ó ´$Nc@sddlZddlZddlmZddlmZddlZdfd„ƒYZdefd„ƒYZdefd „ƒYZ d efd „ƒYZ d efd „ƒYZ defd„ƒYZ defd„ƒYZ defd„ƒYZdfd„ƒYZdfd„ƒYZdS(iÿÿÿÿN(tUFWError(tdebugt UFWCommandcBs)eZdZd„Zd„Zd„ZRS(s"Generic class for parser commands.cCsA||_g|_||jkr4|jj|ƒn||_dS(N(tcommandttypestappendttype(tselfRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyt__init__.s   cCs8t|ƒdkrtƒ‚nt|djƒƒ}|S(Nii(tlent ValueErrortUFWParserResponsetlower(Rtargvtr((s./usr/lib/python2.7/dist-packages/ufw/parser.pytparse5s cCstdƒ‚dS(Ns!UFWCommand.help: need to override(R(Rtargs((s./usr/lib/python2.7/dist-packages/ufw/parser.pythelp=s(t__name__t __module__t__doc__RRR(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR,s  tUFWCommandRulecBs5eZdZd„Zd„Zd„ZeeƒZRS(s#Class for parsing ufw rule commandscCsd}tj|||ƒdS(Ntrule(RR(RRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRBsc-Cswd}d}d}d}d}d}d}d} d} t} t|ƒdkrx|djƒdkrx|j|dƒnt|ƒdkr«|djƒdkr$t|ƒdkr$t} |j|dƒd} yt|dƒ} Wntk r|d}nX| dkržtd| ƒ} | Snz|djƒdkržt|ƒd krXt ƒ‚n|d} | d krt d ƒ| }t |ƒ‚n|d=|d=n|d}n|dkrÓ|j }|j d|ƒn|d kr|d kr|dkr|dkrt ƒ‚nt|ƒ}|dkr3t ƒ‚nd}|dkr„|djƒdksq|djƒdkr„|djƒ}n|dkrò|ddkrò|djƒdksÌ|djƒdkrò|djƒ}|d=t|ƒ}nt}|dkrÂ|jdƒdks.|jdƒdkrÂt dƒ}|djƒdkru|djƒdkrut |ƒ‚n|dks—|djƒdkr¦t |ƒ‚n|d=t|ƒ}t}nd}|r|dkr|djƒdks|djƒdkrd}nA|dkrP|djƒdksG|djƒdkrPd}n|dkr‚||jƒ} ||=t|ƒ}nd|kr©t dƒ}t |ƒ‚nd|krÐt dƒ}t |ƒ‚n|dksè|dkrôt ƒ‚n|}| dkr|d| 7}ntjj|ddd|ƒ}| rG| |_n7| dkr~y|j| ƒWq~tk rz‚q~Xn|dkr)tjj|dƒröytjj|dƒWqötk ròd}|d|_|j|ddƒqöXn|jdkrõy tjj|dƒ\}}Wn)t k rPt dƒ}t |ƒ‚nXtjd |ƒsŸd!|ks{d"|kr–t d#ƒ}t |ƒ‚n|}ny'|j|ƒ|j|dƒd}Wqõt k rñt dƒ}t |ƒ‚qõXn|jdEkrZ t d'ƒ|j}t |ƒ‚qZ n1|dddkrXt d(ƒ}t |ƒ‚nd)|kr£d*|kr£d|kr£d|kr£t d+ƒ}t |ƒ‚n·d,d)d*d-d.ddg}|jd*ƒdks{|jd)ƒdks{|jd,ƒdks{|jd-ƒdks{|jdƒdks{|jdƒdks{|jd.ƒdks{|jd.ƒdkr–|jd,ƒdkr–t d/ƒ}t |ƒ‚nd}d}x+|D]#}|ddkrò|||kròt d0ƒ||}t |ƒ‚n|d,kr\ |d|krA y|j||dƒWqY tk r= ‚qY Xq t d1ƒ}t |ƒ‚nf|dkst |dkr |d|krð yR|dkr® |jd||dƒn'|dkrÕ |jd||dƒnWq tk rì ‚q Xq t d2ƒ|}t |ƒ‚n³|d)krÊ |d|kr¯ yd||djƒ}|dkr] d3}d}n$tjj|d4ƒr{ d5}nd6}|j |ƒWntk r¥ ‚nXd7}q t d8ƒ}t |ƒ‚nø|d*kr… |d|krj yd||djƒ}|dkr d3}d}n$tjj|d4ƒr6 d5}nd6}|j!|ƒWntk r` ‚nXd}q t d9ƒ}t |ƒ‚n=|d-ks |d.kr |d|kr§ |dkrØ t d:ƒ|}t |ƒ‚n||d}|d.kr |d7kr ||_"qy ||_nctjd |ƒsy d!|ks@ d"|kr[ t d#ƒ}t |ƒ‚n|d7krp |}qy |}ny|j||ƒWq¿ tk r£ ‚q¿ Xq t d;ƒ}t |ƒ‚n|d7}q©W|dkrñ |dkrñ d}ni|dkr0 |dkr0 ||kr0 t d<ƒ}t |ƒ‚n*|dkrE |}n|dkrZ |}n|dksr |dkrd}|dkrÉ ytjj|ƒ}WqÉ tk rÅ t d=ƒ}t |ƒ‚qÉ Xn|dkr¿|dksí |dkr2ytjj|ƒ}Wq¼tk r.t d=ƒ}t |ƒ‚q¼Xq¿ytjj|ƒ}Wn)tk rst d=ƒ}t |ƒ‚nX|dksŒ||kr•|}q¿|dkr¤q¿t d>ƒ}t |ƒ‚n|jdkrÞ|j|ƒq|dkr|j|krt d?ƒ|j}t |ƒ‚qn|r—|jdkr—|j"dksQ|jdkr—d}|jrl|j}n |j"}t d@ƒ|j}t |ƒ‚n|jd$kr=|d5krÔt dAƒ|j}t |ƒ‚n&|dkrút#dB|jƒd6}n|j$dks|j%dkr=t d'ƒ|j}t |ƒ‚q=nt|ƒ} |j&| j'dC<|| j'd<|| j'dD<| S(FNttanyiRtdeleteis delete-%dtinsertit0s#Cannot insert rule at position '%s'tallowtdenytrejecttlimititintouttonsInvalid interface clauseitlogslog-allsOption 'log' not allowed heres!Option 'log-all' not allowed herei t_t directiontbothtdstsBad ports^\d([0-9,:]*\d+)*$t,t:sPort ranges must be numerictipv6tesptahsInvalid port with protocol '%s'sWrong number of argumentstfromttosNeed 'to' or 'from' clausetprototporttappsImproper rule syntaxsInvalid token '%s'sInvalid 'proto' clausesInvalid '%s' clauses 0.0.0.0/0t6tv6tv4tsrcsInvalid 'from' clausesInvalid 'to' clausesNeed 'from' or 'to' with '%s'sInvalid 'port' clauses%Mixed IP versions for 'from' and 'to'sCould not find protocolsProtocol mismatch (from/to)s,Protocol mismatch with specified protocol %ss3Improper rule syntax ('%s' specified with app rule)s'Invalid IPv6 address with protocol '%s's*Adjusting iptype to 'v4' for protocol '%s'Rtiptype(R*R+R,((tFalseR R tremovetTruetNonetintt ExceptionR R R$RRRtcounttufwtcommontUFWRulet set_positiont applicationstvalid_profile_nametutiltget_services_prototdapptset_porttparse_port_prototretmatcht set_protocoltprotocolt set_interfacet valid_addresstset_srctset_dsttsappRtdporttsportRtdata(RR tactionRRt from_typetto_typet from_servicet to_servicet insert_postlogtypeR8trule_numRterr_msgtnargstrule_directiont has_interfacetlog_idxt rule_actionR0R/tkeystitloctargtfaddrtsaddrttmpR1((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRFsJ((          $     "26 ,"  ( "                            $  *                                                                          cCsø|j}|jdks'|jdkr0|jdksE|jdkr0|jdkr0|jdkr0|jdkr0|jdkr0|jdkr0|jdkr³|d|j7}n|j dkrÖ|d|j 7}n|j dkrù|d|j 7}qô|d|j7}|j dkrô|d|j 7}qônÄ|jdkrS|d|j7}n|jdkrv|d |j7}n|j dkr™|d|j 7}nxûd d gD]í}|d krÜ|j}|j}|j}d }n!|j}|j}|j }d }|dks|dkrd}n|dkrE|dkrE|dkrEq¦|d||f7}|dkrv|d|7}q¦|dkr¦|d|7}q¦q¦W||jkr³|d7}n|j dkrô|j dkrô|jdkrô|d|j 7}n|S(sGet command string for rules 0.0.0.0/0s::/0RRR!s %ss/%ss in on %ss out on %sR5R'R-R.s %s %ss app %ss port %ss to anys proto %s( RUR'R5RSRQt interface_int interface_outRRR%R[RFRL(RtresRdReR0R1tdir((s./usr/lib/python2.7/dist-packages/ufw/parser.pyt get_commandµs^          $   -(RRRRRRnt staticmethod(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR@s   ÿp ?t UFWCommandAppcBs eZdZd„Zd„ZRS(s*Class for parsing ufw application commandscCsd}tj|||ƒdS(NR1(RR(RRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRùscCsëd}d}t}|ddkr.tƒ‚n|d=t|ƒ}|djƒ}|dksi|dkrî|dkr§|ddkr§t}|jdƒt|ƒ}n|d kr¿tƒ‚nt|dƒjd ƒ}|rî|d 7}qîn|d kr|dkrtƒ‚n|d kr¾|d kr6tƒ‚n|djƒdkrUd}q¾|djƒdkrtd}q¾|djƒdkr“d}q¾|djƒdkr²d}q¾tƒ‚nt|ƒ}|j |j d<||j d<|S(sParse applications command.RiR1tinfotupdateiis --add-newis[']s -with-newtlisttdefaultRs default-allowRs default-denyRsdefault-rejecttskips default-skipRtname( R7R R R R9R8tstrtstripR RRT(RR RvRUtaddnewR^R((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRýsH                (RRRRR(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRp÷s tUFWCommandBasiccBseZdZd„ZRS(s$Class for parsing ufw basic commandscCsd}tj|||ƒdS(Ntbasic(RR(RRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR4s(RRRR(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRz2stUFWCommandDefaultcBs eZdZd„Zd„ZRS(s&Class for parsing ufw default commandscCsd}tj|||ƒdS(NRt(RR(RRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR:scCsut|ƒdkrtƒ‚nd}d}t|ƒdkr÷|djƒdkr |djƒdkr |djƒdkr |djƒdkr tƒ‚n|djƒjdƒrÂd}q÷|djƒjdƒräd}q÷|djƒ}n|d jƒd krd }nG|d jƒd kr5d }n(|d jƒdkrTd}n tƒ‚|d|7}t|ƒS(NiRtincomingtinputtoutputtoutgoingR R!iRs default-denyRs default-allowRsdefault-rejects-%s(R R R t startswithR (RR RUR%((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR>s0        (RRRRR(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR|8s tUFWCommandLoggingcBs eZdZd„Zd„ZRS(s&Class for parsing ufw logging commandscCsd}tj|||ƒdS(Ntlogging(RR(RRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRcscCsþd}t|ƒdkr$tƒ‚nÐ|djƒdkrCd}n±|djƒdks±|djƒdks±|djƒdks±|djƒd ks±|djƒd krëd }|djƒdkrô|d |djƒ7}qôn tƒ‚t|ƒS( NRiitoffs logging-offR"tlowtmediumthightfulls logging-onR$(R R R R (RR RU((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRgs  ,, (RRRRR(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR‚as tUFWCommandStatuscBs eZdZd„Zd„ZRS(s%Class for parsing ufw status commandscCsd}tj|||ƒdS(Ntstatus(RR(RRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRzscCs–tj||ƒ}t|ƒdkr0d|_nbt|ƒdkr’|djƒdkrdd|_q’|djƒdkr†d|_q’tƒ‚n|S(NiRŠtverbosesstatus-verbosetnumberedsstatus-numbered(RRR RUR R (RR R((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR~s    (RRRRR(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR‰xs tUFWCommandShowcBs eZdZd„Zd„ZRS(s%Class for parsing ufw status commandscCsd}tj|||ƒdS(Ntshow(RR(RRR((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRscCsd}t|ƒdkr$tƒ‚nâ|djƒdkrCd}nÃ|djƒdkrbd}n¤|djƒdkrd}n…|djƒd kr d }nf|djƒd kr¿d }nG|djƒd krÞd}n(|djƒdkrýd}n tƒ‚t|ƒS(NRitrawsshow-raws before-ruless show-befores user-ruless show-users after-ruless show-afters logging-ruless show-loggingtbuiltinss show-builtinst listeningsshow-listening(R R R R (RR RU((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR‘s&         (RRRRR(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR‹s R cBs eZdZd„Zd„ZRS(sClass for ufw parser responsecCs.|jƒ|_t|_t|_i|_dS(N(R RUR7tdryruntforceRT(RRU((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRªs  cCsVd|j}x2|jjƒD]!}|d||j|f7}qW|d7}t|ƒS(Ns action='%s's,%s='%s's (RURTRctrepr(RtsRd((s./usr/lib/python2.7/dist-packages/ufw/parser.pyt__str__°s   (RRRRR–(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyR ¨s t UFWParsercBs2eZdZd„Zd„Zd„Zd„ZRS(sClass for ufw parsercCs i|_dS(N(tcommands(R((s./usr/lib/python2.7/dist-packages/ufw/parser.pyRºscCs\|jƒ|jjƒkr'tƒ‚n|jƒ|j|jƒkrRtƒ‚n|jƒS(s=Return command if it is allowed, otherwise raise an exception(R R˜RcR (RRtcmd((s./usr/lib/python2.7/dist-packages/ufw/parser.pytallowed_command½s   c Csöt}t|ƒdkrH|djƒdkrHt}|j|dƒnt}t|ƒdkr¦|djƒdksŒ|djƒdkr¦t}|j|dƒnd}d}|djƒ}t|ƒdkr%||jjƒkr%|djƒ|j|jƒkr%|}|djƒ}nR|}x4|jjƒD]#}||j|kr;|}Pq;q;W|dkrwd}ny|j||ƒ}Wn0tk r¿t dƒ|} ‚t | ƒ‚nX|j||}|j |ƒ} || _ || _ | S( s(Parse command. Returns a UFWParserActionis --dry-runs--forces-fRiRsInvalid command '%s'(R7R R R9R8R˜RcRšR<R$RRR’R“( RRR’R“R™RRiRdRUR]tresponse((s./usr/lib/python2.7/dist-packages/ufw/parser.pyt parse_commandÇsD(('#     cCs³|jdks|jdkr.d|j}n d|j}|jj|jƒsci|j|jR?RRtsysRRRpRzR|R‚R‰RR R—(((s./usr/lib/python2.7/dist-packages/ufw/parser.pyt%s   ÿ¸;)