summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/nat.py5
-rwxr-xr-xsrc/op_mode/show_system_integrity.py70
-rwxr-xr-xsrc/op_mode/system_integrity.py70
3 files changed, 75 insertions, 70 deletions
diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py
index dd34dfd66..97cd36223 100755
--- a/src/conf_mode/nat.py
+++ b/src/conf_mode/nat.py
@@ -232,6 +232,8 @@ def verify(nat):
addr = rule['translation_address']
if addr != 'masquerade' and not is_addr_assigned(addr):
print(f'Warning: IP address {addr} does not exist on the system!')
+ elif not rule['exclude']:
+ raise ConfigError(f'{err_msg} translation address not specified')
# common rule verification
verify_rule(rule, err_msg)
@@ -246,6 +248,9 @@ def verify(nat):
if not rule['interface_in']:
raise ConfigError(f'{err_msg} inbound-interface not specified')
+ if not rule['translation_address'] and not rule['exclude']:
+ raise ConfigError(f'{err_msg} translation address not specified')
+
# common rule verification
verify_rule(rule, err_msg)
diff --git a/src/op_mode/show_system_integrity.py b/src/op_mode/show_system_integrity.py
new file mode 100755
index 000000000..c34d41e80
--- /dev/null
+++ b/src/op_mode/show_system_integrity.py
@@ -0,0 +1,70 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2020 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+#
+
+import sys
+import os
+import re
+import json
+from datetime import datetime, timedelta
+
+version_file = r'/usr/share/vyos/version.json'
+
+
+def _get_sys_build_version():
+ if not os.path.exists(version_file):
+ return None
+ buf = open(version_file, 'r').read()
+ j = json.loads(buf)
+ if not 'built_on' in j:
+ return None
+ return datetime.strptime(j['built_on'], '%a %d %b %Y %H:%M %Z')
+
+
+def _check_pkgs(build_stamp):
+ pkg_diffs = {
+ 'buildtime': str(build_stamp),
+ 'pkg': {}
+ }
+
+ pkg_info = os.listdir('/var/lib/dpkg/info/')
+ for file in pkg_info:
+ if re.search('\.list$', file):
+ fts = os.stat('/var/lib/dpkg/info/' + file).st_mtime
+ dt_str = (datetime.utcfromtimestamp(
+ fts).strftime('%Y-%m-%d %H:%M:%S'))
+ fdt = datetime.strptime(dt_str, '%Y-%m-%d %H:%M:%S')
+ if fdt > build_stamp:
+ pkg_diffs['pkg'].update(
+ {str(re.sub('\.list', '', file)): str(fdt)})
+
+ if len(pkg_diffs['pkg']) != 0:
+ return pkg_diffs
+ else:
+ return None
+
+
+if __name__ == '__main__':
+ built_date = _get_sys_build_version()
+ if not built_date:
+ sys.exit(1)
+ pkgs = _check_pkgs(built_date)
+ if pkgs:
+ print (
+ "The following packages don\'t fit the image creation time\nbuild time:\t" + pkgs['buildtime'])
+ for k, v in pkgs['pkg'].items():
+ print ("installed: " + v + '\t' + k)
diff --git a/src/op_mode/system_integrity.py b/src/op_mode/system_integrity.py
deleted file mode 100755
index c0e3d1095..000000000
--- a/src/op_mode/system_integrity.py
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/usr/bin/env python3
-#
-# Copyright (C) 2018 VyOS maintainers and contributors
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version 2 or later as
-# published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-#
-
-import sys
-import os
-import re
-import itertools
-from datetime import datetime, timedelta
-
-from vyos.util import cmd
-
-verf = r'/usr/libexec/vyos/op_mode/version.py'
-
-def get_sys_build_version():
- if not os.path.exists(verf):
- return None
-
- a = cmd('/usr/libexec/vyos/op_mode/version.py')
- if re.search('^Built on:.+',a, re.M) == None:
- return None
-
- dt = ( re.sub('Built on: +','', re.search('^Built on:.+',a, re.M).group(0)) )
- return datetime.strptime(dt,'%a %d %b %Y %H:%M %Z')
-
-def check_pkgs(dt):
- pkg_diffs = {
- 'buildtime' : str(dt),
- 'pkg' : {}
- }
-
- pkg_info = os.listdir('/var/lib/dpkg/info/')
- for file in pkg_info:
- if re.search('\.list$', file):
- fts = os.stat('/var/lib/dpkg/info/' + file).st_mtime
- dt_str = (datetime.utcfromtimestamp(fts).strftime('%Y-%m-%d %H:%M:%S'))
- fdt = datetime.strptime(dt_str, '%Y-%m-%d %H:%M:%S')
- if fdt > dt:
- pkg_diffs['pkg'].update( { str(re.sub('\.list','',file)) : str(fdt)})
-
- if len(pkg_diffs['pkg']) != 0:
- return pkg_diffs
- else:
- return None
-
-def main():
- dt = get_sys_build_version()
- pkgs = check_pkgs(dt)
- if pkgs != None:
- print ("The following packages don\'t fit the image creation time\nbuild time:\t" + pkgs['buildtime'])
- for k, v in pkgs['pkg'].items():
- print ("installed: " + v + '\t' + k)
-
-if __name__ == '__main__':
- sys.exit( main() )
-