#!bin/python
#coding=utf-8
"""
Create by he
""" import sys
import re
import string
import operator
from analysisFile import *
from result import * ruleId = 0
objectGroupNameDic = {} def handle():
global ruleId
for policy in policyList:
ruleId = 0
policyHandle(policy) def policyHandle(policy):
global ruleId
for key,value in policy.canMerge.items():
condition = key.split('^')[-1]
if condition == Conditions.ONE:
result = handleCondOne(value)
policy.results.append(result)
if condition == Conditions.TWO:
result = handleCondTwo(value)
policy.results.append(result)
if condition == Conditions.FOUR:
result = handleCondFour(value)
policy.results.append(result)
if condition == Conditions.FIVE:
result = handleCondFive(value)
policy.results.append(result)
if condition == Conditions.SEVEN:
resultList = handleCondSeven(value)
policy.results.extend(resultList)
return
ruleId +=1 def handleCondSeven(rules):
print '==================handleCondSeven=========================='
for rule in rules:
getNewDipAddObjGroup(rule)
print 'hahahahahahahahahahahahahah'
for obj in rule.newDesIpObjGroup.addressObjects:
print obj.ip+" "+obj.mask
#print rule.newDesIpObjGroup.addressObjects
print 'hahahahahahahahahahahahahah'
#newDipGroups.append[group]
canMergeList = []
for i in range(0,len(rules)):
if rules[i].compared:
continue
mergeRuleLists = [rules[i]]
rules[i].compared = True
for j in (i+1,len(rules)):
if j == len(rules):
break
if rules[j].compared:
continue
if isSameGroup(rules[i],rules[j]):
mergeRuleLists.append(rules[j])
rules[j].compared = True
continue
canMergeList.append(mergeRuleLists)
print 'ffffffffffffffffffffffffffffffffff'
print canMergeList
print 'ffffffffffffffffffffffffffffffffff' #canMerge and canMergeList are both list type
resultList = []
for canMerge in canMergeList:
if len(canMerge) == 1:
#remove canMerge[0] to canNotMerge
continue
result = Result()# Class :result
result.mergedRules.extend(canMerge)
sIpAddObjGroups = []
for rule in canMerge:
sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
sIpAddObjGroups.append(sIpAddObj)
#Merge s-ip
newSipAddGroup = mergeAddObjGroups(sIpAddObjGroups,canMerge[0])
newDipAddGroup = canMerge[0].newDesIpObjGroup
result.addObjMergeDic[newSipAddGroup] = sIpAddObjGroups
result.newRule = mergeRules(canMerge[0],dIp = newDipAddGroup,sIp = newSipAddGroup)
resultList.append(result)
return resultList def isSameGroup(rule1,rule2):
print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
print rule1
print rule2
print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
addObjs1 = rule1.newDesIpObjGroup.addressObjects
addObjs2 = rule2.newDesIpObjGroup.addressObjects
# bug-- if contains relationship
for addObj1 in addObjs1:
flag = False
for addObj2 in addObjs2:
if addObj1.ip+" "+addObj1.mask == addObj2.ip+" "+addObj2.mask:
flag = True
break
else:
print 'wowowowowowowowowowowowowowowowowowo'
print addObj1.ip+" "+addObj1.mask
print addObj2.ip+" "+addObj2.mask
print 'wowowowowowowowowowowowowowowowowowo'
if not flag:
print 'kkkkkkkkkkkkkkkkkkkkkkkkkjjjjjjjjjjjjjjjjjjjj'
return False
print 'jjjjjjjjjjjjjjjjjjjjjjjjjjjkkkkkkkkkkkkkkkkkkk'
return True def getNewDipAddObjGroup(rule):
global userInput
dIpGroup = rule.getDipAddObjGroup(addObjGroupList)
print 'lllllllllllllllllllllll'
print dIpGroup
print 'lllllllllllllllllllllll'
addObjs = getAllAddObj(dIpGroup)
newAddObjs = []
for addObj in addObjs:
#If AddressObject is type of RANGE,how to do?
newMask = ipAnd(userInput,addObj.mask)
newIp = ipAnd(newMask,addObj.ip)
#content need change
newAddObj = AddressObject(addObj.addressId,addObj.content,addObj.Type,ip=newIp,mask=newMask,ipStart=addObj.ipStart,ipEnd=addObj.ipEnd)
#The newAddObj repeated need to remove
newAddObjs.append(newAddObj)
newAddObjGroup = AddressObjectGroup(dIpGroup.name,dIpGroup.content,newAddObjs)
rule.newDesIpObjGroup = newAddObjGroup def ipAnd(ip1,ip2):
dotSplitList1 = ip1.split('.')
dotSplitList2 = ip2.split('.')
resIP = ""
for i in range(0,4):
resIP += str(int(dotSplitList1[i]) & int(dotSplitList2[i]))+"."
return resIP[0:-1] def getAllAddObj(addObjGroup):
addObjs = []
for addObj in addObjGroup.addressObjects:
if addObj.Type == AddressTypes.GROUP:
#AddresObject convert to AddressObjectGroup
addObjs.extend(getAllAddObj(addObj))
addObjs.append(addObj)
return addObjs def handleCondFive(rules):
print '==================handleCondFive=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
dIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)
dIpAddObjGroups.append(dIpAddObj)
newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)
result.addObjMergeDic[newAddGroup] = dIpAddObjGroups
result.newRule = mergeRules(rules[0],dIp = newAddGroup)
return result def handleCondFour(rules):
print '==================handleCondFour=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
sIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
sIpAddObjGroups.append(sIpAddObj)
newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])
result.addObjMergeDic[newAddGroup] = sIpAddObjGroups
result.newRule = mergeRules(rules[0],sIp = newAddGroup)
return result def handleCondTwo(rules):
print '==================handleCondTwo=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
dIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)
dIpAddObjGroups.append(dIpAddObj)
newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)
result.addObjMergeDic[newAddGroup] = dIpAddObjGroups
result.newRule = mergeRules(rules[0],dIp = newAddGroup)
return result def handleCondOne(rules):
print '==================handleCondOne=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
sIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
sIpAddObjGroups.append(sIpAddObj)
newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])
result.addObjMergeDic[newAddGroup] = sIpAddObjGroups
result.newRule = mergeRules(rules[0],sIp = newAddGroup)
return result #return a new AddressObjectGroup
def mergeAddObjGroups(addObjGroups,rule,isSourceMerge = True):
addressObjects = []
for addObjGroup in addObjGroups:
addressObjects.extend(addObjGroup.addressObjects)
objName = createAddObjGroupName(rule,isSourceMerge)
content = "object-group ip address " + objName
newAddGroup = AddressObjectGroup(objName,content,addressObjects)
return newAddGroup def createAddObjGroupName(rule,isSourceMerge):
global objectGroupNameDic
name = ""
ser = rule.service
if ser == "":
ser = "any"
mode = "source"
if not isSourceMerge:
mode = "destination"
join = ser + "_" + mode + "_"
if objectGroupNameDic.has_key(join):
objectGroupNameDic[join] = objectGroupNameDic[join] + 1
name = join + str(objectGroupNameDic[join])
return name
objectGroupNameDic[join] = 1
name = join +str(1)
return name #return a new rule
def mergeRules(ruleObj,sIp=None,dIp=None):
#replace ruleId
rule = re.sub(r"rule \d+ ","rule "+str(ruleId) + " ",ruleObj.content)
#replace source-ip
if sIp != None:
rule = re.sub(r"source-ip \S+","source-ip " + sIp.name,rule)
else:
sIp = ruleObj.sourceIpObjGroup
#replace destination-ip
if dIp != None:
rule = re.sub(r"destination-ip \S+","destination-ip " + dIp.name,rule)
else:
dIp = ruleObj.desIpObjGroup
#replace service
#if ser != "":
#rule = re.sub(r"service \S+","service " + ser,rule)
#remove logging
if "logging" in rule:
rule = re.sub(r"logging\s?" , "",rule)
#remove counting
if "counting" in rule:
rule = re.sub(r"counting\s?" , "",rule)
newRule = Rule(ruleId,ruleObj.action,ruleObj.vrf,ruleObj.timeRange,sIp,dIp,ruleObj.service,rule)
return newRule handle() print '==================Common=========================='
for p in policyList:
print '--------------policy-----------------'
for r in p.results:
print '-----------rule-----------'
print r.mergedRules
print r.newRule
print r.addObjMergeDic
#print r.addObjMergeDic.values()[0][0].addressObjects[0].addressId
ww的更多相关文章
-
[转]仿World Wind构造自己的C#版插件框架——WW插件机制精简改造
很久没自己写东西啦,早该好好总结一下啦!一个大师说过“一个问题不应该被解决两次!”,除了一个好脑筋,再就是要坚持总结. 最近需要搞个系统的插件式框架,我参照World Wind的插件方式构建了个插件框 ...
-
WW多线程和锁
问题: WorldWind中是双线程的,一直忽略了多线程中数据共享,修改数据会产生问题.可是在WW中并没有看到锁的东西. 还有就是动态释放内存的问题.因为采用D3D的C#封装库不可避免涉及COM对象的 ...
-
嘟!数字三角形 W WW WWW集合!
哔!数字三角形全体集合! 数字三角形!到! 数字三角形W!到! 数字三角形WW!到! 数字三角形WWW!到! --------------------------------------------- ...
-
webwork <;ww:if>; 标签的使用
如果在前台(JSP)取出后台的对象的属性,这个属性在后台是属于String 类型的,但若这个属性的值为数字,取出在前台就会默认为整形的值,所以在<ww:if> 判断里面不能加引号:< ...
-
zf-关于<;ww:iterator />; 标签中的<;td />; 标签添加序号问题
一开始代码是这样的 那个<ww:if> 标签 是我添加的,可是添加之后出问题了. 因为我加了一个判断语句,使得不需要的信息没显示出来,导致#li.count 这个显示下标的方法行不通了 之 ...
-
从WW中剥离一个三维场景框架
从WW中剥离一个三维场景框架,初步实现的一个.可以绘制一个三角形,但是不能够控制摄像机,没有增加鼠标事件.没有投影,世界变幻之类的东西.以后会不断学习逐步增加进来. 下载地址 下载V1.0.0.2
-
关于Oracle to_char()函数中的IW,WW 周别显示
1)ww的算法为每年1月1日为第一周开始,date+6为每一周结尾 例如20050101为第一周的第一天,而第一周的最后一天为20050101+6=20050107 公式 每周第一天 :date + ...
-
[Oracle] - 关于星期(IW和WW)的算法
1. 查看数据库字符集(如果字符集不同,可能显示乱码) select DECODE(parameter, 'NLS_TERRITORY', 'TERRITORY', 'NLS_LANGUAGE', ' ...
-
ps ww
[root@ma ~]# ps ww -p 1 PID TTY STAT TIME COMMAND 1 ? Ss 0:01 /sbin/init[root@ma ~]# ps -p 1 PID TTY ...
随机推荐
-
【转载】Android app 安全测试调研及执行
本文来源于:http://testerhome.com/topics/2209 一.通过在线工具进行测试 1.腾讯金刚审计系统http://service.security.tencent.com 优 ...
-
(转载)CSV 文件处理 PERL
http://cn.perlmaven.com/how-to-read-a-csv-file-using-perl http://search.cpan.org/~hmbrand/Text-CSV_X ...
-
oninput和onpropertychange
时常会有监听输入框输入的场景,比如新浪微博的发微博输入框: 还有边输入边提示: 以及form表单边输入边验证,当内容为空提示或者改变输入框的样式达到提示效果. 在IE中是onpropertychang ...
-
SVG
目前SVG在国内的使用并不常见,并且关于svg的相关js库也不多,这里指出两款svg的库Snap.svg和svg.js,Snap.svg张鑫旭的博客上有关于他的使用APi http://www.zha ...
-
Linux学习笔记1:配置Linux网络和克隆虚拟机并更改配置
一.配置Linux网络 在安装Linux的时候,一定要保证你的物理网络的IP是手动设置的,要不然会在Linux设置IP连通网络的时候会报network is unreachable 并且怎么也找不到问 ...
-
IIS日志路径,修改存放位置,清除日志方法
IIS存放日志文件的默认存储路径是c:\windows\system32\logfiles 我们依次打开“我的电脑”,C盘,Windows文件夹,system32文件夹,logfiles文件夹,发现里 ...
-
C# SMTP发送邮件
public void SendMail() { MailMessage mail = new MailMessage(); mail.From = new MailAddress("fro ...
-
SpringBoot整合Mybatis【非注解版】
接上文:SpringBoot整合Mybatis[注解版] 一.项目创建 新建一个工程 选择Spring Initializr,配置JDK版本 输入项目名 选择构建web项目所需的state ...
-
[转]Nginx+mysql+php-fpm负载均衡配置实例
转 : http://www.jbxue.com/article/7923.html 介绍一个nginx.mysql.php-fpm环境下配置负载均衡的例子,有需要的朋友,可以参考下. 系统环境如下: ...
-
Java BIO、NIO、AIO 学习
正在学习<大型网站系统与JAVA中间件实践>,发现对BIO.NIO.AIO的概念很模糊,写一篇博客记录下来.先来说个银行取款的例子: 同步 : 自己亲自出马持银行卡到银行取钱(使用同步IO ...