Firewall(component_id, name=None, ports=None, is_external=False)[source]¶
Component to open/close firewall ports for an app.
__init__(component_id, name=None, ports=None, is_external=False)[source]¶
Initialize the firewall component.
Check if the firewall ports are open and only as expected.
Returns a list of interfaces in a firewall zone.
Filter out tun interfaces as they are always assumed to be internal interfaces.
Retrieve details of ports associated with this component..
FirewallLocalProtection(component_id: str, tcp_ports: list)[source]¶
Component to protect local services from access by local users.
Local service protection means that only administrators and Apache web server should be able to access certain services and not other users who have logged into the system. This is needed because some of the services are protected with authentication and authorization provided by Apache web server. If services are contacted directly then auth can be bypassed by all local users.
component_id should be a unique ID across all components of an app and across all components.
tcp_ports is list of all local TCP ports on which daemons of this app are listening. Administrators and Apache web server will be allowed to connect and all other connections to these ports will be rejected.