Firewall rule management

firewall/views.py

@@ -1,6 +1,6 @@
 from django.shortcuts import render, get_object_or_404, redirect
-from firewall.models import RedirectRule
-from firewall.forms import RedirectRuleForm
+from firewall.models import RedirectRule, FirewallRule, FirewallSettings
+from firewall.forms import RedirectRuleForm, FirewallRuleForm
 from django.contrib import messages
 from wireguard.models import WireGuardInstance
 from user_manager.models import UserAcl
@@ -15,7 +15,8 @@ def view_redirect_rule_list(request):
     context = {
         'page_title': 'Port Forward List',
         'pending_changes_warning': pending_changes_warning,
-        'redirect_rule_list': RedirectRule.objects.all().order_by('wireguard_instance', 'protocol', 'port')
+        'redirect_rule_list': RedirectRule.objects.all().order_by('port'),
+        'current_chain': 'portforward',
         }
     return render(request, 'firewall/redirect_rule_list.html', context=context)
 
@@ -52,4 +53,57 @@ def manage_redirect_rule(request):
     context['form'] = form
     context['instance'] = instance 
     
-    return render(request, 'firewall/manage_redirect_rule.html', context=context)
+    return render(request, 'firewall/manage_redirect_rule.html', context=context)
+
+
+def view_firewall_rule_list(request):
+    wireguard_instances = WireGuardInstance.objects.all().order_by('instance_id')
+    current_chain = request.GET.get('chain', 'forward')
+    if current_chain not in ['forward', 'portforward', 'postrouting']:
+        current_chain = 'forward'
+    if wireguard_instances.filter(pending_changes=True).exists():
+        pending_changes_warning = True
+    else:
+        pending_changes_warning = False
+    context = {
+        'page_title': 'Firewall Rule List',
+        'pending_changes_warning': pending_changes_warning,
+        'firewall_rule_list': FirewallRule.objects.filter(firewall_chain=current_chain).order_by('sort_order'),
+        'current_chain': current_chain,
+        }
+    return render(request, 'firewall/firewall_rule_list.html', context=context)
+
+
+def manage_firewall_rule(request):
+    if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=40).exists():
+        return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
+    context = {'page_title': 'Manage Firewall Rule'}
+    instance = None
+    uuid = request.GET.get('uuid', None)
+    if uuid:
+        instance = get_object_or_404(FirewallRule, uuid=uuid)
+        if request.GET.get('action') == 'delete':
+            if request.GET.get('confirmation') == 'delete':
+                firewall_settings, firewall_settings_created = FirewallSettings.objects.get_or_create(name='global')
+                firewall_settings.pending_changes = True
+                firewall_settings.save()
+                messages.success(request, 'Firewall rule deleted successfully')
+            else:
+                messages.warning(request, 'Error deleting Firewall rule|Confirmation did not match. Firewall rule was not deleted.')
+            return redirect('/firewall/rule_list/')
+
+    if request.method == 'POST':
+        form = FirewallRuleForm(request.POST, instance=instance)
+        if form.is_valid():
+            firewall_settings, firewall_settings_created = FirewallSettings.objects.get_or_create(name='global')
+            firewall_settings.pending_changes = True
+            firewall_settings.save()
+            form.save()
+            messages.success(request, 'Firewall rule saved successfully')
+            return redirect('/firewall/rule_list/')
+    else:
+        form = FirewallRuleForm(instance=instance)
+    context['form'] = form
+    context['instance'] = instance 
+    
+    return render(request, 'firewall/manage_firewall_rule.html', context=context)