Current File : //lib/python3.9/site-packages/firewall/core/io/__pycache__/direct.cpython-39.pyc
a

���g�<�@s�ddlmZddlZddlZddlZddlmZddlmZddl	m
Z
mZddlm
Z
mZmZddlmZddlmZddlmZdd	lmZdd
lmZGdd�de�ZGd
d�de
�ZdS)�N)�config)�LastUpdatedOrderedDict)�	splitArgs�joinArgs)�	IO_Object�IO_Object_ContentHandler�IO_Object_XMLGenerator)�log)�	ipXtables)�ebtables)�errors)�
FirewallErrorc@s$eZdZdd�Zdd�Zdd�ZdS)�direct_ContentHandlercCst�||�d|_dS)NF)r�__init__�direct)�self�item�r�;/usr/lib/python3.9/site-packages/firewall/core/io/direct.pyr(szdirect_ContentHandler.__init__cCsft�|||�|j�||�|dkr@|jr6ttjd��d|_�n"|dkr�|js\t�	d�dS|d}|d}|d}|j�
|||�n�|dk�r|js�t�	d	�dS|d}|d
vr�ttjd|��|d}|d}zt|d�}Wn(t
�yt�	d
|d�YdS0||||g|_nD|dk�rP|j�s>t�	d�dS|d}|g|_nt�	d|�dSdS)NrzMore than one direct tag.T�chainz$Parse Error: chain outside of direct�ipv�table�rulez#Parse Error: rule outside of direct��ipv4�ipv6Zebz"'%s' not from {'ipv4'|'ipv6'|'eb'}�priorityz'Parse Error: %s is not a valid priority�passthroughz&Parse Error: command outside of directzUnknown XML element %s)r�startElementrZparser_check_element_attrsrr
rZPARSE_ERRORr	�error�	add_chain�INVALID_IPV�int�
ValueError�_rule�_passthrough)r�name�attrsrrrrrrrr,sV�



��


z"direct_ContentHandler.startElementcCs�t�||�|dkrN|jr<|j�t|j��|jj|j�n
t�	d�d|_n@|dkr�|jr~|j
�t|j��|jj|j
�n
t�	d�d|_
dS)Nrz2Error: rule does not have any arguments, ignoring.rz9Error: passthrough does not have any arguments, ignoring.)r�
endElementZ_elementr$�appendrr�add_ruler	rr%�add_passthrough)rr&rrrr(\s

z direct_ContentHandler.endElementN)�__name__�
__module__�__qualname__rrr(rrrrr's0rcs6eZdZdZddgfddddddgfgfdddgfgffZdZd	gd
�gd�dgd
�ZiZ�fdd�Zdd�Z	dd�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd*d+�Zd,d-�Zd.d/�Zd0d1�Zd2d3�Zd4d5�Zd6d7�Zd8d9�Zd:d;�Zd<d=�Zd>d?�Z d@dA�Z!�Z"S)B�Directz Direct class �chains)�r1r1�rulesr1r�passthroughsz(a(sss)a(sssias)a(sas))N�rrr�rrrrr)rrrrcs0tt|���||_t�|_t�|_t�|_dS�N)�superr/r�filenamerr0r2r3)rr8��	__class__rrr�s
zDirect.__init__cCsdSr6r)r�confrZall_conf�all_io_objectsrrr�
_check_config�szDirect._check_configcCs�g}g}|jD]0}|j|D] }|�tt|�t|g���qq|�|�g}|jD]D}|j|D]4}|�t|d|d|d|dt|d�f��qbqT|�|�g}|jD]*}|j|D]}|�t|t|�f��q�q�|�|�t|�S)Nr��)r0r)�tuple�listr2r3)r�ret�x�keyrrrrr�
export_config�s&
 


�


zDirect.export_configcCs�|��|�|�t|j�D]l\}\}}|dkrH||D]}|j|�q8|dkrh||D]}|j|�qX|dkr||D]}|j|�qxqdS)Nr0r2r3)�cleanupZcheck_config�	enumerate�IMPORT_EXPORT_STRUCTUREr r*r+)rr;r<�i�elementZdummyrCrrr�
import_config�s
zDirect.import_configcCs"|j��|j��|j��dSr6)r0�clearr2r3�rrrrrF�s

zDirect.cleanupc	Cs�td�|jD]*}td|d|dd�|j|�f�qtd�|jD]L}td|d|d|df�|j|D]\}}td	|d
�|�f�qtqHtd�|jD]2}td|�|j|D]}td
d
�|��q�q�dS)Nr0z  (%s, %s): %srr>�,r2z  (%s, %s, %s):r?z    (%d, ('%s'))z','r3z  %s:z
    ('%s'))�printr0�joinr2r3)rrDr�argsrrr�output�s
�


z
Direct.outputcCs(gd�}||vr$ttjd||f��dS)Nr�'%s' not in '%s')r
rr!)rrZipvsrrr�
_check_ipv�s

�zDirect._check_ipvcCsF|�|�|dvrtj��ntj��}||vrBttjd||f��dS)N)rrrS)rTr
ZBUILT_IN_CHAINS�keysrr
rZ
INVALID_TABLE)rrrZtablesrrr�_check_ipv_table�s
�
�zDirect._check_ipv_tablecCsd|�||�||f}||jvr(g|j|<||j|vrH|j|�|�nt�d|||fd�dS)Nz(Chain '%s' for table '%s' with ipv '%s' �already in list, ignoring)rVr0r)r	�warning�rrrrrDrrrr �s

��zDirect.add_chaincCsn|�||�||f}||jvrX||j|vrX|j|�|�t|j|�dkrj|j|=ntd|||f��dS)Nrz4Chain '%s' with table '%s' with ipv '%s' not in list)rVr0�remove�lenr#rYrrr�remove_chain�s
��zDirect.remove_chaincCs,|�||�||f}||jvo*||j|vSr6)rVr0rYrrr�query_chain�szDirect.query_chaincCs<|�||�||f}||jvr(|j|Std||f��dS)Nz&No chains for table '%s' with ipv '%s')rVr0r#)rrrrDrrr�
get_chains�s

�zDirect.get_chainscCs|jSr6)r0rMrrr�get_all_chains�szDirect.get_all_chainscCs�|�||�|||f}||jvr,t�|j|<|t|�f}||j|vrV||j||<n*t�dd�|�||fd||fd�dS)N�(Rule '%s' for table '%s' and chain '%s' �',zwith ipv '%s' and priority %d rW)rVr2rr@r	rXrP�rrrrrrQrD�valuerrrr*s

�
��zDirect.add_rulecCs�|�||�|||f}|t|�f}||jvrb||j|vrb|j||=t|j|�dkr�|j|=n$tdd�|�||fd||f��dS)Nrr`raz)with ipv '%s' and priority %d not in list)rVr@r2r[r#rPrbrrr�remove_rules

�
�zDirect.remove_rulecCs^|�||�|||f}||jvrZ|j|��D]}|j||=q.t|j|�dkrZ|j|=dS)Nr)rVr2rUr[)rrrrrDrcrrr�remove_ruless

zDirect.remove_rulescCs:|�||�|||f}|t|�f}||jvo8||j|vSr6)rVr@r2rbrrr�
query_rule's
zDirect.query_rulecCsF|�||�|||f}||jvr*|j|Std||fd|��dS)Nz'No rules for table '%s' and chain '%s' z
with ipv '%s')rVr2r#rYrrr�	get_rules-s


��zDirect.get_rulescCs|jSr6)r2rMrrr�
get_all_rules6szDirect.get_all_rulescCs^|�|�||jvrg|j|<||j|vr>|j|�|�nt�dd�|�|fd�dS)N�Passthrough '%s' for ipv '%s'rarW)rTr3r)r	rXrP�rrrQrrrr+;s


��zDirect.add_passthroughcCsl|�|�||jvrN||j|vrN|j|�|�t|j|�dkrh|j|=ntdd�|�|fd��dS)Nrriraznot in list)rTr3rZr[r#rPrjrrr�remove_passthroughEs

��zDirect.remove_passthroughcCs"|�|�||jvo ||j|vSr6)rTr3rjrrr�query_passthroughOs
zDirect.query_passthroughcCs.|�|�||jvr|j|Std|��dS)NzNo passthroughs for ipv '%s')rTr3r#)rrrrr�get_passthroughsSs


zDirect.get_passthroughscCs|jSr6)r3rMrrr�get_all_passthroughsZszDirect.get_all_passthroughscCs�|��|j�d�s&ttjd|j��t|�}t��}|�	|�t
|jd��n}t�d�}|�|�z|�
|�Wn:tjy�}z ttjd|����WYd}~n
d}~00Wd�n1s�0YdS)Nz.xmlz'%s' is missing .xml suffix�rbzNot a valid file: %s)rFr8�endswithr
rZINVALID_NAMEr�saxZmake_parserZsetContentHandler�openZInputSourceZ
setByteStream�parseZSAXParseExceptionZINVALID_TYPEZgetException)r�handler�parser�f�source�msgrrr�read_s&�


��zDirect.readc

Cs,tj�|j�r^zt�|jd|j�Wn6ty\}ztd|j|f��WYd}~n
d}~00tj�tj	�szt�
tj	d�tj|jddd�}t
|�}|��|�di�|�d�|jD]D}|\}}|j|D],}|�d	�|�d
|||d��|�d�q�q�|jD]�}|\}}}|j|D]j\}}	t|	�dk�r6�q|�d	�|�d
|||d|d��|�tj�t|	���|�d
�|�d��q�q|jD]n}|j|D]\}	t|	�dk�r��q�|�d	�|�dd|i�|�tj�t|	���|�d�|�d��q��q�|�d�|�d�|��|��~dS)Nz%s.oldzBackup of '%s' failed: %si�ZwtzUTF-8)�mode�encodingr�
z  rr4r>rz%dr5rr)�os�path�existsr8�shutil�copy2�	Exception�IOErrorrZ
ETC_FIREWALLD�mkdir�iorrrZ
startDocumentrZignorableWhitespacer0Z
simpleElementr2r[rqZsaxutils�escaperr(r3ZendDocument�close)
rrxrvrtrDrrrrrQrrr�writeqs^(



�



�





zDirect.write)#r,r-r.�__doc__rHZDBUS_SIGNATUREZPARSER_REQUIRED_ELEMENT_ATTRSZPARSER_OPTIONAL_ELEMENT_ATTRSrr=rErKrFrRrTrVr r\r]r^r_r*rdrerfrgrhr+rkrlrmrnryr��
__classcell__rrr9rr/qsL��	
		

r/)Zxml.saxrqr}r�r�ZfirewallrZfirewall.fw_typesrZfirewall.functionsrrZfirewall.core.io.io_objectrrrZfirewall.core.loggerr	Z
firewall.corer
rrZfirewall.errorsr
rr/rrrr�<module>sJ