com.esf.net.firewall.service

Class LocalRule

java.lang.Object

com.esf.net.firewall.service.LocalRule

public class LocalRule
extends java.lang.Object

Creates an iptables command for a Local Rule, allowing an incoming port connection. CONFIGURATION Configuration will be accepted in the form of key/value pairs. The key/value pairs are strictly defined here: CONFIG_ENTRY -> KEY + "=" + VALUE KEY -> TYPE + INDEX + "_" + PARAM TYPE -> "LocalRule" INDEX -> "0" | "1" | "2" | ... | "N" PARAM (required) -> "port" | "protocol" PARAM (optional) -> "permittedNetwork" | "permittedMAC" | "sourcePortRange" VALUE -> (value of the specified parameter) EXAMPLE: LocalRule0_port=1234 LocalRule0_protocol=tcp LocalRule0_permittedNetwork=192.168.1.1 LocalRule0_permittedMAC=AA:BB:CC:DD:EE:FF LocalRule0_sourcePortRange=3333:4444

Constructor Summary

Constructors

Constructor and Description
LocalRule() Constructor of LocalRule object.
LocalRule(int port, java.lang.String protocol, java.lang.String permittedNetwork, int permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange) Constructor of LocalRule object.
LocalRule(java.lang.String portRange, java.lang.String protocol, java.lang.String permittedNetwork, int permittedNetworkMask, java.lang.String permittedMAC, java.lang.String sourcePortRange) Constructor of LocalRule object.

Method Summary

Methods

Modifier and Type	Method and Description
java.lang.String	getPermittedMAC() Getter for permittedMAC
java.lang.String	getPermittedNetwork() Getter for permittedNetwork
int	getPermittedNetworkMask() Getter for permittedNetworkMask
int	getPort() Getter for port
java.lang.String	getPortRange() Getter for portRange
java.lang.String	getProtocol() Getter for protocol
java.lang.String	getSourcePortRange() Getter for the sourcePortRange.
boolean	isComplete() Returns true if the required LocalRule parameters have all been set.
void	setPermittedMAC(java.lang.String permittedMAC) Setter for the permittedMAC.
void	setPermittedNetwork(int permittedNetworkMask) Setter for the permittedNetworkMask.
void	setPermittedNetwork(java.lang.String permittedNetwork) Setter for the permittedNetwork.
void	setPort(int port) Setter for the port.
void	setPortRange(java.lang.String portRange) Setter for the portRange
void	setProtocol(java.lang.String protocol) Setter for the protocol.
void	setSourcePortRange(java.lang.String sourcePortRange) Setter for the sourcePortRange.
java.lang.String	toString() Converts the LocalRule to a String.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

LocalRule

public LocalRule(int port,
         java.lang.String protocol,
         java.lang.String permittedNetwork,
         int permittedNetworkMask,
         java.lang.String permittedMAC,
         java.lang.String sourcePortRange)

Constructor of LocalRule object.

Parameters:

port - destination local IP port number to allow

protocol - protocol of port (tcp, udp)

sourcePortRange - range of source ports allowed on IP connection (sourcePort1:sourcePort2)

permittedNetwork - source network or ip address from which connection is allowed (such as 192.168.1.0)

permittedMAC - MAC address from which connection is allowed (such as AA:BB:CC:DD:EE:FF)

LocalRule

public LocalRule(java.lang.String portRange,
         java.lang.String protocol,
         java.lang.String permittedNetwork,
         int permittedNetworkMask,
         java.lang.String permittedMAC,
         java.lang.String sourcePortRange)

Constructor of LocalRule object.

Parameters:

portRange - destination local IP port range to allow of the form X:Y where X

protocol - protocol of port (tcp, udp)

sourcePortRange - range of source ports allowed on IP connection (sourcePort1:sourcePort2)

permittedNetwork - source network or ip address from which connection is allowed (such as 192.168.1.0)

permittedMAC - MAC address from which connection is allowed (such as AA:BB:CC:DD:EE:FF)

LocalRule

public LocalRule()

Constructor of LocalRule object.

Method Detail

isComplete

public boolean isComplete()

Returns true if the required LocalRule parameters have all been set. Returns false otherwise.

Returns:

A boolean representing whether all parameters have been set.

setProtocol

public void setProtocol(java.lang.String protocol)

Setter for the protocol.

Parameters:

protocol - A String representing the protocol.

setPermittedNetwork

public void setPermittedNetwork(java.lang.String permittedNetwork)

Setter for the permittedNetwork.

Parameters:

permittedNetwork - A String representing the permittedNetwork.

setPermittedNetwork

public void setPermittedNetwork(int permittedNetworkMask)

Setter for the permittedNetworkMask.

Parameters:

permittedNetworkMask - An int representing the permittedNetworkMask.

setPermittedMAC

public void setPermittedMAC(java.lang.String permittedMAC)

Setter for the permittedMAC.

Parameters:

permittedMAC - A String representing the permittedMAC.

setSourcePortRange

public void setSourcePortRange(java.lang.String sourcePortRange)

Setter for the sourcePortRange.

Parameters:

sourcePortRange - A String representing the sourcePortRange.

setPort

public void setPort(int port)

Setter for the port.

Parameters:

port - An int representing the port.

setPortRange

public void setPortRange(java.lang.String portRange)

Setter for the portRange

Parameters:

portRange - A string representing the port range of the form X:Y where X < Y and both are valid ports

getSourcePortRange

public java.lang.String getSourcePortRange()

Getter for the sourcePortRange.

Returns:

the sourcePortRange

getPort

public int getPort()

Getter for port

Returns:

the port

getPortRange

public java.lang.String getPortRange()

Getter for portRange

Returns:

the portRange

getProtocol

public java.lang.String getProtocol()

Getter for protocol

Returns:

the protocol

getPermittedNetwork

public java.lang.String getPermittedNetwork()

Getter for permittedNetwork

Returns:

the permittedNetwork

getPermittedNetworkMask

public int getPermittedNetworkMask()

Getter for permittedNetworkMask

Returns:

the permittedNetworkMask

getPermittedMAC

public java.lang.String getPermittedMAC()

Getter for permittedMAC

Returns:

the permittedMAC

toString

public java.lang.String toString()

Converts the LocalRule to a String. Returns one of the following iptables strings depending on the LocalRule format:

iptables -I INPUT -p {protocol} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -m mac --mac-source {permittedMAC} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -m mac --mac-source {permittedMAC} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

Overrides:

toString in class java.lang.Object