Mini Shell

Direktori : /opt/imunify360/venv/lib64/python3.11/site-packages/im360/internals/core/rules/
Upload File :
Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/im360/internals/core/rules/log.py

"""Methods to generate logging iptables rules."""
from typing import Iterator

from im360.internals.core import firewall
from im360.internals.core.firewall import FirewallRules
from defence360agent.utils.validate import IPVersion

from .types_ import FirewallRule


def rules(
    ipset_name: str, ip_version: IPVersion, prefix: str, priority: int
) -> Iterator[FirewallRule]:
    """Logging iptables rules for ..{sync,ip}.IPSet ipsets."""
    if firewall.firewall_logging_enabled():
        yield FirewallRule(
            rule=FirewallRules.compose_rule(
                FirewallRules.ipset(ipset_name),
                action=FirewallRules.nflog_action(
                    group=FirewallRules.nflog_group(ip_version),
                    prefix=prefix,
                ),
            ),
            priority=priority,
        )