com.esf.net.firewall.service
Class PortForwardRule

java.lang.Object
  com.esf.net.firewall.service.PortForwardRule

public class PortForwardRule
extends java.lang.Object

Creates an iptables command for a Port Forward Rule, allowing an incoming port to be forwarded to destinationIP/port. CONFIGURATION Configuration will be accepted in the form of key/value pairs. The key/value pairs are strictly defined here: CONFIG_ENTRY -> KEY + "=" + VALUE KEY -> TYPE + INDEX + "_" + PARAM TYPE -> "LocalRule" INDEX -> "0" | "1" | "2" | ... | "N" PARAM (required) -> "address" | "iface" | "protocol" | "inPort" | "outPort" PARAM (optional) -> "permittedNetwork" | "permittedMAC" | "sourcePortRange" VALUE -> (value of the specified parameter) EXAMPLE: PortForwardRule0_address=192.168.1.1 PortForwardRule0_iface=eth0 PortForwardRule0_protocol=tcp PortForwardRule0_inPort=1234 PortForwardRule0_outPort=1234 PortForwardRule0_permittedNetwork=192.168.1.1 PortForwardRule0_permittedMAC=AA:BB:CC:DD:EE:FF PortForwardRule0_sourcePortRange=3333:4444

Constructor Summary

PortForwardRule()
Constructor of PortForwardRule object.

PortForwardRule(java.lang.String iface, java.lang.String address, java.lang.String protocol, int inPort, int outPort, java.lang.String permittedNetwork, int permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange)
Constructor of PortForwardRule object.

Method Summary

java.lang.String	getAddress() Getter for address
java.lang.String	getIface() Getter for iface
int	getInPort() Getter for inPort
int	getOutPort() Getter for outPort
java.lang.String	getPermittedMAC() Getter for permittedMAC
java.lang.String	getPermittedNetwork() Getter for permittedNetwork
int	getPermittedNetworkMask() Getter for permittedNetworkMask
java.lang.String	getProtocol() Getter for protocol
java.lang.String	getSourcePortRange() Getter for sourcePortRange
boolean	isComplete() Returns true if the required LocalRule parameters have all been set.
void	setAddress(java.lang.String address) Setter for address
void	setIface(java.lang.String iface) Setter for iface
void	setInPort(int inPort) Setter for inPort
void	setOutPort(int outPort) Setter for outPort
void	setPermittedMAC(java.lang.String permittedMAC) Setter for permittedMAC
void	setPermittedNetwork(java.lang.String permittedNetwork) Setter for permittedNetwork
void	setPermittedNetworkMask(int permittedNetworkMask) Setter for permittedNetworkMask
void	setProtocol(java.lang.String protocol) Setter for protocol
void	setSourcePortRange(java.lang.String sourcePortRange) Setter for sourcePortRange
java.lang.String	toString() Converts the PortForwardRule to a String.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

PortForwardRule

public PortForwardRule(java.lang.String iface,
                       java.lang.String address,
                       java.lang.String protocol,
                       int inPort,
                       int outPort,
                       java.lang.String permittedNetwork,
                       int permittedNetworkMask,
                       java.lang.String permittedMAC,
                       java.lang.String sourcePortRange)

Constructor of PortForwardRule object.

Parameters:

iface - interface name on which inbound connection is allowed (such as ppp0)

inPort - inbound port on which to listen for port forward

protocol - protocol of port connection (tcp, udp)

address - destination IP address to forward IP traffic

outPort - destination port to forward IP traffic

permittedNetwork - source network or ip address from which connection is allowed (such as 192.168.1.0)

permittedNetworkMask - source network mask from which connection is allowed (such as 255.255.255.0)

permittedMAC - MAC address from which connection is allowed (such as AA:BB:CC:DD:EE:FF)

sourcePortRange - range of source ports allowed on IP connection (sourcePort1:sourcePort2)

PortForwardRule

public PortForwardRule()

Constructor of PortForwardRule object.

Method Detail

isComplete

public boolean isComplete()

Returns true if the required LocalRule parameters have all been set. Returns false otherwise.

Returns:

A boolean representing whether all parameters have been set.

toString

public java.lang.String toString()

Converts the PortForwardRule to a String. Returns one of the following iptables strings depending on the PortForwardRule format:

iptables -t nat -A PREROUTING -i {iface} -p {protocol} --dport {inPort} -j DNAT --to {address}:{outPort}

iptables -t nat -A PREROUTING -i {iface} -p {protocol} --sport {sourcePortRange} --dport {inPort} -j DNAT --to {address}:{outPort}

iptables -t nat -A PREROUTING -i {iface} -p {protocol} -m mac --mac-source {permittedMAC} --dport {inPort} -j DNAT --to {address}:{outPort}

iptables -t nat -A PREROUTING -i {iface} -p {protocol} -m mac --mac-source {permittedMAC} --sport {sourcePortRange} --dport {inPort} -j DNAT --to {address}:{outPort}

iptables -t nat -A PREROUTING -i {iface} -p {protocol} -s {permittedNetwork} --dport {inPort} -j DNAT --to {address}:{outPort}

iptables -t nat -A PREROUTING -i {iface} -p {protocol} -s {permittedNetwork} --sport {sourcePortRange} --dport {inPort} -j DNAT --to {address}:{outPort}

iptables -t nat -A PREROUTING -i {iface} -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --dport {inPort} -j DNAT --to {address}:{outPort}

iptables -t nat -A PREROUTING -i {iface} -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --sport {sourcePortRange} --dport {inPort} -j DNAT --to {address}:{outPort}

Overrides:

toString in class java.lang.Object

Returns:

the String representation of PortForwardRule

getIface

public java.lang.String getIface()

Getter for iface

Returns:

the iface

setIface

public void setIface(java.lang.String iface)

Setter for iface

Parameters:

iface - the iface to set

getAddress

public java.lang.String getAddress()

Getter for address

Returns:

the address

setAddress

public void setAddress(java.lang.String address)

Setter for address

Parameters:

address - the address to set

getProtocol

public java.lang.String getProtocol()

Getter for protocol

Returns:

the protocol

setProtocol

public void setProtocol(java.lang.String protocol)

Setter for protocol

Parameters:

protocol - the protocol to set

getInPort

public int getInPort()

Getter for inPort

Returns:

the inPort

setInPort

public void setInPort(int inPort)

Setter for inPort

Parameters:

inPort - the inPort to set

getOutPort

public int getOutPort()

Getter for outPort

Returns:

the outPort

setOutPort

public void setOutPort(int outPort)

Setter for outPort

Parameters:

outPort - the outPort to set

getPermittedNetwork

public java.lang.String getPermittedNetwork()

Getter for permittedNetwork

Returns:

the permittedNetwork

setPermittedNetwork

public void setPermittedNetwork(java.lang.String permittedNetwork)

Setter for permittedNetwork

Parameters:

permittedNetwork - the permittedNetwork to set

getPermittedNetworkMask

public int getPermittedNetworkMask()

Getter for permittedNetworkMask

Returns:

the permittedNetworkMask

setPermittedNetworkMask

public void setPermittedNetworkMask(int permittedNetworkMask)

Setter for permittedNetworkMask

Parameters:

permittedNetworkMask - of the permittedNetwork to set

getPermittedMAC

public java.lang.String getPermittedMAC()

Getter for permittedMAC

Returns:

the permittedMAC

setPermittedMAC

public void setPermittedMAC(java.lang.String permittedMAC)

Setter for permittedMAC

Parameters:

permittedMAC - the permittedMAC to set

getSourcePortRange

public java.lang.String getSourcePortRange()

Getter for sourcePortRange

Returns:

the sourcePortRange

setSourcePortRange

public void setSourcePortRange(java.lang.String sourcePortRange)

Setter for sourcePortRange

Parameters:

sourcePortRange - the sourcePortRange to set