Your IP : 172.28.240.42

Current Path : /usr/lib/python2.7/dist-packages/ufw/
Upload File :
Current File : //usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyc


^Oc@sdZddlZddlZddlZddlZddlZddlZddlmZm	Z	m
Z
mZddlm
Z
mZmZmZmZddlZdejjfdYZdS(s-backend_iptables.py: iptables backend for ufwiN(tUFWErrortUFWRulet
config_dirt	state_dir(twarntdebugtmsgtcmdtcmd_pipetUFWBackendIptablescBseZdZdZdZdZdZeedZdZ	dZ
dZd	Zd
Z
dZdZed
ZedZdZedZdZdZdZRS(sInstance class for UFWBackendcCsdtjjd|_i}tjjtd|d<tjjtd|d<tjjtd|d<tjjtd	|d
<tjjtd|d<tjjtd
|d<tjjtd|d<tj	j
j|d||igd6gd6gd6gd6|_xddgD]}d}|dkr`|j
rK||7}q`|dkr`qq`nxXdddgD]G}x>dddgD]-}d|||f}|j|j|qWqpW|jdj|d|jdj|dqWdd d!d"d#d$d%d&g|_d'|_d(S()s!UFWBackendIptables initializations# s
_comment #s
user.rulestrulessufw/before.rulestbefore_rulessufw/after.rulestafter_rulessuser6.rulestrules6sufw/before6.rulest
before6_rulessufw/after6.rulestafter6_rulessufw-inittinittiptablestbeforetusertaftertmisct4t6tufwtinputtoutputtforwards%s-%s-logging-%ss
-logging-denys-logging-allowsufw-user-limits-mtlimits--limits3/minutes-jtLOGs--log-prefixs[UFW LIMIT BLOCK]N(RtcommontprogramNametcomment_strtostpathtjoinRRtbackendt
UFWBackendt__init__tchainstuse_ipv6tappendtufw_user_limit_logtufw_user_limit_log_text(tselftdryruntfilestvertchain_prefixtlocttargettchain((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyR& s8%
		cCsztd}|jddkr,|d7}nJ|jddkrL|d7}n*|jddkrl|d7}n
|d	7}|S(
sGet current policys
New profiles:tdefault_application_policytaccepts allowtdrops denytrejects rejects skip(t_tdefaults(R,trstr((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pytget_default_application_policyEs



c

Cs|js|dkrL|dkrL|dkrLtd|}t|n|dkr|dkrtd|}t|nd}|dkrd	}nd
}d
}|dkry"|j|jdd|d
Wntk
rnXd}d}n|dkrRy"|j|jdd|dWntk
rBnXd}d}nEy"|j|jdd|dWntk
rnXd}d}tjd
|}x|jd|jdgD]}ytj	j
|}	Wntk
rnX|	d}
xV|	dD]J}|j|rDtj	j|
|j
||q
tj	j|
|q
Wytj	j|	Wqtk
rqXqWntdi|d6|d6}|td7}|S(sSets default policy of firewalltallowtdenyR7sUnsupported policy '%s'tincomingtoutgoings%Unsupported policy for direction '%s'tINPUTtOUTPUTtR9sDEFAULT_%s_POLICYs"ACCEPT"s	UFW BLOCKs	UFW ALLOWs"REJECT"s"DROP"RRttmptorigs5Default %(direction)s policy changed to '%(policy)s'
t	directiontpolicys*(be sure to update your rules accordingly)(R-R8Rtset_defaultR.t	ExceptiontretcompileRtutilt
open_filestsearcht
write_to_filetsubtclose_files(
R,RFREterr_msgR3told_log_strtnew_log_strtpattftfnstfdtlineR:((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pytset_default_policySst	$		
	
	
!

"
	cCs|jr1dtd}|dtd7}|Sddddg}g}g}|dkr|jd	d
dddg}d
ddg}n|d
kr}x9dddgD](}|jd||jd|qWx?dddddgD](}|jd||jd|qWx6ddgD](}|jd||jd|q#WxdddgD]}|jd|q_Wn|dkrxdddgD](}|jd||jd|qWns|dkr-x9dddgD](}|jd||jd|qW|jd |jd!n|d"krxxdddgD](}|jd#||jd$|qIWn|d%kr;x}dddgD]l}|jd&||jd'||jd(||jd)||jd*||jd+|qW|jd,|jd-|jd.|jd/nd0|}x|D]}d1|kr|jd1\}	}|d2|	7}t|jg||d	|	g\}
}n#t|jg||g\}
}||7}|dkr|d37}n|
d4krLt|qLqLW|dks*|jr|d57}x|D]}d1|kr|jd1\}	}|d2|	7}t|jg||d	|	g\}
}n#t|jg||g\}
}||7}|dkr|d37}n|
d4kr;t|q;q;Wn|S(6s'Show current running status of firewalls> sChecking raw iptables
sChecking raw ip6tables
s-ns-vs-xs-Ltraws-ttfiltertnattmangletbuiltinsR@tFORWARDRAs	filter:%st
PREROUTINGtPOSTROUTINGs	mangle:%ssraw:%ssnat:%sRRRRs
ufw-before-%ssufw6-before-%sRsufw-user-%ssufw6-user-%ssufw-user-limit-acceptsufw-user-limitRsufw-after-%ss
ufw6-after-%stloggingsufw-before-logging-%ssufw6-before-logging-%ssufw-user-logging-%ssufw6-user-logging-%ssufw-after-logging-%ssufw6-after-logging-%ssufw-logging-allowsufw-logging-denysufw6-logging-allowsufw6-logging-denysIPV4 (%s):
t:s(%s) s
is

IPV6:
(	R-R8R)tsplitRRRR(t	ip6tables(R,t
rules_typetouttargstitemstitems6tctbtitttrcRC((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pytget_running_raws	







,#



,#

c!Csd}|jrFdtd}|jrB|dtd7}n|Std}xddgD]}t|jdd	|d
g\}}|dkrtdS|d
krt|d|n|jr_t|jdd|d
g\}}|d
krt|dqq_q_Wd}d}	|j|j}
d}i}x|
D]}
d}i}d}t	}|r|
j
dks|
jdkrt}|
j
}|j|rtd|qIqt	||<nxddgD]}d||<d}d}|dkr\|
j}|rP|
j
dkrP|
j
}|
jrY|dkrY|d7}qYq|
j}nV|
j}|r|
jdkr|
j}|
jr|dkr|d7}qn	|
j}|dkr|dkr|||<n|dkr)||dkr|||<n||cd|7<|rC|
jdkrC||cd|
j7<n|r)|dkr|
j
dkr||cd|
j
7<|
jr|dkr||cd7<n||cd7<n|dkr&|
jdkr&||cd|
j7<|
jr|dkr||cd7<n||cd7<q&q)n|dkr|dksM|dkrd||<|r|
jdkr|
j|
jkr|
j|
jkr||cd|
j7<n|dkr
||cd7<q
q|r|
jdkr|
j|
jkr||cd|
j7<qn|dkrE|
jdkrE||cd|
j7<n|dkr|
jdkr||cd|
j7<qqWg}d}|
js|
jjdkr|
jr|j|
jjn|r|
jdkr|j|
jnt|d
krdd j|}qn|r4|d!|7}n|
jj}|
jd"kri|ri|rid}n|d#|ddj|
jj|g|d|f7}|r||7}n&|
jdkr|	|7}	n
||7}|d7}qIW|dks|	dkr^d$}|r|d%7}ntd&}td'}td(}d)|j d*d+|j d*d+|j d*d+f}|r|d%7}n|d)d,t|j d*d+d,t|j d*d+d,t|j d*d+f7}||j!d*d+7}|dkr||7}n|dkr<|	dkr<|td-7}n|	dkrU||	7}n|}n|r|j"\}}td.i|j#d"6|j#dd6}|j$} td/i|d06|d16| d26|d36Std4|Sd5S(6sShow ufw managed rulesRBs> sChecking iptables
sChecking ip6tables
sproblem runningRRs-Lsufw-user-%ss-nisStatus: inactiveis iptables: %s
sufw6-user-%ss
 ip6tablessSkipping found tuple '%s'tdsttsrcs::/0s (v6)s	0.0.0.0/0tanyt t/s (%st)tAnywheres on %sRgs (%s)s, s[%2d] tins%-26s %-12s%s%s
s

s     tTotFromtActions%-26s %-12s%s
sutf-8tignoret-s
s.Default: %(in)s (incoming), %(out)s (outgoing)s0Status: active
%(log)s
%(pol)s
%(app)s%(status)stlogtpoltapptstatussStatus: active%sN(%R-R8R(RRRReR
R
tTruetdapptsapptFalset
get_app_tuplethas_keyRRqtv6tdportRrtsporttprotocoltinterface_int
interface_outtlogtypeREtlowerR)tlenR#tuppertactiontdecodetencodetget_loglevelt_get_default_policyR;(!R,tverboset
show_countRgRQRERotout6tststr_outR
tcountt	app_rulestrttmp_strtlocationttuplt
show_protoR1tportRCtattribst
attrib_strtdir_strtfull_strtstr_totstr_fromt
str_actiontrules_headertleveltlogging_strt
policy_strtapp_policy_str((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt
get_statuss$	

%

					


$		
	




!

			cCsxtd}|jr,tdtdnHt|jddg\}}|dkrtt|t|dndS(	sStop the firewallsproblem runnings> srunning ufw-initRs
force-stopis	 ufw-initN(R8R-RRR.RR(R,RQRoRg((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt
stop_firewalls	
cCs+td}|jr,tdtdnt|jddg\}}|dkrtt|t|dn|jjds|jd|j	j
kry|jd	Wq'tk
rtd
}t|q'XnDy|j
|jdWn)tk
r&td}t|nXdS(
sStart the firewallsproblem runnings> srunning ufw-initRtstartis	 ufw-inittlogleveltlowsCould not set LOGLEVELsCould not load logging rulesN(R8R-RRR.RRR9Rt	loglevelstkeystset_loglevelRHtupdate_logging(R,RQRoRg((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pytstart_firewalls&	


c	Cs|jr
tSd}|j}|r4d}|j}nxdddddgD]j}|rt|dksJ|dkrtqJnt|dd	|d
|g\}}|dkrJtdtSqJWtS(
sCheck if all chains existRtufw6RRRRslimit-accepts-ns-Ls-user-is_need_reload: forcing reload(R-RRReRRR(R,RtprefixtexeR3RoRg((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt_need_reloads		&
cCsYtd}|jr;td|jrUtdqUn|jrUyHxA|jdD]2}|j|d|g|j|d|gqXWWntk
rt|nXt	d|j
dg|jd	g\}}|d
krt|dn|jrUt	d|j
dg|jd	g\}}|d
krRt|d
qRqUndS(sReload firewall rules filesproblem runnings> | iptables-restores> | ip6tables-restoreRs-Fs-ZtcatR
s-nis	 iptablesR
s
 ip6tablesN(
R8R-RR(t
is_enabledR't
_chain_cmdRHRRR.tiptables_restoretip6tables_restore(R,RQRkRoRg((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt_reload_user_ruless*	

cCs,g}tjd}tjd}tjd}|j|r|j|r|j|r|j|jd|jd|n|j|jd||j|jd|q|j|jd|n
|j|tjd}tjd	}	tjd
}
d}xVt|D]H\}}
|j|
r&|jd|
j}|jd
krtd}n!|jdkrd}nd}d||f}|	j|
sd|}n|jd|
||<|j||jd|d||
|j||
jd|d||jd|
|j||
jd|d||jd||
q&q&Wtjd}xt|D]\}}
|j|
r|jd|
}|jddd|d|
}|jd|d |
}|||<|j|||j||qqW|S(!s5Return list of iptables rules appropriate for sendings-p all sport s-j (REJECT(_log(-all)?)?)s-p tcp s-j \1 --reject-with tcp-resets-p udp RBs(.*)-j ([A-Z]+)_log(-all)?(.*)s-j [A-Z]+_log-alls(-A|-D) ([a-zA-Z0-9\-]+)s'-m limit --limit 3/min --limit-burst 10s\2R5tALLOWRtLIMITtBLOCKs"%s -j LOG --log-prefix "[UFW %s] "s-m state --state NEW s	\1-j \2\4s\1-j s-user-logging-s\1 s\1-j RETURNs\1s	 -j LIMITs% -m state --state NEW -m recent --sets -m state --state NEW -m recents# --update --seconds 30 --hitcount 6s -j s-user-limits-user-limit-accept(	RIRJRMR)ROt	enumeratetstripRtinsert(R,tfruleRtsuffixtsnippetst	pat_prototpat_portt
pat_rejecttpat_logt
pat_logallt	pat_chaint
limit_argsRmRRFtlstrt	pat_limitttmp1ttmp2ttmp3((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt_get_rules_from_formattedsh	
		

	
!		
c	Csg}|j|||}tjd}xt|D]\}}|j|jd|j|j|r7||jd||j|jd|jdd||c|jd|j7<q7q7W|S(s_Return list of iptables rules appropriate for sending as arguments
           to cmd()
        s(.*) --log-prefix (".* ")(.*)s\1s--log-prefixs\2t"RBs\3(	RRIRJRR)RORdtmatchtreplace(	R,RRRRtstr_snippetsRTRmR((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt_get_lists_from_formattedFs))cCs-|jdg}|jr3|j|jdnx|D]}ytjj|}Wn-tk
rtd|}t|nXt	j
d}x|D]{}|j|r|jd|}t	j
d|j}t|dkst|dkrtd	|}	t|	qqd
}
d}t|dksOt|dkrd|d
kr{|d
j
d\}
}q|d
}
nyt|dkrt|d|d|d|d|d|d|
}nt|d|d|d|d|d|d|
}t	j
d}
|ddkrG|
jd|d|_n|ddkrs|
jd|d|_n|dkr|j|
|nWn.tk
rtd|}t|qnX||jdkr|jt|jj|q|jt|jj|qqW|jq:WdS(s$Read in rules that were added by ufwR
R
sCouldn't open '%s' for readings^### tuple ###\s*RBs\s+ii	s)Skipping malformed tuple (bad length): %sRxiR8iiiiiiiis%20R}RtsSkipping malformed tuple: %sN(R.R(R)RRKtopen_file_readRHR8RRIRJRRORdRRRRRRt
set_interfacetset_v6RR
RR
tclose(R,trfnsRURDRQt	pat_tupleRXRRCtwmsgtdtypet	interfacetrulet	pat_spacetwarn_msg((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt_read_rulesXsb


$	
$

	


cCs|jd}|r#|jd}ntj|tjsWtd|}t|nytjj|}Wnt	k
rnXd}|j
}|rd}|j}n|jrt
jj}n
|d}tjj|dtjj|d|d	tjj|d|d
tjj|d|dtjj|d|dtjj|d|d
tjj|d|dtjj|d|dtjj|d|dtjj|d|dtjj|d|dtjj|d|dtjj|d|dtjj|d|dtjj|d|d|dkrtjj|d|dtjj|d|dntjj|dxQ|D]I}|j}	|jdkr|	d|j7}	n|jdkr|jdkrd|	|j|j|j|j|j|jf}
|jdkr`|
d|j7}
n|jdkr|
d|j7}
ntjj||
dntjd}d }|jr|jd!|j}nd }
|jr|jd!|j}
nd"|	|j|j|j|j|j||
|jf	}
|jdkrT|
d|j7}
n|jdkrw|
d|j7}
ntjj||
dd#}|jd$krd%}nd&||f}d'||j f}x0|j!|||D]}tjj||qWqWtjj|d(tjj|d)y|j"|j#d*}Wnt	k
r_nXx|D]\}}}t$|d+kr|d+d,krqgn|j%|d rgtjj|dj&|j'd-d.j'd/d0dqgqgWtjj|d1|dkrtjj|d2|j#d*d3krjtjj|d4dj&|j(d5|j)d6ntjj|d4|d7tjj|d4|d8tjj|d9ntjj|d:y3|jrtjj*|t+ntjj*|Wnt	k
rnXd;S(<s.Write out new rules to file to user chain fileR
R
s'%s' is not writableRRRCs*filter
Rcs-user-input - [0:0]
s-user-output - [0:0]
s-user-forward - [0:0]
s-before-logging-input - [0:0]
s-before-logging-output - [0:0]
s -before-logging-forward - [0:0]
s-user-logging-input - [0:0]
s-user-logging-output - [0:0]
s-user-logging-forward - [0:0]
s-after-logging-input - [0:0]
s-after-logging-output - [0:0]
s-after-logging-forward - [0:0]
s-logging-deny - [0:0]
s-logging-allow - [0:0]
s-user-limit - [0:0]
s-user-limit-accept - [0:0]
s### RULES ###
RBR8s#
### tuple ### %s %s %s %s %s %s %ss_%ss
RtR}s%20s)
### tuple ### %s %s %s %s %s %s %s %s %sRRgRs
%s-user-%ss	-A %s %s
s
### END RULES ###
s
### LOGGING ###
Ris-Dt[s"[s] s] "s### END LOGGING ###
s
### RATE LIMITING ###
toffs-A s "s "
s-user-limit -j REJECT
s-user-limit-accept -j ACCEPT
s### END RATE LIMITING ###
sCOMMIT
N(,R.R!taccesstW_OKR8RRRKRLRHR
R
R-tsyststdouttfilenoRNRRRRRRRqRRrRERRRIRJROtformat_ruleRt_get_logging_rulesR9Rt
startswithR#RR*R+RPR(R,Rt
rules_fileRQRVR0R
RWRRttstrRRRtchain_suffixR3trule_strRtlrules_tRktq((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt_write_ruless

		

	!
		!	

"$)	
cCsd}|jrY|js6td}t|n|jdkrYtd|jSn|jr|jdkr|jdkrtd}t|ng}t}t}|j}|j	}	|jr|j
dkr|jdks|jdkrtd	S|j
}n|	d
ks)|	t|krHtd|	}t|n|	d
krx|jrxtd}t|n|	t|krtd
|	}t|ny|jWntk
rnXd}
t}d
}d/}
x|D]}y|jWntk
rnX|j|j|j|jf}|
|	kr|
ddkrn|
ddkrn|
dks|ddkr|ddks|
|krt}|j|jd0}
q|	d7}	n|}
|
d7}
tj||}|dkr|d7}n|d
krF|rF|rFt}|js|j|jqq|d
kr|jr|rt}t}|j|jq|j|qW|r|d
krutd}|jr|d7}n|Sn|r|jr|j|jn|r8|jr8|jr8td}|jr4|d7}n|S|ru|jru|rutd}|jrq|d7}n|S|jr||_
n	||_y|j|jWn:tk
rn'tk
rtd}t|nXtd}|jrtd}n|jr|jrd}|sB|j|jsB|rd}|ra|td7}n|td7}|jr|d7}n|ry|jWqtk
rqXq|td7}nQ|r|jrd}td}n-|r|r|jrd}td}n|dkr|j}d}|jrY|j}d }|d7}nd!}|j d"krwd#}nd$||f}td%}t!|d&|d'g\}}|d
krt|nd(|||j"f}t#j$d)}x|j%|||D]}t!|g|\}}|d
krRt&|t'j(t|n|dkr
|j)d*j*|r
|j+d+d*j*|}t!|d|d,d-g\}}|d
krt,d.|qq
q
Wqn|S(1sXUpdates firewall with rule by:
        * appending the rule to the chain if new rule and firewall enabled
        * deleting the rule from the chain if found and firewall enabled
        * inserting the rule if possible and firewall enabled
        * updating user rules file
        * reloading the user rules file if rule is modified
        RBs)Adding IPv6 rule failed: IPv6 not enabledRs#Skipping unsupported IPv6 '%s' ruletudpttcps/Must specify 'tcp' or 'udp' with multiple portss1.4s:Skipping IPv6 application rule. Need at least iptables 1.4isInvalid position '%d's Cannot specify insert and deletes#Cannot insert rule at position '%d'iiis Skipping inserting existing rules (v6)s"Could not delete non-existent rulesSkipping adding existing rulesCouldn't update rules files
Rules updatedsRules updated (v6)s
Rule insertedsRule updateds (skipped reloading firewall)s-DsRule deleteds-As
Rule addedRRRRgRs
%s-user-%ss!Could not update running firewalls-Ls-ns%s %s %ss(-A +)(ufw6?-user-[a-z\-]+)(.*)Rts\2s-jtRETURNsFAILOK: -D %s -j RETURN(RBRBRBRB(RBRBRBRB(-RR(R8RRtmultiRRR
tpositiontiptables_versionRRR
Rtremovet	normalizeRHRqRrRR)tdup_ruleRRR-RRRRRReRERRRIRJRRRtstderrRMR#ROR(R,Rtallow_reloadR:RQtnewrulestfoundtmodifiedR
RRtinsertedtmatchestlastRtcurrenttrettflagRR0RR3RoRgRRRRk((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pytset_rule/s&	'			



, 	


		
	
	
		

		


			
	

$!c
Csg}g}|r|j}n	|j}|j}|j||j|j}xL|D]D}|j}|j|j}	|	|kr]|j|q]q]W|S(s@Return a list of UFWRules from the system based on template rule(R
R
RRRRR)(
R,ttemplateRR
RtnormRRRCt	tmp_tuple((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pytget_app_rules_from_systems 	



cCs|j}|jdr$|j}nt|g|\}}|dkrtd|}|rptd|qt|ndS(sPerform command on chainRisCould not perform '%s'sFAILOK: N(RRReRR8RR(R,R3Rhtfail_okRRoRgRQ((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyRs	cCs|jr
dSg}y|j|}Wntk
r<nXy$|jdt|jdtWn:tk
rwn'tk
rtd}t|nX|jsdStd}xs|j	d|j	d|j	d|j	dD]C}y|j
|d	|d
gWqtk
r+t|qXqWy^xW|j	d|j	d|j	dD]2}|j
|d|g|j
|d|gqWWWntk
rt|nXx|D]\}}}t}t|d
kr|d
dkrt}nyY|dkr:t|dkr:|j
|dg|ddtn|j
|||Wqtk
rmt|qXqW|j
ddg|j|j
dgdt|jddkr|j
ddg|j|j
dgdtndS(s#Update loglevel of running firewallNRs&Couldn't update rules file for loggings!Could not update running firewallRRRRs-Ls-ns-Fs-Zis-Dtdelete_firstiRsufw-user-limitRtRRs-I(R-RRHRRRRR8RR'RRR*R+R9(R,Rtrules_tRQRkRRR((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyR!sb	


2

"	$
	
c	
Csg}||jjkr:td|}t|n|dkrx7|jdD](}|j|d|ddgdgqTW|Sx7|jdD](}|j|d|ddgd	gqWd
ddd
ddg}|j||jdkr2g}|j||jdkr|}nx|jdD]}xdddgD]}|j|r=|j|dks||j|dkrd}|j|d|ddd|g|d	gq|j||jdkrd}|j|d|ddd|g|d	gqq=q=Wq'Wg}|j||jdkr4|}nx|jdD]}|jdr`d}n|jdrd}|j||jdkr|j|d|d
d d!d"ddg|d	gq|j|d|d
d d!d"dddd#g
|d	gn|j|d|ddd|g|d	gqBWn|j||jdkrg}|j||jd$kru|}n|j||jdkrd
d d!d%g|}nd&}xD|jd'D]2}|j|d|ddd|g|d	gqWn|S((s%Get rules for specified logging levelsInvalid log level '%s'RRs-Is-jRRs-DRBs-mRs--limits3/mins
--limit-burstt10RthighRRRRR7R=s[UFW BLOCK] s-ARs--log-prefixtmediums[UFW ALLOW] RR<tstates--statetINVALIDs[UFW AUDIT INVALID] tfulltNEWs[UFW AUDIT] R(RRR8RR'R)tendswithR(	R,RRRQRkRtlargsRnR((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyRdsx&&						cCsd}g}x|jD]}|j|jds8qn|j|j|tjjtjjdtjj	|j|}tjj
|std|}t|qqWt
jd}xO|D]G}d||f}tjj|rtd|}t|qqWx\|D]T}d||f}|tditjj	|d	6|d
67}tj||qWx|D]}d||f}tjtjjtjjdtjj	|tjj|tj||y tj|}|tj}	Wn.tk
r/td|}
t|
qynX|	tj@rT|td|7}qy|	tj@ry|td
|7}qyqyW|S(sReset the firewallRBs.rulesRsCould not find '%s'. Abortings
%Y%m%d_%H%M%Ss%s.%ss'%s' already exists. Abortings"Backing up '%(old)s' to '%(new)s'
toldtnewsCouldn't stat '%s'sWARN: '%s' is world writablesWARN: '%s' is world readable(R.R R)R!R"R#RRt	share_dirtbasenametisfileR8RttimetstrftimetexiststrenametshutiltcopytdirnametcopymodetstattST_MODERHRtS_IWOTHtS_IROTH(R,trestallfilesRmtfnRQtextR"tstatinfotmodeR((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pytresetsP

"




(t__name__t
__module__t__doc__R&R;RYRpRRRRRRRRRRRRRRRRR9(((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyR	s(	%		H	V					D		?	
	C	Z(R<R!RIR+R/RR't
ufw.commonRRRRtufw.utilRRRRRtufw.backendRR$R%R	(((s8/usr/lib/python2.7/dist-packages/ufw/backend_iptables.pyt<module>s"(