blob: 39e66eebf43fa5e4110e1cee70d3a4e657194469 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
|
//
// C++ Interface: kmfiptdoc
//
// Description:
//
//
// Author: Christian Hubinger <chubinger@irrsinnig.org>, (C) 2003
//
// Copyright: See COPYING file that comes with this distribution
//
//
/***************************************************************************
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
***************************************************************************/
#ifndef KMFIPTDOC_H
#define KMFIPTDOC_H
#include "kmfdoc.h"
#include "kmfrulesetdoc.h"
// TQt includes
#include <tqdict.h>
#include <tqvaluelist.h>
#include <tqptrlist.h>
#include <tqstring.h>
#include <tqobject.h>
// kde includes
#include <kurl.h>
#include <tdeparts/part.h>
#include <tdeparts/plugin.h>
#include <tdeparts/factory.h>
//project includes
#include "iptchain.h"
#include "iptrule.h"
#include "iptruleoption.h"
#include "iptable.h"
#include "netfilterobject.h"
/**
*@author Christian Hubinger
*/
class KURL;
namespace KMF {
class KMFCompilerInterface;
class KMFErrorHandler;
class KMFError;
class KMFTarget;
/**
@author Christian Hubinger
*/
class KDE_EXPORT KMFIPTDoc : public KMFDoc, public KMFRulesetDoc {
public:
/** Creates an empty document */
KMFIPTDoc( NetfilterObject*, const char*, KMFTarget* );
// KMFIPTDoc( NetfiletObject*, const char* );
~KMFIPTDoc();
/** Compiles the document to an iptables script */
const TQString& compile();
// /** Writes the shellscrip that contains the iptables commands to settup
// the firewall to file.
// If file = TQString() a SaveAs dialog will popup. */
// KMFError* createFirewallScript( const TQString& file = TQString() );
/** loads the ruleset defined by the KURL object */
virtual void parseDocument( const KURL&, TQStringList& errors );
/** Get the File dialog filter string for the document type */
virtual const TQString& getFileDialogFilter();
/** loads the ruleset defined by the TQDomDocument object */
virtual void loadXML( const TQDomDocument&, TQStringList& errors );
/** loads the ruleset defined by the TQDomNode object */
virtual void loadXML( TQDomNode, TQStringList& errors );
/* virtual void setDescription( const TQString& ); */
// virtual void setName( const TQString& );
virtual int type();
/** Returns true if the document is in it's initial state.
e.g. no rules, no user chains etc. */
bool isEmpty();
/** resets the document to the initial values */
void clear();
// document get/set options
/** Set if we use the filter chain */
void setUseFilter( bool on );
/** Get if we use the filter chain */
bool useFilter() const {
return m_use_filter;
};
/** Set if we use the nat chain */
void setUseNat( bool on );
/** Get if we use the nat chain */
bool useNat() const {
return m_use_nat;
};
/** Set if we use the mangle chain */
void setUseMangle( bool on );
/** Get if we use the mangle chain */
bool useMangle() const {
return m_use_mangle;
};
/** Set if ip forwarding e.g. routing should be enabled */
void setUseIPFwd( bool on );
/** Get if ip forwarding e.g. routing should be enabled */
bool useIPFwd() const {
return m_use_ipfwd;
};
/** Set if the rp_filter should be activated */
void setUseRPFilter( bool on );
/** Get if the rp_filter should be activated */
bool useRPFilter() const {
return m_use_rp_filter;
};
/** Set if log_martians should be enabled */
void setUseMartians( bool on );
/** Get if log_martians should be enabled */
bool useMartians() const {
return m_use_martians;
};
/** Set if syn cookies should be enabled */
void setUseSynCookies( bool on );
/** Get if syn cookies should be enabled */
bool useSynCookies() const {
return m_use_syn_cookies;
};
/** Set if kernel modules need to be loaded */
void setUseModules( bool on );
/** Get if we use the filter chain */
bool useModules() const {
return m_use_modules;
};
/** Returns the IPTable with the given name if it exists */
IPTable* table( const TQString& table );
/** Return DomDocument of this Chain */
const TQDomDocument& getDOMTree();
/** Read the rule option definitions from the XML files in
(data)/kmyfirewall/ruleoptions/kmfruleoption*.xml */
void registerRuleOptions();
protected: // data
/** Initializes the document with all builtin chains and tables
unused builtin chains and tables will be skipped when
compiling the ruleset. */
void initDoc();
private:
IPTable* m_ipt_filter;
IPTable* m_ipt_nat;
IPTable* m_ipt_mangle;
// document options
bool m_use_filter;
bool m_use_nat;
bool m_use_mangle;
bool m_use_ipfwd;
bool m_use_rp_filter;
bool m_use_martians;
bool m_use_syn_cookies;
bool m_use_modules;
};
}
#endif
|
