules"] = {}
def CleanRules(self):
self.log("Removing previously set rules...")
self.ipt.rules = self.panels[0].config["rules"]
for tid in self.ipt.rules:
while len(self.ipt.rules[tid]) != 0:
self.ipt.DelRule((tid,0))
def Apply(self,log):
self.log = log
self.CleanRules()
self.PowerOn(log)
indev = []
extdev = []
for iface in self.iface_list:
is_in = False
if self.panels[0].config["intern_%s" % iface]:
indev.append(self.iface_list[iface])
is_in = True
if self.panels[0].config["extern_%s" % iface]:
extdev.append(self.iface_list[iface])
if is_in:
log("Device %s can not be internal and external at the same time..." % iface)
log("__DONE__")
return
if len(extdev) != 1:
log("You must select exactly one external device.")
log("__DONE__")
return
if len(indev) == 0:
log("At least one internal device must be selected.")
log("__DONE__")
return
# finally we add the rules
log("Setting up NAT rules...")
log("External Device: %s" % extdev[0])
log("Internal Devices: %s" % str(indev))
self.ipt.AddRule("nat","-A POSTROUTING -o %s -j MASQUERADE" % extdev[0])
for dev in indev:
self.ipt.AddRule("filter","-A FORWARD -i %s -o %s -m state --state RELATED,ESTABLISHED -j ACCEPT" % (extdev[0],dev))
self.ipt.AddRule("filter","-A FORWARD -i %s -o %s -j ACCEPT" % (dev,extdev[0]))
self.panels[0].config["rules"] = self.ipt.rules
log("Done!")
log("__DONE__")
def PowerOff(self,log):
self.log = log
self.CleanRules()
# ipforward
if not self.ipt.ForwardGet():
log("IP Forwarding is already disabled!")
else:
log("Disabling IP Forwarding...")
self.ipt.ForwardSet(False)
log("__DONE__")
return True
def PowerOn(self,log):
if self.ipt.ForwardGet():
log("IP Forwarding is already enabled!")
else:
log("Enabling IP Forwarding...")
self.ipt.ForwardSet(True)
return True |
