diff --git a/data/portconquery.ui b/data/portconquery.ui
index 98b8ecc..55b5de2 100644
--- a/data/portconquery.ui
+++ b/data/portconquery.ui
@@ -21,8 +21,8 @@
0
0
- 772
- 844
+ 770
+ 842
@@ -694,21 +694,6 @@
- -
-
- DCCP
-
-
- -
-
- TCP
-
-
- -
-
- UDP
-
-
diff --git a/setools/policyrep/__init__.py b/setools/policyrep/__init__.py
index 5cf4106..a437bd1 100644
--- a/setools/policyrep/__init__.py
+++ b/setools/policyrep/__init__.py
@@ -24,6 +24,7 @@
from . import exception
from .netcontext import PortconProtocol, PortconRange
from .mlsrule import MLSRuletype
+from .netcontext import PortconProtocol, PortconRange
from .rbacrule import RBACRuletype
from .selinuxpolicy import SELinuxPolicy
from .terule import IoctlSet, TERuletype
diff --git a/setools/policyrep/netcontext.py b/setools/policyrep/netcontext.py
index 83164a0..d70b817 100644
--- a/setools/policyrep/netcontext.py
+++ b/setools/policyrep/netcontext.py
@@ -1,4 +1,5 @@
# Copyright 2014, 2016, Tresys Technology, LLC
+# Copyright 2016, Chris PeBenito
#
# This file is part of SETools.
#
@@ -24,6 +25,7 @@ import socket
from . import qpol
from . import symbol
from . import context
+from .util import PolicyEnum
PortconRange = namedtuple("PortconRange", ["low", "high"])
@@ -144,37 +146,13 @@ class Nodecon(NetContext):
return self.qpol_symbol.mask(self.policy)
-class PortconProtocol(int):
+class PortconProtocol(int, PolicyEnum):
- """
- A portcon protocol type.
+ """A portcon protocol type."""
- The possible values are equivalent to protocol
- values in the socket module, e.g. IPPROTO_TCP, but
- overrides the string representation with the
- corresponding protocol string (udp, tcp).
- """
-
- _proto_to_text = {IPPROTO_DCCP: 'dccp',
- IPPROTO_TCP: 'tcp',
- IPPROTO_UDP: 'udp'}
-
- def __new__(cls, value):
- try:
- # convert string representation
- num = getprotobyname(value)
- except TypeError:
- num = value
-
- if num not in cls._proto_to_text:
- raise ValueError("{0} is not a supported IP protocol. "
- "Values such as {1} (TCP) or {2} (UDP) should be used.".
- format(value, IPPROTO_TCP, IPPROTO_UDP))
-
- return super(PortconProtocol, cls).__new__(cls, num)
-
- def __str__(self):
- return self._proto_to_text[self]
+ tcp = IPPROTO_TCP
+ udp = IPPROTO_UDP
+ dccp = IPPROTO_DCCP
class Portcon(NetContext):
@@ -195,8 +173,7 @@ class Portcon(NetContext):
@property
def protocol(self):
"""
- The protocol number for the portcon (socket.IPPROTO_TCP
- or socket.IPPROTO_UDP).
+ The protocol type for the portcon.
"""
return PortconProtocol(self.qpol_symbol.protocol(self.policy))
diff --git a/setools/portconquery.py b/setools/portconquery.py
index 3f5bf16..896e00d 100644
--- a/setools/portconquery.py
+++ b/setools/portconquery.py
@@ -107,7 +107,7 @@ class PortconQuery(MatchContext, PolicyQuery):
@protocol.setter
def protocol(self, value):
if value:
- self._protocol = PortconProtocol(value)
+ self._protocol = PortconProtocol.lookup(value)
else:
self._protocol = None
diff --git a/setoolsgui/apol/portconquery.py b/setoolsgui/apol/portconquery.py
index 3ca18f4..42a6b8f 100644
--- a/setoolsgui/apol/portconquery.py
+++ b/setoolsgui/apol/portconquery.py
@@ -1,4 +1,5 @@
# Copyright 2016, Tresys Technology, LLC
+# Copyright 2016, Chris PeBenito
#
# This file is part of SETools.
#
@@ -22,7 +23,7 @@ import logging
from PyQt5.QtCore import Qt, QSortFilterProxyModel, QStringListModel, QThread
from PyQt5.QtGui import QPalette, QTextCursor
from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog
-from setools import PortconQuery
+from setools import PortconQuery, PortconProtocol
from ..logtosignal import LogHandlerToSignal
from ..portconmodel import PortconTableModel
@@ -87,6 +88,11 @@ class PortconQueryTab(AnalysisTab):
self.clear_role_error()
self.clear_range_error()
+ # populate protocol list. This has empty string as
+ # the first item in the .ui file:
+ for i, e in enumerate(PortconProtocol, start=1):
+ self.protocol.insertItem(i, e.name.upper(), e)
+
# set up results
self.table_results_model = PortconTableModel(self)
self.sort_proxy = QSortFilterProxyModel(self)
@@ -280,7 +286,7 @@ class PortconQueryTab(AnalysisTab):
self.query.ports_overlap = self.ports_overlap.isChecked()
self.query.ports_subset = self.ports_subset.isChecked()
self.query.ports_superset = self.ports_superset.isChecked()
- self.query.protocol = self.protocol.currentData(Qt.DisplayRole)
+ self.query.protocol = self.protocol.currentData(Qt.UserRole)
self.query.range_overlap = self.range_overlap.isChecked()
self.query.range_subset = self.range_subset.isChecked()
self.query.range_superset = self.range_superset.isChecked()
diff --git a/setoolsgui/portconmodel.py b/setoolsgui/portconmodel.py
index a4efecd..288b4a0 100644
--- a/setoolsgui/portconmodel.py
+++ b/setoolsgui/portconmodel.py
@@ -41,7 +41,7 @@ class PortconTableModel(SEToolsTableModel):
else:
return "{0}-{1}".format(low, high)
elif col == 1:
- return str(rule.protocol)
+ return rule.protocol.name
elif col == 2:
return str(rule.context)