3 Yj=@sddljZddlZddlZddlZddlmZddlmZddl m Z m Z m Z ddl mZmZmZddlmZddlmZddlmZdd lmZdd lmZGd d d eZGd ddeZdS)N)config)LastUpdatedOrderedDict) splitArgsjoinArgs u2b_if_py2) IO_ObjectIO_Object_ContentHandlerIO_Object_XMLGenerator)log) ipXtables)ebtables)errors) FirewallErrorc@s$eZdZddZddZddZdS)direct_ContentHandlercCstj||d|_dS)NF)r__init__direct)selfitemr/usr/lib/python3.6/direct.pyr(s zdirect_ContentHandler.__init__c Cstj||||jj|||dkr@|jr6ttjdd|_n>|dkr|js\tj ddS|d}|d}|d}|jj t |t |t |n|dkr6|jstj d dS|d}|dkrttj d ||d}|d}yt |d}Wn(tk rtj d|ddSXt |t |t ||g|_nH|dkrl|jsVtj ddS|d}t |g|_ntj d|dSdS)NrzMore than one direct tag.Tchainz$Parse Error: chain outside of directipvtablerulez#Parse Error: rule outside of directipv4ipv6ebz"'%s' not from {'ipv4'|'ipv6'|'eb'}priorityz'Parse Error: %s is not a valid priority passthroughz&Parse Error: command outside of directzUnknown XML element %s)rrr)r startElementrZparser_check_element_attrsrrr Z PARSE_ERRORr error add_chainr INVALID_IPVint ValueError_rule _passthrough)rnameZattrsrrrrrrrr,sT          z"direct_ContentHandler.startElementcCstj|||dkrX|jrF|jjddt|jD|jj|jn tj dd|_nJ|dkr|jr|j jddt|jD|jj |j n tj d d|_ dS) NrcSsg|] }t|qSr)r).0xrrr dsz4direct_ContentHandler.endElement..z2Error: rule does not have any arguments, ignoring.rcSsg|] }t|qSr)r)r(r)rrrr*msz0Error: passthrough does not have any arguments, z ignoring.z9Error: passthrough does not have any arguments, ignoring.) r endElementZ_elementr%appendrradd_ruler r r&add_passthrough)rr'rrrr+^s     z direct_ContentHandler.endElementN)__name__ __module__ __qualname__rrr+rrrrr's2rcs<eZdZdZddBgfddddddgfgfdddgfgffZdZdd d d gd d d d gd gd ZiZfddZddZ ddZ ddZ ddZ ddZ ddZddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-Zd.d/Zd0d1Zd2d3Zd4d5Zd6d7Zd8d9Zd:d;Zdd?Z d@dAZ!Z"S)CDirectz Direct class chainsrulesr passthroughsz(a(sss)a(sssias)a(sas))Nrrrr)rrrrcs0tt|j||_t|_t|_t|_dS)N)superr2rfilenamerr3r5r6)rr8) __class__rrrs zDirect.__init__cCsdS)Nr)rconfrZall_confrrr _check_configszDirect._check_configc Csg}g}x>|jD]4}x.|j|D] }|jtt|t|gq WqW|j|g}xR|jD]H}xB|j|D]4}|jt|d|d|d|dt|dfqnWq^W|j|g}x8|jD].}x(|j|D]}|jt|t|fqWqW|j|t|S)Nr)r3r,tuplelistr5r6)rretr)keyrrrrr export_configs$ $     zDirect.export_configcCs|j|j|xt|jD]x\}\}}|dkrNx||D]}|j|qr rRrL)rrrrrrMrAvaluerrrr-s     zDirect.add_rulecCs|j|||||f}|t|f}||jkrb||j|krb|j||=t|j|dkr|j|=n$tddj|||fd||fdS)Nrz(Rule '%s' for table '%s' and chain '%s' z',z)with ipv '%s' and priority %d not in list)rQr>r5rTr$rL)rrrrrrMrArYrrr remove_rules     zDirect.remove_rulecCsb|j|||||f}||jkr^x"|j|jD]}|j||=q0Wt|j|dkr^|j|=dS)Nr)rQr5rPrT)rrrrrArYrrr remove_rules"s   zDirect.remove_rulescCs:|j|||||f}|t|f}||jko8||j|kS)N)rQr>r5)rrrrrrMrArYrrr query_rule+s   zDirect.query_rulecCsF|j|||||f}||jkr*|j|Std||fd|dS)Nz'No rules for table '%s' and chain '%s' z with ipv '%s')rQr5r$)rrrrrArrr get_rules1s     zDirect.get_rulescCs|jS)N)r5)rrrr get_all_rules:szDirect.get_all_rulescCs^|j|||jkrg|j|<||j|kr>|j|j|ntjddj||fddS)NzPassthrough '%s' for ipv '%s'z',zalready in list, ignoring)rOr6r,r rRrL)rrrMrrrr.?s   zDirect.add_passthroughcCsl|j|||jkrN||j|krN|j|j|t|j|dkrh|j|=ntddj||fddS)NrzPassthrough '%s' for ipv '%s'z',z not in list)rOr6rSrTr$rL)rrrMrrrremove_passthroughIs  zDirect.remove_passthroughcCs"|j|||jko ||j|kS)N)rOr6)rrrMrrrquery_passthroughSs zDirect.query_passthroughcCs.|j|||jkr|j|Std|dS)NzNo passthroughs for ipv '%s')rOr6r$)rrrrrget_passthroughsWs   zDirect.get_passthroughscCs|jS)N)r6)rrrrget_all_passthroughs^szDirect.get_all_passthroughscCs|j|jjds&ttjd|jt|}tj}|j |t |jdb}tj d}|j |y|j |Wn8tjk r}zttjd|jWYdd}~XnXWdQRXdS)Nz.xmlz'%s' is missing .xml suffixrbzNot a valid file: %s)rCr8endswithrr Z INVALID_NAMErsaxZ make_parserZsetContentHandleropenZ InputSourceZ setByteStreamparseZSAXParseExceptionZ INVALID_TYPEZ getException)rhandlerparserfsourcemsgrrrreadcs      z Direct.readc CsBtjj|jr\ytj|jd|jWn4tk rZ}ztd|j|fWYdd}~XnXtjjtj sxtj tj dt j |jddd}t |}|j|jdi|jdxR|jD]H}|\}}x:|j|D],}|jd |jd |||d |jdqWqWx|jD]}|\}}}xx|j|D]j\}} t| d kr@q&|jd |jd |||d|d|jtjjt| |jd |jdq&Wq Wx||jD]r}xj|j|D]\} t| d krȐq|jd |jdd|i|jtjjt| |jd|jdqWqW|jd|jd|j|j~dS)Nz%s.oldzBackup of '%s' failed: %siZwtzUTF-8)modeencodingr z r)rrrr<rz%d)rrrrrr)ospathexistsr8shutilZcopy2 ExceptionIOErrorrZ ETC_FIREWALLDmkdiriorfr Z startDocumentrZignorableWhitespacer3Z simpleElementr5rTreZsaxutilsescaperr+r6Z endDocumentclose) rrlrjrhrArrrrrMrrrwriteusZ$                z Direct.write)r4r4r4)#r/r0r1__doc__rEZDBUS_SIGNATUREZPARSER_REQUIRED_ELEMENT_ATTRSZPARSER_OPTIONAL_ELEMENT_ATTRSrr;rBrHrCrNrOrQr!rUrVrWrXr-rZr[r\r]r^r.r_r`rarbrmr{ __classcell__rr)r9rr2usH            r2)Zxml.saxrerqrxrtZfirewallrZfirewall.fw_typesrZfirewall.functionsrrrZfirewall.core.io.io_objectrrr Zfirewall.core.loggerr Z firewall.corer r r Zfirewall.errorsrrr2rrrrs        N