python/jc
1
0
Fork 0
mirror of https://github.com/kellyjonbrazil/jc.git synced 2025-06-15 00:05:11 +02:00
Code Issues Releases Activity

add default policy stats to iptables parser

Browse Source
This commit is contained in:
Kelly Brazil
2025-04-15 08:41:30 -07:00
parent c8599253fb
commit 966df71566
5 changed files with 42 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@ -1,7 +1,8 @@
jc changelog
20250412 v1.25.5
20250414 v1.25.5
- Add `amixer` command parser
- Enhance `iptables` command parser to add default policy statistics fields
- Fix `bluetoothctl` parser failing to parse controllers with power state prop
- Fix `lsblk` command parser to support multiple mountpoints. Also, added
byte conversions for size fields.

38
jc/parsers/iptables.py
View File

@ -20,6 +20,9 @@ Schema:
[
{
"chain": string,
"default_policy": string,
"default_packets": integer,
"default_bytes": integer,
"rules": [
{
"num" integer,
@ -44,6 +47,9 @@ Examples:
[
{
"chain": "PREROUTING",
"default_policy": "DROP",
"default_packets": 0,
"default_bytes": 0,
"rules": [
{
"num": 1,
@ -103,6 +109,9 @@ Examples:
[
{
"chain": "PREROUTING",
"default_policy": "DROP",
"default_packets": "0",
"default_bytes": "0",
"rules": [
{
"num": "1",
@ -158,12 +167,13 @@ Examples:
...
]
"""
import re
import jc.utils
class info():
"""Provides parser metadata (version, author, etc.)"""
version = '1.11'
version = '1.12'
description = '`iptables` command parser'
author = 'Kelly Brazil'
author_email = 'kellyjonbrazil@gmail.com'
@ -174,6 +184,17 @@ class info():
__version__ = info.version
chain_pkt_byt_pattern = re.compile(
r'''
\s\(policy\s
(?P<policy_name>.+)
\s
(?P<packets>.+)
\spackets,\s
(?P<bytes>.+)
\sbytes\)
''', re.VERBOSE
)
def _process(proc_data):
"""
@ -188,6 +209,13 @@ def _process(proc_data):
List of Dictionaries. Structured data to conform to the schema.
"""
for entry in proc_data:
if 'default_packets' in entry:
entry['default_packets'] = jc.utils.convert_to_int(entry['default_packets'])
if 'default_bytes' in entry:
entry['default_bytes'] = jc.utils.convert_size_to_int(entry['default_bytes'])
for rule in entry['rules']:
int_list = ['num', 'pkts']
for key in rule:
@ -243,6 +271,14 @@ def parse(data, raw=False, quiet=False):
parsed_line = line.split()
chain['chain'] = parsed_line[1]
stats_match = re.search(chain_pkt_byt_pattern, line)
if stats_match:
stats = stats_match.groupdict()
chain['default_policy'] = stats['policy_name']
chain['default_packets'] = stats['packets']
chain['default_bytes'] = stats['bytes']
chain['rules'] = []
continue

2
tests/fixtures/centos-7.7/iptables-filter-nv.json vendored
View File

File diff suppressed because one or more lines are too long

2
tests/fixtures/ubuntu-18.04/iptables-filter-nv.json vendored
View File

@ -1 +1 @@
[{"chain": "INPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 1137, "bytes": 318000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 889, "bytes": 158000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}]}]
[{"chain":"INPUT","default_policy":"ACCEPT","default_packets":0,"default_bytes":0,"rules":[{"pkts":66,"bytes":6034,"target":"ACCEPT","prot":"all","opt":null,"in":"lo","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":1137,"bytes":318000,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate RELATED,ESTABLISHED"},{"pkts":0,"bytes":0,"target":"DROP","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate INVALID"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"tcp","opt":null,"in":"*","out":"*","source":"15.15.15.0/24","destination":"0.0.0.0/0","options":"tcp dpt:22 ctstate NEW,ESTABLISHED"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"lo","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate RELATED,ESTABLISHED"},{"pkts":0,"bytes":0,"target":"DROP","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate INVALID"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"tcp","opt":null,"in":"*","out":"*","source":"15.15.15.0/24","destination":"0.0.0.0/0","options":"tcp dpt:22 ctstate NEW,ESTABLISHED"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"lo","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate RELATED,ESTABLISHED"},{"pkts":0,"bytes":0,"target":"DROP","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate INVALID"},{"pkts":0,"bytes":0,"target":"DROP","prot":"all","opt":null,"in":"lo","out":"*","source":"15.15.15.51","destination":"0.0.0.0/0"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"tcp","opt":null,"in":"*","out":"*","source":"15.15.15.0/24","destination":"0.0.0.0/0","options":"tcp dpt:22 ctstate NEW,ESTABLISHED"}]},{"chain":"FORWARD","default_policy":"ACCEPT","default_packets":0,"default_bytes":0,"rules":[]},{"chain":"OUTPUT","default_policy":"ACCEPT","default_packets":4,"default_bytes":277,"rules":[{"pkts":66,"bytes":6034,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"lo","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":889,"bytes":158000,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate ESTABLISHED"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"tcp","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"tcp spt:22 ctstate ESTABLISHED"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"lo","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate ESTABLISHED"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"tcp","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"tcp spt:22 ctstate ESTABLISHED"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"lo","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"all","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate ESTABLISHED"},{"pkts":0,"bytes":0,"target":"ACCEPT","prot":"tcp","opt":null,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"tcp spt:22 ctstate ESTABLISHED"}]}]

2
tests/test_iptables.py
View File

@ -200,7 +200,7 @@ class MyTests(unittest.TestCase):
128627559125 172804718595966 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
26599 1082920 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
1761 79571 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited'''
expected = [{"chain":"INPUT","rules":[{"pkts":11291792498,"bytes":217331852907122,"target":"ACCEPT","prot":"all","opt":None,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate RELATED,ESTABLISHED"},{"pkts":555958,"bytes":33533576,"target":"ACCEPT","prot":"all","opt":None,"in":"lo","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":128628404869,"bytes":172804745659762,"target":"INPUT_direct","prot":"all","opt":None,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":128627559128,"bytes":172804718596050,"target":"INPUT_ZONES_SOURCE","prot":"all","opt":None,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":128627559125,"bytes":172804718595966,"target":"INPUT_ZONES","prot":"all","opt":None,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0"},{"pkts":26599,"bytes":1082920,"target":"DROP","prot":"all","opt":None,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"ctstate INVALID"},{"pkts":1761,"bytes":79571,"target":"REJECT","prot":"all","opt":None,"in":"*","out":"*","source":"0.0.0.0/0","destination":"0.0.0.0/0","options":"reject-with icmp-host-prohibited"}]}]
expected = [{'chain': 'INPUT', 'default_policy': 'ACCEPT', 'default_packets': 0, 'default_bytes': 0, 'rules': [{'pkts': 11291792498, 'bytes': 217331852907122, 'target': 'ACCEPT', 'prot': 'all', 'opt': None, 'in': '*', 'out': '*', 'source': '0.0.0.0/0', 'destination': '0.0.0.0/0', 'options': 'ctstate RELATED,ESTABLISHED'}, {'pkts': 555958, 'bytes': 33533576, 'target': 'ACCEPT', 'prot': 'all', 'opt': None, 'in': 'lo', 'out': '*', 'source': '0.0.0.0/0', 'destination': '0.0.0.0/0'}, {'pkts': 128628404869, 'bytes': 172804745659762, 'target': 'INPUT_direct', 'prot': 'all', 'opt': None, 'in': '*', 'out': '*', 'source': '0.0.0.0/0', 'destination': '0.0.0.0/0'}, {'pkts': 128627559128, 'bytes': 172804718596050, 'target': 'INPUT_ZONES_SOURCE', 'prot': 'all', 'opt': None, 'in': '*', 'out': '*', 'source': '0.0.0.0/0', 'destination': '0.0.0.0/0'}, {'pkts': 128627559125, 'bytes': 172804718595966, 'target': 'INPUT_ZONES', 'prot': 'all', 'opt': None, 'in': '*', 'out': '*', 'source': '0.0.0.0/0', 'destination': '0.0.0.0/0'}, {'pkts': 26599, 'bytes': 1082920, 'target': 'DROP', 'prot': 'all', 'opt': None, 'in': '*', 'out': '*', 'source': '0.0.0.0/0', 'destination': '0.0.0.0/0', 'options': 'ctstate INVALID'}, {'pkts': 1761, 'bytes': 79571, 'target': 'REJECT', 'prot': 'all', 'opt': None, 'in': '*', 'out': '*', 'source': '0.0.0.0/0', 'destination': '0.0.0.0/0', 'options': 'reject-with icmp-host-prohibited'}]}]
self.assertEqual(jc.parsers.iptables.parse(data, quiet=True), expected)