0
0
Fork 0

Implement logic to write network filter functions

This commit is contained in:
Jan Philipp Timme 2019-06-09 15:25:08 +02:00
parent f15a85a0d8
commit 469e60d619
1 changed files with 21 additions and 2 deletions

View File

@ -138,6 +138,19 @@ def create_roa_entries(route_objects, filter_rules, mode, f):
elif mode == 'ipv6': elif mode == 'ipv6':
f.write('route ' + route_object['route6'] + ' max ' + str(allowed_max_len) + ' as ' + origin + ';' + "\n") f.write('route ' + route_object['route6'] + ' max ' + str(allowed_max_len) + ' as ' + origin + ';' + "\n")
def create_valid_network_function(filter_rules, mode, f):
f.write('function dn42_is_valid_' + mode + '_network() {\n')
f.write(' return net ~ [\n')
first_line_written = False
for id, filter_rule in filter_rules.items():
if filter_rule['route_allowed']:
if first_line_written:
f.write(',\n')
f.write(' ' + filter_rule['network'] + '{' + str(filter_rule['min_length']) + ',' + str(filter_rule['max_length']) + '}')
if not first_line_written:
first_line_written = True
f.write('\n ];\n')
f.write('}\n')
if __name__ == '__main__': if __name__ == '__main__':
# Get registry path over commandline argument # Get registry path over commandline argument
@ -154,8 +167,14 @@ if __name__ == '__main__':
ipv4_route_objects = parse_route_objects(registry_path + '/data/route/') ipv4_route_objects = parse_route_objects(registry_path + '/data/route/')
ipv6_route_objects = parse_route_objects(registry_path + '/data/route6/') ipv6_route_objects = parse_route_objects(registry_path + '/data/route6/')
# Create routes out of ipv4 route objects # Create routes out of ipv4 route objects
with open('./roa_ipv4.conf', 'w') as target_file: with open('./dn42_roa_ipv4.conf', 'w') as target_file:
create_roa_entries(ipv4_route_objects, ipv4_filter_rules, 'ipv4', target_file) create_roa_entries(ipv4_route_objects, ipv4_filter_rules, 'ipv4', target_file)
# Create routes out of ipv6 route objects # Create routes out of ipv6 route objects
with open('./roa_ipv6.conf', 'w') as target_file: with open('./dn42_roa_ipv6.conf', 'w') as target_file:
create_roa_entries(ipv6_route_objects, ipv6_filter_rules, 'ipv6', target_file) create_roa_entries(ipv6_route_objects, ipv6_filter_rules, 'ipv6', target_file)
# Create ipv4 network validation function
with open('./dn42_valid_ipv4.conf', 'w') as target_file:
create_valid_network_function(ipv4_filter_rules, 'ipv4', target_file)
# Create ipv6 network validation function
with open('./dn42_valid_ipv6.conf', 'w') as target_file:
create_valid_network_function(ipv6_filter_rules, 'ipv6', target_file)