2 # SFAtables is a tool for restricting access to an SFA aggregate in a generic
5 # It is modeled using abstractions in iptables. Specifically, 'matches' specify
6 # criteria for matching certain requests, 'targets' specify actions that treat
7 # requests in a certain way, and 'chains' are used to group related
13 from optparse import OptionParser
15 from sfatables import commands, matches, targets
17 def load_extensions(module, list):
20 for command_name in list:
21 command_module = __import__(".".join([module,command_name]),fromlist=[module])
22 command = getattr(command_module, command_name)
23 command_dict[command_name]=command()
27 def create_parser(command_dict):
28 parser = OptionParser(usage="sfatables [command] [chain] [match] [target]",
29 description='See "man sfatables" for more detail.')
31 for k in command_dict.keys():
32 command = command_dict[k]
33 for (short_option,long_option) in command.options:
34 parser.add_option(short_option,long_option,dest=command.type,action=command.action,const=k,help=command.help,metavar="CHAIN")
39 def partition(sep, lst):
54 # Segment command line into three blobs, one each for the command, match and target respectively.
56 pargs = partition('--', sys.argv[1:])
58 command_dict = load_extensions("sfatables.commands",commands.all)
59 command_parser = create_parser(command_dict)
60 (options, args) = command_parser.parse_args()
62 command = command_dict[options.command]
66 raise Exception("Must specify match for this command")
67 match_dict = load_extensions("sfatables.matches",matches.all)
68 match_parser = create_parser(match_dict)
69 (match_options, args) = match_parser.parse_args(pargs[1])
75 raise Exception("Must specify a target for this command")
76 match_dict = load_extensions("sfatables.targets",targets.all)
77 target_parser = create_parser(match_dict)
78 (target_options, args) = target_parser.parse_args(pargs[2])
82 command(options, match_options, target_options)
84 if __name__=='__main__':