diff options
| -rw-r--r-- | debian/control | 1 | ||||
| -rw-r--r-- | interface-definitions/container.xml.in | 8 | ||||
| -rw-r--r-- | interface-definitions/firewall.xml.in | 26 | ||||
| -rw-r--r-- | interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i | 2 | ||||
| -rwxr-xr-x | src/conf_mode/container.py | 2 | ||||
| -rwxr-xr-x | src/op_mode/conntrack.py | 23 |
6 files changed, 46 insertions, 16 deletions
diff --git a/debian/control b/debian/control index 45da50b01..801cce269 100644 --- a/debian/control +++ b/debian/control @@ -22,6 +22,7 @@ Build-Depends: python3-nose, python3-jinja2, python3-psutil, + python3-requests, python3-setuptools, quilt, whois diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in index 94f2e92f5..e7dacea36 100644 --- a/interface-definitions/container.xml.in +++ b/interface-definitions/container.xml.in @@ -25,7 +25,7 @@ <properties> <help>Grant individual Linux capability to container instance</help> <completionHelp> - <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-time</list> + <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-nice sys-time</list> </completionHelp> <valueHelp> <format>net-admin</format> @@ -52,11 +52,15 @@ <description>Load, unload and delete kernel modules</description> </valueHelp> <valueHelp> + <format>sys-nice</format> + <description>Permission to set process nice value</description> + </valueHelp> + <valueHelp> <format>sys-time</format> <description>Permission to set system clock</description> </valueHelp> <constraint> - <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-time)</regex> + <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex> </constraint> <multi/> </properties> diff --git a/interface-definitions/firewall.xml.in b/interface-definitions/firewall.xml.in index 3219471b1..24e63c5ec 100644 --- a/interface-definitions/firewall.xml.in +++ b/interface-definitions/firewall.xml.in @@ -56,8 +56,9 @@ <properties> <help>Firewall address-group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> <leafNode name="address"> @@ -96,7 +97,7 @@ <constraint> <regex>[a-zA-Z_][a-zA-Z0-9]?[\w\-\.]*</regex> </constraint> - <constraintErrorMessage>Name of domain-group can only contain alpha-numeric letters, hyphen, underscores and not start with numeric</constraintErrorMessage> + <constraintErrorMessage>Name of domain-group can only contain alphanumeric letters, hyphen, underscores and not start with numeric</constraintErrorMessage> </properties> <children> <leafNode name="address"> @@ -124,8 +125,9 @@ <properties> <help>Firewall dynamic address group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> #include <include/generic-description.xml.i> @@ -148,8 +150,9 @@ <properties> <help>Firewall interface-group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> <leafNode name="interface"> @@ -177,8 +180,9 @@ <properties> <help>Firewall ipv6-address-group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> <leafNode name="address"> @@ -215,8 +219,9 @@ <properties> <help>Firewall ipv6-network-group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> #include <include/generic-description.xml.i> @@ -248,8 +253,9 @@ <properties> <help>Firewall mac-group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> #include <include/generic-description.xml.i> @@ -281,8 +287,9 @@ <properties> <help>Firewall network-group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> #include <include/generic-description.xml.i> @@ -314,8 +321,9 @@ <properties> <help>Firewall port-group</help> <constraint> - <regex>[a-zA-Z0-9][\w\-\.]*</regex> + #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i> </constraint> + <constraintErrorMessage>Name of firewall group can only contain alphanumeric letters, hyphen, underscores and dot</constraintErrorMessage> </properties> <children> #include <include/generic-description.xml.i> diff --git a/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i b/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i index 7aeb85260..34c94e53c 100644 --- a/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i +++ b/interface-definitions/include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i @@ -1,3 +1,3 @@ <!-- include start from constraint/alpha-numeric-hyphen-underscore-dot.xml.i --> -<regex>[-_a-zA-Z0-9.]+</regex> +<regex>[-_a-zA-Z0-9][\w\-\.\+]*</regex> <!-- include end --> diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py index 0b57221b2..a73a18ffa 100755 --- a/src/conf_mode/container.py +++ b/src/conf_mode/container.py @@ -473,8 +473,8 @@ def apply(container): # it to a VRF as there's no consumer, yet. if interface_exists(network_name): tmp = Interface(network_name) - tmp.add_ipv6_eui64_address('fe80::/64') tmp.set_vrf(network_config.get('vrf', '')) + tmp.add_ipv6_eui64_address('fe80::/64') return None diff --git a/src/op_mode/conntrack.py b/src/op_mode/conntrack.py index 5687b9b00..c379c3e60 100755 --- a/src/op_mode/conntrack.py +++ b/src/op_mode/conntrack.py @@ -62,7 +62,7 @@ def _get_raw_data(family): def _get_raw_statistics(): entries = [] - data = cmd('sudo conntrack -S') + data = cmd('sudo conntrack --stats') data = data.replace(' \t', '').split('\n') for entry in data: entries.append(entry.split()) @@ -70,8 +70,25 @@ def _get_raw_statistics(): def get_formatted_statistics(entries): - headers = ["CPU", "Found", "Invalid", "Insert", "Insert fail", "Drop", "Early drop", "Errors", "Search restart"] - output = tabulate(entries, headers, numalign="left") + headers = [ + "CPU", + "Found", + "Invalid", + "Insert", + "Insert fail", + "Drop", + "Early drop", + "Errors", + "Search restart", + "", + "", + ] + # Process each entry to extract and format the values after '=' + processed_entries = [ + [value.split('=')[-1] for value in entry] + for entry in entries + ] + output = tabulate(processed_entries, headers, numalign="left") return output |