diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-08-22 17:15:54 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-08-22 17:15:54 +0300 |
commit | a090dd71231167cda95baaf7284e031230b5ee7a (patch) | |
tree | 9679b9c0eef9a7c639226a2be5f60ae1ccf39ff1 /src/conf_mode/firewall.py | |
parent | ffb798b4678f3b1bd0a40cc42b1f0477470346dc (diff) | |
parent | 961d6b43d30f1269930b8698c3ccb38aa1cb6d52 (diff) | |
download | vyos-1x-a090dd71231167cda95baaf7284e031230b5ee7a.tar.gz vyos-1x-a090dd71231167cda95baaf7284e031230b5ee7a.zip |
Merge pull request #2149 from nicolas-fort/T5478
T5478: remove config-trap configuration parser in firewall
Diffstat (limited to 'src/conf_mode/firewall.py')
-rwxr-xr-x | src/conf_mode/firewall.py | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/src/conf_mode/firewall.py b/src/conf_mode/firewall.py index e946704b3..8ad3f27fc 100755 --- a/src/conf_mode/firewall.py +++ b/src/conf_mode/firewall.py @@ -351,39 +351,6 @@ def apply_sysfs(firewall): with open(path, 'w') as f: f.write(value) -def post_apply_trap(firewall): - if 'first_install' in firewall: - return None - - if not process_named_running('snmpd'): - return None - - trap_username = os.getlogin() - - for host, target_conf in firewall['trap_targets'].items(): - community = target_conf['community'] if 'community' in target_conf else 'public' - port = int(target_conf['port']) if 'port' in target_conf else 162 - - base_cmd = f'snmptrap -v2c -c {community} {host}:{port} 0 {snmp_trap_mib}::{snmp_trap_name} ' - - for change_type, changes in firewall['trap_diff'].items(): - for path_str, value in changes.items(): - objects = [ - f'mgmtEventUser s "{trap_username}"', - f'mgmtEventSource i {snmp_event_source}', - f'mgmtEventType i {snmp_change_type[change_type]}' - ] - - if change_type == 'add': - objects.append(f'mgmtEventCurrCfg s "{path_str} {value}"') - elif change_type == 'delete': - objects.append(f'mgmtEventPrevCfg s "{path_str} {value}"') - elif change_type == 'change': - objects.append(f'mgmtEventPrevCfg s "{path_str} {value[0]}"') - objects.append(f'mgmtEventCurrCfg s "{path_str} {value[1]}"') - - cmd(base_cmd + ' '.join(objects)) - def apply(firewall): install_result, output = rc_cmd(f'nft -f {nftables_conf}') if install_result == 1: @@ -408,8 +375,6 @@ def apply(firewall): print('Updating GeoIP. Please wait...') geoip_update(firewall) - post_apply_trap(firewall) - return None if __name__ == '__main__': |