Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.esf.net.firewall.service
Class LocalRule

java.lang.Object
  extended bycom.esf.net.firewall.service.LocalRule
public class LocalRule
extends java.lang.Object

Creates an iptables command for a Local Rule, allowing an incoming port connection. CONFIGURATION Configuration will be accepted in the form of key/value pairs. The key/value pairs are strictly defined here: CONFIG_ENTRY -> KEY + "=" + VALUE KEY -> TYPE + INDEX + "_" + PARAM TYPE -> "LocalRule" INDEX -> "0" | "1" | "2" | ... | "N" PARAM (required) -> "port" | "protocol" PARAM (optional) -> "permittedNetwork" | "permittedMAC" | "sourcePortRange" VALUE -> (value of the specified parameter) EXAMPLE: LocalRule0_port=1234 LocalRule0_protocol=tcp LocalRule0_permittedNetwork=192.168.1.1 LocalRule0_permittedMAC=AA:BB:CC:DD:EE:FF LocalRule0_sourcePortRange=3333:4444

Constructor Summary
LocalRule()
          Constructor of LocalRule object.
LocalRule(int port, java.lang.String protocol, java.lang.String permittedNetwork, java.lang.String permittedMAC, java.lang.String sourcePortRange)
          Constructor of LocalRule object.
 
Method Summary
 java.lang.String getPermittedMAC()
          Getter for permittedMAC
 java.lang.String getPermittedNetwork()
          Getter for permittedNetwork
 int getPort()
          Getter for port
 java.lang.String getProtocol()
          Getter for protocol
 java.lang.String getSourcePortRange()
          Getter for the sourcePortRange.
 boolean isComplete()
          Returns true if the required LocalRule parameters have all been set.
 void setPermittedMAC(java.lang.String permittedMAC)
          Setter for the permittedMAC.
 void setPermittedNetwork(java.lang.String permittedNetwork)
          Setter for the permittedNetwork.
 void setPort(int port)
          Setter for the port.
 void setProtocol(java.lang.String protocol)
          Setter for the protocol.
 void setSourcePortRange(java.lang.String sourcePortRange)
          Setter for the sourcePortRange.
 java.lang.String toString()
          Converts the LocalRule to a String.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

LocalRule

public LocalRule(int port,
                 java.lang.String protocol,
                 java.lang.String permittedNetwork,
                 java.lang.String permittedMAC,
                 java.lang.String sourcePortRange)
Constructor of LocalRule object.

Parameters:
port - destination local IP port number to allow
protocol - protocol of port (tcp, udp)
sourcePortRange - range of source ports allowed on IP connection (sourcePort1:sourcePort2)
permittedNetwork - source network or ip address from which connection is allowed (such as 192.168.1.0)
permittedMAC - MAC address from which connection is allowed (such as AA:BB:CC:DD:EE:FF)

LocalRule

public LocalRule()
Constructor of LocalRule object.

Method Detail

isComplete

public boolean isComplete()
Returns true if the required LocalRule parameters have all been set. Returns false otherwise.

Returns:
A boolean representing whether all parameters have been set.

setProtocol

public void setProtocol(java.lang.String protocol)
Setter for the protocol.

Parameters:
protocol - A String representing the protocol.

setPermittedNetwork

public void setPermittedNetwork(java.lang.String permittedNetwork)
Setter for the permittedNetwork.

Parameters:
permittedNetwork - A String representing the permittedNetwork.

setPermittedMAC

public void setPermittedMAC(java.lang.String permittedMAC)
Setter for the permittedMAC.

Parameters:
permittedMAC - A String representing the permittedMAC.

setSourcePortRange

public void setSourcePortRange(java.lang.String sourcePortRange)
Setter for the sourcePortRange.

Parameters:
sourcePortRange - A String representing the sourcePortRange.

setPort

public void setPort(int port)
Setter for the port.

Parameters:
port - An int representing the port.

getSourcePortRange

public java.lang.String getSourcePortRange()
Getter for the sourcePortRange.

Returns:
the sourcePortRange

getPort

public int getPort()
Getter for port

Returns:
the port

getProtocol

public java.lang.String getProtocol()
Getter for protocol

Returns:
the protocol

getPermittedNetwork

public java.lang.String getPermittedNetwork()
Getter for permittedNetwork

Returns:
the permittedNetwork

getPermittedMAC

public java.lang.String getPermittedMAC()
Getter for permittedMAC

Returns:
the permittedMAC

toString

public java.lang.String toString()
Converts the LocalRule to a String. Returns one of the following iptables strings depending on the LocalRule format:

iptables -I INPUT -p {protocol} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -m mac --mac-source {permittedMAC} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -m mac --mac-source {permittedMAC} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2009 Eurotech Inc. All rights reserved.