diff options
Diffstat (limited to 'src/op_mode/firewall.py')
| -rwxr-xr-x | src/op_mode/firewall.py | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py index cf70890a6..3146fc357 100755 --- a/src/op_mode/firewall.py +++ b/src/op_mode/firewall.py @@ -15,6 +15,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import argparse +import ipaddress import json import re import tabulate @@ -87,7 +88,8 @@ def get_config_firewall(conf, name=None, ipv6=False, interfaces=True): def get_nftables_details(name, ipv6=False): suffix = '6' if ipv6 else '' - command = f'sudo nft list chain ip{suffix} filter {name}' + name_prefix = 'NAME6_' if ipv6 else 'NAME_' + command = f'sudo nft list chain ip{suffix} filter {name_prefix}{name}' try: results = cmd(command) except: @@ -266,13 +268,17 @@ def show_firewall_group(name=None): continue references = find_references(group_type, group_name) - row = [group_name, group_type, ', '.join(references)] + row = [group_name, group_type, '\n'.join(references) or 'N/A'] if 'address' in group_conf: - row.append(", ".join(group_conf['address'])) + row.append("\n".join(sorted(group_conf['address'], key=ipaddress.ip_address))) elif 'network' in group_conf: - row.append(", ".join(group_conf['network'])) + row.append("\n".join(sorted(group_conf['network'], key=ipaddress.ip_network))) + elif 'mac_address' in group_conf: + row.append("\n".join(sorted(group_conf['mac_address']))) elif 'port' in group_conf: - row.append(", ".join(group_conf['port'])) + row.append("\n".join(sorted(group_conf['port']))) + else: + row.append('N/A') rows.append(row) if rows: @@ -302,7 +308,7 @@ def show_summary(): for name, name_conf in firewall['ipv6_name'].items(): description = name_conf.get('description', '') interfaces = ", ".join(name_conf['interface']) - v6_out.append([name, description, interfaces]) + v6_out.append([name, description, interfaces or 'N/A']) if v6_out: print('\nIPv6 name:\n') |