summaryrefslogtreecommitdiffstats
path: root/iw
diff options
context:
space:
mode:
authorJeremy Katz <katzj@redhat.com>2004-06-18 04:52:58 +0000
committerJeremy Katz <katzj@redhat.com>2004-06-18 04:52:58 +0000
commit87d9b3563d67e50a3a40234c59d9a2580de319e5 (patch)
treed1c64576c65b10ad28a01f5ef19fb2158d6e3d7e /iw
parent9197b56503dd9fb1fa33c162215cd47b0825d518 (diff)
downloadanaconda-87d9b3563d67e50a3a40234c59d9a2580de319e5.tar.gz
anaconda-87d9b3563d67e50a3a40234c59d9a2580de319e5.tar.xz
anaconda-87d9b3563d67e50a3a40234c59d9a2580de319e5.zip
major simplification of the firewall code. lose the trusted devices and
other ports selection. make the list of services easy to change and shared between gui and text. lose dead code, update copyrights
Diffstat (limited to 'iw')
-rw-r--r--iw/firewall_gui.py130
1 files changed, 17 insertions, 113 deletions
diff --git a/iw/firewall_gui.py b/iw/firewall_gui.py
index eac18007f..ada47240f 100644
--- a/iw/firewall_gui.py
+++ b/iw/firewall_gui.py
@@ -1,7 +1,7 @@
#
# firewall_gui.py: firewall setup screen
#
-# Copyright 2001-2003 Red Hat, Inc.
+# Copyright 2001-2004 Red Hat, Inc.
#
# This software may be freely redistributed under the terms of the GNU
# library public license.
@@ -49,86 +49,11 @@ class FirewallWindow (InstallWindow):
self.firewall.enabled = 1
count = 0
- for service in self.knownPorts.keys():
+ for service in self.firewall.services:
val = self.incoming.get_active(count)
- if service == "SSH":
- self.firewall.ssh = val
- elif service == "Telnet":
- self.firewall.telnet = val
- elif service == "WWW (HTTP)":
- self.firewall.http = val
- elif service == "Mail (SMTP)":
- self.firewall.smtp = val
- elif service == "FTP":
- self.firewall.ftp = val
+ service.set_enabled(val)
count = count + 1
- portstring = string.strip(self.ports.get_text())
- portlist = ""
- bad_token_found = 0
- bad_token = ""
- if portstring != "":
- tokens = string.split(portstring, ',')
- for token in tokens:
- try:
- #- if there's a colon in the token, it's valid
- if string.index(token,':'):
- parts = string.split(token, ':')
- try:
- portnum = string.atoi(parts[0])
- except:
- portnum = None
-
- if len(parts) > 2: # more than one colon
- bad_token_found = 1
- bad_token = token
- elif portnum is not None and (portnum < 1 or portnum > 65535):
- bad_token_found = 1
- bad_token = token
- else:
- # udp and tcp are the only valid protos
- if parts[1] == 'tcp' or parts[1] == 'udp':
- if portlist == "":
- portlist = token
- else:
- portlist = portlist + ',' + token
- else: # found protocol !tcp && !udp
- bad_token_found = 1
- bad_token = token
- pass
- except:
- if token != "":
- try:
- try:
- portnum = string.atoi(token)
- except:
- portnum = None
-
- if portnum is not None and (portnum < 1 or portnum > 65535):
- bad_token_found = 1
- bad_token = token
- else:
- if portlist == "":
- portlist = token + ":tcp"
- else:
- portlist = portlist + ',' + token + ':tcp'
- except:
- bad_token_found = 1
- bad_token = token
- else:
- pass
-
- if bad_token_found == 1: # raise a warning
- text = _("Invalid port given: %s. The proper format is "
- "'port:protocol', where port is between 1 and 65535, and protocol is either 'tcp' or 'udp'.\n\nFor example, "
- "'1234:udp'") % (bad_token,)
-
- self.intf.messageWindow(_("Warning: Bad Token"),
- text, type="warning")
- raise gui.StayOnScreen
- else: # all the port data looks good
- self.firewall.portlist = portlist
-
def activate_firewall (self, widget):
if self.disabled_radio.get_active ():
self.table.set_sensitive(gtk.FALSE)
@@ -149,7 +74,10 @@ class FirewallWindow (InstallWindow):
box = gtk.VBox (gtk.FALSE, 5)
box.set_border_width (5)
- label = gui.WrappingLabel (_("A firewall can help prevent unauthorized access to your computer from the outside world. Would you like to enable a firewall?"))
+ label = gui.WrappingLabel (_("A firewall can help prevent "
+ "unauthorized access to your computer "
+ "from the outside world. Would you like "
+ "to enable a firewall?"))
label.set_alignment (0.0, 0)
label.set_size_request(450, -1)
@@ -176,19 +104,18 @@ class FirewallWindow (InstallWindow):
box.pack_start (self.table, gtk.FALSE, 5)
y = 0
- label = gtk.Label (_("Allow others on the internet to access "
- "these services."))
- label.set_size_request(450, -1)
+ label = gui.WrappingLabel (_("With a firewall, you may wish to "
+ "allow access to specific services on "
+ "your computer from others. "
+ "Allow access to which services?"))
+ label.set_size_request(400, -1)
label.set_alignment(0.0, 0.0)
self.table.attach(label, 0, 2, y, y + 1, gtk.EXPAND | gtk.FILL, gtk.FILL, 5, 5)
y = y + 1
hbox = gtk.HBox(gtk.FALSE, 10)
- self.label2 = gui.MnemonicLabel (_("_Allow incoming:"))
- self.label2.set_alignment (0.2, 0.0)
self.incoming = checklist.CheckList(1)
self.incoming.set_size_request(-1, 125)
- self.label2.set_mnemonic_widget(self.incoming)
incomingSW = gtk.ScrolledWindow()
incomingSW.set_border_width(5)
@@ -196,43 +123,19 @@ class FirewallWindow (InstallWindow):
incomingSW.set_shadow_type(gtk.SHADOW_IN)
incomingSW.add(self.incoming)
-# self.table.attach (self.label2, 0, 1, y, y + 1, gtk.FILL, gtk.FILL, 5, 5)
- self.table.attach (incomingSW, 0, 2, y, y + 1, gtk.EXPAND|gtk.FILL, gtk.FILL, 5, 5)
-
- self.knownPorts = {"SSH": (self.firewall.ssh,
- N_("Remote Login (SSH)")),
- "WWW (HTTP)": (self.firewall.http,
- N_("Web Server")),
- "Mail (SMTP)": (self.firewall.smtp,
- N_("Mail Server (SMTP)")),
- "FTP": (self.firewall.ftp,
- N_("File Transfer (FTP)"))}
-
- for (key, (val, disp)) in self.knownPorts.items():
- self.incoming.append_row ((disp, key), val)
+ for serv in self.firewall.services:
+ self.incoming.append_row ( (_(serv.get_name()), serv),
+ serv.get_enabled() )
- y = y + 1
- self.label3 = gui.MnemonicLabel (_("Other _ports:"))
- self.ports = gtk.Entry ()
- self.label3.set_mnemonic_widget(self.ports)
-
- self.table.attach (self.label3, 0, 1, y, y + 1, gtk.FILL, gtk.FILL, 5, 5)
- self.table.attach (self.ports, 1, 2, y, y + 1, gtk.EXPAND|gtk.FILL, gtk.FILL, 10, 5)
-
- y = y + 1
+ self.table.attach (incomingSW, 0, 2, y, y + 1, gtk.EXPAND|gtk.FILL, gtk.FILL, 5, 5)
if self.firewall.enabled == 0:
self.disabled_radio.set_active (gtk.TRUE)
else:
self.enabled_radio.set_active(gtk.TRUE)
- if self.firewall.portlist != "":
- self.ports.set_text (self.firewall.portlist)
-
self.activate_firewall(None)
- box.pack_start (gtk.HSeparator(), gtk.FALSE)
-
label = gtk.Label(_("_Security Enhanced Linux (SELinux) Extensions:"))
label.set_use_underline(gtk.TRUE)
self.se_option_menu = gtk.OptionMenu()
@@ -255,6 +158,7 @@ class FirewallWindow (InstallWindow):
hbox.set_sensitive(gtk.FALSE)
if (SELINUX_DEFAULT == 1) or flags.selinux:
+ box.pack_start (gtk.HSeparator(), gtk.FALSE)
box.pack_start(hbox, gtk.FALSE)
return box