com.esf.net.firewall.service

Interface ILinuxFirewallService

public interface ILinuxFirewallService

The ILinuxFirewallservice is used to set up firewall settings . To setup the firewall settings setup the respective parameter using the add methods and then use the method writefile. Also use writefile after you use the delete calls.Use start to take effect. CONFIGURATION Rule specific configuration parameters are detailed in the documentation of each rule class. Firewall configurations will consist of one or more rule configurations.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	SERVICE_NAME service name of this interface for the bundle activator (com.esf.networking.firewall.service)

Method Summary

Methods

Modifier and Type	Method and Description
void	addCustomRule(java.lang.String rule) Adds a custom rule to the firewall.
void	addLocalRule(int port, java.lang.String protocol, java.lang.String permittedNetwork, java.lang.String permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange) Adds a new Local Port rule to the firewall, to allow incoming port connections.
void	addLocalRule(java.lang.String portRange, java.lang.String protocol, java.lang.String permittedNetwork, java.lang.String permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange) Adds a new Local Port rule to the firewall, to allow incoming port connections.
void	addNatRule(java.lang.String sourceNetwork, java.lang.String sourceInterface, java.lang.String destinationInterface, boolean masquerade) Adds a new Network Address Translation rule to the firewall.
void	addPortForwardRule(java.lang.String iface, java.lang.String address, java.lang.String protocol, int inPort, int outPort, java.lang.String permittedNetwork, java.lang.String permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange) Adds a new Port Forwarding rule to firewall.
void	allowIcmp() sets the rule to allow ICMP packets through on all interfaces.
void	blockAllPorts() blocks all ports in the firewall configuration.
void	deleteAllLocalRules() Removes all Local Port rules from this firewall configuration.
void	deleteAllNatRules() Removes all Network Address Translation rules from this firewall configuration.
void	deleteAllPortForwardRules() Removes all Port Forwarding rules from this firewall configuration.
void	deleteLocalRule(int index) Deletes a Local Rule from this firewall configuration.
void	deleteNatRule(int index) Deletes a Network Address Translation rule from this firewall configuration.
void	deletePortForwardRule(int index) Deletes a Port Forwarding rule from this firewall configuration.
void	disableForwarding() disables forwarding by setting forwarding to enabled in /proc (echo 0 > /proc/sys/net/ipv4/ip_forward).
void	disableIcmp() sets the rule to not allow ICMP packets through on all interfaces
void	enableForwarding() enables forwarding by setting forwarding to enabled in /proc (echo 1 > /proc/sys/net/ipv4/ip_forward).
java.util.ArrayList	getLocalRules() Gets a list of all Local Port rules from this firewall configuration.
java.util.ArrayList	getNatRules() Gets a list of all Network Address Translation rules from this firewall configuration.
java.util.ArrayList	getPortForwardRules() Gets a list of all Port Forwarding rules from this firewall configuration.
void	runScript() Runs the currently stored firewall configuration script.
void	unblockAllPorts() unblocks all ports in the firewall configuration.
void	writeFile() Writes a new firewall configuration script.

Field Detail

SERVICE_NAME

static final java.lang.String SERVICE_NAME

service name of this interface for the bundle activator (com.esf.networking.firewall.service)

Method Detail

writeFile

void writeFile()
               throws java.lang.Exception

Writes a new firewall configuration script.

Throws:

java.lang.Exception - If any access errors occur.

runScript

void runScript()
               throws java.lang.Exception

Runs the currently stored firewall configuration script.

Throws:

java.lang.Exception

addLocalRule

void addLocalRule(int port,
                java.lang.String protocol,
                java.lang.String permittedNetwork,
                java.lang.String permittedNetworkMask,
                java.lang.String permittedMAC,
                java.lang.String sourcePortRange)
                  throws java.lang.Exception

Adds a new Local Port rule to the firewall, to allow incoming port connections.

Parameters:

port - local port number for the incoming connection

protocol - network protocol, as String

permittedNetwork - permitted source IP address or network, as String

permittedNetworkMask - permitted source network mask, as String

permittedMAC - permitted source MAC address, as String

sourcePortRange - permitted source port range for incoming connection, as String

Throws:

java.lang.Exception - If rule cannot be added

addLocalRule

void addLocalRule(java.lang.String portRange,
                java.lang.String protocol,
                java.lang.String permittedNetwork,
                java.lang.String permittedNetworkMask,
                java.lang.String permittedMAC,
                java.lang.String sourcePortRange)
                  throws java.lang.Exception

Adds a new Local Port rule to the firewall, to allow incoming port connections.

Parameters:

portRange - local port range for the incoming connection

protocol - network protocol, as String

permittedNetwork - permitted source IP address or network, as String

permittedNetworkMask - permitted source network mask, as String

permittedMAC - permitted source MAC address, as String

sourcePortRange - permitted source port range for incoming connection, as String

Throws:

java.lang.Exception - If rule cannot be added

addPortForwardRule

void addPortForwardRule(java.lang.String iface,
                      java.lang.String address,
                      java.lang.String protocol,
                      int inPort,
                      int outPort,
                      java.lang.String permittedNetwork,
                      java.lang.String permittedNetworkMask,
                      java.lang.String permittedMAC,
                      java.lang.String sourcePortRange)
                        throws java.lang.Exception

Adds a new Port Forwarding rule to firewall.

Parameters:

iface - source interface name, as String

address - destination IP address to forward to, as String

protocol - network protocol, as String

inPort - incoming IP port

outPort - forwarded destination IP port

permittedNetwork - permitted source IP address or network, as String

permittedNetworkMask - permitted source network mask, as String

permittedMAC - permitted source MAC address, as String

sourcePortRange - permitted source port range for incoming connection, as String

Throws:

java.lang.Exception - If rule cannot be added

addNatRule

void addNatRule(java.lang.String sourceNetwork,
              java.lang.String sourceInterface,
              java.lang.String destinationInterface,
              boolean masquerade)
                throws java.lang.Exception

Adds a new Network Address Translation rule to the firewall.

Parameters:

sourceNetwork - source IP address or network, as String

sourceInterface - source interface name, as String

destinationInterface - destination interface name, as String

masquerade - add masquerade entry, as boolean

Throws:

java.lang.Exception - If rule cannot be added

addCustomRule

void addCustomRule(java.lang.String rule)
                   throws java.lang.Exception

Adds a custom rule to the firewall.

Parameters:

rule - custom rule, as String

Throws:

java.lang.Exception - If rule cannot be added

getLocalRules

java.util.ArrayList getLocalRules()
                                  throws java.lang.Exception

Gets a list of all Local Port rules from this firewall configuration.

Returns:

ArrayList of Local Port rules

Throws:

java.lang.Exception - If unable to get Local Port rules

getPortForwardRules

java.util.ArrayList getPortForwardRules()
                                        throws java.lang.Exception

Gets a list of all Port Forwarding rules from this firewall configuration.

Returns:

ArrayList of Port Forwarding rules

Throws:

java.lang.Exception - If unable to get Port Forwarding rules

getNatRules

java.util.ArrayList getNatRules()
                                throws java.lang.Exception

Gets a list of all Network Address Translation rules from this firewall configuration.

Returns:

ArrayList of NAT rules

Throws:

java.lang.Exception - If unable to get NAT rules

deleteLocalRule

void deleteLocalRule(int index)
                     throws java.lang.Exception

Deletes a Local Rule from this firewall configuration.

Parameters:

index - index in the ArrayList of the Local Rule to be deleted

Throws:

java.lang.Exception - If unable to delete Local Rule

deletePortForwardRule

void deletePortForwardRule(int index)
                           throws java.lang.Exception

Deletes a Port Forwarding rule from this firewall configuration.

Parameters:

index - index in the ArrayList of the Port Forwarding rule to be deleted

Throws:

java.lang.Exception - If unable to delete Port Forwarding rule

deleteNatRule

void deleteNatRule(int index)
                   throws java.lang.Exception

Deletes a Network Address Translation rule from this firewall configuration.

Parameters:

index - index in the ArrayList of the NAT rule to be deleted

Throws:

java.lang.Exception - If unable to delete NAT rule

deleteAllLocalRules

void deleteAllLocalRules()
                         throws java.lang.Exception

Removes all Local Port rules from this firewall configuration.

Throws:

java.lang.Exception - If unable to delete all Local Port rules

deleteAllPortForwardRules

void deleteAllPortForwardRules()
                               throws java.lang.Exception

Removes all Port Forwarding rules from this firewall configuration.

Throws:

java.lang.Exception - If unable to delete all Port Forwarding rules

deleteAllNatRules

void deleteAllNatRules()
                       throws java.lang.Exception

Removes all Network Address Translation rules from this firewall configuration.

Throws:

java.lang.Exception - If unable to delete all NAT rules

blockAllPorts

void blockAllPorts()
                   throws java.lang.Exception

blocks all ports in the firewall configuration.

Throws:

java.lang.Exception - If unable to block all ports

unblockAllPorts

void unblockAllPorts()
                     throws java.lang.Exception

unblocks all ports in the firewall configuration.

Throws:

java.lang.Exception - If unable to unblock all ports

allowIcmp

void allowIcmp()

sets the rule to allow ICMP packets through on all interfaces. This is the default state.

disableIcmp

void disableIcmp()

sets the rule to not allow ICMP packets through on all interfaces

enableForwarding

void enableForwarding()

enables forwarding by setting forwarding to enabled in /proc (echo 1 > /proc/sys/net/ipv4/ip_forward). This gets set automatically if any NAT rules have MASQUERADING enabled

disableForwarding

void disableForwarding()

disables forwarding by setting forwarding to enabled in /proc (echo 0 > /proc/sys/net/ipv4/ip_forward). See @enableForwarding() as it gets called automatically if any NAT rules have MASQUERADING enabled.