File: README.design

package info (click to toggle)
ufw 0.35-4
  • links: PTS
  • area: main
  • in suites: stretch
  • size: 7,732 kB
  • ctags: 467
  • sloc: python: 8,349; sh: 5,633; makefile: 185
file content (50 lines) | stat: -rw-r--r-- 1,862 bytes parent folder | download | duplicates (4)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Design
------
The design of ufw is pretty straightforward.  It's object oriented and consists
of basically two types of objects:

UFWFrontend: 	user-interface
UFWBackend:	application logic

UFWBackend is an interface that any number of backends will inherit from, which
allows for using ufw with any pre-existing or future firewall application. The
reference backend, UFWBackendIptables, uses simple 'iptables' and
'iptables-restore' commands and is suitable for a host-based firewall use-case.
It is envisioned that other backends will be written as the use-cases for ufw
grow.  Perhaps a UFWShorewallBackend (for shorewall) or UFWPFBackend (for
OpenBSD PF).

UFWFrontend uses with the UFWBackend interface and src/ufw provides the UI.
src/ufw uses UFWFrontend object and is CLI, but other front-ends like GUI
applications could build on top of ufw by either interacting with the installed
CLI ufw or by creating another frontend that uses UFWFrontend.

Implementation
--------------
The application is written in python, just because it is so easy to work with.
:)

IPV6
----
IPv6 support is included in ufw. To keep IPv4 addressing easy to use, the IPv4
and IPv6 configuration are kept completely separate (ie there are no IPv4
mapped addresses).

Contributing
------------
Before submitting patches for ufw, please do the following:

$ make syntax-check          # basic syntax checker
$ make check                 # runs non-root tests
$ make PYTHON=python3 check  # runs non-root tests with python3 interpreter
# ./run-tests -r root        # runs root tests (modifies running firewall)
# ./tests/check-locales      # runs locales tests (assumes Ubuntu)

CAUTION: root tests will flush the firewall and use iptables commands on the
host.

Contributions should follow PEP-8 and have an accompanying test case added to
tests/.


Copyright 2011 Canonical Ltd.