forked from firewalld/firewalld
/
__init__.py.in
113 lines (96 loc) · 3.61 KB
/
__init__.py.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# -*- coding: utf-8 -*-
#
# Copyright (C) 2007-2016 Red Hat, Inc.
# Authors:
# Thomas Woerner <twoerner@redhat.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
from __future__ import absolute_import
# translation
import locale
try:
locale.setlocale(locale.LC_ALL, "")
except locale.Error:
import os
os.environ['LC_ALL'] = 'C'
locale.setlocale(locale.LC_ALL, "")
DOMAIN = 'firewalld'
import gettext
gettext.install(domain=DOMAIN)
from . import dbus
# configuration
DAEMON_NAME = 'firewalld'
CONFIG_NAME = 'firewall-config'
APPLET_NAME = 'firewall-applet'
DATADIR = '/usr/share/' + DAEMON_NAME
CONFIG_GLADE_NAME = CONFIG_NAME + '.glade'
COPYRIGHT = '(C) 2010-2016 Red Hat, Inc.'
VERSION = '@PACKAGE_VERSION@'
AUTHORS = [
"Thomas Woerner <twoerner@redhat.com>",
"Jiri Popelka <jpopelka@redhat.com>",
]
LICENSE = _(
"This program is free software; you can redistribute it and/or modify "
"it under the terms of the GNU General Public License as published by "
"the Free Software Foundation; either version 2 of the License, or "
"(at your option) any later version.\n"
"\n"
"This program is distributed in the hope that it will be useful, "
"but WITHOUT ANY WARRANTY; without even the implied warranty of "
"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the "
"GNU General Public License for more details.\n"
"\n"
"You should have received a copy of the GNU General Public License "
"along with this program. If not, see <http://www.gnu.org/licenses/>.")
WEBSITE = 'http://www.firewalld.org'
ETC_FIREWALLD = '/etc/firewalld'
FIREWALLD_CONF = ETC_FIREWALLD + '/firewalld.conf'
ETC_FIREWALLD_ZONES = ETC_FIREWALLD + '/zones'
ETC_FIREWALLD_SERVICES = ETC_FIREWALLD + '/services'
ETC_FIREWALLD_ICMPTYPES = ETC_FIREWALLD + '/icmptypes'
ETC_FIREWALLD_IPSETS = ETC_FIREWALLD + '/ipsets'
USR_LIB_FIREWALLD = '/usr/lib/firewalld'
FIREWALLD_ZONES = USR_LIB_FIREWALLD + '/zones'
FIREWALLD_SERVICES = USR_LIB_FIREWALLD + '/services'
FIREWALLD_ICMPTYPES = USR_LIB_FIREWALLD + '/icmptypes'
FIREWALLD_IPSETS = USR_LIB_FIREWALLD + '/ipsets'
FIREWALLD_LOGFILE = '/var/log/firewalld'
FIREWALLD_PIDFILE = "/var/run/firewalld.pid"
FIREWALLD_TEMPDIR = '/run/firewalld'
FIREWALLD_DIRECT = ETC_FIREWALLD + '/direct.xml'
LOCKDOWN_WHITELIST = ETC_FIREWALLD + '/lockdown-whitelist.xml'
SYSCONFIGDIR = '/etc/sysconfig'
IFCFGDIR = SYSCONFIGDIR + '/network-scripts'
SYSCTL_CONFIG = '/etc/sysctl.conf'
# commands used by backends
COMMANDS = {
"ipv4": "@IPTABLES@",
"ipv4-restore": "@IPTABLES_RESTORE@",
"ipv6": "@IP6TABLES@",
"ipv6-restore": "@IP6TABLES_RESTORE@",
"eb": "@EBTABLES@",
"eb-restore": "@EBTABLES_RESTORE@",
"ipset": "@IPSET@",
}
LOG_DENIED_VALUES = [ "all", "unicast", "broadcast", "multicast", "off" ]
# fallbacks: will be overloaded by firewalld.conf
FALLBACK_ZONE = "public"
FALLBACK_MINIMAL_MARK = 100
FALLBACK_CLEANUP_ON_EXIT = True
FALLBACK_LOCKDOWN = False
FALLBACK_IPV6_RPFILTER = True
FALLBACK_INDIVIDUAL_CALLS = False
FALLBACK_LOG_DENIED = "off"