Implement an enumeration for portcon protocol.

data/portconquery.ui

@@ -21,8 +21,8 @@
     <rect>
      <x>0</x>
      <y>0</y>
-     <width>772</width>
+     <width>770</width>
-     <height>844</height>
+     <height>842</height>
     </rect>
    </property>
    <property name="minimumSize">
@@ -694,21 +694,6 @@
               <string/>
              </property>
             </item>
-            <item>
-             <property name="text">
-              <string>DCCP</string>
-             </property>
-            </item>
-            <item>
-             <property name="text">
-              <string>TCP</string>
-             </property>
-            </item>
-            <item>
-             <property name="text">
-              <string>UDP</string>
-             </property>
-            </item>
            </widget>
           </item>
          </layout>

setools/policyrep/__init__.py

@@ -24,6 +24,7 @@
 from . import exception
 from .netcontext import PortconProtocol, PortconRange
 from .mlsrule import MLSRuletype
+from .netcontext import PortconProtocol, PortconRange
 from .rbacrule import RBACRuletype
 from .selinuxpolicy import SELinuxPolicy
 from .terule import IoctlSet, TERuletype

setools/policyrep/netcontext.py

@@ -1,4 +1,5 @@
 # Copyright 2014, 2016, Tresys Technology, LLC
+# Copyright 2016, Chris PeBenito <pebenito@ieee.org>
 #
 # This file is part of SETools.
 #
@@ -24,6 +25,7 @@ import socket
 from . import qpol
 from . import symbol
 from . import context
+from .util import PolicyEnum
 
 PortconRange = namedtuple("PortconRange", ["low", "high"])
 
@@ -144,37 +146,13 @@ class Nodecon(NetContext):
         return self.qpol_symbol.mask(self.policy)
 
 
-class PortconProtocol(int):
+class PortconProtocol(int, PolicyEnum):
 
-    """
+    """A portcon protocol type."""
-    A portcon protocol type.
 
-    The possible values are equivalent to protocol
+    tcp = IPPROTO_TCP
-    values in the socket module, e.g. IPPROTO_TCP, but
+    udp = IPPROTO_UDP
-    overrides the string representation with the
+    dccp = IPPROTO_DCCP
-    corresponding protocol string (udp, tcp).
-    """
-
-    _proto_to_text = {IPPROTO_DCCP: 'dccp',
-                      IPPROTO_TCP: 'tcp',
-                      IPPROTO_UDP: 'udp'}
-
-    def __new__(cls, value):
-        try:
-            # convert string representation
-            num = getprotobyname(value)
-        except TypeError:
-            num = value
-
-        if num not in cls._proto_to_text:
-            raise ValueError("{0} is not a supported IP protocol. "
-                             "Values such as {1} (TCP) or {2} (UDP) should be used.".
-                             format(value, IPPROTO_TCP, IPPROTO_UDP))
-
-        return super(PortconProtocol, cls).__new__(cls, num)
-
-    def __str__(self):
-        return self._proto_to_text[self]
 
 
 class Portcon(NetContext):
@@ -195,8 +173,7 @@ class Portcon(NetContext):
     @property
     def protocol(self):
         """
-        The protocol number for the portcon (socket.IPPROTO_TCP
+        The protocol type for the portcon.
-        or socket.IPPROTO_UDP).
         """
         return PortconProtocol(self.qpol_symbol.protocol(self.policy))
 

setools/portconquery.py

@@ -107,7 +107,7 @@ class PortconQuery(MatchContext, PolicyQuery):
     @protocol.setter
     def protocol(self, value):
         if value:
-            self._protocol = PortconProtocol(value)
+            self._protocol = PortconProtocol.lookup(value)
         else:
             self._protocol = None
 

setoolsgui/apol/portconquery.py

@@ -1,4 +1,5 @@
 # Copyright 2016, Tresys Technology, LLC
+# Copyright 2016, Chris PeBenito <pebenito@ieee.org>
 #
 # This file is part of SETools.
 #
@@ -22,7 +23,7 @@ import logging
 from PyQt5.QtCore import Qt, QSortFilterProxyModel, QStringListModel, QThread
 from PyQt5.QtGui import QPalette, QTextCursor
 from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog
-from setools import PortconQuery
+from setools import PortconQuery, PortconProtocol
 
 from ..logtosignal import LogHandlerToSignal
 from ..portconmodel import PortconTableModel
@@ -87,6 +88,11 @@ class PortconQueryTab(AnalysisTab):
         self.clear_role_error()
         self.clear_range_error()
 
+        # populate protocol list. This has empty string as
+        # the first item in the .ui file:
+        for i, e in enumerate(PortconProtocol, start=1):
+            self.protocol.insertItem(i, e.name.upper(), e)
+
         # set up results
         self.table_results_model = PortconTableModel(self)
         self.sort_proxy = QSortFilterProxyModel(self)
@@ -280,7 +286,7 @@ class PortconQueryTab(AnalysisTab):
         self.query.ports_overlap = self.ports_overlap.isChecked()
         self.query.ports_subset = self.ports_subset.isChecked()
         self.query.ports_superset = self.ports_superset.isChecked()
-        self.query.protocol = self.protocol.currentData(Qt.DisplayRole)
+        self.query.protocol = self.protocol.currentData(Qt.UserRole)
         self.query.range_overlap = self.range_overlap.isChecked()
         self.query.range_subset = self.range_subset.isChecked()
         self.query.range_superset = self.range_superset.isChecked()

setoolsgui/portconmodel.py

@@ -41,7 +41,7 @@ class PortconTableModel(SEToolsTableModel):
                     else:
                         return "{0}-{1}".format(low, high)
                 elif col == 1:
-                    return str(rule.protocol)
+                    return rule.protocol.name
                 elif col == 2:
                     return str(rule.context)