#!bin/python

#coding=utf-8

"""

Create by he

"""

import sys

import re

import string

import operator

from analysisFile import *

from result import *

ruleId = 0

objectGroupNameDic = {}

def handle():

    global ruleId

    for policy in policyList:

        ruleId = 0

        policyHandle(policy)

def policyHandle(policy):

    global ruleId

    for key,value in policy.canMerge.items():

        condition = key.split('^')[-1]

        if condition == Conditions.ONE:

            result = handleCondOne(value)

            policy.results.append(result)

        if condition == Conditions.TWO:

            result = handleCondTwo(value)

            policy.results.append(result)

        if condition == Conditions.FOUR:

            result = handleCondFour(value)

            policy.results.append(result)

        if condition == Conditions.FIVE:

            result = handleCondFive(value)

            policy.results.append(result)

        if condition == Conditions.SEVEN:

            resultList = handleCondSeven(value)

            policy.results.extend(resultList)

            return

        ruleId +=1

def handleCondSeven(rules):

    print '==================handleCondSeven=========================='

    for rule in rules:

        getNewDipAddObjGroup(rule)

        print 'hahahahahahahahahahahahahah'

        for obj in rule.newDesIpObjGroup.addressObjects:

            print obj.ip+" "+obj.mask

        #print rule.newDesIpObjGroup.addressObjects

        print 'hahahahahahahahahahahahahah'

        #newDipGroups.append[group]

    canMergeList = []

    for i in range(0,len(rules)):

        if rules[i].compared:

            continue

        mergeRuleLists = [rules[i]]

        rules[i].compared = True

        for j in (i+1,len(rules)):

            if j == len(rules):

                break

            if rules[j].compared:

                continue

            if isSameGroup(rules[i],rules[j]):

                mergeRuleLists.append(rules[j])

                rules[j].compared = True

                continue

        canMergeList.append(mergeRuleLists)

    print 'ffffffffffffffffffffffffffffffffff'

    print canMergeList

    print 'ffffffffffffffffffffffffffffffffff'

    #canMerge and canMergeList are both list type

    resultList = []

    for canMerge in canMergeList:

        if len(canMerge) == 1:

            #remove canMerge[0] to canNotMerge

            continue

        result = Result()# Class :result

        result.mergedRules.extend(canMerge)

        sIpAddObjGroups = []

        for rule in canMerge:

            sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)

            sIpAddObjGroups.append(sIpAddObj)

        #Merge s-ip

        newSipAddGroup = mergeAddObjGroups(sIpAddObjGroups,canMerge[0])

        newDipAddGroup = canMerge[0].newDesIpObjGroup

        result.addObjMergeDic[newSipAddGroup] = sIpAddObjGroups

        result.newRule = mergeRules(canMerge[0],dIp = newDipAddGroup,sIp = newSipAddGroup)

        resultList.append(result)

    return resultList

def isSameGroup(rule1,rule2):

    print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'

    print rule1

    print rule2

    print 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'

    addObjs1 = rule1.newDesIpObjGroup.addressObjects

    addObjs2 = rule2.newDesIpObjGroup.addressObjects

    # bug-- if contains relationship

    for addObj1 in addObjs1:

        flag = False

        for addObj2 in addObjs2:

            if addObj1.ip+" "+addObj1.mask == addObj2.ip+" "+addObj2.mask:

                flag = True

                break

            else:

                print 'wowowowowowowowowowowowowowowowowowo'

                print addObj1.ip+" "+addObj1.mask

                print addObj2.ip+" "+addObj2.mask

                print 'wowowowowowowowowowowowowowowowowowo'

        if not flag:

            print 'kkkkkkkkkkkkkkkkkkkkkkkkkjjjjjjjjjjjjjjjjjjjj'

            return False

    print 'jjjjjjjjjjjjjjjjjjjjjjjjjjjkkkkkkkkkkkkkkkkkkk'

    return True

def getNewDipAddObjGroup(rule):

    global userInput

    dIpGroup = rule.getDipAddObjGroup(addObjGroupList)

    print 'lllllllllllllllllllllll'

    print dIpGroup

    print 'lllllllllllllllllllllll'

    addObjs = getAllAddObj(dIpGroup)

    newAddObjs = []

    for addObj in addObjs:

        #If AddressObject is type of RANGE,how to do?

        newMask = ipAnd(userInput,addObj.mask)

        newIp = ipAnd(newMask,addObj.ip)

        #content need change

        newAddObj = AddressObject(addObj.addressId,addObj.content,addObj.Type,ip=newIp,mask=newMask,ipStart=addObj.ipStart,ipEnd=addObj.ipEnd)

        #The newAddObj repeated need to remove

        newAddObjs.append(newAddObj)

    newAddObjGroup = AddressObjectGroup(dIpGroup.name,dIpGroup.content,newAddObjs)

    rule.newDesIpObjGroup = newAddObjGroup

def ipAnd(ip1,ip2):

    dotSplitList1 = ip1.split('.')

    dotSplitList2 = ip2.split('.')

    resIP = ""

    for i in range(0,4):

        resIP += str(int(dotSplitList1[i]) & int(dotSplitList2[i]))+"."

    return resIP[0:-1]

def getAllAddObj(addObjGroup):

    addObjs = []

    for addObj in addObjGroup.addressObjects:

        if addObj.Type == AddressTypes.GROUP:

            #AddresObject convert to AddressObjectGroup

            addObjs.extend(getAllAddObj(addObj))

        addObjs.append(addObj)

    return addObjs

def handleCondFive(rules):

    print '==================handleCondFive=========================='

    result = Result()# Class :result

    result.mergedRules.extend(rules)

    dIpAddObjGroups = []

    for rule in rules:

        #合并前的每一个地址对象组

        dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)

        dIpAddObjGroups.append(dIpAddObj)

    newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)

    result.addObjMergeDic[newAddGroup] = dIpAddObjGroups

    result.newRule = mergeRules(rules[0],dIp = newAddGroup)

    return result

def handleCondFour(rules):

    print '==================handleCondFour=========================='

    result = Result()# Class :result

    result.mergedRules.extend(rules)

    sIpAddObjGroups = []

    for rule in rules:

        #合并前的每一个地址对象组

        sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)

        sIpAddObjGroups.append(sIpAddObj)

    newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])

    result.addObjMergeDic[newAddGroup] = sIpAddObjGroups

    result.newRule = mergeRules(rules[0],sIp = newAddGroup)

    return result

def handleCondTwo(rules):

    print '==================handleCondTwo=========================='

    result = Result()# Class :result

    result.mergedRules.extend(rules)

    dIpAddObjGroups = []

    for rule in rules:

        #合并前的每一个地址对象组

        dIpAddObj = rule.getDipAddObjGroup(addObjGroupList)

        dIpAddObjGroups.append(dIpAddObj)

    newAddGroup = mergeAddObjGroups(dIpAddObjGroups,rules[0],False)

    result.addObjMergeDic[newAddGroup] = dIpAddObjGroups

    result.newRule = mergeRules(rules[0],dIp = newAddGroup)

    return result

def handleCondOne(rules):

    print '==================handleCondOne=========================='

    result = Result()# Class :result

    result.mergedRules.extend(rules)

    sIpAddObjGroups = []

    for rule in rules:

        #合并前的每一个地址对象组

        sIpAddObj = rule.getSipAddObjGroup(addObjGroupList)

        sIpAddObjGroups.append(sIpAddObj)

    newAddGroup = mergeAddObjGroups(sIpAddObjGroups,rules[0])

    result.addObjMergeDic[newAddGroup] = sIpAddObjGroups

    result.newRule = mergeRules(rules[0],sIp = newAddGroup)

    return result

#return a new AddressObjectGroup

def mergeAddObjGroups(addObjGroups,rule,isSourceMerge = True):

    addressObjects = []

    for addObjGroup in addObjGroups:

        addressObjects.extend(addObjGroup.addressObjects)

    objName = createAddObjGroupName(rule,isSourceMerge)

    content = "object-group ip address " + objName

    newAddGroup = AddressObjectGroup(objName,content,addressObjects)

    return newAddGroup

def createAddObjGroupName(rule,isSourceMerge):

    global objectGroupNameDic

    name = ""

    ser = rule.service

    if ser == "":

        ser = "any"

    mode = "source"

    if not isSourceMerge:

        mode = "destination"

    join = ser + "_" + mode + "_"

    if objectGroupNameDic.has_key(join):

        objectGroupNameDic[join] = objectGroupNameDic[join] + 1

        name = join + str(objectGroupNameDic[join])

        return name

    objectGroupNameDic[join] = 1

    name = join +str(1)

    return name

#return a new rule

def mergeRules(ruleObj,sIp=None,dIp=None):

    #replace ruleId

    rule = re.sub(r"rule \d+ ","rule "+str(ruleId) + " ",ruleObj.content)

    #replace source-ip

    if sIp != None:

        rule = re.sub(r"source-ip \S+","source-ip " + sIp.name,rule)

    else:

        sIp = ruleObj.sourceIpObjGroup

    #replace destination-ip

    if dIp != None:

        rule = re.sub(r"destination-ip \S+","destination-ip " + dIp.name,rule)

    else:

        dIp = ruleObj.desIpObjGroup

    #replace service

    #if ser != "":

        #rule = re.sub(r"service \S+","service " + ser,rule)

    #remove logging

    if "logging" in rule:

        rule = re.sub(r"logging\s?" , "",rule)

    #remove counting

    if "counting" in rule:

        rule = re.sub(r"counting\s?" , "",rule)

    newRule = Rule(ruleId,ruleObj.action,ruleObj.vrf,ruleObj.timeRange,sIp,dIp,ruleObj.service,rule)

    return newRule

handle()

print '==================Common=========================='

for p in policyList:

    print '--------------policy-----------------'

    for r in p.results:

        print '-----------rule-----------'

        print r.mergedRules

        print r.newRule

        print r.addObjMergeDic

        #print r.addObjMergeDic.values()[0][0].addressObjects[0].addressId

ww的更多相关文章

  1. [转]仿World Wind构造自己的C#版插件框架——WW插件机制精简改造

    很久没自己写东西啦,早该好好总结一下啦!一个大师说过“一个问题不应该被解决两次!”,除了一个好脑筋,再就是要坚持总结. 最近需要搞个系统的插件式框架,我参照World Wind的插件方式构建了个插件框 ...

  2. WW多线程和锁

    问题: WorldWind中是双线程的,一直忽略了多线程中数据共享,修改数据会产生问题.可是在WW中并没有看到锁的东西. 还有就是动态释放内存的问题.因为采用D3D的C#封装库不可避免涉及COM对象的 ...

  3. 嘟!数字三角形 W WW WWW集合!

    哔!数字三角形全体集合! 数字三角形!到! 数字三角形W!到! 数字三角形WW!到! 数字三角形WWW!到! --------------------------------------------- ...

  4. webwork <ww:if> 标签的使用

    如果在前台(JSP)取出后台的对象的属性,这个属性在后台是属于String 类型的,但若这个属性的值为数字,取出在前台就会默认为整形的值,所以在<ww:if> 判断里面不能加引号:< ...

  5. zf-关于<ww:iterator /> 标签中的<td /> 标签添加序号问题

    一开始代码是这样的 那个<ww:if> 标签 是我添加的,可是添加之后出问题了. 因为我加了一个判断语句,使得不需要的信息没显示出来,导致#li.count 这个显示下标的方法行不通了 之 ...

  6. 从WW中剥离一个三维场景框架

    从WW中剥离一个三维场景框架,初步实现的一个.可以绘制一个三角形,但是不能够控制摄像机,没有增加鼠标事件.没有投影,世界变幻之类的东西.以后会不断学习逐步增加进来. 下载地址 下载V1.0.0.2

  7. 关于Oracle to_char()函数中的IW,WW 周别显示

    1)ww的算法为每年1月1日为第一周开始,date+6为每一周结尾 例如20050101为第一周的第一天,而第一周的最后一天为20050101+6=20050107 公式 每周第一天 :date + ...

  8. [Oracle] - 关于星期(IW和WW)的算法

    1. 查看数据库字符集(如果字符集不同,可能显示乱码) select DECODE(parameter, 'NLS_TERRITORY', 'TERRITORY', 'NLS_LANGUAGE', ' ...

  9. ps ww

    [root@ma ~]# ps ww -p 1 PID TTY STAT TIME COMMAND 1 ? Ss 0:01 /sbin/init[root@ma ~]# ps -p 1 PID TTY ...

随机推荐

  1. setContentView R can not be resovled

    原因:gen包下没有自动生成R.java的资源文件 解决办法:再次新建android application project,默认Theme为Holo Light With Dark Action B ...

  2. 慕课网-Java入门第一季-7-3 Java 中无参带返回值方法的使用

    来源:http://www.imooc.com/code/1579 如果方法不包含参数,但有返回值,我们称为无参带返回值的方法. 例如:下面的代码,定义了一个方法名为 calSum ,无参数,但返回值 ...

  3. 慕课网-Java入门第一季-7-2 Java 中无参无返回值方法的使用

    来源:http://www.imooc.com/code/1578 如果方法不包含参数,且没有返回值,我们称为无参无返回值的方法. 方法的使用分两步: 第一步,定义方法 例如:下面代码定义了一个方法名 ...

  4. mapreduce核心原理

    1:第一阶段: 第一阶段的task每一个nodemanager并发运行程序,完全并发,各不影响.这就是map阶段 运行的task时maptask 2:第二个阶段的task并发实例互不相干,但是他们的数 ...

  5. 大冰--寻人启事--one

    看得懂的,都不是命运,说得清的,都不叫爱情. 忘得了的,都不是遗憾,听得见的,都不是伤心. 躲的开的,都不是缘分,猜得透的,都不叫人生.

  6. 实现ApplicationContextAware接口时,获取ApplicationContext为null

    将懒加载关闭,@Lazy(false),默认为true import org.springframework.beans.BeansException; import org.springframew ...

  7. NPOI操作Excel导入DataTable中

    using NPOI.HSSF.UserModel; using NPOI.SS.UserModel; using System.Data; using System.IO; using NPOI.X ...

  8. python包下载地址

    https://pypi.python.org/pypi http://www.lfd.uci.edu/~gohlke/pythonlibs/ 当在线安装安装不了时,需要将安装包下载到本地,进行本地p ...

  9. 43、哈工大NLP自然语言处理,LTP4j的测试+还是测试

    1.首先需要构建自然语言处理的LTP的框架 (1)需要下载LTP的源码包即c++程序(https://github.com/HIT-SCIR/ltp)下载完解压缩之后的文件为ltp-master (2 ...

  10. 【转】Android实现点击两次返回键退出

    在做安卓应用是我们经常要判断用户对返回键的操作,一般为了防止误操作都是在用户连续按下两次返回键的时候提示用户是否退出应用程序. 第一种实现的基本原理就是,当按下BACK键时,会被onKeyDown捕获 ...