From db8ddd7f0e0c2a8bd3e545619e81d3d3972a4d7c Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Mon, 26 Apr 2021 12:04:03 -0700 Subject: [PATCH] fix for scenarios where the default port range didn't always display, or overrode existing port ranges. --- jc/man/jc.1.gz | Bin 2413 -> 2413 bytes jc/parsers/ufw.py | 24 +++++++++-------------- man/jc.1.gz | Bin 2413 -> 2413 bytes tests/fixtures/generic/ufw-numbered.json | 2 +- tests/fixtures/generic/ufw.json | 2 +- 5 files changed, 11 insertions(+), 17 deletions(-) diff --git a/jc/man/jc.1.gz b/jc/man/jc.1.gz index e2074643f268276802c67745acb7bb1cc6800564..51d228409630ffe51437fb0ed7fe450650a1a676 100644 GIT binary patch delta 16 XcmaDW^j3&nzMF$1oUeT&dm1MIE^`Fa delta 16 XcmaDW^j3&nzMF&N@W-}|>}i|;HnavI diff --git a/jc/parsers/ufw.py b/jc/parsers/ufw.py index 58072aa4..c4ae15c2 100644 --- a/jc/parsers/ufw.py +++ b/jc/parsers/ufw.py @@ -301,6 +301,8 @@ def _parse_to_from(linedata, direction, rule_obj=None): if linedata_list[1].strip() in ['tcp', 'udp', 'ah', 'esp', 'gre', 'ipv6', 'igmp']: rule_obj[direction + '_transport'] = linedata_list[1].strip() linedata = linedata_list[0] + else: + rule_obj[direction + '_transport'] = 'any' else: rule_obj[direction + '_transport'] = 'any' @@ -364,24 +366,16 @@ def _parse_to_from(linedata, direction, rule_obj=None): rule_obj[direction + '_ip_prefix'] = '0' # finally set default ports if no ports exist and there should be some - set_default = False if direction + '_transport' in rule_obj: if rule_obj[direction + '_transport'] in ['tcp', 'udp', 'any']: if not port_list and not port_ranges: - set_default = True - - else: - rule_obj[direction + '_transport'] = 'any' - set_default = True - - if set_default: - rule_obj[direction + '_port_ranges'] = [ - { - 'start': '0', - 'end': '65535' - } - ] - rule_obj[direction + '_service'] = None + rule_obj[direction + '_port_ranges'] = [ + { + 'start': '0', + 'end': '65535' + } + ] + rule_obj[direction + '_service'] = None return rule_obj diff --git a/man/jc.1.gz b/man/jc.1.gz index e2074643f268276802c67745acb7bb1cc6800564..51d228409630ffe51437fb0ed7fe450650a1a676 100644 GIT binary patch delta 16 XcmaDW^j3&nzMF$1oUeT&dm1MIE^`Fa delta 16 XcmaDW^j3&nzMF&N@W-}|>}i|;HnavI diff --git a/tests/fixtures/generic/ufw-numbered.json b/tests/fixtures/generic/ufw-numbered.json index 27809d81..a9d9170d 100644 --- a/tests/fixtures/generic/ufw-numbered.json +++ b/tests/fixtures/generic/ufw-numbered.json @@ -1 +1 @@ -{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":2,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":3,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":4,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":5,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":6,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":0,"end":65535}],"from_transport":"any"},{"action":"ALLOW","action_direction":"IN","index":7,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_interface":"en1","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":9,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":12,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":13,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"ALLOW","action_direction":null,"index":14,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} +{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":1,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":2,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":3,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":4,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":5,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":6,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":"IN","index":7,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_interface":"en1","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":8,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":9,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":10,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":11,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":12,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":13,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"ALLOW","action_direction":null,"index":14,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":15,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} diff --git a/tests/fixtures/generic/ufw.json b/tests/fixtures/generic/ufw.json index 9ea2b2a2..0fc517a7 100644 --- a/tests/fixtures/generic/ufw.json +++ b/tests/fixtures/generic/ufw.json @@ -1 +1 @@ -{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"nice comment","from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":0,"end":65535}],"from_transport":"any"},{"action":"ALLOW","action_direction":"FWD","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":"commenting this rule","from_interface":"en1","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"REJECT","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"a comment","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"DENY","action_direction":"FWD","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"LIMIT","action_direction":null,"index":null,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":"this is a comment","from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]} +{"status":"active","logging":"on","logging_level":"low","default":"deny (incoming), allow (outgoing), deny (routed)","new_profiles":"skip","rules":[{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"OUT","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"nice comment","from_interface":"any","from_transport":"any","from_ip":"192.168.0.1","from_ip_prefix":32,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"OUT","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[443],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.7","from_ip_prefix":32,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"any","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"udp","to_service":null,"to_ports":[22],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_interface":"en0","from_transport":"any","from_ip":"192.168.0.0","from_ip_prefix":24,"from_service":null,"from_port_ranges":[{"start":8080,"end":8081}]},{"action":"ALLOW","action_direction":"FWD","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_ports":[22],"to_ip":"::","to_ip_prefix":0,"comment":"commenting this rule","from_interface":"en1","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":64,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[80],"to_ip":"0.0.0.0","to_ip_prefix":0,"comment":null,"from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"REJECT","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"any","to_service":null,"to_ports":[8080],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv4","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"0.0.0.0","to_ip_prefix":0,"comment":"a comment","from_ip":"0.0.0.0","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"Apache Full","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"DENY","action_direction":"IN","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":null,"to_service":"OpenSSH","to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"ALLOW","action_direction":null,"index":null,"network_protocol":"ipv4","to_interface":"enp34s0","to_transport":"any","to_ip":"10.10.10.10","to_ip_prefix":32,"to_service":null,"to_ports":[8080],"comment":null,"from_interface":"any","from_transport":"any","from_ip":"127.0.0.1","from_ip_prefix":32,"from_service":null,"from_ports":[8000]},{"action":"DENY","action_direction":"FWD","index":null,"network_protocol":"ipv6","to_interface":"any","to_transport":"tcp","to_service":null,"to_port_ranges":[{"start":50200,"end":50300}],"to_ip":"::","to_ip_prefix":0,"comment":null,"from_ip":"::","from_ip_prefix":0,"from_interface":"any","from_transport":"any","from_port_ranges":[{"start":0,"end":65535}],"from_service":null},{"action":"LIMIT","action_direction":null,"index":null,"network_protocol":"ipv6","to_ip":"::","to_ip_prefix":0,"to_interface":"any","to_transport":"any","to_port_ranges":[{"start":0,"end":65535}],"to_service":null,"comment":"this is a comment","from_interface":"any","from_transport":"any","from_ip":"2405:204:7449:49fc:f09a:6f4a:bc93:1955","from_ip_prefix":128,"from_port_ranges":[{"start":0,"end":65535}],"from_service":null}]}