FirewallD commands

This module contains the following parsers:

FirewallCmdListALLZones - command /usr/bin/firewall-cmd --list-all-zones

class insights.parsers.firewall_cmd.FirewallCmdListALLZones(context)[source]

Bases: insights.core.CommandParser

Class for parsing the /usr/bin/firewall-cmd --list-all-zones command.

Typical content of the command is:

public (active)
    target: default
    icmp-block-inversion: no
    interfaces: eno1
    sources:
    services: dhcpv6-client ssh
    ports:
    protocols:
    masquerade: no
    forward-ports: port=80:proto=tcp:toport=12345:toaddr=
        port=81:proto=tcp:toport=1234:toaddr=
        port=83:proto=tcp:toport=456:toaddr=10.72.47.45
    source-ports:
    icmp-blocks:
    rich rules:
        rule family="ipv4" source address="10.0.0.0/24" destination address="192.168.0.10/32" port port="8080-8090" protocol="tcp" accept
        rule family="ipv4" source address="10.0.0.0/24" destination address="192.168.0.10/32" port port="443" protocol="tcp" reject
        rule family="ipv4" source address="192.168.0.10/24" reject
        rule family="ipv6" source address="1:2:3:4:6::" forward-port port="4011" protocol="tcp" to-port="4012" to-addr="1::2:3:4:7"


trusted
    target: ACCEPT
    icmp-block-inversion: no
    interfaces:
    sources:
    services:
    ports:
    protocols:
    masquerade: no
    forward-ports:
    source-ports:
    icmp-blocks:
    rich rules:

Examples

>>> type(zones)
<class 'insights.parsers.firewall_cmd.FirewallCmdListALLZones'>
>>> 'public' in zones.active_zones
True
>>> 'ACCEPT' in zones.zones['trusted']['target']
True
>>> zones.zones['public']['services']
['dhcpv6-client ssh']
>>> 'port=83:proto=tcp:toport=456:toaddr=10.72.47.45' in zones.zones['public']['forward-ports']
True
zones

A dict of zone info

Type

dict

Raises

ParseException -- Raised when the output is in invalid format

property active_zones

Return a list of active zone name

parse_content(content)[source]

This method must be implemented by classes based on this class.