Edit File: log.py
"""Methods to generate logging iptables rules.""" from typing import Iterator from im360.internals.core import firewall from im360.internals.core.firewall import FirewallRules from defence360agent.utils.validate import IPVersion from .types_ import FirewallRule def rules( ipset_name: str, ip_version: IPVersion, prefix: str, priority: int ) -> Iterator[FirewallRule]: """Logging iptables rules for ..{sync,ip}.IPSet ipsets.""" if firewall.firewall_logging_enabled(): yield FirewallRule( rule=FirewallRules.compose_rule( FirewallRules.ipset(ipset_name), action=FirewallRules.nflog_action( group=FirewallRules.nflog_group(ip_version), prefix=prefix, ), ), priority=priority, )