refactor(dns): Give more concise output when resolving DNS records

2022-07-05 04:47:16 +02:00 · 2022-07-05 04:47:16 +02:00 · caf7ad64d1
commit caf7ad64d1
parent 719ee22276
1 changed files with 28 additions and 8 deletions
--- a/update-firewall-source.py
+++ b/update-firewall-source.py
@ -426,30 +426,50 @@ def resolve_domain(domain: str) -> list[str]:
    return dns_records


-def resolve_addresses(allow_list_mixed: list[str]) -> dict[str, list]:
-    allow_sources = {"ipv4": [], "ipv6": []}
+def resolve_addresses(
+        config_obj: configparser.ConfigParser(),
+        section_name: str,
+        allow_list_mixed: list[str]) -> dict[str, list]:
+    global arg_allow_sources
    allow_list_ip_only = []

+    log.info(f"""Verifying {p.plural("address", len(allow_list_mixed))} {allow_list_mixed!r} ...""")
    for allow_source in allow_list_mixed:
+        log.debug(f"Checking if '{allow_source}' is a domain ...")
        if validators.domain(allow_source):
            log.debug(f"'{allow_source}' is a domain.")
            [allow_list_ip_only.append(addr) for addr in resolve_domain(allow_source)]
        else:
+            log.debug(f"'{allow_source}' is not a domain.")
            allow_list_ip_only.append(allow_source)

    for allow_source in allow_list_ip_only:
        try:
            ipv4_addr = str(ipaddress.IPv4Address(allow_source))
-            log.debug(f"Adding IPv4 address '{allow_source}' ...")
-            allow_sources["ipv4"].append(ipv4_addr)
+            log.info(f"Adding IPv4 address '{allow_source}' ...")
+            arg_allow_sources["ipv4"].append(ipv4_addr)
        except ipaddress.AddressValueError:
-            log.debug(f"Address '{allow_source}' is not a valid IPv4 address. Trying to match against IPv6 ...")
+            log.debug(f"Address '{allow_source}' is not a valid IPv4 address.")
+            if not config_obj.getboolean(section_name, "do_ipv6"):
+                log.info(f"For section '[{section_name}]' option 'do_ipv6' equals false. "
+                         f"Skipping IPv6 handling of '{allow_source}' ...")
+                continue
            try:
                ipv6_addr = str(ipaddress.IPv6Address(allow_source))
-                log.debug(f"Adding IPv6 address '{allow_source}' ...")
-                allow_sources["ipv6"].append(ipv6_addr)
            except ipaddress.AddressValueError:
-                log.warning(f"Address '{allow_source}' is not a valid IPv6 address either. Ignoring ...")
+                log.debug(f"Address '{allow_source}' is not a valid IPv6 address either. Ignoring ...")
+            else:
+                log.info(f"Adding IPv6 address '{allow_source}' ...")
+                arg_allow_sources["ipv6"].append(ipv6_addr)
+
+    return arg_allow_sources
+
+
+def gen_fwd_direct_scaffolding() -> lxml.builder.ElementMaker:
+    data = lxml.builder.ElementMaker()
+    direct_tag = data.direct
+    fw_rule_data = direct_tag()
+    return fw_rule_data


 def write_new_fwd_direct_xml(