HOME


Mini Shell 1.0
Redirecting to https://devs.lapieza.net/iniciar-sesion Redirecting to https://devs.lapieza.net/iniciar-sesion.
DIR: /proc/1780863/root/usr/lib/python3/dist-packages/ufw/__pycache__/
Upload File :
Current File : //proc/1780863/root/usr/lib/python3/dist-packages/ufw/__pycache__/frontend.cpython-311.pyc
�

#fd�����dZddlZddlZddlZddlmZddlZddlmZm	Z	m
Z
ddlmZddl
Zd�Zd�ZGd�d	��ZdS)
z'frontend.py: frontend interface for ufw�N)�UFWError)�error�warn�msg)�UFWBackendIptablesc�X�tj���}dD]4}|�tj�|�����5dD]4}|�tj�|�����5dD]4}|�tj�|�����5dD]4}|�tj�|�����5dD]4}|�tj�|�����5dD]4}|�tj�	|�����5gd�}|D]f}|�tj�
|����|�tj�|�����gt|��dkr�d	}||�
��d
krd}||�
��dkrP||�
��dkr2||�
��|vr|�|d
��t|��dksd
|vr2t|��dkrtdd���t!���	|�|d	d���}nI#t$$r!}td|jz��Yd}~n#d}~wt($rtdd����wxYw|S)zEParse command. Returns tuple for action, rule, ip_version and dryrun.)	�enable�disable�helpz--helpz-h�versionz	--version�reload�reset)�list�info�default�update)�on�off�low�medium�high�full)�allow�deny�reject)N�verbose�numbered)�rawzbefore-rulesz
user-ruleszafter-rulesz
logging-rules�builtins�	listening�added)r�limitrr�insert�delete�prepend���	--dry-runr�route�rule�znot enough argsF)�do_exitNz%szInvalid syntax)�ufw�parser�	UFWParser�register_command�UFWCommandBasic�
UFWCommandApp�UFWCommandLogging�UFWCommandDefault�UFWCommandStatus�UFWCommandShow�UFWCommandRule�UFWCommandRouteRule�len�lowerr#r�
ValueError�
parse_commandr�value�	Exception)�argv�p�i�
rule_commands�idx�pr�es       �./usr/lib/python3/dist-packages/ufw/frontend.pyr<r<s>���
�����A�
�:�:��	
���3�:�5�5�a�8�8�9�9�9�9�3�8�8��	���3�:�3�3�A�6�6�7�7�7�7�<�<�<��	���3�:�7�7��:�:�;�;�;�;�)�<�<��	���3�:�7�7��:�:�;�;�;�;�+�;�;��	���3�:�6�6�q�9�9�:�:�:�:�A�9�9��	���3�:�4�4�Q�7�7�8�8�8�8� � � �M�
�>�>��	���3�:�4�4�Q�7�7�8�8�8�	���3�:�9�9�!�<�<�=�=�=�=��4�y�y�1�}�}�����9�?�?����+�+��C���9�?�?���	�)�)���9�?�?����'�'���9�?�?���
�-�-��K�K��V�$�$�$�
�4�y�y�1�}�}���,�,��T���Q���
���/�/�/�/��l�l���
�_�_�T�!�"�"�X�
&�
&����� � � �
�d�a�g������������������
���.�.�.�.�
������Is�K!�!
L'�+L� L'c� �tdidtjj�dd�dd�dd�dd�d	d
�dd�d
d�dd�dd�dd�dd�dd�dd�dd�dd�dd�id d!�d"d#�d$d%�d&d'�d(d(�d)d)�d*d*�d+d,�d-d.�d/d0�d1d2�d3d3�d4d5�d6d7�d8d9�d:d;�d<d=��d>d?i�z��}|S)@zPrint help messagea+
Usage: %(progname)s %(command)s

%(commands)s:
 %(enable)-31s enables the firewall
 %(disable)-31s disables the firewall
 %(default)-31s set default policy
 %(logging)-31s set logging to %(level)s
 %(allow)-31s add allow %(rule)s
 %(deny)-31s add deny %(rule)s
 %(reject)-31s add reject %(rule)s
 %(limit)-31s add limit %(rule)s
 %(delete)-31s delete %(urule)s
 %(insert)-31s insert %(urule)s at %(number)s
 %(prepend)-31s prepend %(urule)s
 %(route)-31s add route %(urule)s
 %(route-delete)-31s delete route %(urule)s
 %(route-insert)-31s insert route %(urule)s at %(number)s
 %(reload)-31s reload firewall
 %(reset)-31s reset firewall
 %(status)-31s show firewall status
 %(statusnum)-31s show firewall status as numbered list of %(rules)s
 %(statusverbose)-31s show verbose firewall status
 %(show)-31s show firewall report
 %(version)-31s display version information

%(appcommands)s:
 %(applist)-31s list application profiles
 %(appinfo)-31s show information on %(profile)s
 %(appupdate)-31s update %(profile)s
 %(appdefault)-31s set default application policy
�progname�command�COMMAND�commands�Commandsr	r
rzdefault ARG�loggingz
logging LEVEL�level�LEVELrz
allow ARGSr*rz	deny ARGSrzreject ARGSr"z
limit ARGSr$zdelete RULE|NUM�urule�RULEr#zinsert NUM RULEr%zprepend RULEr)z
route RULEzroute-deletezroute delete RULE|NUMzroute-insertzroute insert NUM RULE�number�NUMr
r�status�	statusnumzstatus numbered�rules�RULES�
statusverbosezstatus verbose�showzshow ARGr�appcommandszApplication profile commands�applistzapp list�appinfozapp info PROFILE�profile�PROFILE�	appupdatezapp update PROFILE�
appdefaultzapp default ARG)�_r-�common�programName)�help_msgs rF�get_command_helprees�����>"*�
�C�J�*�"*�	�I�"*�	�Z�"*�
�8�"*�
�I�	"*�

�M�"*�
�O�
"*�
�'�"*�
�,�"*�
��"*�
��"*�
�=�"*�
�,�"*�
�$�"*�
�&�"*�
�$�"*� 
�N�!"*�"*�"
�,�#"*�$
�0�%"*�&
�0�'"*�(
�5�)"*�*
�8�+"*�,
�'�-"*�.
�8�/"*�0
�'�1"*�2
�'�3"*�4
�*�5"*�6
��7"*�8
�I�9"*�:
�6�;"*�<
�J�="*�>
�&�?"*�@
�I�A"*�B
�*�C"*�"*�D
�(�E"*�"*�?A+�A,�A,�H�F
��c��eZdZdZ		dd�Zd�Zd�Zd�Zdd	�Zdd�Z	d�Z
d
�Zd�Zdd�Z
dd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zdd�ZdS)�UFWFrontend�UI�iptablesNc��|dkr(	t|||���|_n!#t$r�wxYwtd|z���t	d��|_t	d��|_t	d��|_dS)Nrj)�rootdir�datadirzUnsupported backend type '%s'�n�y�yes)r�backendr>rra�norp�yes_full)�self�dryrun�backend_typerlrms     rF�__init__zUFWFrontend.__init__�s����:�%�%�
�1�&�'�:A� C� C� C������
�
�
��
�����:�l�K�L�L�L��C�&�&����S�6�6����%����
�
�
s� �,c�d�d}d}|rd}d}|r|j���r|s|j���rd}|rY	|j�|jjdd|��n+#t$r}t|j��Yd}~nd}~wwxYwd}|r�	|j���n #t$r}|r|j}Yd}~nd}~wwxYw|dkrh	|j�|jjddd��n+#t$r}t|j��Yd}~nd}~wwxYwt|��td	��}nU	|j�	��n+#t$r}t|j��Yd}~nd}~wwxYwtd
��}|S)zlToggles ENABLED state in <config_dir>/ufw/ufw.conf and starts or
           stops running firewall.
        �rrrpFT�conf�ENABLEDNz0Firewall is active and enabled on system startupz/Firewall stopped and disabled on system startup)
rq�
is_enabled�set_default�filesrrr=�start_firewallra�
stop_firewall)rt�enabled�res�
config_str�changedrE�	error_strs       rF�set_enabledzUFWFrontend.set_enabled�s5�����
��	��J����	�D�L�3�3�5�5�	��	� �L�3�3�5�5�	��G��	�
���(�(���);�F�)C�)2�J�@�@�@�@���
�
�
��a�g�������������
�����	��	G�
(���+�+�-�-�-�-���
(�
(�
(��(� !��I����������
(�����B���#��L�,�,�T�\�-?��-G�-6��>�>�>�>���#�#�#��!�'�N�N�N�N�N�N�N�N�����#�����i� � � ��F�G�G�C�C�
���*�*�,�,�,�,���
�
�
��a�g�������������
�����E�F�F�C��
s`�,A3�3
B�=B�B�#B=�=
C�	C�C�$,D�
D9�D4�4D9�E6�6
F�F�Fc�0�d}	|j�||��}|j���r2|j���|j���n+#t
$r}t
|j��Yd}~nd}~wwxYw|S)zSets default policy of firewallryN)rq�set_default_policyr|r�rrrr=)rt�policy�	directionr�rEs     rFr�zUFWFrontend.set_default_policy�s�����	��,�1�1�&�)�D�D�C��|�&�&�(�(�
.���*�*�,�,�,���+�+�-�-�-����	�	�	��!�'�N�N�N�N�N�N�N�N�����	�����
s�A&A+�+
B�5B�Bc��d}	|j�|��}n+#t$r}t|j��Yd}~nd}~wwxYw|S)zSets log level of firewallryN)rq�set_loglevelrrr=)rtrNr�rEs    rFr�zUFWFrontend.set_loglevels`����	��,�+�+�E�2�2�C�C���	�	�	��!�'�N�N�N�N�N�N�N�N�����	�����
���
A�A�AFc��	|j�||��}n+#t$r}t|j��Yd}~nd}~wwxYw|S)zShows status of firewallN)rq�
get_statusrrr=)rtr�
show_count�outrEs     rFr�zUFWFrontend.get_statuss]��	��,�)�)�'�:�>�>�C�C���	�	�	��!�'�N�N�N�N�N�N�N�N�����	�����
s��
A�A�Arc��	|j�|��}n+#t$r}t|j��Yd}~nd}~wwxYw|S)zShows raw output of firewallN)rq�get_running_rawrrr=)rt�
rules_typer�rEs    rF�get_show_rawzUFWFrontend.get_show_raws[��	��,�.�.�z�:�:�C�C���	�	�	��!�'�N�N�N�N�N�N�N�N�����	�����
s��
A�A�Ac�`�d}	tj�|j�����}n,#t
$rt
d��}t|���wxYw|j���}t|�
����}|���|D�]=}|j���s|dvr�!|d|zz
}t||�
����}|���|D�]�}|||D�]�}	|	d}
|
�d���s�|
�d���s�d}|d|zz
}|
d	ks|
d
kr|dz
}d|	dz}
n'|d
|
zz
}tj�
|
��}|dtj�|	d��zz
}tj�d|dd�||
dd���}|�|�d����|dkr|�d|��|���|j�|��}
t1|
��dkr[|dz
}|
D]S}|dkrK|dz
t1|��kr5|d|tjj�||dz
��fzz
}�T|dz
}��Đ�א�?|j���stj�d��|S)zMShows listening services and incoming rules that might affect
           themryzCould not get listening status)�tcp6�udp6z%s:
�laddrz127.z::1z  %s z0.0.0.0z::z* z%s/0z%s z(%s)�exerNr+�inF)�action�protocol�dport�dstr��forward�6r�
r'z   [%2d] %s
z)Skipping tcp6 and udp6 (IPv6 is disabled))r-�util�parse_netstat_outputrq�use_ipv6r>rar�	get_rulesr�keys�sort�
startswith�get_if_from_ip�os�path�basenamerb�UFWRule�set_v6�endswith�
set_interface�	normalize�get_matchingr9r.r7�get_command�debug)rtr��d�err_msgrV�	protocols�proto�ports�port�item�addr�ifnamer*�matchingrAs               rF�get_show_listeningzUFWFrontend.get_show_listeningsP����	$���-�-�d�l�.C�.C�.E�.E�F�F�A�A���	$�	$�	$��8�9�9�G��7�#�#�#�	$������&�&�(�(��������N�N�	��������3	$�3	$�E��<�(�(�*�*�
�u�8H�/H�/H���7�e�$�$�C���5������)�)�E��J�J�L�L�L��-
$�-
$���e�H�T�N�,$�,$�D���=�D��?�?�6�2�2�*$��?�?�5�1�1�*$�!#���w��~�-���9�,�,������4�K�C�#)�T�'�]�#;�D�D��5�4�<�/�C�%(�X�%<�%<�T�%B�%B�F��v���(8�(8��e��(E�(E�E�E�� #�z�1�1��;@��!��9�8<�6:�<@�:?� 2� 3� 3�����E�N�N�3�$7�$7�8�8�8�!�R�<�<� �.�.�t�V�<�<�<����(�(�(�$(�<�#<�#<�T�#B�#B���x�=�=�1�,�,��4�K�C�%-�&�&��#$�q�5�5�Q��U�S��Z�Z�-?�-?�$'�?�a�(+�
�(A�(M�(M�*/��!��*�)6�)6�>&�,&�%&�C���t����Y,$�-
$�^�|�$�$�&�&�	H��H�N�N�F�G�G�G��
s	�6;�)A$c���|j���}td��}t|��dkr|td��zSg}|j���D]w}|jr(dt
jj�|��z}n$t
jj	�|��}||vr�Z|�
|��|d|zz
}�x|S)z!Shows added rules to the firewallz9Added user rules (see 'ufw status' for running firewall):rz
(None)�route %sz
ufw %s)rqr�rar9r�r-r.r8r�r7�append)rtrVr�r!�r�rstrs      rF�get_show_addedzUFWFrontend.get_show_addedfs�����&�&�(�(���K�L�L���u�:�:��?�?���:���&�&�����'�'�)�)�	%�	%�A��y�
@�!��
�6�B�B�1�E�E�F����z�0�<�<�Q�?�?���u�}�}���L�L������:��$�$�C�C��
rfc��d}d}d}g}|jdkr"|jdkr|�|���ng}	|j�r�|dkr|j�|d��}n�|dkr|j�|d��}n�|dkr�|j�|d��}|j�|d��}|D]F}	|D]A}
|
j}d|
_|	�|
��s||
_|�|
���B�Gn!td��|z}t|���t|��dkrC|jjs7td	��}|dkr|}n|dkr|d
z}n|dkr|dz|zd
z}|S|D]k}|���}|j|_|�
|j��|�|j��|�|���ln9|j�|��}|jdkr|���n#t($r�wxYwd}
d}td��}|j�d��}|j�d��}t-|��D�]�\}}|}
|j||zkr)|t/|j��d
zz
}t|���	|j����r�|dkr�|jdkr&|
dkr|dkrdnd}|�|��n4|j|kr)|t/|j��d
zz
}t|���|�d��|j�|��}�n�|dkr�|jdkr&|
dkr|dkrdnd}|�|��nh|j|kr|�|j|z
��n?|jdkr4|j|kr)|t/|j��d
zz
}t|���|�d��|j�|��}�n�|dk�r|j}|�d��|dkr&|
dkr|dkrdnd}|�|��n_|jsX||krR|j�||z
|
zd��}|dkr|�|��n|�d��|j�|��}|js8|dkr2|j�d��}|�|dz��|�d��|dkr&|
dkr|dkrdnd}|�|��nq|jsj|jdkr_|j|krT|j�|jd��}|dkr|�||
z
��n|�d��|dkr|dz
}|js.|j|kr#|dkr|�|j|z
��||j�|��z
}n�td��|z}t|���|jdkr%|
dkr|dkrdnd}|�|��|dks|dkr0|�d��|j�|��}nE|dkrtd��}t|���td��|z}t|���n!#t$r}|j}d}Yd}~n4d}~wwxYw|jr#td��}t?j |�����|s||z
}�n2t|��dkrtC|���nd}tEtG|
dz����}|���|D]�}|
dkr�||r~||���}d|_	|�||���I#t($r8d}td��|�$��z}tA|��Y��wxYw��|td��z
}|r|td��z
}n|td��z
}t|���|S)zUpdates firewall with rulery�v4F�v6T�bothzInvalid IP version '%s'rz"Could not delete non-existent rulez (v6)r�zInvalid position '�'���r'zIPv6 support not enabledNz Rule changed after normalizationzCould not back out rule '%s'z"
Error applying application rules.z# Some rules could not be unapplied.z( Attempted rules successfully unapplied.)%�dapp�sappr��removerq�get_app_rules_from_systemr��matchrarr9ru�dup_rule�
set_actionr��set_logtype�logtype�get_app_rules_from_template�position�reverser>�get_rules_count�	enumerate�strr��set_positionr��set_rule�find_other_positionr=�updated�warningsrrr�range�format_rule)rtr*�
ip_versionr�r��tmprV�tmprules�	tmprules6�xro�prev6r��count�	set_error�pos_err_msg�num_v4�num_v6rA�begin�user_posr@rE�warn_msg�
undo_error�indexes�j�backout_rules                            rFr�zUFWFrontend.set_rule�s�	�����������9��?�?�t�y�B����L�L�������H�2
��;�/(�!�T�)�)�#'�<�#I�#I�CG��$P�$P���#�t�+�+�#'�<�#I�#I�CG��$O�$O���#�v�-�-�#'�<�#I�#I�CG��$P�$P��$(�L�$J�$J�CG��%O�%O�	�"*�7�7�A�%.�7�7��()���',���'(�w�w�q�z�z�!7�+0�A�D�$,�O�O�A�$6�$6�$6��7�7�#$�$=�">�">�*�"M��&�w�/�/�/��8�}�}��)�)�$�,�2E�)�� D�E�E��%��-�-�"%�C�C�'�4�/�/�"%��-�C�C�'�6�1�1�"%��*�s�"2�W�"<�C�"�
�'�(�(���L�L�N�N��#'�;������T�[�1�1�1��
�
�d�l�3�3�3����Q�����(�!�L�D�D�T�J�J�E��}��)�)��
�
�������
�
�
��
�������	��,�-�-����-�-�e�4�4����-�-�d�3�3���e�$�$�c	(�c	(�D�A�q��E��z�F�V�O�+�+��s�1�:����4�4���{�+�+�+�Z
��<�(�(�*�*�U0�!�T�)�)��:��+�+�).�!����!���A�A��E��N�N�5�1�1�1�1��Z�&�0�0�'�3�q�z�?�?�S�+@�@�K�"*�;�"7�"7�7��������"�l�3�3�A�6�6���#�t�+�+��:��+�+�).�!����!���A�A��E��N�N�5�1�1�1�1��Z�&�0�0��N�N�1�:��+>�?�?�?�?��Z�1�_�_���v�1E�1E�'�3�q�z�?�?�S�+@�@�K�"*�;�"7�"7�7��������"�l�3�3�A�6�6���#�v�-�-�#$�:���������#�r�>�>�).�!����!���A�A��E��N�N�5�1�1�1�1�!"��	2�h��.?�.?�!%�� @� @� (�6� 1�E� 9�4�!A�!A�A� �1�u�u� !���q� 1� 1� 1� 1�!"���q� 1� 1� 1�"�l�3�3�A�6�6�� !�x�9�H�q�L�L�%)�\�%A�%A�%�%H�%H�F��N�N�8�a�<�8�8�8��������#�r�>�>�).�!����!���A�A��E��N�N�5�1�1�1�1�!"��2�a�j�1�n�n��:��/�/�!%�� @� @���AF�!H�!H�A� �1�u�u� !���q�5�y� 9� 9� 9� 9�!"���q� 1� 1� 1��"�9�9��4�K�C� !�x�@�A�J��,?�,?�#�r�>�>��N�N�1�:��+>�?�?�?��t�|�4�4�Q�7�7�7���"#�$=�">�">�*�"M��&�w�/�/�/��z�R�'�'�%*�a�Z�Z�F�a�K�K���Q�����u�-�-�-�!�T�)�)�Z�6�-A�-A��������"�l�3�3�A�6�6���#�t�+�+�"#�$>�"?�"?��&�w�/�/�/�"#�$=�">�">�*�"M��&�w�/�/�/����
�
�
��'�� �	�����������
����
�y�
(��?�@�@���
�h�'�'�'���	$��3�J�C�C�
��Z�Z�1�_�_��'�N�N�N�N��J��5��q��>�>�*�*�G��O�O�����
'�
'���1�9�9��q��9�#(��8�#4�#4�#6�#6�L�*.�L�'�'��
�
�l�J�?�?�?�?��$�'�'�'�%)�
�#$�%C�#D�#D�%&�]�]�_�_�$5���X������'�����
�q�>�?�?�?�G��
I��1�B�C�C�C����1�G�H�H�H���7�#�#�#��
s>�EH+�B(H+�+H7�Q/]�
]�
	]�]�#`:�:?a<�;a<c�N�	t|��}n/#t$r"td��|z}t|���wxYw|j���}|dks|t
|��kr!td��|z}t|���|j�|��}|s!td��|z}t|���d|_d}|j	rd}d}|�s|j
r(dtjj
�|��z}	n$tjj�|��}	td��|	|j|jd	�z}
t%|
t&jd
���t&j���������}|dkr<||j���kr||j���krd
}d
}|r|�||��}ntd��}|S)zDelete rulezCould not find rule '%s'rzCould not find rule '%d'Tr�r�r�z=Deleting:
 %(rule)s
Proceed with operation (%(yes)s|%(no)s)? )r*rprrF��output�newlinerory�Aborted)�intr>rarrqr�r9�get_rule_by_numberr�r�r�r-r.r8r�r7rprrr�sys�stdout�stdin�readliner:�striprsr�)
rtrR�forcernr�rVr*r��proceedr��prompt�ansr�s
             rF�delete_rulezUFWFrontend.delete_ruleOs1��	$��F���A�A���	$�	$�	$��2�3�3�f�<�G��7�#�#�#�	$������&�&�(�(����6�6�Q��U���^�^��2�3�3�a�7�G��7�#�#�#��|�.�.�q�1�1���	$��2�3�3�a�7�G��7�#�#�#�����
��7�	��J����	 ��|�
C�!��
�6�B�B�4�H�H�I����z�0�<�<�T�B�B���,�-�-�9=�8<��7;�w�1@�1@�A�F�
��s�z�5�9�9�9�9��)�$�$�&�&�,�,�.�.�4�4�6�6�C��c�z�z�c�T�X�^�^�%5�%5�5�5��d�m�)�)�+�+�+�+������	��-�-��j�1�1�C�C��I�,�,�C��
s��,>c�	�d}|�d��r\|�d��}t|��dkr|�|d��}�nr|�d��}�n[|dkr|�d��}�n>|�d��rjt	d	��}|�d
��}t|��dkrt|���|�|d|d��}�n�|d
kr|�|��}�n�|dkr|���}�n�|dkr|�d��}�ni|�d��rj|�d
��d}|dkr|�	��}�n|dkr|�
��}�n|�|��}�n�|dkr|�dd��}�n�|dkr|�d��}�n�|dkr|�d��}�n�|dkre|j
���r;|�d��|�d��t	d��}�n8t	d��}�n'|�d��r1|�|�d
��d|��}�n�|dks|dks
|dks|dk�r�|jdkr�	|j
�|j��}||jkr||_|�|d ��nt#t
$rg}|jst)|j��t,j�|j��st	d!��}t|���Yd"}~nd"}~wwxYw|jdkr�	|j
�|j��}||jkr||_|�|d ��nt#t
$rg}|jst)|j��t,j�|j��st	d!��}t|���Yd"}~nd"}~wwxYw|�||��}n!t	d#��|z}t|���|S)$z�Perform action on rule. action, rule and ip_version are usually
           based on return values from parse_command().
        ryz
logging-onrar'rzlogging-offrzdefault-zUnsupported default policy�-r+r&rrTzstatus-verboseTrYr r!zstatus-numberedFr	r
r
�Firewall reloadedz&Firewall not enabled (skipping reload)zdelete-rrrr"r��Invalid profile nameN�Unsupported action '%s')r��splitr9r�rarr�rr�r�r�r�r�rqr|rr��find_application_name�set_portr�rr=r-�applications�valid_profile_namer�r�)	rtr�r*r�rr�r�r�rEs	         rF�	do_actionzUFWFrontend.do_action�s��������\�*�*�M	$��,�,�s�#�#�C��3�x�x�!�|�|��'�'��A��/�/����'�'��-�-���
�}�
$�
$��#�#�E�*�*�C�C�
�
�
�z�
*�
*�E	$��4�5�5�G��,�,�s�#�#�C��3�x�x�1�}�}��w�'�'�'��)�)�#�a�&�#�a�&�9�9�C�C�
�w�
�
��*�*�U�#�#�C�C�
�x�
�
��/�/�#�#�C�C�
�'�
'�
'��/�/�$�'�'�C�C�
�
�
�v�
&�
&�9	$��,�,�s�#�#�A�&�C��k�!�!��-�-�/�/��������)�)�+�+����'�'��,�,���
�(�
(�
(��/�/�%��.�.�C�C�
�x�
�
��"�"�4�(�(�C�C�
�y�
 �
 ��"�"�5�)�)�C�C�
�x�
�
��|�&�&�(�(�
B�� � ��'�'�'�� � ��&�&�&��+�,�,����@�A�A���
�
�
�y�
)�
)�$	$��"�"�6�<�<��#4�#4�Q�#7��?�?�C�C�
�w�
�
�&�F�"2�"2�f��6H�6H�
�w�
�
��y�B���0��,�<�<�T�Y�G�G�C��d�i�'�'�$'��	��
�
�c�5�1�1�1����0�0�0��;�'��a�g�����+�>�>�t�y�I�I�0�"#�$:�";�";��&�w�/�/�/�0�0�0�0�0�����	0�����y�B���0��,�<�<�T�Y�G�G�C��d�i�'�'�$'��	��
�
�c�5�1�1�1����0�0�0��;�'��a�g�����+�>�>�t�y�I�I�0�"#�$:�";�";��&�w�/�/�/�0�0�0�0�0�����	0�����-�-��j�1�1�C�C��1�2�2�f�=�G��7�#�#�#��
s4�AM�
O�%AO�O�AP#�#
R�-AR�Rc��d}	|j�|��}n+#t$r}t|j��Yd}~nd}~wwxYw|S)z+Sets default application policy of firewallryN)rq�set_default_application_policyrrr=)rtr�r�rEs    rFrz*UFWFrontend.set_default_application_policy�s`����	��,�=�=�f�E�E�C�C���	�	�	��!�'�N�N�N�N�N�N�N�N�����	�����
r�c��t|jj�����}|���td��}|D]
}|d|zz
}�|S)z*Display list of known application profileszAvailable applications:�
  %s)rrq�profilesr�r�ra)rt�namesr�rns    rF�get_application_listz UFWFrontend.get_application_list�s_���T�\�*�/�/�1�1�2�2��
�
�
�����*�+�+���	#�	#�A��H��N�"�D�D��rfc��g}|dkr@t|jj�����}|���nRt
j�|��std��}t|���|�
|��d}|D�]�}||jjvs|jj|s!td��|z}t|���t
j�||jj|��std��}t|���|td��|zz
}|td��t
j�|jj|��zz
}|td��t
j�
|jj|��zz
}t
j�|jj|��}t|��d	ks
d
|dvr|td��z
}n|td
��z
}|D]
}|d|zz
}�||t|��d	z
kr|dz
}���t
j�|��S)zDisplay information on profile�allr	ryzCould not find profile '%s'zInvalid profilezProfile: %s
z
Title: %s
zDescription: %s

r'�,rzPorts:zPort:rz

--

)rrqrr�r�r-rrrarr��verify_profile�	get_title�get_description�	get_portsr9r��	wrap_text)rt�pnamerr�r��namer�r@s        rF�get_application_infoz UFWFrontend.get_application_info�ss�����E�>�>����.�3�3�5�5�6�6�E��J�J�L�L�L�L��#�6�6�u�=�=�
(��2�3�3���w�'�'�'��L�L��������	%�	%�D��4�<�0�0�0��<�(��.�1��9�:�:�d�C���w�'�'�'��#�2�2�4��|�$�T�*�,�,�
(��-�.�.���w�'�'�'��A�o�&�&�$�/�/�D��A�m�$�$��(8�(B�(B�(,��(=�d�(C�)E�)E�F�
F�D�
�A�+�,�,�-0�-=�-M�-M�-1�\�-B�4�-H�.J�.J�K�
K�D��$�.�.�t�|�/D�T�/J�K�K�E��5�z�z�A�~�~���a������(���#�����'�
�
�"���
'�
'����A��&����u�S��Z�Z��\�*�*�*���$����x�!�!�$�'�'�'rfc��d}d}d}	|jjr tj���rd}n#t
$rd}YnwxYw|dkrvt
|jj�����}|�	��|D]3}|j�
|��\}}|r|dkr|dz
}||z
}|}�4n(|j�
|��\}}|dkr|dz
}|rj|j���rQ|r=	|j���n#t
$r�wxYw|td��z
}n|td��z
}|S)�Refresh application profileryTFrr�rzSkipped reloading firewall)rq�	do_checksr-r��	under_sshr>rrr�r��update_app_ruler|�_reload_user_rulesra)	rtr]r��allow_reload�trigger_reloadrr@r��founds	         rF�application_updatezUFWFrontend.application_updates���������	!��|�%�
%�#�(�*<�*<�*>�*>�
%�$�����	!�	!�	!�!�L�L�L�		!�����e����D�L�1�6�6�8�8�9�9�H��M�M�O�O�O��
+�
+��#�|�;�;�A�>�>���e��+��b�y�y��t����C�K�D�%*�N��

+�&*�\�%A�%A�'�%J�%J�"�T�>��r�z�z������	8�d�l�5�5�7�7�	8��
8���L�3�3�5�5�5�5�� �����������-�.�.�.�����6�7�7�7���s�,5�A�A�	D#�#D/c��d}d}|dkrtd��}t|���|jjd}|dkr(tj�d|�d|�d���|S|d	krd
}n3|dkrd}n*|d
krd
}n!td��|z}t|���dg}|jjr|�d��|||gz
}	t|��}n#t$r�wxYwd|jvr3|�|j
|jd|jd��}n|�|j
dd��}|S)r$ryrz%Cannot specify 'all' with '--add-new'�default_application_policy�skipzPolicy is 'z', not adding profile 'r��acceptr�droprrzUnknown policy '%s'r-r(r*�iptype)rarrq�defaultsr-r�r�rur�r<r>�datarr�)rtr]r�r�r�r�argsrDs        rF�application_addzUFWFrontend.application_addBs��������e����?�@�@�G��7�#�#�#��,�'�(D�E���f����H�N�N�N�"�F�F�G�G�G�-�
.�
.�
.��K�
��
 �
 ��F�F�
��
�
��F�F�
��
 �
 ��F�F��-�.�.�'�:�G��7�#�#�#��y���<��	%��K�K��$�$�$��&�'�#�#��	��t�$�$�B�B���	�	�	��	�����R�W����>�>�"�)�R�W�V�_�"$�'�(�"3�5�5�D�D��>�>�"�)�R��4�4�D��s�C!�!C-c�F�d}|dkr|�d��}�n|dkr|�d��}n�|dkr|�d��}n�|dkr|�d	��}n�|d
kr|���}n�|dkr|�|��}nv|dks|d
krI|�|��}d}|d
kr|�|��}|dkr|dkr|dz
}||z}n!td��|z}t
|���|S)zzPerform action on profile. action and profile are usually based on
           return values from parse_command().
        ryz
default-allowrzdefault-denyrzdefault-rejectrzdefault-skipr/rrrzupdate-with-newr�r
)rrr"r,r6rar)rtr�r]r��str1�str2r�s       rF�do_application_actionz!UFWFrontend.do_application_actionls`�����_�$�$��5�5�g�>�>�C�C�
�~�
%�
%��5�5�f�=�=�C�C�
�'�
'�
'��5�5�h�?�?�C�C�
�~�
%�
%��5�5�f�=�=�C�C�
�v�
�
��+�+�-�-�C�C�
�v�
�
��+�+�G�4�4�C�C�
�x�
�
�6�->�#>�#>��*�*�7�3�3�D��D��*�*�*��+�+�G�4�4���r�z�z�d�b�j�j�������+�C�C��1�2�2�f�=�G��7�#�#�#��
rfc��d}|jjr�tj���r�td��|j|jd�z}t|tj
d���tj����
�����}|dkr||jkr
||jkrd}|S)z6If running under ssh, prompt the user for confirmationTzWCommand may disrupt existing ssh connections. Proceed with operation (%(yes)s|%(no)s)? �rprrFr�ro)rqr%r-r�r&rarprrrr�r�r�r�r:rrs)rtrrrs    rF�continue_under_sshzUFWFrontend.continue_under_ssh�s������<�!�	 �c�h�&8�&8�&:�&:�	 ��C�D�D� $����8�8�:�F�
��s�z�5�9�9�9�9��)�$�$�&�&�,�,�.�.�4�4�6�6�C��c�z�z�c�T�X�o�o�#���2F�2F����rfc���d}td��|j|jd�z}|jjr=t
j���rtd��|j|jd�z}|jjr�|s�tt
j�	|��tjd���tj�
��������}|dkr'||jkr||jkrtd��}|S|j���r||�d��z
}|j���}|S)	zReset the firewallryzTResetting all rules to installed defaults. Proceed with operation (%(yes)s|%(no)s)? r<zResetting all rules to installed defaults. This may disrupt existing ssh connections. Proceed with operation (%(yes)s|%(no)s)? Fr�ror�)rarprrrqr%r-r�r&rrr�r�r�r�r:rrsr|r�r)rtrr�rrs     rFrzUFWFrontend.reset�sZ�����2�3�3� �H�D�G�4�4�6���<�!�	:�c�h�&8�&8�&:�&:�	:��6�7�7�!%����8�8�:�F�
�<�!�	�%�	����"�"�6�*�*�3�:�u�M�M�M�M��)�$�$�&�&�,�,�.�.�4�4�6�6�C��c�z�z�c�T�X�o�o�#���2F�2F��	�l�l���
��<�"�"�$�$�	+��4�#�#�E�*�*�*�C��l� � �"�"���
rf)rjNN)FF)r)F)�__name__�
__module__�__qualname__�__doc__rwr�r�r�r�r�r�r�r�rrrrr"r,r6r:r=r�rfrFrhrh�sm�������H�,6�'+�!�!�!�!� 4�4�4�l��������������F�F�F�P���:J�J�J�X/�/�/�/�bT�T�T�T�l������,(�,(�,(�\)�)�)�V(�(�(�T���@��������rfrh)rBr�r�r��
ufw.commonr�ufw.utilr-rrr�ufw.backend_iptablesr�
ufw.parserr<rerhrCrfrF�<module>rHs���-�-�"
�	�	�	�
�
�
�
���������������%�%�%�%�%�%�%�%�%�%�3�3�3�3�3�3�����E�E�E�PE�E�E�PD�D�D�D�D�D�D�D�D�Drf