ILinuxFirewallService

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.esf.net.firewall.service
Interface ILinuxFirewallService

public interface ILinuxFirewallService

The ILinuxFirewallservice is used to set up firewall settings . To setup the firewall settings setup the respective parameter using the add methods and then use the method writefile. Also use writefile after you use the delete calls.Use start to take effect. CONFIGURATION Rule specific configuration parameters are detailed in the documentation of each rule class. Firewall configurations will consist of one or more rule configurations.

Field Summary
`static java.lang.String`	`SERVICE_NAME` service name of this interface for the bundle activator (com.esf.networking.firewall.service)

Method Summary
`void`	`addCustomRule(java.lang.String rule)` Adds a custom rule to the firewall.
`void`	`addLocalRule(int port, java.lang.String protocol, java.lang.String permittedNetwork, java.lang.String permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange)` Adds a new Local Port rule to the firewall, to allow incoming port connections.
`void`	`addNatRule(java.lang.String sourceNetwork, java.lang.String sourceInterface, java.lang.String destinationInterface, boolean masquerade)` Adds a new Network Address Translation rule to the firewall.
`void`	`addPortForwardRule(java.lang.String iface, java.lang.String address, java.lang.String protocol, int inPort, int outPort, java.lang.String permittedNetwork, java.lang.String permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange)` Adds a new Port Forwarding rule to firewall.
`void`	`allowIcmp()` sets the rule to allow ICMP packets through on all interfaces.
`void`	`blockAllPorts()` blocks all ports in the firewall configuration.
`void`	`deleteAllLocalRules()` Removes all Local Port rules from this firewall configuration.
`void`	`deleteAllNatRules()` Removes all Network Address Translation rules from this firewall configuration.
`void`	`deleteAllPortForwardRules()` Removes all Port Forwarding rules from this firewall configuration.
`void`	`deleteLocalRule(int index)` Deletes a Local Rule from this firewall configuration.
`void`	`deleteNatRule(int index)` Deletes a Network Address Translation rule from this firewall configuration.
`void`	`deletePortForwardRule(int index)` Deletes a Port Forwarding rule from this firewall configuration.
`void`	`disableForwarding()` disables forwarding by setting forwarding to enabled in /proc (echo 0 > /proc/sys/net/ipv4/ip_forward).
`void`	`disableIcmp()` sets the rule to not allow ICMP packets through on all interfaces
`void`	`enableForwarding()` enables forwarding by setting forwarding to enabled in /proc (echo 1 > /proc/sys/net/ipv4/ip_forward).
`java.util.ArrayList`	`getLocalRules()` Gets a list of all Local Port rules from this firewall configuration.
`java.util.ArrayList`	`getNatRules()` Gets a list of all Network Address Translation rules from this firewall configuration.
`java.util.ArrayList`	`getPortForwardRules()` Gets a list of all Port Forwarding rules from this firewall configuration.
`void`	`runScript()` Runs the currently stored firewall configuration script.
`void`	`unblockAllPorts()` unblocks all ports in the firewall configuration.
`void`	`writeFile()` Writes a new firewall configuration script.

Field Detail

SERVICE_NAME

static final java.lang.String SERVICE_NAME

service name of this interface for the bundle activator (com.esf.networking.firewall.service)

Method Detail

writeFile

void writeFile()
               throws java.lang.Exception

Writes a new firewall configuration script.

Throws:: java.lang.Exception - If any access errors occur.

runScript

void runScript()
               throws java.lang.Exception

Runs the currently stored firewall configuration script.

Throws:: java.lang.Exception

addLocalRule

void addLocalRule(int port,
                  java.lang.String protocol,
                  java.lang.String permittedNetwork,
                  java.lang.String permittedNetworkMask,
                  java.lang.String permittedMAC,
                  java.lang.String sourcePortRange)
                  throws java.lang.Exception

Adds a new Local Port rule to the firewall, to allow incoming port connections.

Parameters:: port - local port number for the incoming connection; protocol - network protocol, as String; permittedNetwork - permitted source IP address or network, as String; permittedNetworkMask - permitted source network mask, as String; permittedMAC - permitted source MAC address, as String; sourcePortRange - permitted source port range for incoming connection, as String
Throws:: java.lang.Exception - If rule cannot be added

addPortForwardRule

void addPortForwardRule(java.lang.String iface,
                        java.lang.String address,
                        java.lang.String protocol,
                        int inPort,
                        int outPort,
                        java.lang.String permittedNetwork,
                        java.lang.String permittedNetworkMask,
                        java.lang.String permittedMAC,
                        java.lang.String sourcePortRange)
                        throws java.lang.Exception

Adds a new Port Forwarding rule to firewall.

Parameters:: iface - source interface name, as String; address - destination IP address to forward to, as String; protocol - network protocol, as String; inPort - incoming IP port; outPort - forwarded destination IP port; permittedNetwork - permitted source IP address or network, as String; permittedNetworkMask - permitted source network mask, as String; permittedMAC - permitted source MAC address, as String; sourcePortRange - permitted source port range for incoming connection, as String
Throws:: java.lang.Exception - If rule cannot be added

addNatRule

void addNatRule(java.lang.String sourceNetwork,
                java.lang.String sourceInterface,
                java.lang.String destinationInterface,
                boolean masquerade)
                throws java.lang.Exception

Adds a new Network Address Translation rule to the firewall.

Parameters:: sourceNetwork - source IP address or network, as String; sourceInterface - source interface name, as String; destinationInterface - destination interface name, as String; masquerade - add masquerade entry, as boolean
Throws:: java.lang.Exception - If rule cannot be added

addCustomRule

void addCustomRule(java.lang.String rule)
                   throws java.lang.Exception

Adds a custom rule to the firewall.

Parameters:: rule - custom rule, as String
Throws:: java.lang.Exception - If rule cannot be added

getLocalRules

java.util.ArrayList getLocalRules()
                                  throws java.lang.Exception

Gets a list of all Local Port rules from this firewall configuration.

Returns:: ArrayList of Local Port rules
Throws:: java.lang.Exception - If unable to get Local Port rules

getPortForwardRules

java.util.ArrayList getPortForwardRules()
                                        throws java.lang.Exception

Gets a list of all Port Forwarding rules from this firewall configuration.

Returns:: ArrayList of Port Forwarding rules
Throws:: java.lang.Exception - If unable to get Port Forwarding rules

getNatRules

java.util.ArrayList getNatRules()
                                throws java.lang.Exception

Gets a list of all Network Address Translation rules from this firewall configuration.

Returns:: ArrayList of NAT rules
Throws:: java.lang.Exception - If unable to get NAT rules

deleteLocalRule

void deleteLocalRule(int index)
                     throws java.lang.Exception

Deletes a Local Rule from this firewall configuration.

Parameters:: index - index in the ArrayList of the Local Rule to be deleted
Throws:: java.lang.Exception - If unable to delete Local Rule

deletePortForwardRule

void deletePortForwardRule(int index)
                           throws java.lang.Exception

Deletes a Port Forwarding rule from this firewall configuration.

Parameters:: index - index in the ArrayList of the Port Forwarding rule to be deleted
Throws:: java.lang.Exception - If unable to delete Port Forwarding rule

deleteNatRule

void deleteNatRule(int index)
                   throws java.lang.Exception

Deletes a Network Address Translation rule from this firewall configuration.

Parameters:: index - index in the ArrayList of the NAT rule to be deleted
Throws:: java.lang.Exception - If unable to delete NAT rule

deleteAllLocalRules

void deleteAllLocalRules()
                         throws java.lang.Exception

Removes all Local Port rules from this firewall configuration.

Throws:: java.lang.Exception - If unable to delete all Local Port rules

deleteAllPortForwardRules

void deleteAllPortForwardRules()
                               throws java.lang.Exception

Removes all Port Forwarding rules from this firewall configuration.

Throws:: java.lang.Exception - If unable to delete all Port Forwarding rules

deleteAllNatRules

void deleteAllNatRules()
                       throws java.lang.Exception

Removes all Network Address Translation rules from this firewall configuration.

Throws:: java.lang.Exception - If unable to delete all NAT rules

blockAllPorts

void blockAllPorts()
                   throws java.lang.Exception

blocks all ports in the firewall configuration.

Throws:: java.lang.Exception - If unable to block all ports

unblockAllPorts

void unblockAllPorts()
                     throws java.lang.Exception

unblocks all ports in the firewall configuration.

Throws:: java.lang.Exception - If unable to unblock all ports

allowIcmp

void allowIcmp()

sets the rule to allow ICMP packets through on all interfaces. This is the default state.

disableIcmp

void disableIcmp()

sets the rule to not allow ICMP packets through on all interfaces

enableForwarding

void enableForwarding()

enables forwarding by setting forwarding to enabled in /proc (echo 1 > /proc/sys/net/ipv4/ip_forward). This gets set automatically if any NAT rules have MASQUERADING enabled

disableForwarding

void disableForwarding()

disables forwarding by setting forwarding to enabled in /proc (echo 0 > /proc/sys/net/ipv4/ip_forward). See @enableForwarding() as it gets called automatically if any NAT rules have MASQUERADING enabled.