2 # SFAtables is a tool for restricting access to an SFA aggregate in a generic
5 # It is modeled using abstractions in iptables. Specifically, 'matches' specify
6 # criteria for matching certain requests, 'targets' specify actions that treat
7 # requests in a certain way, and 'chains' are used to group related
13 from optparse import OptionParser
15 def load_extensions(module):
17 module_path = ".".join(module.split('.')[:-1])
19 commands = __import__(module,fromlist=[module_path])
21 for command_name in commands.all:
22 command_module = getattr(commands, command_name)
23 command = getattr(command_module, command_name)
24 command_dict[command.key]=command()
28 def create_parser(command_dict):
29 parser = OptionParser(usage="sfatables [command] [chain] [match] [target]",
30 description='See "man sfatables" for more detail.')
32 for k in command_dict.keys():
33 command = command_dict[k]
34 for (short_option,long_option) in command.options:
35 parser.add_option(short_option,long_option,dest=command.key,help=command.help,metavar=command.help.upper())
41 command_dict = load_extensions("sfa.sfatables.commands")
42 command_parser = create_parser(command_dict)
43 (options, args) = command_parser.parse_args()
45 if (len(options.keys()) != 1):
46 raise Exception("sfatables takes one command at a time.\n")
49 selected_command = command_dict[options.keys()[0]]
54 if (selected_command.matches):
55 match_dict = load_extensions("sfa.sfatables.matches")
56 match_parser = create_parser(match_dict)
57 (options, args) = match_parser.parse_args(args[2:])
59 if (selected_command.targets):
60 match_dict = load_extensions("sfa.sfatables.targets")
61 target_parser = create_parser(match_dict)
62 (options, args) = target_parser.parse_args(args[5:])
64 command(options, match_options, target_options)
66 if __name__=='__main__':