From b2ced47bdc547ada59b37e6617422188e150282c Mon Sep 17 00:00:00 2001
From: l0crian1 <ryan.claridge13@gmail.com>
Date: Sat, 30 Mar 2024 11:21:03 -0400
Subject: T6188: add description to show firewall

---
 src/op_mode/firewall.py | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'src/op_mode')

diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py
index 4dcffc412..7134187fe 100755
--- a/src/op_mode/firewall.py
+++ b/src/op_mode/firewall.py
@@ -103,7 +103,7 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N
             if 'disable' in rule_conf:
                 continue
 
-            row = [rule_id, rule_conf['action'], rule_conf['protocol'] if 'protocol' in rule_conf else 'all']
+            row = [rule_id, rule_conf.get('description', ''), rule_conf['action'], rule_conf['protocol'] if 'protocol' in rule_conf else 'all']
             if rule_id in details:
                 rule_details = details[rule_id]
                 row.append(rule_details.get('packets', 0))
@@ -115,7 +115,7 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N
         def_action = firewall_conf['default_action'] if 'default_action' in firewall_conf else 'accept'
     else:
         def_action = firewall_conf['default_action'] if 'default_action' in firewall_conf else 'drop'
-    row = ['default', def_action, 'all']
+    row = ['default', '', def_action, 'all']
     rule_details = details['default-action']
     row.append(rule_details.get('packets', 0))
     row.append(rule_details.get('bytes', 0))
@@ -123,7 +123,7 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N
     rows.append(row)
 
     if rows:
-        header = ['Rule', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions']
+        header = ['Rule', 'Description', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions']
         print(tabulate.tabulate(rows, header) + '\n')
 
 def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule_id=None):
@@ -192,7 +192,7 @@ def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule
                 if not oiface:
                     oiface = 'any'
 
-            row = [rule_id]
+            row = [rule_id, rule_conf.get('description', '')]
             if rule_id in details:
                 rule_details = details[rule_id]
                 row.append(rule_details.get('packets', 0))
@@ -209,7 +209,7 @@ def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule
 
 
     if hook in ['input', 'forward', 'output']:
-        row = ['default']
+        row = ['default', '']
         rule_details = details['default-action']
         row.append(rule_details.get('packets', 0))
         row.append(rule_details.get('bytes', 0))
@@ -224,7 +224,7 @@ def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule
         rows.append(row)
 
     elif 'default_action' in prior_conf and not single_rule_id:
-        row = ['default']
+        row = ['default', '']
         if 'default-action' in details:
             rule_details = details['default-action']
             row.append(rule_details.get('packets', 0))
@@ -240,7 +240,7 @@ def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule
         rows.append(row)
 
     if rows:
-        header = ['Rule', 'Packets', 'Bytes', 'Action', 'Source', 'Destination', 'Inbound-Interface', 'Outbound-interface']
+        header = ['Rule', 'Description', 'Packets', 'Bytes', 'Action', 'Source', 'Destination', 'Inbound-Interface', 'Outbound-interface']
         print(tabulate.tabulate(rows, header) + '\n')
 
 def show_firewall():
-- 
cgit v1.2.3


From 025438ccacc654274efbd3bea8b13fcc73ae08b6 Mon Sep 17 00:00:00 2001
From: l0crian1 <ryan.claridge13@gmail.com>
Date: Mon, 1 Apr 2024 11:14:54 -0400
Subject: 	modified:   op-mode-definitions/firewall.xml.in       - Added
 show firewall <sections> detail paths 	modified:   src/op_mode/firewall.py   
    - Added Description as a header to normal "show firewall" commands       -
 Added 'detail' view which shows the output in a list key-pair format
 Description column was added for these commands and their subsections: show
 firewall statistics show firewall groups show firewall <family>

Detail view was added for these commands:
show firewall bridge forward filter detail
show firewall bridge forward filter rule <rule#> detail
show firewall bridge name <chain> detail
show firewall bridge name <chain> rule <rule#> detail

show firewall ipv4 forward filter detail
show firewall ipv4 forward filter rule <rule#> detail
show firewall ipv4 input filter detail
show firewall ipv4 input filter rule <rule#> detail
show firewall ipv4 output filter detail
show firewall ipv4 output filter rule <rule#> detail
show firewall ipv4 name <chain> detail
show firewall ipv4 name <chain> rule <rule#> detail

show firewall ipv6 forward filter detail
show firewall ipv6 forward filter rule <rule#> detail
show firewall ipv6 input filter detail
show firewall ipv6 input filter rule <rule#> detail
show firewall ipv6 output filter detail
show firewall ipv6 output filter rule <rule#> detail
show firewall ipv6 name <chain> detail
show firewall ipv6 name <chain> rule <rule#> detail

show firewall group detail
show firewall group <group> detail
---
 op-mode-definitions/firewall.xml.in | 241 +++++++++++++++++++++++++++++++++++-
 src/op_mode/firewall.py             |  38 ++++--
 2 files changed, 267 insertions(+), 12 deletions(-)

(limited to 'src/op_mode')

diff --git a/op-mode-definitions/firewall.xml.in b/op-mode-definitions/firewall.xml.in
index 50d52d6ca..6a254ee11 100644
--- a/op-mode-definitions/firewall.xml.in
+++ b/op-mode-definitions/firewall.xml.in
@@ -19,14 +19,36 @@
                 <path>firewall group ipv6-network-group</path>
               </completionHelp>
             </properties>
+            <children>
+              <leafNode name="detail">
+                <properties>
+                  <help>Show list view of firewall groups</help>
+                  <completionHelp>
+                    <path>firewall group detail</path>
+                  </completionHelp>
+                </properties>
+                <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_group --name $4 --detail $5</command>
+              </leafNode>
+            </children>
             <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_group --name $4</command>
           </tagNode>
-          <leafNode name="group">
+          <node name="group">
             <properties>
               <help>Show firewall group</help>
             </properties>
+            <children>
+              <leafNode name="detail">
+                <properties>
+                  <help>Show list view of firewall group</help>
+                  <completionHelp>
+                    <path>firewall group detail</path>
+                  </completionHelp>
+                </properties>
+                <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_group --detail $4</command>
+              </leafNode>
+            </children>
             <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_group</command>
-          </leafNode>
+          </node>
           <node name="bridge">
             <properties>
               <help>Show bridge firewall</help>
@@ -42,6 +64,15 @@
                       <help>Show bridge forward filter firewall ruleset</help>
                     </properties>
                     <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of bridge forward filter firewall rules</help>
+                          <completionHelp>
+                            <path>firewall bridge forward filter detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                      </leafNode>
                       <tagNode name="rule">
                         <properties>
                           <help>Show summary of bridge forward filter firewall rules</help>
@@ -49,6 +80,17 @@
                             <path>firewall bridge forward filter rule</path>
                           </completionHelp>
                         </properties>
+                        <children>
+                          <leafNode name="detail">
+                            <properties>
+                              <help>Show list view of specific bridge forward filter firewall rule</help>
+                              <completionHelp>
+                                <path>firewall bridge forward filter detail</path>
+                              </completionHelp>
+                            </properties>
+                            <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                          </leafNode>
+                        </children>
                         <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                       </tagNode>
                     </children>
@@ -64,6 +106,15 @@
                   </completionHelp>
                 </properties>
                 <children>
+                  <leafNode name="detail">
+                    <properties>
+                      <help>Show list view of bridge custom firewall chains</help>
+                      <completionHelp>
+                        <path>firewall bridge name detail</path>
+                      </completionHelp>
+                    </properties>
+                    <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                  </leafNode>
                   <tagNode name="rule">
                     <properties>
                       <help>Show summary of bridge custom firewall ruleset</help>
@@ -71,6 +122,17 @@
                         <path>firewall bridge name ${COMP_WORDS[5]} rule</path>
                       </completionHelp>
                     </properties>
+                    <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of bridge custom firewall rules</help>
+                          <completionHelp>
+                            <path>firewall bridge name ${COMP_WORDS[5]} rule detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                      </leafNode>
+                    </children>
                     <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                   </tagNode>
                 </children>
@@ -94,6 +156,15 @@
                       <help>Show IPv6 forward filter firewall ruleset</help>
                     </properties>
                     <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv6 forward filter firewall ruleset</help>
+                          <completionHelp>
+                            <path>firewall ipv6 forward filter detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                      </leafNode>
                       <tagNode name="rule">
                         <properties>
                           <help>Show summary of IPv6 forward filter firewall rules</help>
@@ -101,6 +172,17 @@
                             <path>firewall ipv6 forward filter rule</path>
                           </completionHelp>
                         </properties>
+                        <children>
+                          <leafNode name="detail">
+                            <properties>
+                              <help>Show list view of IPv6 forward filter firewall rules</help>
+                              <completionHelp>
+                                <path>firewall ipv6 forward filter rule detail</path>
+                              </completionHelp>
+                            </properties>
+                            <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                          </leafNode>
+                        </children>
                         <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                       </tagNode>
                     </children>
@@ -118,6 +200,15 @@
                       <help>Show IPv6 forward input firewall ruleset</help>
                     </properties>
                     <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv6 input firewall ruleset</help>
+                          <completionHelp>
+                            <path>firewall ipv6 input filter detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                      </leafNode>
                       <tagNode name="rule">
                         <properties>
                           <help>Show summary of IPv6 input filter firewall rules</help>
@@ -125,6 +216,17 @@
                             <path>firewall ipv6 input filter rule</path>
                           </completionHelp>
                         </properties>
+                        <children>
+                          <leafNode name="detail">
+                            <properties>
+                              <help>Show list view of IPv6 input filter firewall rules</help>
+                              <completionHelp>
+                                <path>firewall ipv6 input filter rule detail</path>
+                              </completionHelp>
+                            </properties>
+                            <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                          </leafNode>
+                        </children>
                         <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                       </tagNode>
                     </children>
@@ -142,6 +244,15 @@
                       <help>Show IPv6 output filter firewall ruleset</help>
                     </properties>
                     <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv6 output input firewall ruleset</help>
+                          <completionHelp>
+                            <path>firewall ipv6 output filter detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                      </leafNode>
                       <tagNode name="rule">
                         <properties>
                           <help>Show summary of IPv6 output filter firewall rules</help>
@@ -149,6 +260,17 @@
                             <path>firewall ipv6 output filter rule</path>
                           </completionHelp>
                         </properties>
+                        <children>
+                          <leafNode name="detail">
+                            <properties>
+                              <help>Show list view of IPv6 output filter firewall rules</help>
+                              <completionHelp>
+                                <path>firewall ipv6 output filter rule detail</path>
+                              </completionHelp>
+                            </properties>
+                            <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                          </leafNode>
+                        </children>
                         <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                       </tagNode>
                     </children>
@@ -164,6 +286,15 @@
                   </completionHelp>
                 </properties>
                 <children>
+                  <leafNode name="detail">
+                    <properties>
+                      <help>Show list view of IPv6 custom firewall chains</help>
+                      <completionHelp>
+                        <path>firewall ipv6 name detail</path>
+                      </completionHelp>
+                    </properties>
+                    <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                  </leafNode>
                   <tagNode name="rule">
                     <properties>
                       <help>Show summary of IPv6 custom firewall ruleset</help>
@@ -171,6 +302,17 @@
                         <path>firewall ipv6 name ${COMP_WORDS[5]} rule</path>
                       </completionHelp>
                     </properties>
+                    <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv6 custom firewall rules</help>
+                          <completionHelp>
+                            <path>firewall ipv6 name ${COMP_WORDS[5]} rule detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                      </leafNode>
+                    </children>
                     <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                   </tagNode>
                 </children>
@@ -194,6 +336,15 @@
                       <help>Show IPv4 forward filter firewall ruleset</help>
                     </properties>
                     <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv4 forward filter firewall ruleset</help>
+                          <completionHelp>
+                            <path>firewall ipv4 forward filter detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                      </leafNode>
                       <tagNode name="rule">
                         <properties>
                           <help>Show summary of IPv4 forward filter firewall rules</help>
@@ -201,6 +352,17 @@
                             <path>firewall ipv4 forward filter rule</path>
                           </completionHelp>
                         </properties>
+                        <children>
+                          <leafNode name="detail">
+                            <properties>
+                              <help>Show list view of IPv4 forward filter firewall rules</help>
+                              <completionHelp>
+                                <path>firewall ipv4 forward filter rule detail</path>
+                              </completionHelp>
+                            </properties>
+                            <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                          </leafNode>
+                        </children>
                         <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                       </tagNode>
                     </children>
@@ -218,6 +380,15 @@
                       <help>Show IPv4 forward input firewall ruleset</help>
                     </properties>
                     <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv4 input filter firewall ruleset</help>
+                          <completionHelp>
+                            <path>firewall ipv4 input filter detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                      </leafNode>
                       <tagNode name="rule">
                         <properties>
                           <help>Show summary of IPv4 input filter firewall rules</help>
@@ -225,6 +396,17 @@
                             <path>firewall ipv4 input filter rule</path>
                           </completionHelp>
                         </properties>
+                        <children>
+                          <leafNode name="detail">
+                            <properties>
+                              <help>Show list view of IPv4 input filter firewall rules</help>
+                              <completionHelp>
+                                <path>firewall ipv4 input filter rule detail</path>
+                              </completionHelp>
+                            </properties>
+                            <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                          </leafNode>
+                        </children>
                         <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                       </tagNode>
                     </children>
@@ -242,6 +424,15 @@
                       <help>Show IPv4 output filter firewall ruleset</help>
                     </properties>
                     <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv4 output filter firewall ruleset</help>
+                          <completionHelp>
+                            <path>firewall ipv4 input output detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                      </leafNode>
                       <tagNode name="rule">
                         <properties>
                           <help>Show summary of IPv4 output filter firewall rules</help>
@@ -249,6 +440,17 @@
                             <path>firewall ipv4 output filter rule</path>
                           </completionHelp>
                         </properties>
+                        <children>
+                          <leafNode name="detail">
+                            <properties>
+                              <help>Show list view of IPv4 output filter firewall rules</help>
+                              <completionHelp>
+                                <path>firewall ipv4 input output rule detail</path>
+                              </completionHelp>
+                            </properties>
+                            <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                          </leafNode>
+                        </children>
                         <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                       </tagNode>
                     </children>
@@ -264,6 +466,15 @@
                   </completionHelp>
                 </properties>
                 <children>
+                  <leafNode name="detail">
+                    <properties>
+                      <help>Show list view of IPv4 custom firewall chains</help>
+                      <completionHelp>
+                        <path>firewall ipv4 name detail</path>
+                      </completionHelp>
+                    </properties>
+                    <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --detail $6</command>
+                  </leafNode>
                   <tagNode name="rule">
                     <properties>
                       <help>Show summary of IPv4 custom firewall ruleset</help>
@@ -271,6 +482,17 @@
                         <path>firewall ipv4 name ${COMP_WORDS[5]} rule</path>
                       </completionHelp>
                     </properties>
+                    <children>
+                      <leafNode name="detail">
+                        <properties>
+                          <help>Show list view of IPv4 custom firewall ruleset</help>
+                          <completionHelp>
+                            <path>firewall ipv4 name ${COMP_WORDS[5]} rule detail</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7 --detail $8</command>
+                      </leafNode>
+                    </children>
                     <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show --family $3 --hook $4 --priority $5 --rule $7</command>
                   </tagNode>
                 </children>
@@ -279,12 +501,23 @@
             </children>
           <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_family --family $3</command>
           </node>
-          <leafNode name="statistics">
+          <node name="statistics">
             <properties>
               <help>Show statistics of firewall application</help>
             </properties>
+            <children>
+              <leafNode name="detail">
+                <properties>
+                  <help>Show list view of firewall statistics</help>
+                  <completionHelp>
+                    <path>firewall statistics detail</path>
+                  </completionHelp>
+                </properties>
+                <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_statistics --detail $4</command>
+              </leafNode>
+            </children>
             <command>sudo ${vyos_op_scripts_dir}/firewall.py --action show_statistics</command>
-          </leafNode>
+          </node>
           <leafNode name="summary">
             <properties>
               <help>Show summary of firewall application</help>
diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py
index 7134187fe..411e0be20 100755
--- a/src/op_mode/firewall.py
+++ b/src/op_mode/firewall.py
@@ -19,6 +19,7 @@ import ipaddress
 import json
 import re
 import tabulate
+import textwrap
 
 from vyos.config import Config
 from vyos.utils.process import cmd
@@ -89,6 +90,17 @@ def get_nftables_details(family, hook, priority):
         out[rule_id] = rule
     return out
 
+def output_firewall_vertical(rules, headers):
+    if args.rule:
+        rules.pop()
+
+    for rule in rules:
+        adjusted_rule = rule + [""] * (len(headers) - len(rule)) # account for different header length, like default-action
+        transformed_rule = [[header, textwrap.fill(adjusted_rule[i].replace('\n', ' '), 100)] for i, header in enumerate(headers)] # create key-pair list from headers and rules lists; wrap at 100 char
+
+        print(tabulate.tabulate(transformed_rule, tablefmt="presto"))
+        print()
+
 def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=None):
     print(f'\n---------------------------------\n{family} Firewall "{hook} {priority}"\n')
 
@@ -103,7 +115,7 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N
             if 'disable' in rule_conf:
                 continue
 
-            row = [rule_id, rule_conf.get('description', ''), rule_conf['action'], rule_conf['protocol'] if 'protocol' in rule_conf else 'all']
+            row = [rule_id, textwrap.fill(rule_conf.get('description') or '', 50), rule_conf['action'], rule_conf['protocol'] if 'protocol' in rule_conf else 'all']
             if rule_id in details:
                 rule_details = details[rule_id]
                 row.append(rule_details.get('packets', 0))
@@ -124,7 +136,10 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N
 
     if rows:
         header = ['Rule', 'Description', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions']
-        print(tabulate.tabulate(rows, header) + '\n')
+        if args.detail:
+            output_firewall_vertical(rows, header)
+        else:
+            print(tabulate.tabulate(rows, header) + '\n')
 
 def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule_id=None):
     print(f'\n---------------------------------\n{family} Firewall "{hook} {prior}"\n')
@@ -192,7 +207,7 @@ def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule
                 if not oiface:
                     oiface = 'any'
 
-            row = [rule_id, rule_conf.get('description', '')]
+            row = [rule_id, textwrap.fill(rule_conf.get('description') or '', 50)]
             if rule_id in details:
                 rule_details = details[rule_id]
                 row.append(rule_details.get('packets', 0))
@@ -241,7 +256,10 @@ def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule
 
     if rows:
         header = ['Rule', 'Description', 'Packets', 'Bytes', 'Action', 'Source', 'Destination', 'Inbound-Interface', 'Outbound-interface']
-        print(tabulate.tabulate(rows, header) + '\n')
+        if args.detail:
+            output_firewall_vertical(rows, header)
+        else:
+            print(tabulate.tabulate(rows, header) + '\n')
 
 def show_firewall():
     print('Rulesets Information')
@@ -429,7 +447,7 @@ def show_firewall_group(name=None):
 
         return out
 
-    header = ['Name', 'Type', 'References', 'Members']
+    header = ['Name', 'Description','Type', 'References', 'Members']
     rows = []
 
     for group_type, group_type_conf in firewall['group'].items():
@@ -441,7 +459,7 @@ def show_firewall_group(name=None):
                     continue
 
                 references = find_references(group_type, group_name)
-                row = [group_name, group_type, '\n'.join(references) or 'N/D']
+                row = [group_name,  textwrap.fill(group_conf.get('description') or '', 50), group_type, '\n'.join(references) or 'N/D']
                 if 'address' in group_conf:
                     row.append("\n".join(sorted(group_conf['address'])))
                 elif 'network' in group_conf:
@@ -461,13 +479,16 @@ def show_firewall_group(name=None):
                 if dynamic_type in firewall['group']['dynamic_group']:
                     for dynamic_name, dynamic_conf in firewall['group']['dynamic_group'][dynamic_type].items():
                         references = find_references(dynamic_type, dynamic_name)
-                        row = [dynamic_name, dynamic_type + '(dynamic)', '\n'.join(references) or 'N/D']
+                        row = [dynamic_name, textwrap.fill(dynamic_conf.get('description') or '', 50), dynamic_type + '(dynamic)', '\n'.join(references) or 'N/D']
                         row.append('N/D')
                         rows.append(row)
 
     if rows:
         print('Firewall Groups\n')
-        print(tabulate.tabulate(rows, header))
+        if args.detail:
+            output_firewall_vertical(rows, header)
+        else:
+            print(tabulate.tabulate(rows, header))
 
 def show_summary():
     print('Ruleset Summary')
@@ -539,6 +560,7 @@ if __name__ == '__main__':
     parser.add_argument('--priority', help='Firewall priority', required=False, action='store', nargs='?', default='')
     parser.add_argument('--rule', help='Firewall Rule ID', required=False)
     parser.add_argument('--ipv6', help='IPv6 toggle', action='store_true')
+    parser.add_argument('--detail', help='Firewall view select', required=False)
 
     args = parser.parse_args()
 
-- 
cgit v1.2.3


From a7c5205ab12e767c6c60887033694c597e01f21b Mon Sep 17 00:00:00 2001
From: l0crian1 <ryan.claridge13@gmail.com>
Date: Mon, 1 Apr 2024 11:32:32 -0400
Subject: 	T6188:       - modified:   src/op_mode/firewall.py Changed
 behavior of "show firewall" for specific rule to only show rule and not also
 default-action

---
 src/op_mode/firewall.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/op_mode')

diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py
index 411e0be20..aba6f2598 100755
--- a/src/op_mode/firewall.py
+++ b/src/op_mode/firewall.py
@@ -91,9 +91,6 @@ def get_nftables_details(family, hook, priority):
     return out
 
 def output_firewall_vertical(rules, headers):
-    if args.rule:
-        rules.pop()
-
     for rule in rules:
         adjusted_rule = rule + [""] * (len(headers) - len(rule)) # account for different header length, like default-action
         transformed_rule = [[header, textwrap.fill(adjusted_rule[i].replace('\n', ' '), 100)] for i, header in enumerate(headers)] # create key-pair list from headers and rules lists; wrap at 100 char
@@ -135,6 +132,9 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N
     rows.append(row)
 
     if rows:
+        if args.rule:
+            rows.pop()
+
         header = ['Rule', 'Description', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions']
         if args.detail:
             output_firewall_vertical(rows, header)
-- 
cgit v1.2.3


From 4dba82c7517f4a93b9727d22104e4a339bad127a Mon Sep 17 00:00:00 2001
From: l0crian1 <143656816+l0crian1@users.noreply.github.com>
Date: Fri, 5 Apr 2024 08:48:15 -0400
Subject: T6188: Add description to detail view only

For readability in console sessions, moved the description column to only be shown in the detail view.

Changed wrapping in the detail view for description to 65 characters to prevent full line wrapping in console sessions.
---
 src/op_mode/firewall.py | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

(limited to 'src/op_mode')

diff --git a/src/op_mode/firewall.py b/src/op_mode/firewall.py
index aba6f2598..d4d7f9db5 100755
--- a/src/op_mode/firewall.py
+++ b/src/op_mode/firewall.py
@@ -93,7 +93,7 @@ def get_nftables_details(family, hook, priority):
 def output_firewall_vertical(rules, headers):
     for rule in rules:
         adjusted_rule = rule + [""] * (len(headers) - len(rule)) # account for different header length, like default-action
-        transformed_rule = [[header, textwrap.fill(adjusted_rule[i].replace('\n', ' '), 100)] for i, header in enumerate(headers)] # create key-pair list from headers and rules lists; wrap at 100 char
+        transformed_rule = [[header, textwrap.fill(adjusted_rule[i].replace('\n', ' '), 65)] for i, header in enumerate(headers)] # create key-pair list from headers and rules lists; wrap at 100 char
 
         print(tabulate.tabulate(transformed_rule, tablefmt="presto"))
         print()
@@ -135,10 +135,13 @@ def output_firewall_name(family, hook, priority, firewall_conf, single_rule_id=N
         if args.rule:
             rows.pop()
 
-        header = ['Rule', 'Description', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions']
         if args.detail:
+            header = ['Rule', 'Description', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions']
             output_firewall_vertical(rows, header)
         else:
+            header = ['Rule', 'Action', 'Protocol', 'Packets', 'Bytes', 'Conditions']
+            for i in rows:
+                rows[rows.index(i)].pop(1)
             print(tabulate.tabulate(rows, header) + '\n')
 
 def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule_id=None):
@@ -255,10 +258,13 @@ def output_firewall_name_statistics(family, hook, prior, prior_conf, single_rule
         rows.append(row)
 
     if rows:
-        header = ['Rule', 'Description', 'Packets', 'Bytes', 'Action', 'Source', 'Destination', 'Inbound-Interface', 'Outbound-interface']
         if args.detail:
+            header = ['Rule', 'Description', 'Packets', 'Bytes', 'Action', 'Source', 'Destination', 'Inbound-Interface', 'Outbound-interface']
             output_firewall_vertical(rows, header)
         else:
+            header = ['Rule', 'Packets', 'Bytes', 'Action', 'Source', 'Destination', 'Inbound-Interface', 'Outbound-interface']
+            for i in rows:
+                rows[rows.index(i)].pop(1)
             print(tabulate.tabulate(rows, header) + '\n')
 
 def show_firewall():
@@ -447,7 +453,6 @@ def show_firewall_group(name=None):
 
         return out
 
-    header = ['Name', 'Description','Type', 'References', 'Members']
     rows = []
 
     for group_type, group_type_conf in firewall['group'].items():
@@ -486,8 +491,12 @@ def show_firewall_group(name=None):
     if rows:
         print('Firewall Groups\n')
         if args.detail:
+            header = ['Name', 'Description','Type', 'References', 'Members']
             output_firewall_vertical(rows, header)
         else:
+            header = ['Name', 'Type', 'References', 'Members']
+            for i in rows:
+                rows[rows.index(i)].pop(1)
             print(tabulate.tabulate(rows, header))
 
 def show_summary():
-- 
cgit v1.2.3