diff --git a/jc/parsers/ufw.py b/jc/parsers/ufw.py index bfacada3..543d031f 100644 --- a/jc/parsers/ufw.py +++ b/jc/parsers/ufw.py @@ -26,6 +26,7 @@ Schema: "action": string, "action_direction": string, # null if blank "index": integer, # null if blank + "log": boolean, "network_protocol": string, "to_ip": string, "to_ip_prefix": integer, @@ -77,6 +78,7 @@ Examples: "action": "ALLOW", "action_direction": "IN", "index": null, + "log": true, "network_protocol": "ipv4", "to_interface": "any", "to_transport": "any", @@ -103,6 +105,7 @@ Examples: "action": "ALLOW", "action_direction": "IN", "index": null, + "log": false, "network_protocol": "ipv4", "to_interface": "any", "to_transport": "tcp", @@ -142,6 +145,7 @@ Examples: "action": "ALLOW", "action_direction": "IN", "index": null, + "log": true, "network_protocol": "ipv4", "to_interface": "any", "to_transport": "any", @@ -168,6 +172,7 @@ Examples: "action": "ALLOW", "action_direction": "IN", "index": null, + "log": false, "network_protocol": "ipv4", "to_interface": "any", "to_transport": "tcp", @@ -202,7 +207,7 @@ import ipaddress class info(): """Provides parser metadata (version, author, etc.)""" - version = '1.2' + version = '1.3' description = '`ufw status` command parser' author = 'Kelly Brazil' author_email = 'kellyjonbrazil@gmail.com' @@ -271,6 +276,15 @@ def _parse_to_from(linedata, direction, rule_obj=None): else: rule_obj['comment'] = None + # pull (log) + RE_LOG = re.compile(r'\(log\)') + log_match = re.search(RE_LOG, linedata) + if log_match: + rule_obj['log'] = True + linedata = re.sub(RE_LOG, '', linedata) + else: + rule_obj['log'] = False + # pull (v6) RE_V6 = re.compile(r'\(v6\)') v6_match = re.search(RE_V6, linedata) diff --git a/tests/fixtures/generic/ufw-numbered.json b/tests/fixtures/generic/ufw-numbered.json index a9d9170d..af9937ca 100644 --- a/tests/fixtures/generic/ufw-numbered.json +++ b/tests/fixtures/generic/ufw-numbered.json @@ -1 +1 @@ -{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":2,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":3,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":4,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":5,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":6,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":"IN","index":7,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_interface":"en1","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":9,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":12,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":13,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"ALLOW","action_direction":null,"index":14,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} +{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"log":true,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":2,"log":true,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":3,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":4,"log":true,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":5,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":6,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":"IN","index":7,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_interface":"en1","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":9,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":12,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":13,"log":false,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"ALLOW","action_direction":null,"index":14,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"log":false,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} diff --git a/tests/fixtures/generic/ufw-numbered.out b/tests/fixtures/generic/ufw-numbered.out index bd42c6c3..adfedf4d 100644 --- a/tests/fixtures/generic/ufw-numbered.out +++ b/tests/fixtures/generic/ufw-numbered.out @@ -5,10 +5,10 @@ New profiles: skip To Action From -- ------ ---- -[ 1] 22/tcp ALLOW IN Anywhere -[ 2] 22/tcp (v6) ALLOW OUT Anywhere (v6) +[ 1] 22/tcp ALLOW IN Anywhere (log) +[ 2] 22/tcp (v6) ALLOW OUT Anywhere (v6) (log) [ 3] 443/tcp DENY 192.168.0.1 -[ 4] 443/udp DENY OUT 192.168.0.7 8080:8081 +[ 4] 443/udp DENY OUT 192.168.0.7 8080:8081 (log) [ 5] 22/tcp ALLOW 192.168.0.0/24 [ 6] 22/udp ALLOW 192.168.0.0/24 8080:8081 on en0 [ 7] 22/tcp (v6) ALLOW IN 2405:204:7449:49fc:f09a:6f4a:bc93:1955/64 on en1 diff --git a/tests/fixtures/generic/ufw-numbered2.json b/tests/fixtures/generic/ufw-numbered2.json index 31622026..c9294924 100644 --- a/tests/fixtures/generic/ufw-numbered2.json +++ b/tests/fixtures/generic/ufw-numbered2.json @@ -1 +1 @@ -{"status":"active","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_ip":"224.0.0.251","to_ip_prefix":32,"to_service":"mDNS","comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":2,"network_protocol":"ipv4","to_ip":"0.0.0.0","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"123.123.123.123","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":3,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[25],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":4,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":5,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":6,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[465],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":7,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[993],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[995],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":9,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_ip":"ff02::fb","to_ip_prefix":128,"to_service":"mDNS","comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[25],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":12,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[443],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":13,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[465],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":14,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[993],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[995],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} +{"status":"active","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_ip":"224.0.0.251","to_ip_prefix":32,"to_service":"mDNS","comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":2,"log":false,"network_protocol":"ipv4","to_ip":"0.0.0.0","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"123.123.123.123","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":3,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[25],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":4,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":5,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":6,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[465],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":7,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[993],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[995],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":9,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_ip":"ff02::fb","to_ip_prefix":128,"to_service":"mDNS","comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[25],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":12,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[443],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":13,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[465],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":14,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[993],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[995],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} diff --git a/tests/fixtures/generic/ufw.json b/tests/fixtures/generic/ufw.json index 0fc517a7..c65050f0 100644 --- a/tests/fixtures/generic/ufw.json +++ b/tests/fixtures/generic/ufw.json @@ -1 +1 @@ -{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"nice comment","from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":"FWD","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":"commenting this rule","from_interface":"en1","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"REJECT","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"a comment","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"DENY","action_direction":"FWD","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"LIMIT","action_direction":null,"index":null,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":"this is a comment","from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} +{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"nice comment","from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":"FWD","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":"commenting this rule","from_interface":"en1","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"REJECT","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"a comment","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"log":false,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"DENY","action_direction":"FWD","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"LIMIT","action_direction":null,"index":null,"log":true,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":"this is a comment","from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} diff --git a/tests/fixtures/generic/ufw.out b/tests/fixtures/generic/ufw.out index 96e0ce94..e60dde12 100644 --- a/tests/fixtures/generic/ufw.out +++ b/tests/fixtures/generic/ufw.out @@ -19,4 +19,4 @@ Apache Full (v6) ALLOW IN Anywhere (v6) OpenSSH (v6) DENY IN Anywhere (v6) 10.10.10.10 8080 on enp34s0 ALLOW 127.0.0.1 8000 50200:50300/tcp (v6) DENY FWD Anywhere (v6) -Anywhere (v6) LIMIT 2405:204:7449:49fc:f09a:6f4a:bc93:1955 # this is a comment +Anywhere (v6) LIMIT 2405:204:7449:49fc:f09a:6f4a:bc93:1955 (log) # this is a comment diff --git a/tests/fixtures/ubuntu-18.04/.ufw-numbered.out.swp b/tests/fixtures/ubuntu-18.04/.ufw-numbered.out.swp new file mode 100644 index 00000000..c83d1aa8 Binary files /dev/null and b/tests/fixtures/ubuntu-18.04/.ufw-numbered.out.swp differ diff --git a/tests/fixtures/ubuntu-18.04/ufw-numbered.json b/tests/fixtures/ubuntu-18.04/ufw-numbered.json index fbb008be..174f9a43 100644 --- a/tests/fixtures/ubuntu-18.04/ufw-numbered.json +++ b/tests/fixtures/ubuntu-18.04/ufw-numbered.json @@ -1 +1 @@ -{"status":"active","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":2,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":3,"network_protocol":"ipv4","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"test","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":4,"network_protocol":"ipv4","to_interface":"any","to_transport":"ipv6","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ipv6","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":5,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":6,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"esp","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":7,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ah","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":9,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":12,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":13,"network_protocol":"ipv6","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"::","to_ip_prefix":0,"comment":"test","from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":14,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"network_protocol":"ipv6","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} +{"status":"active","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"log":true,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":2,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":3,"log":true,"network_protocol":"ipv4","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"test","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":4,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"ipv6","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ipv6","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":5,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":6,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"esp","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":7,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ah","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":9,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":12,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":13,"log":false,"network_protocol":"ipv6","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"::","to_ip_prefix":0,"comment":"test","from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":14,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} diff --git a/tests/fixtures/ubuntu-18.04/ufw-numbered.out b/tests/fixtures/ubuntu-18.04/ufw-numbered.out index 8138cff8..3e258892 100644 --- a/tests/fixtures/ubuntu-18.04/ufw-numbered.out +++ b/tests/fixtures/ubuntu-18.04/ufw-numbered.out @@ -2,9 +2,9 @@ Status: active To Action From -- ------ ---- -[ 1] 22 ALLOW IN Anywhere +[ 1] 22 ALLOW IN Anywhere (log) [ 2] 80,443/tcp ALLOW IN Anywhere -[ 3] 80 on eth0 ALLOW IN Anywhere # test +[ 3] 80 on eth0 ALLOW IN Anywhere (log) # test [ 4] 10.0.0.1/ipv6 ALLOW IN 10.4.0.0/16/ipv6 [ 5] 10.0.0.1/esp ALLOW IN Anywhere [ 6] 10.0.0.1/esp ALLOW IN 10.4.0.0/16/esp diff --git a/tests/fixtures/ubuntu-18.04/ufw-verbose.json b/tests/fixtures/ubuntu-18.04/ufw-verbose.json index d833be45..f5e44548 100644 --- a/tests/fixtures/ubuntu-18.04/ufw-verbose.json +++ b/tests/fixtures/ubuntu-18.04/ufw-verbose.json @@ -1 +1 @@ -{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), disabled (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"test","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"ipv6","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ipv6","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"esp","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ah","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"::","to_ip_prefix":0,"comment":"test","from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} +{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), disabled (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":null,"log":true,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":true,"network_protocol":"ipv4","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"test","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"ipv6","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ipv6","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"esp","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"esp","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"ah","to_ip":"10.0.0.1","to_ip_prefix":32,"comment":null,"from_interface":"any","from_transport":"ah","from_ip":"10.4.0.0","from_ip_prefix":16},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[80,443],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"eth0","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"::","to_ip_prefix":0,"comment":"test","from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"log":false,"network_protocol":"ipv6","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[1,2],"to_port_ranges":[{"start":100,"end":200},{"start":300,"end":400}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} diff --git a/tests/fixtures/ubuntu-18.04/ufw-verbose.out b/tests/fixtures/ubuntu-18.04/ufw-verbose.out index a826d052..a412f94e 100644 --- a/tests/fixtures/ubuntu-18.04/ufw-verbose.out +++ b/tests/fixtures/ubuntu-18.04/ufw-verbose.out @@ -5,9 +5,9 @@ New profiles: skip To Action From -- ------ ---- -22 ALLOW IN Anywhere +22 ALLOW IN Anywhere (log) 80,443/tcp ALLOW IN Anywhere -80 on eth0 ALLOW IN Anywhere # test +80 on eth0 ALLOW IN Anywhere (log) # test 10.0.0.1/ipv6 ALLOW IN 10.4.0.0/16/ipv6 10.0.0.1/esp ALLOW IN Anywhere 10.0.0.1/esp ALLOW IN 10.4.0.0/16/esp