Ruleset

class activelogic.Ruleset

This is the resource for managing the ruleset on the ActiveLogic system. Changes needs to be commited to take effect.

Several methods refers to, or finds a rule or object from its path. This path is same as the path in Objects & Rules Editor in ActiveLogic client. For example:

  • Shaping rules/MyShapingRule

  • Conditions/MyNamedCondition

  • NetObjects/MyNetObject

  • NetObjects/MyRootObject/MyNetObjectA

async Ruleset.list(cls)

Generic list function for all kind of data that belongs to this resource.

Parameters:

cls – Object type that determines what kind of data to get.

Returns:

A list of given dataclass type.

Raises:

  • ValueError – Invalid dataclass type.

  • PLDBNewDataCommitted – Conflict with new data committed by an other session.

This function lists all kind of rules and objects. In addition, some definitions that cannot be modified through ruleset also can be listed:

  • MonitorInterface

  • TrafficObjectDimension

  • TrafficObjectPartition

  • FlowObjectField

List may or may not be cached, depending on if cache_enabled is set.

The result can be filtered using Python’s list comprehension syntax. For example, to list all service objects containing an item called ‘Facebook’:

>>> [o for o in rs.list(ServiceObject) if ServiceObjectItem('Facebook') in o.items]
[ServiceObject(name='Facebook', visible=True, items=[ServiceObjectItem(value='Facebook')], ...]
async Resource.services()

Lists all available services.

Deprecated since version 23.24: Use :Resource.list() instead.

async Ruleset.add(obj, parent_obj=None)

Adds a new rule or object and invalidates the cache for the given type.

Parameters:

  • obj – The object to add.

  • parent_obj (Object or str) – The parent object or None for top-level objects.

Returns:

The newly created object.

Raises:

  • KeyError – Parent object was not found.

  • ValueError – Rule or object is not supported.

obj takes a path to, or an instance of any rule, condition or object.

The parent_obj parameter follows the same rules, with the exception that only subclasses of Object can be created as children. Also the parent of an object must be the same type. A NetObject must be the parent of a NetObject etc.

>>> o = rs.add(NetObject("MyNetObject", items=["1.2.3.4"]))

Different kind of objects also can be added in nested expressions:

>>> o = rs.add(Condition(ConditionOperator.AND,
... items=[(ConditionType.NETOBJECT_LOCAL, rs.add(NetObject("MyNetObject", items=["1.2.3.4"])))]))
async Ruleset.rename(obj, new_name)

Renames a rule or object and invalidates the cache for the given type.

Parameters:

  • obj – The object to update.

  • new_name (str) – New name

Returns:

The renamed object.

obj takes a path to, or an instance of any rule, condition or object.

>>> o = rs.rename(o, "new name")
>>> o = rs.rename('NetObjects/MyObject', "new name")
async Ruleset.remove(obj)

Removes a rule or object and invalidates the cache for the given type.

Parameters:

obj – The object to remove.

Raises:

  • KeyError – Object was not found.

  • ValueError – Rule or object is not supported.

obj takes a path to, or an instance of any rule, condition or object.

>>> rs.remove('Filtering rules/MyRule')
async Ruleset.update(obj, **kwargs)

Updates an object and invalidates the cache for the object type.

Parameters:

  • obj – The object to update.

  • kwargs – Positional arguments for a subset of given object’s attributes.

Returns:

The updated object.

obj takes a path to, or an instance of any rule, condition or object.

kwargs takes a set of positional arguments for a subset of given object’s attributes. Consult the documentation for the object type for a list of available attributes for that object.

There are however some attributes that can not be updated:

The following parameters are supported for updates on subclasses of Object:

Parameters:

  • visible (bool) – Visibility flag, True or False.

  • items (list) – List of object items.

For updates on Condition objects, one single parameter is supported:

Parameters:

items (list) – List of condition items.

>>> o = rs.update(o, items=['1,2,3,4', '2.3.4.5'])
>>> o = rs.update('NetObjects/MyObject', items=[NetObjectItem('1.2.3.4')])
async Ruleset.move(obj, newparentobj)

Moves an object (and all its children) in the object-tree.

Parameters:

  • obj – The object to move.

  • newparentobj – The new parent or None to move object to root.

Returns:

The moved object.

obj takes a path to, or an instance of any rule, condition or object.

If parentobj is None, obj will be moved to root. If parentobj references an object, it must be the same kind of object as obj.

>>> o = rs.move('NetObjects/MyObject', '/NetObjects/IPv4')
>>> rs.find(path='NetObjects/IPv4/MyObject')
NetObject(name='MyObject', id=80, parent_id=81, ... )
async Ruleset.find(*, cls=None, objid=None, path=None)

Finds a rule or object from either class and objid, or from a path in the object-tree.

Parameters:

  • cls – Class that determines what kind of object to find.

  • objid (int) – Id of the object.

  • path (str) – Path to the object.

Returns:

The object if it could be found, otherwise None.

>>> rs.find(cls=ShapingRule, objid=1)
ShapingRule(name='MyShapingRule', ...)
>>> rs.find(path='NetObjects/MyRootObject/MyNetObjectA')
NetObject(name='MyNetObjectA', ...)

Filtering Rule

Shaping Rule

Statistics Rule

Accelerate Rule

Conditions

class activelogic.Condition

Object representing a single node in a condition-tree.

Parameters:

  • operator (ConditionOperator) – Condition operator.

  • name (str) – Name of the condition.

  • id (int) – Id of the condition.

  • items (list) – List of tuples(ConditionType, id).

Conditions are used to specify which traffic to select with a rule.

Condition items are given as list of tuples of (ConditionType, id) where id is the id of an object or condition that matches the ConditionType.

Conditions with no name will be automatically removed if not referenced by any rule. If condition is given a name, it will be kept and can be reused later.

>>> cond = rs.add(Condition(ConditionOperator.AND,
... items=[
...     (ConditionType.SERVICEOBJECT, rs.find(path='ServiceObjects/myservice')),
...     (ConditionType.NETOBJECT_LOCAL, rs.find(path='NetObjects/mynetobj'))
... ]))
class activelogic.ConditionOperator

Defines a set of operators for a rule condition.

Variables:

  • AND – All conditions must match.

  • OR – At least one condition must match.

  • NOT – No condition must match.

class activelogic.ConditionType

Defines a set of condition types for a ruleset condition.

Variables:

  • BGPOBJECT

  • CHANNELOBJECT

  • CHANNELOBJECT_IN

  • CHANNELOBJECT_OUT

  • CONTENTLOGICOBJECT

  • DSCPOBJECT

  • DSCPOBJECT_IN

  • DSCPOBJECT_OUT

  • FLAGOBJECT

  • GEOLOGICOBJECT

  • HOPLIMITOBJECT_OUT

  • MPLSOBJECT

  • MPLSOBJECT_IN

  • MPLSOBJECT_OUT

  • NETOBJECT_CLIENT

  • NETOBJECT_HOST

  • NETOBJECT_LOCAL

  • NETOBJECT_SERVER

  • PORTOBJECT_CLIENT

  • PORTOBJECT_SERVER

  • PROPERTYOBJECT

  • RULECONDITION

  • SERVICEOBJECT

  • SERVICEOBJECT_BASE

  • SESSIONCONTEXTOBJECT

  • SYSTEMOBJECT

  • TIMEOBJECT

  • TUNNELLVLOBJECT

  • TUNNELTYPEOBJECT

  • VLANIDOBJECT_LVL0

  • VLANIDOBJECT_LVL0_IN

  • VLANIDOBJECT_LVL0_OUT

  • VLANIDOBJECT_LVL1

  • VLANIDOBJECT_LVL1_IN

  • VLANIDOBJECT_LVL1_OUT

  • VLANIDOBJECT_LVL2

  • VLANIDOBJECT_LVL2_IN

  • VLANIDOBJECT_LVL2_OUT

  • VLANIDOBJECT_LVL3

  • VLANIDOBJECT_LVL3_IN

  • VLANIDOBJECT_LVL3_OUT

  • VLANPRIOOBJECT_LVL0

  • VLANPRIOOBJECT_LVL0_IN

  • VLANPRIOOBJECT_LVL0_OUT

  • VLANPRIOOBJECT_LVL1

  • VLANPRIOOBJECT_LVL1_IN

  • VLANPRIOOBJECT_LVL1_OUT

  • VLANPRIOOBJECT_LVL2

  • VLANPRIOOBJECT_LVL2_IN

  • VLANPRIOOBJECT_LVL2_OUT

  • VLANPRIOOBJECT_LVL3

  • VLANPRIOOBJECT_LVL3_IN

  • VLANPRIOOBJECT_LVL3_OUT

  • VXLANIDOBJECT

  • VXLANIDOBJECT_IN

  • VXLANIDOBJECT_OUT

  • PROTOCOLOBJECT

  • CONNCLASSOBJECT

Objects

class activelogic.Object

Object representing a generic object in the ruleset.

Parameters:

  • name (str) – Name of the object.

  • id (int) – Id of the object.

  • parent_id (int) – Id of this object’s parent.

  • visible (bool) – Object visibility.

  • items (list) – List of object items.

Objects are often used in rule-conditions to specify the connections or individual packets a rule should be applied to. You can read more about the different kind of objects here:

Attributes

async Ruleset.attr_list(obj)

Lists all attributes on an object.

Parameters:

obj – The object, or the path to the object to list attributes from.

Returns:

A dictionary of attributes.

>>> rs.attr_list(obj)
{'Comment', 'abc'}
async Ruleset.attr_get(obj, key, default=None)

Gets the value of a specific attribute on an object.

Parameters:

  • obj – The object, or the path to the object to list attributes from.

  • key (str) – Attribute name.

  • default (str) – Default value, if attribute does not exist on the object.

Returns:

The value as a string.

Raises:

KeyError – Attribute does not exist on the object and default is not given.

>>> rs.attr_get(obj, 'Comment')
'abc'
async Ruleset.attr_set(obj, key, value)

Sets the value of a certain attribute on an object.

Parameters:

  • obj – The object, or the path to the object on which the attribute should be updated.

  • key (str) – Attribute name.

  • value (str) – Attribute value to set.

>>> rs.attr_set(obj, 'Comment', 'abc')
async Ruleset.attr_remove(obj, key)

Removes an attribute from an object.

Parameters:

  • obj – The object, or the path to the object to remove the attribute from.

  • key (str) – Attribute name.

>>> rs.attr_remove(obj, 'Comment')