automatic import of python-capirca

3 files changed, 340 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
index e69de29..617b52f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/capirca-2.0.9.tar.gz
diff --git a/python-capirca.spec b/python-capirca.spec
new file mode 100644
index 0000000..7c86d6a
--- /dev/null
+++ b/python-capirca.spec
@@ -0,0 +1,338 @@
+%global _empty_manifest_terminate_build 0
+Name:		python-capirca
+Version:	2.0.9
+Release:	1
+Summary:	Capirca
+License:	Apache License, Version 2.0
+URL:		https://github.com/google/capirca/
+Source0:	https://mirrors.nju.edu.cn/pypi/web/packages/6a/21/2f7a20f2da1f7785f2236fdb4f000e79b5f4cb65eacd09c191700f3c9702/capirca-2.0.9.tar.gz
+BuildArch:	noarch
+
+Requires:	python3-absl-py
+Requires:	python3-ply
+Requires:	python3-mock
+Requires:	python3-six
+Requires:	python3-PyYAML
+
+%description
+/def/NETWORK.net  | a list of **network objects** definitions
+/def/SERVICES.svc | a list of **service objects** definitions
+Each network or service definition file has a very simple structure. A token is
+defined, e.g. `GUEST_NET`, followed by an equal sign, then followed by a
+definition, e.g. `10.10.10.0/24`, and optional description field, e.g. `# guest
+network range`.
+```
+GUEST_NET = 10.10.10.0/24      # guest network range
+```
+The tool populates the **access control policy** from `.pol` files in a
+particular directory, e.g. [`policies/`](./policies/). The tool searches
+recursively for `.pol` files and add them to the policy, .e.g `.pol` files are
+located in [`policies/pol`](./policies/pol).
+Additionally, the `.pol` files MAY reference other policy definition files
+located outside of the directory by using `include` directive. Please see
+[Includes](#includes) section for documentation.
+### Network Objects
+The files with `.net` extension contain the definitions of network objects, e.g.
+IP networks and hosts. The following definition creates `INTERNAL` and `RFC1918`
+network objects in the object definitions, whether `INTERNAL` references the IP
+ranges of RFC 1918 defined in the `RFC1918`.
+```
+RFC1918 = 10.0.0.0/8      # non-public
+          172.16.0.0/12   # non-public
+          192.168.0.0/16  # non-public
+INTERNAL = RFC1918
+```
+[Back to Top](#table-of-contents)
+### Service Objects
+The files with `.svc` extension contain the definitions of service objects, e.g.
+ports and protocols.
+```
+DNS = 53/tcp  # transfers
+      53/udp  # queries
+```
+[Back to Top](#table-of-contents)
+### Object Nesting
+The nesting of tokens is permitted only when both tokens are of the same type.
+The referencing of a "network" object by "service" object is not allowed, and
+vice versa.
+The examples of nesting of the network and service object follow.
+```
+HTTP = 80/tcp               # common web
+HTTPS = 443/tcp             # SSL web
+HTTP_8080 = 8080/tcp        #  web on non-standard port
+WEB_SERVICES = HTTP HTTP_8080 HTTPS  # all our web services
+DB_SERVICES = 3306/tcp      # allow db access
+              HTTPS         # and SSL access
+NYC_NETWORK = 200.1.1.0/24  # New York office
+ATL_NETWORK = 200.2.1.0/24  # Atlanta office
+DEN_NETWORK = 200.5.1.0/24  # Denver office
+REMOTE_OFFICES = NYC_NETWORK
+                 ATL_NETWORK
+                 DEN_NETWORK
+```
+The network objects may reference both IPv4 and IPv6 addresses at the same time.
+```
+LOOPBACK = 127.0.0.1/32          # loopback in IPv4
+LINKLOCAL = FE80::/10            # IPv6 link local address
+NYC_NETWORK = 172.16.1.0/24      # NYC IPv4
+              2620:0:10A1::/48   # NYC IPv6
+```
+[Back to Top](#table-of-contents)
+### Anatomy of a policy file
+A policy file (/policies/pol/something.pol) has the security policy written
+using capirca specific meta-language and format. There are specific sections
+(e.g: header) that tell capirca how to generate the output configuration of the
+security policy.
+#### Headers
+The header section defines:
+*   **target** firewall platforms (which ACL generator to use)
+*   passes **additional arguments** to the generator responsible for that
+    platform.
+A single header may have many targets within a section. It will result in
+multiple outputs being generated for that policy.
+#### Terms
+The **term** sections defines the access control rules within an ACL, it contains
+keywords followed by an object (service or network) and policy decision ("action" keyword).
+The term section specifies the network flow metadata for ACL matching.
+*   Addresses
+*   Ports
+*   Protocols
+*   Action (allow/deny)
+Inside a `term` a mandatory keyword will be found followed by an object token
+for rule evaluation.
+#### Tokens
+Tokens are the names of services and networks loaded from the object
+definitions. Example:
+
+%package -n python3-capirca
+Summary:	Capirca
+Provides:	python-capirca
+BuildRequires:	python3-devel
+BuildRequires:	python3-setuptools
+BuildRequires:	python3-pip
+%description -n python3-capirca
+/def/NETWORK.net  | a list of **network objects** definitions
+/def/SERVICES.svc | a list of **service objects** definitions
+Each network or service definition file has a very simple structure. A token is
+defined, e.g. `GUEST_NET`, followed by an equal sign, then followed by a
+definition, e.g. `10.10.10.0/24`, and optional description field, e.g. `# guest
+network range`.
+```
+GUEST_NET = 10.10.10.0/24      # guest network range
+```
+The tool populates the **access control policy** from `.pol` files in a
+particular directory, e.g. [`policies/`](./policies/). The tool searches
+recursively for `.pol` files and add them to the policy, .e.g `.pol` files are
+located in [`policies/pol`](./policies/pol).
+Additionally, the `.pol` files MAY reference other policy definition files
+located outside of the directory by using `include` directive. Please see
+[Includes](#includes) section for documentation.
+### Network Objects
+The files with `.net` extension contain the definitions of network objects, e.g.
+IP networks and hosts. The following definition creates `INTERNAL` and `RFC1918`
+network objects in the object definitions, whether `INTERNAL` references the IP
+ranges of RFC 1918 defined in the `RFC1918`.
+```
+RFC1918 = 10.0.0.0/8      # non-public
+          172.16.0.0/12   # non-public
+          192.168.0.0/16  # non-public
+INTERNAL = RFC1918
+```
+[Back to Top](#table-of-contents)
+### Service Objects
+The files with `.svc` extension contain the definitions of service objects, e.g.
+ports and protocols.
+```
+DNS = 53/tcp  # transfers
+      53/udp  # queries
+```
+[Back to Top](#table-of-contents)
+### Object Nesting
+The nesting of tokens is permitted only when both tokens are of the same type.
+The referencing of a "network" object by "service" object is not allowed, and
+vice versa.
+The examples of nesting of the network and service object follow.
+```
+HTTP = 80/tcp               # common web
+HTTPS = 443/tcp             # SSL web
+HTTP_8080 = 8080/tcp        #  web on non-standard port
+WEB_SERVICES = HTTP HTTP_8080 HTTPS  # all our web services
+DB_SERVICES = 3306/tcp      # allow db access
+              HTTPS         # and SSL access
+NYC_NETWORK = 200.1.1.0/24  # New York office
+ATL_NETWORK = 200.2.1.0/24  # Atlanta office
+DEN_NETWORK = 200.5.1.0/24  # Denver office
+REMOTE_OFFICES = NYC_NETWORK
+                 ATL_NETWORK
+                 DEN_NETWORK
+```
+The network objects may reference both IPv4 and IPv6 addresses at the same time.
+```
+LOOPBACK = 127.0.0.1/32          # loopback in IPv4
+LINKLOCAL = FE80::/10            # IPv6 link local address
+NYC_NETWORK = 172.16.1.0/24      # NYC IPv4
+              2620:0:10A1::/48   # NYC IPv6
+```
+[Back to Top](#table-of-contents)
+### Anatomy of a policy file
+A policy file (/policies/pol/something.pol) has the security policy written
+using capirca specific meta-language and format. There are specific sections
+(e.g: header) that tell capirca how to generate the output configuration of the
+security policy.
+#### Headers
+The header section defines:
+*   **target** firewall platforms (which ACL generator to use)
+*   passes **additional arguments** to the generator responsible for that
+    platform.
+A single header may have many targets within a section. It will result in
+multiple outputs being generated for that policy.
+#### Terms
+The **term** sections defines the access control rules within an ACL, it contains
+keywords followed by an object (service or network) and policy decision ("action" keyword).
+The term section specifies the network flow metadata for ACL matching.
+*   Addresses
+*   Ports
+*   Protocols
+*   Action (allow/deny)
+Inside a `term` a mandatory keyword will be found followed by an object token
+for rule evaluation.
+#### Tokens
+Tokens are the names of services and networks loaded from the object
+definitions. Example:
+
+%package help
+Summary:	Development documents and examples for capirca
+Provides:	python3-capirca-doc
+%description help
+/def/NETWORK.net  | a list of **network objects** definitions
+/def/SERVICES.svc | a list of **service objects** definitions
+Each network or service definition file has a very simple structure. A token is
+defined, e.g. `GUEST_NET`, followed by an equal sign, then followed by a
+definition, e.g. `10.10.10.0/24`, and optional description field, e.g. `# guest
+network range`.
+```
+GUEST_NET = 10.10.10.0/24      # guest network range
+```
+The tool populates the **access control policy** from `.pol` files in a
+particular directory, e.g. [`policies/`](./policies/). The tool searches
+recursively for `.pol` files and add them to the policy, .e.g `.pol` files are
+located in [`policies/pol`](./policies/pol).
+Additionally, the `.pol` files MAY reference other policy definition files
+located outside of the directory by using `include` directive. Please see
+[Includes](#includes) section for documentation.
+### Network Objects
+The files with `.net` extension contain the definitions of network objects, e.g.
+IP networks and hosts. The following definition creates `INTERNAL` and `RFC1918`
+network objects in the object definitions, whether `INTERNAL` references the IP
+ranges of RFC 1918 defined in the `RFC1918`.
+```
+RFC1918 = 10.0.0.0/8      # non-public
+          172.16.0.0/12   # non-public
+          192.168.0.0/16  # non-public
+INTERNAL = RFC1918
+```
+[Back to Top](#table-of-contents)
+### Service Objects
+The files with `.svc` extension contain the definitions of service objects, e.g.
+ports and protocols.
+```
+DNS = 53/tcp  # transfers
+      53/udp  # queries
+```
+[Back to Top](#table-of-contents)
+### Object Nesting
+The nesting of tokens is permitted only when both tokens are of the same type.
+The referencing of a "network" object by "service" object is not allowed, and
+vice versa.
+The examples of nesting of the network and service object follow.
+```
+HTTP = 80/tcp               # common web
+HTTPS = 443/tcp             # SSL web
+HTTP_8080 = 8080/tcp        #  web on non-standard port
+WEB_SERVICES = HTTP HTTP_8080 HTTPS  # all our web services
+DB_SERVICES = 3306/tcp      # allow db access
+              HTTPS         # and SSL access
+NYC_NETWORK = 200.1.1.0/24  # New York office
+ATL_NETWORK = 200.2.1.0/24  # Atlanta office
+DEN_NETWORK = 200.5.1.0/24  # Denver office
+REMOTE_OFFICES = NYC_NETWORK
+                 ATL_NETWORK
+                 DEN_NETWORK
+```
+The network objects may reference both IPv4 and IPv6 addresses at the same time.
+```
+LOOPBACK = 127.0.0.1/32          # loopback in IPv4
+LINKLOCAL = FE80::/10            # IPv6 link local address
+NYC_NETWORK = 172.16.1.0/24      # NYC IPv4
+              2620:0:10A1::/48   # NYC IPv6
+```
+[Back to Top](#table-of-contents)
+### Anatomy of a policy file
+A policy file (/policies/pol/something.pol) has the security policy written
+using capirca specific meta-language and format. There are specific sections
+(e.g: header) that tell capirca how to generate the output configuration of the
+security policy.
+#### Headers
+The header section defines:
+*   **target** firewall platforms (which ACL generator to use)
+*   passes **additional arguments** to the generator responsible for that
+    platform.
+A single header may have many targets within a section. It will result in
+multiple outputs being generated for that policy.
+#### Terms
+The **term** sections defines the access control rules within an ACL, it contains
+keywords followed by an object (service or network) and policy decision ("action" keyword).
+The term section specifies the network flow metadata for ACL matching.
+*   Addresses
+*   Ports
+*   Protocols
+*   Action (allow/deny)
+Inside a `term` a mandatory keyword will be found followed by an object token
+for rule evaluation.
+#### Tokens
+Tokens are the names of services and networks loaded from the object
+definitions. Example:
+
+%prep
+%autosetup -n capirca-2.0.9
+
+%build
+%py3_build
+
+%install
+%py3_install
+install -d -m755 %{buildroot}/%{_pkgdocdir}
+if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
+if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
+if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
+if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
+pushd %{buildroot}
+if [ -d usr/lib ]; then
+	find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/lib64 ]; then
+	find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/bin ]; then
+	find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/sbin ]; then
+	find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+touch doclist.lst
+if [ -d usr/share/man ]; then
+	find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
+fi
+popd
+mv %{buildroot}/filelist.lst .
+mv %{buildroot}/doclist.lst .
+
+%files -n python3-capirca -f filelist.lst
+%dir %{python3_sitelib}/*
+
+%files help -f doclist.lst
+%{_docdir}/*
+
+%changelog
+* Tue Apr 11 2023 Python_Bot <Python_Bot@openeuler.org> - 2.0.9-1
+- Package Spec generated
diff --git a/sources b/sources
new file mode 100644
index 0000000..df9e8de
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+43c2ad9156be459cb141d4a65c427195  capirca-2.0.9.tar.gz