5 # TODO escape shell commands more securely
7 return repr(unicode(text).encode('utf-8'))
9 def optional(switch, value):
11 return '%s %s' % (switch, s(value))
16 /usr/sbin/iptables -t filter -F
18 /usr/sbin/iptables -t filter -P INPUT ACCEPT
19 /usr/sbin/iptables -t filter -P OUTPUT ACCEPT
20 /usr/sbin/iptables -t filter -P FORWARD ACCEPT
22 % for (index, rule) in enumerate(rules):
23 /usr/sbin/iptables -t filter \
24 -I ${rule.chain|s} ${index+1|s} \
26 ${optional('-s', rule.src)} \
27 ${optional('-d', rule.dst)} \
28 ${optional('-p', rule.protocol)} \
29 ${optional('-m', rule.protocol)} \
30 ${optional('--sport', rule.src_port)} \
31 ${optional('--dport', rule.dst_port)}
35 <%doc> vim: set filetype=python sw=4 sts=4 et : </%doc>