wip

author: Trygve Laugstøl <trygvis@inamo.no> 2023-11-25 20:17:48 +0100
committer: Trygve Laugstøl <trygvis@inamo.no> 2023-11-25 20:17:48 +0100
commit: b239a07aa42d0fcba8cb84c554674c744d872041 (patch)
tree: 6a30543307b394e339103600d8c43f518e06b009
parent: 8062753241f2c510c94b0fec6f2552950e0c8014 (diff)
download: prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.tar.gz
prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.tar.bz2
prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.tar.xz
prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.zip
2 files changed, 38 insertions, 27 deletions
diff --git a/7/firewall.pl b/7/firewall.pl
index 9e00afe..7e7b7e7 100644
--- a/7/firewall.pl
+++ b/7/firewall.pl
@@ -8,9 +8,10 @@
     retract_all_from/1]).
 
 :- use_module(library(assoc)).
+:- use_module(library(csv)).
+:- use_module(library(dcgs)).
 :- use_module(library(files)).
 :- use_module(library(format)).
-:- use_module(library(dcgs)).
 :- use_module(library(lists)).
 :- use_module(library(serialization/json)).
 
@@ -26,7 +27,7 @@ warning(Msg) :-
 
 rules_from(From, Rules) :-
     findall(
-        fw_rule(H, Attr), 
+        fw_rule(H, Attr),
         (
           fw_rule(H, Attr),
           get_assoc("from", Attr, From)
@@ -48,13 +49,23 @@ ansible_host(Basedir, [Host|Hosts]) :-
     atom_chars(Host, HostS),
     append(Basedir, [HostS], DirPs),
     path_segments(Dir, DirPs),
-    append(Basedir, [HostS, "firewall.yaml"], FilePs),
+    append(Basedir, [HostS, "firewall.csv"], FilePs),
     path_segments(File, FilePs),
     format("mkdir ~s~n", [Dir]),
     make_directory_path(Dir),
-    format("firewall: ~s~n", [File]),
     ansible_firewall(File, Host),
     ansible_host(Basedir, Hosts).
 
+get_opt(Key, Assoc, Value) :- (get_assoc(Key, Assoc, Value) -> true; Value='').
+
+to_csv(Host, Attrs, Row) :- 
+    get_opt(family, Attrs, Family),
+    get_opt(src, Attrs, Src),
+    get_opt(dst, Attrs, Dst),
+    Row = [Host, Family, Src, Dst].
+
 ansible_firewall(File, Host) :-
-    true.
+    format("ansible_firewall: ~s~n", [File]),
+    findall(Attrs, fw_rule(Host, Attrs), Rules),
+    maplist(to_csv(Host), Rules, Rows),
+    write_csv(File, frame(['host','family','src','dst'], Rows)).
diff --git a/7/hosts.pl b/7/hosts.pl
index 6ec9d97..6c592d1 100644
--- a/7/hosts.pl
+++ b/7/hosts.pl
@@ -15,39 +15,39 @@ host(kv24ix).
 host(lhn2ix).
 
 host_config(knot, Config) :- utils:to_assoc({
-    ip: "fdf3:aad9:a885:0b3a::1"
+    ip: 'fdf3:aad9:a885:0b3a::1'
   }, Config).
 
 host_config(hash, Config) :- utils:to_assoc({
-    ip: "fdf3:aad9:a885:0b3a::13"
+    ip: 'fdf3:aad9:a885:0b3a::13'
   }, Config).
 
 host_config(lhn2ix, Config) :- utils:to_assoc({
-    ip: "fdf3:aad9:a885:0b3a::15"
+    ip: 'fdf3:aad9:a885:0b3a::15'
   }, Config).
 
 host_config(kv24ix, Config) :- utils:to_assoc({
-    ip: "fdf3:aad9:a885:0b3a::16"
+    ip: 'fdf3:aad9:a885:0b3a::16'
   }, Config).
 
 % (router, remote, router_ip)
-router_link(knot,        hash,       "0::1").
-router_link(knot,        lhn2ix,     "0::8").
-router_link(knot,        kv24ix,     "0::7").
-router_link(hash,        knot,       "0::2").
-router_link(hash,        kv24ix,     "0::10").
-router_link(hash,        lhn2ix,     "0::3").
-router_link(kv24ix,      knot,       "0::6").
-router_link(kv24ix,      hash,       "0::5").
-router_link(lhn2ix,      hash,       "0::9").
-router_link(lhn2ix,      knot,       "0::4").
-router_link(conflatorio, lhn2ix,     "0::11").
-% router_link(lhn2ix,      conflatorio,"0::12").
+router_link(knot,        hash,       '0::1').
+router_link(knot,        lhn2ix,     '0::8').
+router_link(knot,        kv24ix,     '0::7').
+router_link(hash,        knot,       '0::2').
+router_link(hash,        kv24ix,     '0::10').
+router_link(hash,        lhn2ix,     '0::3').
+router_link(kv24ix,      knot,       '0::6').
+router_link(kv24ix,      hash,       '0::5').
+router_link(lhn2ix,      hash,       '0::9').
+router_link(lhn2ix,      knot,       '0::4').
+router_link(conflatorio, lhn2ix,     '0::11').
+% router_link(lhn2ix,      conflatorio,'0::12').
 
 % network(R, address, range)
-attached_network(conflatorio, ipv6_net("1:78e1::", 64)).
-attached_network(hash,        ipv6_net("1:e5b0::", 64)).
-attached_network(knot,        ipv6_net("1:f11b::", 64)).
-attached_network(lhn2ix,      ipv6_net("1:dbe1::", 64)).
-attached_network(lhn2ix,      ipv6_net("1:ab69::", 64)).
-attached_network(kv42ix,      ipv6_net("1:cd02::", 64)).
+attached_network(conflatorio, ipv6_net('1:78e1::', 64)).
+attached_network(hash,        ipv6_net('1:e5b0::', 64)).
+attached_network(knot,        ipv6_net('1:f11b::', 64)).
+attached_network(lhn2ix,      ipv6_net('1:dbe1::', 64)).
+attached_network(lhn2ix,      ipv6_net('1:ab69::', 64)).
+attached_network(kv42ix,      ipv6_net('1:cd02::', 64)).
author	Trygve Laugstøl <trygvis@inamo.no>	2023-11-25 20:17:48 +0100
committer	Trygve Laugstøl <trygvis@inamo.no>	2023-11-25 20:17:48 +0100
commit	b239a07aa42d0fcba8cb84c554674c744d872041 (patch)
tree	6a30543307b394e339103600d8c43f518e06b009
parent	8062753241f2c510c94b0fec6f2552950e0c8014 (diff)
download	prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.tar.gz prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.tar.bz2 prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.tar.xz prolog-firewall-b239a07aa42d0fcba8cb84c554674c744d872041.zip