The network property will return an IPv4Network or IPv6Network based on the
nodecon. If the policy has host bits set, the ipaddress module will
simply ignore the host bits, so there may be unexpected results in network
comparisons.
Closes#108
Makes use simpler. The setools submodules map 1:1 to classes anyway;
the separate modules are simply to ease organization.
Change seinfo to use conditional setter use rather than conditional
instantiation of queries. Note: pylint disable is added because pylint
gets confused by the reuse of the q variable and thinks that q is always
BoolQuery, so it incorrectly reports missing member functions.
This is to match up __init__ named parameters to the corresponding
setter names, so it is simpler to switch from using the named parameters
over to separate setter calls.
Fully compare the lists rather than only counting objects.
Also fix comparison problem in Nodecon and Genfscon. In libqpol, the all
genfscons/nodecons iterators allocate new objects, so the pointer
comparison in PolicySymbol fails.
Python 3.3's IPv6Network constructor does not support an expanded netmask
for specifying the network, only CIDR. Convert all netmasks to CIDR.
The code does not verify that the orignal expanded netmask from the policy
is correct; it counts all set bits in the netmask.
Also add IPv6 NodeconQuery unit tests.
