add support for rule logging

jc/parsers/ufw.py

@@ -26,6 +26,7 @@ Schema:
           "action":                 string,
           "action_direction":       string,     # null if blank
           "index":                  integer,    # null if blank
+          "log":                    boolean,
           "network_protocol":       string,
           "to_ip":                  string,
           "to_ip_prefix":           integer,
@@ -77,6 +78,7 @@ Examples:
           "action": "ALLOW",
           "action_direction": "IN",
           "index": null,
+          "log": true,
           "network_protocol": "ipv4",
           "to_interface": "any",
           "to_transport": "any",
@@ -103,6 +105,7 @@ Examples:
           "action": "ALLOW",
           "action_direction": "IN",
           "index": null,
+          "log": false,
           "network_protocol": "ipv4",
           "to_interface": "any",
           "to_transport": "tcp",
@@ -142,6 +145,7 @@ Examples:
           "action": "ALLOW",
           "action_direction": "IN",
           "index": null,
+          "log": true,
           "network_protocol": "ipv4",
           "to_interface": "any",
           "to_transport": "any",
@@ -168,6 +172,7 @@ Examples:
           "action": "ALLOW",
           "action_direction": "IN",
           "index": null,
+          "log": false,
           "network_protocol": "ipv4",
           "to_interface": "any",
           "to_transport": "tcp",
@@ -202,7 +207,7 @@ import ipaddress
 
 class info():
     """Provides parser metadata (version, author, etc.)"""
-    version = '1.2'
+    version = '1.3'
     description = '`ufw status` command parser'
     author = 'Kelly Brazil'
     author_email = 'kellyjonbrazil@gmail.com'
@@ -271,6 +276,15 @@ def _parse_to_from(linedata, direction, rule_obj=None):
         else:
             rule_obj['comment'] = None
 
+    # pull (log)
+    RE_LOG = re.compile(r'\(log\)')
+    log_match = re.search(RE_LOG, linedata)
+    if log_match:
+        rule_obj['log'] = True
+        linedata = re.sub(RE_LOG, '', linedata)
+    else:
+        rule_obj['log'] = False
+
     # pull (v6)
     RE_V6 = re.compile(r'\(v6\)')
     v6_match = re.search(RE_V6, linedata)

tests/fixtures/generic/ufw-numbered.out

@@ -5,10 +5,10 @@ New profiles: skip
  
 To                         Action      From
 --                         ------      ----
-[ 1] 22/tcp                     ALLOW IN    Anywhere
-[ 2] 22/tcp (v6)                ALLOW OUT    Anywhere (v6)
+[ 1] 22/tcp                     ALLOW IN    Anywhere        (log)
+[ 2] 22/tcp (v6)                ALLOW OUT    Anywhere (v6)  (log)
 [ 3] 443/tcp                    DENY    192.168.0.1
-[ 4] 443/udp                    DENY OUT    192.168.0.7 8080:8081
+[ 4] 443/udp                    DENY OUT    192.168.0.7 8080:8081 (log)
 [ 5] 22/tcp                     ALLOW   192.168.0.0/24
 [ 6] 22/udp                     ALLOW   192.168.0.0/24 8080:8081 on en0
 [ 7] 22/tcp (v6)                ALLOW IN    2405:204:7449:49fc:f09a:6f4a:bc93:1955/64 on en1

tests/fixtures/generic/ufw.out

@@ -19,4 +19,4 @@ Apache Full (v6)           ALLOW IN    Anywhere (v6)
 OpenSSH  (v6)              DENY IN        Anywhere (v6)
 10.10.10.10 8080 on enp34s0 ALLOW       127.0.0.1 8000
 50200:50300/tcp (v6)       DENY FWD        Anywhere (v6)
-Anywhere (v6)              LIMIT      2405:204:7449:49fc:f09a:6f4a:bc93:1955    # this is a comment
+Anywhere (v6)              LIMIT      2405:204:7449:49fc:f09a:6f4a:bc93:1955    (log) # this is a comment

tests/fixtures/ubuntu-18.04/ufw-numbered.out

@@ -2,9 +2,9 @@ Status: active
 
      To                         Action      From
      --                         ------      ----
-[ 1] 22                         ALLOW IN    Anywhere                  
+[ 1] 22                         ALLOW IN    Anywhere                   (log) 
 [ 2] 80,443/tcp                 ALLOW IN    Anywhere                  
-[ 3] 80 on eth0                 ALLOW IN    Anywhere                   # test
+[ 3] 80 on eth0                 ALLOW IN    Anywhere                   (log) # test
 [ 4] 10.0.0.1/ipv6              ALLOW IN    10.4.0.0/16/ipv6          
 [ 5] 10.0.0.1/esp               ALLOW IN    Anywhere                  
 [ 6] 10.0.0.1/esp               ALLOW IN    10.4.0.0/16/esp           

tests/fixtures/ubuntu-18.04/ufw-verbose.out

@@ -5,9 +5,9 @@ New profiles: skip
 
 To                         Action      From
 --                         ------      ----
-22                         ALLOW IN    Anywhere                  
+22                         ALLOW IN    Anywhere                   (log)
 80,443/tcp                 ALLOW IN    Anywhere                  
-80 on eth0                 ALLOW IN    Anywhere                   # test
+80 on eth0                 ALLOW IN    Anywhere                   (log) # test
 10.0.0.1/ipv6              ALLOW IN    10.4.0.0/16/ipv6          
 10.0.0.1/esp               ALLOW IN    Anywhere                  
 10.0.0.1/esp               ALLOW IN    10.4.0.0/16/esp