OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	02/07/2025 11:05:01 PM	rwxr-xr-x
📄 __init__.py	0 bytes	09/24/2024 02:51:44 AM	rw-r--r--
📁 __pycache__	-	02/07/2025 11:05:01 PM	rwxr-xr-x
📄 base.py	2.05 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 ebtables.py	9.17 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw.py	49.22 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_config.py	47.27 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_direct.py	21.99 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_helper.py	1.79 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_icmptype.py	2.43 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_ifcfg.py	2.5 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_ipset.py	9.45 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_nm.py	7.02 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_policies.py	2.74 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_policy.py	85.56 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_service.py	1.6 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_transaction.py	6.16 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 fw_zone.py	44.62 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 helper.py	804 bytes	09/24/2024 02:51:44 AM	rw-r--r--
📄 icmp.py	3.03 KB	09/24/2024 02:51:44 AM	rw-r--r--
📁 io	-	02/07/2025 11:05:01 PM	rwxr-xr-x
📄 ipXtables.py	60.43 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 ipset.py	12.61 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 logger.py	30.31 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 modules.py	3.73 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 nftables.py	98.77 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 prog.py	1.47 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 rich.py	33.05 KB	09/24/2024 02:51:44 AM	rw-r--r--
📄 watcher.py	3.15 KB	09/24/2024 02:51:44 AM	rw-r--r--

Editing: base.py

# -*- coding: utf-8 -*-
#
# Copyright (C) 2011-2016 Red Hat, Inc.
#
# Authors:
# Thomas Woerner <twoerner@redhat.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

"""Base firewall settings"""

DEFAULT_ZONE_TARGET = "{chain}_{zone}"
DEFAULT_POLICY_TARGET = "CONTINUE"
DEFAULT_POLICY_PRIORITY = -1

ZONE_TARGETS = [ "ACCEPT", "%%REJECT%%", "DROP", DEFAULT_ZONE_TARGET,
                 "default" ]

POLICY_TARGETS = [ "ACCEPT", "REJECT", "DROP", "CONTINUE" ]

SHORTCUTS = {
    "PREROUTING": "PRE",
    "POSTROUTING": "POST",
    "INPUT": "IN",
    "FORWARD_IN": "FWDI",
    "FORWARD_OUT": "FWDO",
    "OUTPUT": "OUT",
}

REJECT_TYPES = {
    "ipv4": [ "icmp-host-prohibited", "host-prohib", "icmp-net-unreachable",
              "net-unreach", "icmp-host-unreachable", "host-unreach",
              "icmp-port-unreachable", "port-unreach", "icmp-proto-unreachable",
              "proto-unreach", "icmp-net-prohibited", "net-prohib", "tcp-reset",
              "tcp-rst", "icmp-admin-prohibited", "admin-prohib" ],
    "ipv6": [ "icmp6-adm-prohibited", "adm-prohibited", "icmp6-no-route",
              "no-route", "icmp6-addr-unreachable", "addr-unreach",
              "icmp6-port-unreachable", "port-unreach", "tcp-reset" ]
}

# ipset types that can be used as a source in zones
# The match-set option will be src or src,src according to the
# dimension of the ipset.
SOURCE_IPSET_TYPES = [
    "hash:ip", "hash:ip,port", "hash:ip,mark",
    "hash:net", "hash:net,port", "hash:net,iface",
    "hash:mac"
]