license notes and rfw_service rename

LICENSE.txt

@@ -1,7 +1,8 @@
-The MIT License (MIT)
 
 Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
 
+The MIT License (MIT)
+
 Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
 Fight intellectual "property".
 

MANIFEST.in

@@ -3,4 +3,4 @@ include bin/*
 include config/*
 include config/deploy/*
 recursive-include docs *.txt
-recursive-exclude rfw_service *~
+recursive-exclude rfw *~

TODO.txt

@@ -6,13 +6,14 @@ TODO
 - both remote and local interface: SSL secured that can listen on any available network interface and plain HTTP that can listen only on localhost
 - local client (rfwc) with syntax identical to iptables which acts as the iptables guard
 
+- consider user/passwd for localhost server
+
 - Describe the above in docs: "To prevent nasty surprises we explain here how rfw interacts with iptables. The impact is as minimal as possible. At start rfw inserts the following rules:
     - on INPUT/OUTPUT insert block all IPs to/from the tcp rfw port
     - on INPUT/OUTPUT insert allow white.list IPs to/from tcp rfw port
     - use iptables state module to accept/block ESTABLISHED connections
     - iptables - why use connection tracking?
 
-- add HTTP server for localhost
 - review README
 - tidy up REST verb functions on sslserver, add the bulk update role for POST
 - use PUT and DELETE - should be idempotent. Give the option on non-restful requests with GET and additional ?verb=PUT/DELETE param in query

bin/rfw

@@ -1,5 +1,5 @@
 #!/usr/bin/env python
 
-import rfw_service.rfw
+import rfw.rfw
 
-rfw_service.rfw.main()
+rfw.rfw.main()

rfw/cmdexe.py

@@ -0,0 +1,47 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+import subprocess, logging, re
+
+log = logging.getLogger("rfw.log")
+
+def call(lcmd):
+    try:
+        log.debug('Call: {}'.format(' '.join(lcmd)))
+        out = subprocess.check_output(lcmd, stderr=subprocess.STDOUT)
+        if out: 
+            log.debug("Call output: {}".format(out))
+        return out
+    except subprocess.CalledProcessError, e:
+        log.error("Error code {} returned when called '{}'. Command output: '{}'".format(e.returncode, e.cmd, e.output))
+        raise e
+
+
+
+
+

rfw_service/cmdparse.py → rfw/cmdparse.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 import sys, logging, urlparse, re
 import iputil, timeutil, iptables
 from iptables import Rule

rfw_service/config.py → rfw/config.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 from __future__ import print_function
 import logging, sys, types, os.path, re
 from ConfigParser import RawConfigParser, NoOptionError

rfw_service/iptables.py → rfw/iptables.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 import inspect, re, subprocess, logging, json
 from collections import namedtuple
 from threading import RLock

rfw_service/iputil.py → rfw/iputil.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 import struct, socket, re
 
 def ip2long(s):

rfw_service/rfw.py → rfw/rfw.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
 from __future__ import print_function
 import argparse, logging, re, sys, struct, socket, subprocess, signal, time, json, os
 from Queue import Queue, PriorityQueue

rfw/rfwc.py

@@ -0,0 +1,50 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+import argparse
+
+
+
+def parse_commandline():
+    parser = argparse.ArgumentParser()
+    # TODO We may need to suppress interpreting -h and --help options. rfwc iptables -h will display rfwc help. Minor issue
+    # TODO capture all remaining args as a list
+    parser.add_argument('--wait', action='store_true', help='Wait until rfw server processes pending items in job queue. Used for making synchronous batch calls')
+    # user:password format as in curl
+    parser.add_argument('--user', help='user:password for basic authentication if rfw local.server requires it')
+    args = parser.parse_args()
+    return args
+
+def main():
+    args = parse_commandline()
+    print(args)
+
+
+
+if __name__ == '__main__':
+    main()

rfw_service/rfwconfig.py → rfw/rfwconfig.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 import logging, sys, types, os.path, re
 import config, iputil, timeutil
 from ConfigParser import NoOptionError

rfw_service/rfwthreads.py → rfw/rfwthreads.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 from __future__ import print_function
 from threading import Thread
 import time, logging

rfw_service/sslserver.py → rfw/sslserver.py

@@ -1,3 +1,31 @@
+#!/usr/bin/env python
+#
+# Copyrite (c) 2014 SecurityKISS Ltd (http://www.securitykiss.com)  
+#
+# The MIT License (MIT)
+#
+# Yes, Mr patent attorney, you have nothing to do here. Find a decent job instead. 
+# Fight intellectual "property".
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 import socket, os, base64, logging
 from SocketServer import BaseServer, BaseRequestHandler
 from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler