From b239a07aa42d0fcba8cb84c554674c744d872041 Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Sat, 25 Nov 2023 20:17:48 +0100 Subject: wip --- 7/firewall.pl | 21 ++++++++++++++++----- 7/hosts.pl | 44 ++++++++++++++++++++++---------------------- 2 files changed, 38 insertions(+), 27 deletions(-) diff --git a/7/firewall.pl b/7/firewall.pl index 9e00afe..7e7b7e7 100644 --- a/7/firewall.pl +++ b/7/firewall.pl @@ -8,9 +8,10 @@ retract_all_from/1]). :- use_module(library(assoc)). +:- use_module(library(csv)). +:- use_module(library(dcgs)). :- use_module(library(files)). :- use_module(library(format)). -:- use_module(library(dcgs)). :- use_module(library(lists)). :- use_module(library(serialization/json)). @@ -26,7 +27,7 @@ warning(Msg) :- rules_from(From, Rules) :- findall( - fw_rule(H, Attr), + fw_rule(H, Attr), ( fw_rule(H, Attr), get_assoc("from", Attr, From) @@ -48,13 +49,23 @@ ansible_host(Basedir, [Host|Hosts]) :- atom_chars(Host, HostS), append(Basedir, [HostS], DirPs), path_segments(Dir, DirPs), - append(Basedir, [HostS, "firewall.yaml"], FilePs), + append(Basedir, [HostS, "firewall.csv"], FilePs), path_segments(File, FilePs), format("mkdir ~s~n", [Dir]), make_directory_path(Dir), - format("firewall: ~s~n", [File]), ansible_firewall(File, Host), ansible_host(Basedir, Hosts). +get_opt(Key, Assoc, Value) :- (get_assoc(Key, Assoc, Value) -> true; Value=''). + +to_csv(Host, Attrs, Row) :- + get_opt(family, Attrs, Family), + get_opt(src, Attrs, Src), + get_opt(dst, Attrs, Dst), + Row = [Host, Family, Src, Dst]. + ansible_firewall(File, Host) :- - true. + format("ansible_firewall: ~s~n", [File]), + findall(Attrs, fw_rule(Host, Attrs), Rules), + maplist(to_csv(Host), Rules, Rows), + write_csv(File, frame(['host','family','src','dst'], Rows)). diff --git a/7/hosts.pl b/7/hosts.pl index 6ec9d97..6c592d1 100644 --- a/7/hosts.pl +++ b/7/hosts.pl @@ -15,39 +15,39 @@ host(kv24ix). host(lhn2ix). host_config(knot, Config) :- utils:to_assoc({ - ip: "fdf3:aad9:a885:0b3a::1" + ip: 'fdf3:aad9:a885:0b3a::1' }, Config). host_config(hash, Config) :- utils:to_assoc({ - ip: "fdf3:aad9:a885:0b3a::13" + ip: 'fdf3:aad9:a885:0b3a::13' }, Config). host_config(lhn2ix, Config) :- utils:to_assoc({ - ip: "fdf3:aad9:a885:0b3a::15" + ip: 'fdf3:aad9:a885:0b3a::15' }, Config). host_config(kv24ix, Config) :- utils:to_assoc({ - ip: "fdf3:aad9:a885:0b3a::16" + ip: 'fdf3:aad9:a885:0b3a::16' }, Config). % (router, remote, router_ip) -router_link(knot, hash, "0::1"). -router_link(knot, lhn2ix, "0::8"). -router_link(knot, kv24ix, "0::7"). -router_link(hash, knot, "0::2"). -router_link(hash, kv24ix, "0::10"). -router_link(hash, lhn2ix, "0::3"). -router_link(kv24ix, knot, "0::6"). -router_link(kv24ix, hash, "0::5"). -router_link(lhn2ix, hash, "0::9"). -router_link(lhn2ix, knot, "0::4"). -router_link(conflatorio, lhn2ix, "0::11"). -% router_link(lhn2ix, conflatorio,"0::12"). +router_link(knot, hash, '0::1'). +router_link(knot, lhn2ix, '0::8'). +router_link(knot, kv24ix, '0::7'). +router_link(hash, knot, '0::2'). +router_link(hash, kv24ix, '0::10'). +router_link(hash, lhn2ix, '0::3'). +router_link(kv24ix, knot, '0::6'). +router_link(kv24ix, hash, '0::5'). +router_link(lhn2ix, hash, '0::9'). +router_link(lhn2ix, knot, '0::4'). +router_link(conflatorio, lhn2ix, '0::11'). +% router_link(lhn2ix, conflatorio,'0::12'). % network(R, address, range) -attached_network(conflatorio, ipv6_net("1:78e1::", 64)). -attached_network(hash, ipv6_net("1:e5b0::", 64)). -attached_network(knot, ipv6_net("1:f11b::", 64)). -attached_network(lhn2ix, ipv6_net("1:dbe1::", 64)). -attached_network(lhn2ix, ipv6_net("1:ab69::", 64)). -attached_network(kv42ix, ipv6_net("1:cd02::", 64)). +attached_network(conflatorio, ipv6_net('1:78e1::', 64)). +attached_network(hash, ipv6_net('1:e5b0::', 64)). +attached_network(knot, ipv6_net('1:f11b::', 64)). +attached_network(lhn2ix, ipv6_net('1:dbe1::', 64)). +attached_network(lhn2ix, ipv6_net('1:ab69::', 64)). +attached_network(kv42ix, ipv6_net('1:cd02::', 64)). -- cgit v1.2.3