3 Yj$@s&dgZddlZddlmZddlmZddlmZm Z m Z ddl m Z ddl mZddlmZmZddlZd gd d d gd d dgdZiZiZiZxejD]tZgee<eee<x\eeD]PZeejdeeejdeefeejdeeejdeqWqWGdddeZdS)ebtablesN)runProg)log)tempFilereadfile splitArgs)COMMANDS) ipXtables) FirewallError INVALID_IPVZBROUTINGZ PREROUTINGZ POSTROUTINGZOUTPUTZINPUTZFORWARD)ZbrouteZnatfilterz -N %s_directz-I %s 1 -j %s_directz-I %s_direct 1 -j RETURNz %s_directc@seZdZdZdZdZddZddZddZd d Z d d Z d dZ ddZ ddZ ddZddZddZddZddZddZd/d d!Zd"d#Zd$d%Zd&d'Zd(d)Zd0d+d,Zd-d.ZdS)1rZebFcCsBt|j|_td|j|_|j|_|j|_|jg|_ dS)Nz %s-restore) ripv_command_restore_command_detect_restore_noflush_optionZrestore_noflush_option_detect_concurrent_optionconcurrent_option fill_existsavailable_tables)selfr/usr/lib/python3.6/ebtables.py__init__9s    zebtables.__init__cCs$tjj|j|_tjj|j|_dS)N)ospathexistsrZcommand_existsrZrestore_command_exists)rrrrrAszebtables.fill_existscCs(d}t|jddg}|ddkr$d}|S)Nz --concurrentz-Lr)rr)rrretrrrrEs  z"ebtables._detect_concurrent_optionc Cs.g}y|j|dWntk r(dSXdS)NoffFT) set_rules ValueError)rrulesrrrrOs z'ebtables._detect_restore_noflush_optioncCsg}|jr |j|kr |j|j|dd|D7}tjd|j|jdj|t|j|\}}|dkr~td|jdj||f|S)NcSsg|] }d|qS)z%sr).0itemrrr ^sz"ebtables.__run..z %s: %s %s rz'%s %s' failed: %s) rappendrdebug2 __class__rjoinrr )rargsZ_argsstatusrrrrZ__runYs zebtables.__runcCs(x"dD]}||krttd|qWdS)N %%REJECT%%%%ICMP%% %%LOGTYPE%%z'%s' invalid for ebtables)r,r-r.)r r )rrulestrrrr_rule_validatefs zebtables._rule_validatecCs|tko|t|kS)N)BUILT_IN_CHAINS)rr tablechainrrris_chain_builtinlszebtables.is_chain_builtincCsJg}|r4|jd|d|g|jd|d|dddgn|jd|d|g|S)Nz-tz-Nz-I1z-jZRETURNz-X)r&)raddr3r4r!rrrbuild_chain_rulesps zebtables.build_chain_rulescCs8d|g}|r |d|t|g7}n |d|g7}||7}|S)Nz-tz-Iz-D)r0)rr7r3r4indexr*r/rrr build_rule{s  zebtables.build_rulecCs tj|S)N)r Zcommon_reverse_rule)rr*rrr reverse_ruleszebtables.reverse_rulecCstj|dS)N)r Zcommon_check_passthrough)rr*rrrcheck_passthroughszebtables.check_passthroughcCs tj|S)N)r Zcommon_reverse_passthrough)rr*rrrreverse_passthroughszebtables.reverse_passthroughc Cs<t}d}i}x|D]}|dd}|j|xTdD]L}y|j|} Wntk rZYq4Xt|| dkr4|j| |j| }q4Wx^tt|D]N} xHtjD]>} | || kr|| j do|| j d rd|| || <qWqW|j |gj |qWxD|D]<}|j d|x&||D]}|j dj|d qWqW|jtj|j} tjd |j|jd |j| jfg} | j d t|j| |jd \} }tjdkrt|j}|dk rd} xH|D]@}tjd| |fddd|j d stjddd| d7} qWtj|j| dkr8td|jdj| |fdS)Nr -t--table"z"%s"z*%s r% z %s: %s %sz%s: %dz --noflush)stdinz%8d: %sr)nofmtnlr)rEz'%s %s' failed: %s)r>r?)rr1r9r lenpoprangestringZ whitespace startswithendswith setdefaultr&writer)closerstatnamerr'r(rst_sizerZgetDebugLogLevelrZdebug3unlink)rr! log_deniedZ temp_filer3Z table_rulesZ_ruler/opticrPr*r+rlineslinerrrrsZ                zebtables.set_rulescCs|j||j|S)N)r1_ebtables__run)rr/rTrrrset_rules zebtables.set_ruleNc Csg}|r|gntj}xp|D]h}||jkr6|j|qy*|jd|dg|jj||j|Wqtk rtjd|YqXqW|S)Nz-tz-Lz#ebtables table '%s' does not exist.)r2keysrr&rZr rZdebug1)rr3rZtablesrrrget_available_tabless    zebtables.get_available_tablescCsiS)Nr)rr3rrrget_zone_table_chainsszebtables.get_zone_table_chainscCsFg}xs.