| Server IP : 61.19.30.66 / Your IP : 216.73.216.15 Web Server : Apache/2.2.22 (Ubuntu) System : Linux klw 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:39:31 UTC 2014 x86_64 User : www-data ( 33) PHP Version : 5.3.10-1ubuntu3.48 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /usr/lib/python2.7/dist-packages/ufw/ |
Upload File : |
ó
‰á}Oc�����������@���s‘���d��Z��d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�m�Z�d�Z�d�Z�d�Z�e�Z �d�Z
�d�Z
�d �Z
�d
�e
�f�d
�„��ƒ��YZ�d
�d�d
�„��ƒ��YZ�d�S(���s!���common.py: common classes for ufwiÿÿÿÿN(���t���debugt���ufws���/lib/ufws���/usr/share/ufws���/etcs���/usrs���/sbint���UFWErrorc�����������B���s ���e��Z�d��Z�d�„��Z�d�„��Z�RS(���s$���This class represents ufw exceptionsc���������C���s
���|�|��_��d��S(���N(���t���value(���t���selfR���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt���__init__!���s����c���������C���s
���t��|��j�ƒ�S(���N(���t���reprR���(���R���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt���__str__$���s����(���t���__name__t
���__module__t���__doc__R���R���(����(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR��� ���s��� t���UFWRulec�����������B���sÝ���e��Z�d��Z�d�d�d�d�d�d�„�Z�d�„��Z�d�„��Z�d�„��Z�d�„��Z�d �„��Z�d
�d
�„�Z �d
�„��Z
�d
�„��Z
�d�„��Z
�d�„��Z
�d�„��Z�d�„��Z�d�„��Z�d�„��Z�d�„��Z�d�„��Z�d�„��Z�d�„��Z�d�„��Z�d�„��Z�RS(���s$���This class represents firewall rulest���anys ���0.0.0.0/0t���inc���������C���s��t��|��_�t��|��_�t��|��_�d�|��_�d�|��_�d�|��_�d�|��_�d�|��_�t��|��_ �d�|��_
�d�|��_
�d�|��_
�d�|��_
�d�|��_�d�|��_�d�|��_�d�|��_�yb�|��j�|�ƒ�|��j�|�ƒ�|��j�|�ƒ�|��j�|�d�ƒ�|��j�|�ƒ�|��j�|�ƒ�|��j�|�ƒ�Wn�t�k
�r‚��n�Xd��S(���Nt����i����t���src(���t���Falset���removet���updatedt���v6t���dstR���t���dportt���sportt���protocolt���multit���dappt���sappt���actiont���positiont���logtypet
���interface_int
���interface_outt ���directiont
���set_actiont
���set_protocolt���set_portt���set_srct���set_dstt
���set_directionR���(���R���R���R���R���R���R���R���R ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR���*���s6����
c���������C���s
���|��j��ƒ��S(���N(���t
���format_rule(���R���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR���I���s����c���������C���s=���d�|��}�x,�|��j��D]!�}�|�d�|�|��j��|�f�7}�q�W|�S(���s���Print rule to stdouts���'%s's���, %s=%s(���t���__dict__(���R���t���rest���k(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt
���_get_attribL���s����
c���������C���sÍ���t��|��j�|��j�ƒ�}�|��j�|�_�|��j�|�_�|��j�|�_�|��j�|�_�|��j�|�_�|��j�|�_�|��j �|�_ �|��j
�|�_
�|��j
�|�_
�|��j
�|�_
�|��j
�|�_
�|��j�|�_�|��j�|�_�|��j�|�_�|��j�|�_�|�S(���s
���Return a duplicate of a rule(���R
���R���R���R���R���R���R���R���R���R���R���R���R���R
���R
���R
���R ���R ���(���R���t���rule(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt���dup_ruleS���s"����
c������
���C���sp��d�}�|��j��d�k�r)�|�d�|��j��7}�n��|��j�d�k�rL�|�d�|��j�7}�n��|��j�d�k�rh�|�d�7}�nº�|�d�|��j�7}�|��j�r"|�d�7}�|��j�d�k�rÙ�|��j�d�k�rÙ�|�d�|��j�7}�|�d�7}�|�d �|��j�7}�q"|��j�d�k�rü�|�d�|��j�7}�q"|��j�d�k�r"|�d �|��j�7}�q"n��|��j�d
�k�rT|��j�d
�k�rT|�d
�|��j�7}�n��|��j�
r|��j�d�k�r|�d
�|��j�7}�n��|��j�d
�k�r³|��j�d
�k�r³|�d�|��j�7}�n��|��j�
rà|��j�d�k�rà|�d�|��j�7}�n��d�}�|��j�d�k�rd�|��j�}�n��|��j �d�k�r%|�d�|�7}�nj�|��j �d�k�ra|�d�|�7}�|��j�d�k�r|�d�7}�qn.�|��j �d�k�r|�d�|�7}�n�|�d�|�7}�|��j
�d�k�s|��j
�d�k�rfd�}�t
�j
�d�ƒ�}�|��j
�d�k�rñ|�d
�|�j�d
�|��j
�ƒ�7}�n��|��j
�d�k�r
|��j
�d�k�r
|�d
�7}�n��|��j
�d�k�rK|�d �|�j�d
�|��j
�ƒ�7}�n��|�d �7}�|�d�|�7}�n��|�j�ƒ��S(!���s
���Format rule for later parsingR���s��� -i %ss��� -o %sR
���s��� -p alls��� -p s
��� -m multiports
��� --dports s
��� --sports s ���0.0.0.0/0s���::/0s��� -d s ��� --dport s��� -s s ��� --sport t���_t���allows
��� -j ACCEPT%st���rejects
��� -j REJECT%st���tcps��� --reject-with tcp-resett���limits
��� -j LIMIT%ss
��� -j DROP%ss���-m comment --comment 't��� t���dapp_s���%20t���,t���sapp_t���'(���R
���R ���R���R���R���R���R���R���R
���R���R���R���t���ret���compilet���subt���strip(���R���t���rule_strt���lstrt���commentt ���pat_space(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR'���h���sd����
c���������C���s”���|�j��ƒ��j�d�ƒ�}�|�d�d�k�sE�|�d�d�k�sE�|�d�d�k�rU�|�d�|��_�n �d�|��_�d�}�t�|�ƒ�d�k�rƒ�|�d�}�n��|��j�|�ƒ�d �S(
���s���Sets action of the ruleR.���i����R/���R0���R2���t���denyR���i���N(���t���lowert���splitR���t���lent
���set_logtype(���R���R���t���tmpR
���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR!���«���s����0
R���c��� ��� ���C���sÕ��t��d�ƒ�|�}�|�d�k�r �n…|�d�k�r7�|��j�r7�nm|�d�k�rO�|��j�rO�nUt�j�d�|�ƒ�ss�t�j�d�|�ƒ�r‚�t�|�ƒ�‚�n"|�j�d�ƒ�|�j�d�ƒ�d �k�r³�t�|�ƒ�‚�nñ|�j�d�ƒ�}�t�|�ƒ�d
�k��rã�t�|�ƒ�‚�n
�t�|�ƒ�d
�k�rt �|��_
�n��d
�}�x”|�D]Œ}�t�j�d
�|�ƒ�rÕt �|��_
�|�j�d�ƒ�}�t�|�ƒ�d
�k�r_t�|�ƒ�‚�n��xA�|�D]9�}�t
�|�ƒ�d
�k��st
�|�ƒ�d�k�rft�|�ƒ�‚�qfqfWt
�|�d�ƒ�t
�|�d
�ƒ�k�rqt�|�ƒ�‚�qqnœ�t�j�d�|�ƒ�r
t
�|�ƒ�d
�k��s
t
�|�ƒ�d�k�rqt�|�ƒ�‚�qqnT�t�j�d�|�ƒ�rey�t
�j
�|�ƒ�}�Wqqt�k
�rat�|�ƒ�‚�qqXn
�t�|�ƒ�‚�|�rŽ|�d�t�|�ƒ�7}�qt�|�ƒ�}�qW|�}�|�d�k�rÂt�|�ƒ�|��_�n�t�|�ƒ�|��_�d�S(���s:���Sets port and location (destination or source) of the rules
���Bad port '%s'R
���R���R���s���^[,:]s���[,:]$R5���t���:i���i���R���s ���^\d+:\d+$i���iÿÿ��i����s���^\d+$s
���^\w[\w\-]+N(���R.���R���R���R8���t���matchR���t���countRB���RC���t���TrueR���t���intt���sockett
���getservbynamet ���Exceptiont���strR���R���( ���R���t���portt���loct���err_msgt���portsRE���t���pt���rant���q(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR#���¸���sX����
$"
$ $
c���������C���st���|�d�k�sH�|�d�k�sH�|�d�k�sH�|�d�k�sH�|�d�k�sH�|�d�k�rT�|�|��_��n
�t�d�ƒ�|�}�t�|�ƒ�‚�d�S( ���s���Sets protocol of the ruleR1���t���udpt���ipv6t���espt���ahR
���s���Unsupported protocol '%s'N(���R���R.���R���(���R���R���RQ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR"����s����
c���������C���sÜ���|��j��rr�|��j�r<�|��j�d�k�s0�|��j�d�k�r<�d�|��_�n��|��j�rØ�|��j�d�k�sc�|��j�d�k�rØ�d�|��_�qØ�nf�|��j�r¥�|��j�d�k�s™�|��j�d�k�r¥�d�|��_�n��|��j�rØ�|��j�d�k�sÌ�|��j�d�k�rØ�d�|��_�n��d�S(���s ���Adjusts src and dst based on v6R
���s ���0.0.0.0/0s���::/0N(���R���R���R���(���R���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt
���_fix_anywhereþ���s���� '
''
'c���������C���s���|�|��_��|��j�ƒ��d�S(���sX���Sets whether this is ipv6 rule, and adjusts src and dst
accordingly.
N(���R���RZ���(���R���R���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt���set_v6
��s���� c���������C���s`���|�j��ƒ��}�|�d�k�rI�t�j�j�|�d�ƒ�
rI�t�d�ƒ�}�t�|�ƒ�‚�n��|�|��_�|��j�ƒ��d�S(���s���Sets source address of ruleR
���s���Bad source addressN(���RA���R���t���utilt
���valid_addressR.���R���R���RZ���(���R���t���addrRE���RQ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR$�����s
����
"
c���������C���s`���|�j��ƒ��}�|�d�k�rI�t�j�j�|�d�ƒ�
rI�t�d�ƒ�}�t�|�ƒ�‚�n��|�|��_�|��j�ƒ��d�S(���s ���Sets destination address of ruleR
���s���Bad destination addressN(���RA���R���R\���R]���R.���R���R���RZ���(���R���R^���RE���RQ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR%���
��s
����
"
c���������C���s¸���|�d�k�r3�|�d�k�r3�t��d�ƒ�}�t�|�ƒ�‚�n��t�j�d�t�|�ƒ�ƒ�sf�t��d�ƒ�}�t�|�ƒ�‚�n��d�t�|�ƒ�k�r“�t��d�ƒ�}�t�|�ƒ�‚�n��|�d�k�r«�|�|��_�n �|�|��_�d�S( ���s���Sets an interface for ruleR
���t���outs���Bad interface types!���^[a-zA-Z][a-zA-Z0-9:]*[a-zA-Z0-9]s���Bad interface nameRF���s/���Bad interface name: can't use interface aliasesN(���R.���R���R8���RG���RN���R
���R ���(���R���t���if_typet���nameRQ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt
���set_interface&��s����
c���������C���sJ���t��j�d�t�|�ƒ�ƒ�s7�t�d�ƒ�|�}�t�|�ƒ�‚�n��t�|�ƒ�|��_�d�S(���s
���Sets the position of the rules���^[0-9]+s,���Insert position '%s' is not a valid positionN(���R8���RG���RN���R.���R���RJ���R
���(���R���t���numRQ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt
���set_position9��s����c���������C���sb���|�j��ƒ��d�k�s0�|�j��ƒ��d�k�s0�|�d�k�rB�|�j��ƒ��|��_�n
�t�d�ƒ�|�}�t�|�ƒ�‚�d�S(���s���Sets logtype of the rulet���logs���log-allR���s���Invalid log type '%s'N(���RA���R
���R.���R���(���R���R
���RQ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyRD���@��s
����$
c���������C���sD���|�d�k�s�|�d�k�r$�|�|��_��n
�t�d�ƒ�|�}�t�|�ƒ�‚�d�S(���s���Sets direction of the ruleR
���R_���s���Unsupported direction '%s'N(���R ���R.���R���(���R���R ���RQ���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR&���I��s����
c���������C���sY��t��}�|��j�rQ�y(�t�j�j�|��j�|��j�ƒ�\�|��_�}�WqQ�t�k
�rM�‚��qQ�Xn��|�rc�|�|��_�n��|��j�rÃ�y(�t�j�j�|��j�|��j�ƒ�\�|��_�}�WqÃ�t�k
�r¿�t �d�ƒ�}�t
�|�ƒ�‚�qÃ�Xn��|��j
�r|��j
�j
�d�ƒ�}�t�j�j
�|�ƒ�d�j�|�ƒ�|��_
�n��|��j�rC|��j�j
�d�ƒ�}�t�j�j
�|�ƒ�d�j�|�ƒ�|��_�n��|�rU|�|��_�n��d�S(���s&���Normalize src and dst to standard forms'���Could not normalize destination addressR5���N(���R���R���R���R\���t���normalize_addressR���RM���R���R���R.���R���R���RB���t
���human_sortt���joinR���(���R���t���changedRQ���RR���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt ���normalizeQ��s4����
c���������C���s��|��
s�|�
r�t��ƒ��‚�n��d�|��|�f�}�|��j�|�j�k�rJ�t�|�ƒ�d�S|��j�|�j�k�rj�t�|�ƒ�d�S|��j�|�j�k�rŠ�t�|�ƒ�d�S|��j�|�j�k�rª�t�|�ƒ�d�S|��j�|�j�k�rÊ�t�|�ƒ�d�S|��j�|�j�k�rê�t�|�ƒ�d�S|��j�|�j�k�r
t�|�ƒ�d�S|��j �|�j �k�r*t�|�ƒ�d�S|��j
�|�j
�k�rJt�|�ƒ�d�S|��j
�|�j
�k�rjt�|�ƒ�d�S|��j
�|�j
�k�rŠt�|�ƒ�d�S|��j
�|�j
�k�rÈ|��j�|�j�k�rÈt�d�ƒ�}�t�|�ƒ�d�St�d�ƒ�i�|��j
�d�6|�j
�d�6|��j�d�6|�j�d �6}�t�|�ƒ�d
�S(
���s~���Check if rules match
Return codes:
0 match
1 no match
-1 match all but action
s���No match '%s' '%s'i���s���Found exact matchi����s@���Found non-action/non-logtype match (%(xa)s/%(ya)s %(xl)s/%(yl)s)t���xat���yat���xlt���yliÿÿÿÿ(���t
���ValueErrorR���R����R���R���R���R���R���R���R���R
���R ���R ���R���R
���R.���(���t���xt���yt���dbg_msg(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyRG���s��sZ����
$
c���������C���s��d�„��}�|��
s�|�
r#�t��ƒ��‚�n��|��j�|�ƒ�d�k�r<�d�Sd�|��|��j�|�|�j�f�}�|�j�d�k�r}�t�d�|�d�ƒ�d�S|��j�|�j�k�r°�|�j�d�k�r°�t�d �|�ƒ�d�S|�j�d�k�rç�|�|��j�|�j�ƒ�
rç�t�d
�|�ƒ�d�S|�j�d
�k�rË|��j�d
�k�r|��j�|��j �ƒ�rq%|��j �|�j �k�rMd
�|�j �k�rMt�d
�|�ƒ�d�S|��j �|�j �k�r%d
�|�j �k�r%|��j�|�j�k�r%t
�j
�j
�|��j �|�j �|��j�ƒ�
r%t�d
�|�d�|��j �|�j �f�ƒ�d�SnZ|��j�d
�k�r|��j�|�j�k�rt�d�|�d�|��j�|�j�f�ƒ�d�Sy �t
�j
�j
�|�j�|��j�ƒ�}�Wn>�t�k
�r^t�d�|�d�|�j�ƒ�d�St�k
�rq‚��n�X|�j �|�k�r³d
�|�j �k�r³t�d�|�d�|�j �|�f�ƒ�d�S|�j �|�k�r%d
�|�j �k�r%|��j�|�j�k�r%t
�j
�j
�|�|�j �|��j�ƒ�
r%t�d�|�d�|�|�j �f�ƒ�d�S|��j�|�j�k�r]t�d�|�d�|��j �|�j �f�ƒ�d�St�d�|��|��j�|�|�j�f�ƒ�d�S(���s®��This will match if x is more specific than y. Eg, for protocol if x
is tcp and y is all or for address if y is a network and x is a
subset of y (where x is either an address or network). Returns:
0 match
1 no match
-1 fuzzy match
This is a fuzzy destination match, so source ports or addresses
are not considered, and (currently) only incoming.
c���������S���s†���x�|�j��d�ƒ�D]n�}�|��|�k�r&�t�Sd�|�k�r�|�j��d�ƒ�\�}�}�t�|��ƒ�t�|�ƒ�k�r~�t�|��ƒ�t�|�ƒ�k�r~�t�Sq�q�Wt�S(���s:���Returns True if p is an exact match or within a multi ruleR5���RF���(���RB���RI���RJ���R���(���t���test_pt���to_matchRO���t���lowt���high(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt
���_match_ports·��s����
0
i����s(���No fuzzy match '%s (v6=%s)' '%s (v6=%s)'R
���s
���(direction) s��� (not incoming)i���R
���s
���(protocol) s���(dport) R���t���/s���(dst) s��� ('%s' not in network '%s')s
���(interface) s
��� (%s != %s)s��� %s does not exists���(v6) s'���(fuzzy match) '%s (v6=%s)' '%s (v6=%s)'iÿÿÿÿ(���Ro���RG���R���R ���R����R���R���R
���t
���_is_anywhereR���R���R\���t
���in_networkt���get_ip_from_ift���IOErrorRM���(���Rp���Rq���Rw���Rr���t���if_ip(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt���fuzzy_dst_match«��sj����
!%!!3"
!
0
" c���������C���s ���|�d�k�s�|�d�k�r
�t��St�S(���s
���Check if address is anywheres���::/0s ���0.0.0.0/0(���RI���R���(���R���R^���(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyRy�����s����c���������C���sû���d�}�|��j��d�k�s$�|��j�d�k�r÷�d�|��j��|��j�|��j�|��j�f�}�|��j��d�k�rz�d�|��j�|��j�|��j�|��j�f�}�n��|��j�d�k�r®�d�|��j��|��j�|��j�|��j�f�}�n��|��j�d�k�rÑ�|�d�|��j�7}�n��|��j�d�k�r÷�|�d�|��j�7}�q÷�n��|�S(���s$��Returns a tuple to identify an app rule. Tuple is:
dapp dst sapp src
or
dport dst sapp src
or
dapp dst sport src
All of these might have in_eth0 out_eth0 (or similar) if an
interface is also defined.
R���s
���%s %s %s %ss��� in_%ss��� out_%s(���R���R���R���R���R���R���R
���R ���(���R���t���tupl(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt
���get_app_tuple��s
����
"(���R���R ���R
���R���R���R+���R-���R'���R!���R#���R"���RZ���R[���R$���R%���Rb���Rd���RD���R&���Rj���RG���R~���Ry���R€���(����(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyR
���(���s.���
C
9
" 8 e (����(���R
���R8���RK���t���ufw.utilR���R����t
���programNamet ���state_dirt ���share_dirt ���trans_dirt
���config_dirt
���prefix_dirt
���iptables_dirRM���R���R
���(����(����(����s.���/usr/lib/python2.7/dist-packages/ufw/common.pyt���<module>���s���