ww
#!bin/python
#coding=utf-8
"""
Create by he
""" import sys
import re
import string
import operator
from analysisFile import *
from result import * ruleId = 0
objectGroupNameDic = {} def handle():
global ruleId
for policy in policyList:
ruleId = 0
policyHandle(policy) def policyHandle(policy):
global ruleId
for key,value in policy.canMerge.items():
condition = key.split('^')[-1]
if condition == Conditions.ONE:
result = handleCondOne(value)
policy.results.append(result)
if condition == Conditions.TWO:
result = handleCondTwo(value)
policy.results.append(result)
if condition == Conditions.FOUR:
result = handleCondFour(value)
policy.results.append(result)
if condition == Conditions.FIVE:
result = handleCondFive(value)
policy.results.append(result)
if condition == Conditions.SEVEN:
resultList = handleCondSeven(value)
policy.results.extend(resultList)
return
ruleId +=1 def handleCondSeven(rules):
print '==================handleCondSeven=========================='
for rule in rules:
getNewDipAddObjGroup(rule)
print 'hahahahahahahahahahahahahah'
for obj in rule.newDesIpObjGroup.addressObjects:
print obj.ip+" "+obj.mask
#print rule.newDesIpObjGroup.addressObjects
print 'hahahahahahahahahahahahahah'
#newDipGroups.append[group]
canMergeList = []
for i in range(0,len(rules)):
if rules[i].compared:
continue
mergeRuleLists = [rules[i]]
rules[i].compared = True
for j in (i+1,len(rules)):
if j == len(rules):
break
if rules[j].compared:
continue
if isSameGroup(rules[i],rules[j]):
mergeRuleLists.append(rules[j])
rules[j].compared = True
continue
canMergeList.append(mergeRuleLists)
print 'ffffffffffffffffffffffffffffffffff'
print canMergeList
print 'ffffffffffffffffffffffffffffffffff' #canMerge and canMergeList are both list type
resultList = []
for canMerge in canMergeList:
if len(canMerge) == 1:
#remove canMerge[0] to canNotMerge
continue
result = Result()# Class :result
result.mergedRules.extend(canMerge)
sIpAddObjGroups = []
for rule in canMerge:
sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
sIpAddObjGroups.append(sIpAddObj)
#Merge s-ip
newSipAddGroup = mergeAddObjGroups(sIpAddObjGroups,canMerge[0])
newDipAddGroup = canMerge[0].newDesIpObjGroup
result.addObjMergeDic[newSipAddGroup] = sIpAddObjGroups
result.newRule = mergeRules(canMerge[0],dIp = newDipAddGroup,sIp = newSipAddGroup)
resultList.append(result)
return resultList def isSameGroup(rule1,rule2):
print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
print rule1
print rule2
print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
addObjs1 = rule1.newDesIpObjGroup.addressObjects
addObjs2 = rule2.newDesIpObjGroup.addressObjects
# bug-- if contains relationship
for addObj1 in addObjs1:
flag = False
for addObj2 in addObjs2:
if addObj1.ip+" "+addObj1.mask == addObj2.ip+" "+addObj2.mask:
flag = True
break
else:
print 'wowowowowowowowowowowowowowowowowowo'
print addObj1.ip+" "+addObj1.mask
print addObj2.ip+" "+addObj2.mask
print 'wowowowowowowowowowowowowowowowowowo'
if not flag:
print 'kkkkkkkkkkkkkkkkkkkkkkkkkjjjjjjjjjjjjjjjjjjjj'
return False
print 'jjjjjjjjjjjjjjjjjjjjjjjjjjjkkkkkkkkkkkkkkkkkkk'
return True def getNewDipAddObjGroup(rule):
global userInput
dIpGroup = rule.getDipAddObjGroup(addObjGroupList)
print 'lllllllllllllllllllllll'
print dIpGroup
print 'lllllllllllllllllllllll'
addObjs = getAllAddObj(dIpGroup)
newAddObjs = []
for addObj in addObjs:
#If AddressObject is type of RANGE,how to do?
newMask = ipAnd(userInput,addObj.mask)
newIp = ipAnd(newMask,addObj.ip)
#content need change
newAddObj = AddressObject(addObj.addressId,addObj.content,addObj.Type,ip=newIp,mask=newMask,ipStart=addObj.ipStart,ipEnd=addObj.ipEnd)
#The newAddObj repeated need to remove
newAddObjs.append(newAddObj)
newAddObjGroup = AddressObjectGroup(dIpGroup.name,dIpGroup.content,newAddObjs)
rule.newDesIpObjGroup = newAddObjGroup def ipAnd(ip1,ip2):
dotSplitList1 = ip1.split('.')
dotSplitList2 = ip2.split('.')
resIP = ""
for i in range(0,4):
resIP += str(int(dotSplitList1[i]) & int(dotSplitList2[i]))+"."
return resIP[0:-1] def getAllAddObj(addObjGroup):
addObjs = []
for addObj in addObjGroup.addressObjects:
if addObj.Type == AddressTypes.GROUP:
#AddresObject convert to AddressObjectGroup
addObjs.extend(getAllAddObj(addObj))
addObjs.append(addObj)
return addObjs def handleCondFive(rules):
print '==================handleCondFive=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
dIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)
dIpAddObjGroups.append(dIpAddObj)
newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)
result.addObjMergeDic[newAddGroup] = dIpAddObjGroups
result.newRule = mergeRules(rules[0],dIp = newAddGroup)
return result def handleCondFour(rules):
print '==================handleCondFour=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
sIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
sIpAddObjGroups.append(sIpAddObj)
newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])
result.addObjMergeDic[newAddGroup] = sIpAddObjGroups
result.newRule = mergeRules(rules[0],sIp = newAddGroup)
return result def handleCondTwo(rules):
print '==================handleCondTwo=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
dIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)
dIpAddObjGroups.append(dIpAddObj)
newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)
result.addObjMergeDic[newAddGroup] = dIpAddObjGroups
result.newRule = mergeRules(rules[0],dIp = newAddGroup)
return result def handleCondOne(rules):
print '==================handleCondOne=========================='
result = Result()# Class :result
result.mergedRules.extend(rules)
sIpAddObjGroups = []
for rule in rules:
#合并前的每一个地址对象组
sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)
sIpAddObjGroups.append(sIpAddObj)
newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])
result.addObjMergeDic[newAddGroup] = sIpAddObjGroups
result.newRule = mergeRules(rules[0],sIp = newAddGroup)
return result #return a new AddressObjectGroup
def mergeAddObjGroups(addObjGroups,rule,isSourceMerge = True):
addressObjects = []
for addObjGroup in addObjGroups:
addressObjects.extend(addObjGroup.addressObjects)
objName = createAddObjGroupName(rule,isSourceMerge)
content = "object-group ip address " + objName
newAddGroup = AddressObjectGroup(objName,content,addressObjects)
return newAddGroup def createAddObjGroupName(rule,isSourceMerge):
global objectGroupNameDic
name = ""
ser = rule.service
if ser == "":
ser = "any"
mode = "source"
if not isSourceMerge:
mode = "destination"
join = ser + "_" + mode + "_"
if objectGroupNameDic.has_key(join):
objectGroupNameDic[join] = objectGroupNameDic[join] + 1
name = join + str(objectGroupNameDic[join])
return name
objectGroupNameDic[join] = 1
name = join +str(1)
return name #return a new rule
def mergeRules(ruleObj,sIp=None,dIp=None):
#replace ruleId
rule = re.sub(r"rule \d+ ","rule "+str(ruleId) + " ",ruleObj.content)
#replace source-ip
if sIp != None:
rule = re.sub(r"source-ip \S+","source-ip " + sIp.name,rule)
else:
sIp = ruleObj.sourceIpObjGroup
#replace destination-ip
if dIp != None:
rule = re.sub(r"destination-ip \S+","destination-ip " + dIp.name,rule)
else:
dIp = ruleObj.desIpObjGroup
#replace service
#if ser != "":
#rule = re.sub(r"service \S+","service " + ser,rule)
#remove logging
if "logging" in rule:
rule = re.sub(r"logging\s?" , "",rule)
#remove counting
if "counting" in rule:
rule = re.sub(r"counting\s?" , "",rule)
newRule = Rule(ruleId,ruleObj.action,ruleObj.vrf,ruleObj.timeRange,sIp,dIp,ruleObj.service,rule)
return newRule handle() print '==================Common=========================='
for p in policyList:
print '--------------policy-----------------'
for r in p.results:
print '-----------rule-----------'
print r.mergedRules
print r.newRule
print r.addObjMergeDic
#print r.addObjMergeDic.values()[0][0].addressObjects[0].addressId
ww的更多相关文章
- [转]仿World Wind构造自己的C#版插件框架——WW插件机制精简改造
很久没自己写东西啦,早该好好总结一下啦!一个大师说过“一个问题不应该被解决两次!”,除了一个好脑筋,再就是要坚持总结. 最近需要搞个系统的插件式框架,我参照World Wind的插件方式构建了个插件框 ...
- WW多线程和锁
问题: WorldWind中是双线程的,一直忽略了多线程中数据共享,修改数据会产生问题.可是在WW中并没有看到锁的东西. 还有就是动态释放内存的问题.因为采用D3D的C#封装库不可避免涉及COM对象的 ...
- 嘟!数字三角形 W WW WWW集合!
哔!数字三角形全体集合! 数字三角形!到! 数字三角形W!到! 数字三角形WW!到! 数字三角形WWW!到! --------------------------------------------- ...
- webwork <ww:if> 标签的使用
如果在前台(JSP)取出后台的对象的属性,这个属性在后台是属于String 类型的,但若这个属性的值为数字,取出在前台就会默认为整形的值,所以在<ww:if> 判断里面不能加引号:< ...
- zf-关于<ww:iterator /> 标签中的<td /> 标签添加序号问题
一开始代码是这样的 那个<ww:if> 标签 是我添加的,可是添加之后出问题了. 因为我加了一个判断语句,使得不需要的信息没显示出来,导致#li.count 这个显示下标的方法行不通了 之 ...
- 从WW中剥离一个三维场景框架
从WW中剥离一个三维场景框架,初步实现的一个.可以绘制一个三角形,但是不能够控制摄像机,没有增加鼠标事件.没有投影,世界变幻之类的东西.以后会不断学习逐步增加进来. 下载地址 下载V1.0.0.2
- 关于Oracle to_char()函数中的IW,WW 周别显示
1)ww的算法为每年1月1日为第一周开始,date+6为每一周结尾 例如20050101为第一周的第一天,而第一周的最后一天为20050101+6=20050107 公式 每周第一天 :date + ...
- [Oracle] - 关于星期(IW和WW)的算法
1. 查看数据库字符集(如果字符集不同,可能显示乱码) select DECODE(parameter, 'NLS_TERRITORY', 'TERRITORY', 'NLS_LANGUAGE', ' ...
- ps ww
[root@ma ~]# ps ww -p 1 PID TTY STAT TIME COMMAND 1 ? Ss 0:01 /sbin/init[root@ma ~]# ps -p 1 PID TTY ...
随机推荐
- Struts2从一个action转到另一个action的两种方法
在Struts2中,Action处理完用户请求后,将会返回一个字符串对象,这个字符串对象就是一个逻辑视图名.Struts 2通过配置逻辑视图名和物理视图之间的映射关系,一旦系统收到Action返回的某 ...
- JavaScript简介及示例
JavaScript简介及使用 一.简介 JavaScript一种直译式脚本语言,是一种动态类型.弱类型.基于原型的语言,内置支持类型.它的解释器被称为JavaScript引擎,为浏览器的一部分,广泛 ...
- JAVASCRIPT 中 FOR (VAR I IN DATA) 循环数组项
今天在改代码的时候发现有很多代码的循环是用 for(var i in data)写的,我通常都是用for(var i=0;i<data.length;i++) 就查看了一下,原来这两个是有区别的 ...
- 自动检测浏览器是手机还是pc
function CheckBrower() { if (/(iPhone|iPad|iPod|iOS)/i.test(navigator.userAgent)) { //判断iPhone|iPad| ...
- linux下wps,系统缺失字体:wingdings、wingdings 2、wingdings3
aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAArcAAACdCAIAAAAhV8dZAAAgAElEQVR4nOzdd1wT9/8H8OvXfjvtt8
- Java命令
java -classpath, 设定要搜索的类的路径,可以是目录,jar文件,zip文件(里面都是class文件),会覆盖掉所有的CLASSPATH的设定. 由于所要执行的类也是要搜索的类的一部分, ...
- Permission denied:multiarray.cp35-win_amd64.pyd(tensorflow0.12.0在windows下安装)
今天在windows下安装tensorflow0.12.0. 碰到一个奇怪的问题.Permission denied:multiarray.cp35-win_amd64.pyd 就是复制文件,一直复制 ...
- Lucene 工作原理 之倒排索引
1.简介 倒排索引源于实际应用中需要根据属性的值来查找记录.这种索引表中的每一项都包括一个属性值和具有该属性值的各记录的地址.由于不是由记录来确定属性值,而是由属性值来确定记录的位置,因而称为倒排 ...
- UNIX域套接字(unix domain)
UNIX域套接字用于在同一台机器上运行的进程之间的通信. UNIX域套接字提供流和数据报两种接口. 说明:UNIX域套接字比因特网套接字效率更高.它仅赋值数据:不进行协议处理,如添加或删除网络报头.计 ...
- SQL Server(三):Select语句
1.最基本的Select语句: Select [Top n [With Ties]] <*|Column_Name [As <Alias>][, ...n]> From & ...