LocalRule (esf 2.0.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.eurotech.framework.linux.net.iptables
Class LocalRule

java.lang.Object
  com.eurotech.framework.linux.net.iptables.LocalRule

public class LocalRule
extends Object
extends Object

Creates an iptables command for a Local Rule, allowing an incoming port connection. CONFIGURATION Configuration will be accepted in the form of key/value pairs. The key/value pairs are strictly defined here: CONFIG_ENTRY -> KEY + "=" + VALUE KEY -> TYPE + INDEX + "_" + PARAM TYPE -> "LocalRule" INDEX -> "0" | "1" | "2" | ... | "N" PARAM (required) -> "port" | "protocol" PARAM (optional) -> "permittedNetwork" | "permittedMAC" | "sourcePortRange" VALUE -> (value of the specified parameter) EXAMPLE: LocalRule0_port=1234 LocalRule0_protocol=tcp LocalRule0_permittedNetwork=192.168.1.1 LocalRule0_permittedMAC=AA:BB:CC:DD:EE:FF LocalRule0_sourcePortRange=3333:4444

Constructor Summary
`LocalRule()` Constructor of `LocalRule` object.
`LocalRule(int port, String protocol, NetworkPair<IP4Address> permittedNetwork, String permittedMAC, String sourcePortRange)` Constructor of `LocalRule` object.
`LocalRule(String portRange, String protocol, NetworkPair<IP4Address> permittedNetwork, String permittedMAC, String sourcePortRange)` Constructor of `LocalRule` object.

Method Summary
`boolean`	`equals(Object o)`
`String`	`getPermittedMAC()` Getter for permittedMAC
`NetworkPair<IP4Address>`	`getPermittedNetwork()` Getter for permittedNetwork
`int`	`getPort()` Getter for port
`String`	`getPortRange()` Getter for portRange
`String`	`getProtocol()` Getter for protocol
`String`	`getSourcePortRange()` Getter for the sourcePortRange.
`int`	`hashCode()`
`boolean`	`isComplete()` Returns true if the required `LocalRule` parameters have all been set.
`void`	`setPermittedMAC(String permittedMAC)` Setter for the permittedMAC.
`void`	`setPermittedNetwork(NetworkPair<IP4Address> permittedNetwork)` Setter for the permittedNetwork.
`void`	`setPort(int port)` Setter for the port.
`void`	`setPortRange(String portRange)` Setter for the portRange
`void`	`setProtocol(String protocol)` Setter for the protocol.
`void`	`setSourcePortRange(String sourcePortRange)` Setter for the sourcePortRange.
`String`	`toString()` Converts the `LocalRule` to a `String`.

Methods inherited from class java.lang.Object
`clone, finalize, getClass, notify, notifyAll, wait, wait, wait`

Constructor Detail

LocalRule

public LocalRule(int port,
                 String protocol,
                 NetworkPair<IP4Address> permittedNetwork,
                 String permittedMAC,
                 String sourcePortRange)

Constructor of LocalRule object.

Parameters:: port - destination local IP port number to allow; protocol - protocol of port (tcp, udp); sourcePortRange - range of source ports allowed on IP connection (sourcePort1:sourcePort2); permittedNetwork - source network or ip address from which connection is allowed (such as 192.168.1.0/24); permittedMAC - MAC address from which connection is allowed (such as AA:BB:CC:DD:EE:FF)

LocalRule

public LocalRule(String portRange,
                 String protocol,
                 NetworkPair<IP4Address> permittedNetwork,
                 String permittedMAC,
                 String sourcePortRange)

Constructor of LocalRule object.

Parameters:: portRange - destination local IP port range to allow of the form X:Y where Xprotocol - protocol of port (tcp, udp); sourcePortRange - range of source ports allowed on IP connection (sourcePort1:sourcePort2); permittedNetwork - source network or ip address from which connection is allowed (such as 192.168.1.0/24); permittedMAC - MAC address from which connection is allowed (such as AA:BB:CC:DD:EE:FF)

LocalRule

public LocalRule()

Constructor of LocalRule object.

Method Detail

isComplete

public boolean isComplete()

Returns true if the required LocalRule parameters have all been set. Returns false otherwise.

Returns:: A boolean representing whether all parameters have been set.

setProtocol

public void setProtocol(String protocol)

Setter for the protocol.

Parameters:: protocol - A String representing the protocol.

setPermittedNetwork

public void setPermittedNetwork(NetworkPair<IP4Address> permittedNetwork)

Setter for the permittedNetwork.

Parameters:: permittedNetwork - A String representing the permittedNetwork.

setPermittedMAC

public void setPermittedMAC(String permittedMAC)

Setter for the permittedMAC.

Parameters:: permittedMAC - A String representing the permittedMAC.

setSourcePortRange

public void setSourcePortRange(String sourcePortRange)

Setter for the sourcePortRange.

Parameters:: sourcePortRange - A String representing the sourcePortRange.

setPort

public void setPort(int port)

Setter for the port.

Parameters:: port - An int representing the port.

setPortRange

public void setPortRange(String portRange)

Setter for the portRange

Parameters:: portRange - A string representing the port range of the form X:Y where X < Y and both are valid ports

getSourcePortRange

public String getSourcePortRange()

Getter for the sourcePortRange.

Returns:: the sourcePortRange

getPort

public int getPort()

Getter for port

Returns:: the port

getPortRange

public String getPortRange()

Getter for portRange

Returns:: the portRange

getProtocol

public String getProtocol()

Getter for protocol

Returns:: the protocol

getPermittedNetwork

public NetworkPair<IP4Address> getPermittedNetwork()
                                            throws EsfException

Getter for permittedNetwork

Returns:: the permittedNetwork
Throws:: EsfException

getPermittedMAC

public String getPermittedMAC()

Getter for permittedMAC

Returns:: the permittedMAC

toString

public String toString()

Converts the LocalRule to a String. Returns one of the following iptables strings depending on the LocalRule format:


   iptables -I INPUT -p {protocol} --dport {port} -j ACCEPT
 
  iptables -I INPUT -p {protocol} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT
 
  iptables -I INPUT -p {protocol} -m mac --mac-source {permittedMAC} --dport {port} -j ACCEPT
 
  iptables -I INPUT -p {protocol} -m mac --mac-source {permittedMAC} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT
 
  iptables -I INPUT -p {protocol} -s {permittedNetwork} --dport {port} -j ACCEPT
 
  iptables -I INPUT -p {protocol} -s {permittedNetwork} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT
 
  iptables -I INPUT -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --dport {port} -j ACCEPT

iptables -I INPUT -p {protocol} -s {permittedNetwork} -m mac --mac-source {permittedMAC} --sport {sourcePort1:sourcePort2} --dport {port} -j ACCEPT

Overrides:: toString in class Object

equals

public boolean equals(Object o)

Overrides:: equals in class Object

hashCode

public int hashCode()

Overrides:: hashCode in class Object

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.eurotech.framework.linux.net.iptables Class LocalRule

LocalRule

LocalRule

LocalRule

isComplete

setProtocol

setPermittedNetwork

setPermittedMAC

setSourcePortRange

setPort

setPortRange

getSourcePortRange

getPort

getPortRange

getProtocol

getPermittedNetwork

getPermittedMAC

toString

equals

hashCode

com.eurotech.framework.linux.net.iptables
Class LocalRule