diff options
| -rw-r--r-- | 7/bgp.pl | 4 | ||||
| -rw-r--r-- | 7/firewall.pl | 10 | ||||
| -rw-r--r-- | 7/host_vars/hash/firewall.csv | 4 | ||||
| -rw-r--r-- | 7/host_vars/knot/firewall.csv | 4 | ||||
| -rw-r--r-- | 7/host_vars/kv24ix/firewall.csv | 3 | ||||
| -rw-r--r-- | 7/host_vars/lhn2ix/firewall.csv | 3 | 
6 files changed, 22 insertions, 6 deletions
| @@ -97,7 +97,7 @@ create_firewall :-    maplist(assert_fw, Goals).  assert_fw(fw(Host, Attrs)) :- -  put_assoc("from", Attrs, bgp, Attrs2), +  put_assoc(from, Attrs, bgp, Attrs2),    R = firewall:fw_rule(Host, Attrs2),    format("~w", [R]),nl,    asserta(R). @@ -108,4 +108,4 @@ fw(Host, Attr) :-    hosts:host_config(Remote, RemoteConfig),    get_assoc(ip, RemoteConfig, Src),    get_assoc(ip, HostConfig, Dst), -  utils:to_assoc({src:Src, dst:Dst, family:ip6}, Attr). +  utils:to_assoc({src:Src, dst:Dst, family:ip6, port: 179}, Attr). diff --git a/7/firewall.pl b/7/firewall.pl index 7e7b7e7..b1c2a14 100644 --- a/7/firewall.pl +++ b/7/firewall.pl @@ -22,7 +22,7 @@  warning(Msg) :-      fw_rule(Host, Attr), -    \+ get_assoc("from", Attr, _), +    \+ get_assoc(from, Attr, _),      format("Missing 'from' on fw_rule for host '~w', ~w", [Host, Attr], Msg).  rules_from(From, Rules) :- @@ -30,7 +30,7 @@ rules_from(From, Rules) :-          fw_rule(H, Attr),          (            fw_rule(H, Attr), -          get_assoc("from", Attr, From) +          get_assoc(from, Attr, From)          ),          Rules). @@ -62,10 +62,12 @@ to_csv(Host, Attrs, Row) :-      get_opt(family, Attrs, Family),      get_opt(src, Attrs, Src),      get_opt(dst, Attrs, Dst), -    Row = [Host, Family, Src, Dst]. +    get_opt(proto, Attrs, Proto), +    get_opt(port, Attrs, Port), +    Row = [Host, Family, Src, Dst, Proto, Port].  ansible_firewall(File, Host) :-      format("ansible_firewall: ~s~n", [File]),      findall(Attrs, fw_rule(Host, Attrs), Rules),      maplist(to_csv(Host), Rules, Rows), -    write_csv(File, frame(['host','family','src','dst'], Rows)). +    write_csv(File, frame(['host','family','src','dst', 'port'], Rows)). diff --git a/7/host_vars/hash/firewall.csv b/7/host_vars/hash/firewall.csv new file mode 100644 index 0000000..5fbf83b --- /dev/null +++ b/7/host_vars/hash/firewall.csv @@ -0,0 +1,4 @@ +host,family,src,dst,port +hash,ip6,fdf3:aad9:a885:0b3a::15,fdf3:aad9:a885:0b3a::13,,179 +hash,ip6,fdf3:aad9:a885:0b3a::16,fdf3:aad9:a885:0b3a::13,,179 +hash,ip6,fdf3:aad9:a885:0b3a::1,fdf3:aad9:a885:0b3a::13,,179
\ No newline at end of file diff --git a/7/host_vars/knot/firewall.csv b/7/host_vars/knot/firewall.csv new file mode 100644 index 0000000..5f74bd9 --- /dev/null +++ b/7/host_vars/knot/firewall.csv @@ -0,0 +1,4 @@ +host,family,src,dst,port +knot,ip6,fdf3:aad9:a885:0b3a::16,fdf3:aad9:a885:0b3a::1,,179 +knot,ip6,fdf3:aad9:a885:0b3a::15,fdf3:aad9:a885:0b3a::1,,179 +knot,ip6,fdf3:aad9:a885:0b3a::13,fdf3:aad9:a885:0b3a::1,,179
\ No newline at end of file diff --git a/7/host_vars/kv24ix/firewall.csv b/7/host_vars/kv24ix/firewall.csv new file mode 100644 index 0000000..164bbac --- /dev/null +++ b/7/host_vars/kv24ix/firewall.csv @@ -0,0 +1,3 @@ +host,family,src,dst,port +kv24ix,ip6,fdf3:aad9:a885:0b3a::13,fdf3:aad9:a885:0b3a::16,,179 +kv24ix,ip6,fdf3:aad9:a885:0b3a::1,fdf3:aad9:a885:0b3a::16,,179
\ No newline at end of file diff --git a/7/host_vars/lhn2ix/firewall.csv b/7/host_vars/lhn2ix/firewall.csv new file mode 100644 index 0000000..92b876c --- /dev/null +++ b/7/host_vars/lhn2ix/firewall.csv @@ -0,0 +1,3 @@ +host,family,src,dst,port +lhn2ix,ip6,fdf3:aad9:a885:0b3a::1,fdf3:aad9:a885:0b3a::15,,179 +lhn2ix,ip6,fdf3:aad9:a885:0b3a::13,fdf3:aad9:a885:0b3a::15,,179
\ No newline at end of file | 
