wip

3 files changed, 51 insertions, 2 deletions

diff --git a/6/bgp.pl b/6/bgp.pl
index d398c4c..f5f6597 100644
--- a/6/bgp.pl
+++ b/6/bgp.pl
@@ -2,6 +2,7 @@
 
 :- module(bgp, [
     warning/1,
+    create_firewall/1,
     neighbor/2,
     bgp_config/2,
     bird_config/1,
@@ -12,6 +13,9 @@
     host_config/2,
     router_link/3,
     attached_network/2]).
+:- use_module(firewall, [
+    fw_rule/2,
+    retract_all_from/1]).
 
 %host(H) :- router_link(H, _, _).
 %host(H) :- router_link(_, H, _).
@@ -69,7 +73,7 @@ router_path(X, Y, V) :- \+ member(X, V), router_link(X, _, Z), router_path(Z, Y,
 %to_yaml(neighbor(H, Remote), Dict) :- Dict = yaml(router(H), remote(Remote)).
 %to_json(neighbor(H, Remote), Dict) :- Dict = json(router(H), remote(Remote)).
 
-to_dict(router(R), Dict) :- 
+to_dict(router(R), Dict) :-
   neighbors(R, Neighbors),
   maplist(to_dict(), Neighbors, NeighborDicts),
   Dict = R-_{
@@ -88,3 +92,20 @@ bird_config(BirdConfig) :-
   routers(Routers),
   maplist(to_dict(), Routers, RouterDicts),
   dict_pairs(BirdConfig, bird_config, RouterDicts).
+
+create_firewall() :-
+  firewall:retract_all_from(bgp),
+  findall(fw(Host, Attrs), fw(Host, Attrs), Goals),
+  maplist(assert_fw, Goals).
+
+assert_fw(fw(Host, Attrs)) :-
+  R = firewall:fw_rule(Host, Attrs.put(_{from:bgp})),
+  writeln(R),
+  assert(R).
+
+fw(Host, attrs{src:Src, dst:Dst, family:ip6}) :-
+  hosts:router_link(Host, _, Remote),
+  hosts:host_config(Host, HostConfig),
+  hosts:host_config(Remote, RemoteConfig),
+  Src = RemoteConfig.ip,
+  Dst = HostConfig.ip.
diff --git a/6/firewall.pl b/6/firewall.pl
new file mode 100644
index 0000000..d76e2d1
--- /dev/null
+++ b/6/firewall.pl
@@ -0,0 +1,24 @@
+% vim set ft=prolog
+
+% rule(src, dst, proto, port, source(..)).
+
+:- module(firewall, [
+    fw_rule/2,
+    retract_all_from/1]).
+
+:- use_module(hosts, [
+    router_link/3]).
+
+:- dynamic fw_rule/2.
+
+rule_is_from(fw_rule(_, Attr), From) :- Attr.from=From.
+
+rules_from(From, Rules) :-
+    findall(fw_rule(Host, Attr), (fw_rule(Host, Attr), Attr.from=From), Rules).
+
+retract_all_from(From) :-
+    rules_from(From, Rules),
+    retract_rules(Rules).
+
+retract_rules([R|Rules]) :- retract(R), retract_rules(Rules).
+retract_rules([]).
diff --git a/6/main.pl b/6/main.pl
index d3dd76d..a65d0b6 100644
--- a/6/main.pl
+++ b/6/main.pl
@@ -1,10 +1,14 @@
+:- dynamic fw_rule/2.
+
 :- use_module(bgp).
 
 print_warnings([]).
 print_warnings([W|Ws]) :- format("Warning: ~w~n", [W]), print_warnings(Ws).
 
 print_warnings :-
-  findall(W, bgp:warning(W), Ws), 
+  findall(W, bgp:warning(W), BgpWs),
+  findall(W, firewall:warning(W), FwWs),
+  concat(BgpWs, FwWs, Ws),
   length(Ws, L),
   ( L > 0
   ->format("Found ~w warning(s):~n", [L]),