Your IP : 172.28.240.42


Current Path : /usr/lib/python2.7/dist-packages/ufw/
Upload File :
Current File : //usr/lib/python2.7/dist-packages/ufw/util.pyc


^Oc@sdZddlZddlZddlZddlZddlZddlZddlZddlZddl	Z	ddl
mZeZ
dZdZdZdZdZd	d
ZdZdZd
ZdZedZdZdZedZdZe	jdZdZ dZ!dZ"dZ#ej$dZ%ej$dZ&dZ'dZ(dZ)dZ*dZ+d Z,d!Z-d"d#Z.d$Z/ed%Z0d&Z1d'Z2d(Z3d)Z4d*Z5dS(+s"util.py: utility functions for ufwiN(tmkstempcCsd}ytj|Wntk
r-nXytj|dd}Wntk
r[nXy/tj|d|dkrd}nd}Wntk
rnX|S(s8Get the protocol for a specified port from /etc/servicestttcptudptany(tsockett
getservbynamet	Exception(tporttproto((s,/usr/lib/python2.7/dist-packages/ufw/util.pytget_services_proto!s$


	

cCsyd}d}|jd}t|dkr@|d}d}n/t|dkri|d}|d}nt||fS(sParse port or port and protocolRt/iiRi(tsplittlent
ValueError(tp_strRR	ttmp((s,/usr/lib/python2.7/dist-packages/ufw/util.pytparse_port_proto;s
	

cCstjstdtSt|dks<tjd|r@tS|jd}ytjtj	|dWnt
k
r~tSXt|dkrtSt|dkrt|dtstSntS(sVerifies if valid IPv6 addresss"python does not have IPv6 support.i+s^[a-fA-F0-9:\./]+$Riii(
Rthas_ipv6twarntFalseR
tretmatchRt	inet_ptontAF_INET6Rt_valid_cidr_netmasktTrue(taddrtnet((s,/usr/lib/python2.7/dist-packages/ufw/util.pytvalid_address6Ks 	
%
cCst|dks%tjd|r)tS|jd}y2tjtj|dt|dtsitSWnt	k
r~tSXt|dkrtSt|dkrt
|dtstSntS(sVerifies if valid IPv4 addressis^[0-9\./]+$Riii(R
RRRRRRtAF_INETt_valid_dotted_quadsRt
valid_netmaskR(RR((s,/usr/lib/python2.7/dist-packages/ufw/util.pytvalid_address4es%
cCst||pt||S(s(Verifies if valid cidr or dotted netmask(RR(tnmtv6((s,/usr/lib/python2.7/dist-packages/ufw/util.pyR }sRcCsX|dkrt|S|dkr,t|S|dkrNt|pMt|StdS(sValidate IP addressest6t4RN(RR!R(Rtversion((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt
valid_addresss

c	
Csg}t}d}tj}|r3d}tj}nd|kr|jd}|rn|ddkrn|d=q|r|ddks|ddkr|d=qn
|j||r
t|dkr
t|d|r
yt|d||d<Wq
t	k
r	q
Xn|d	}tj
|tj||}||d	krNt}nt|dkr|d|d7}|st
|}||krd
||f}t||}t}qqnt||sd|}t|tn||fS(sConvert address to standard form. Use no netmask for IP addresses. If
       netmask is specified and not all 1's, for IPv4 use cidr if possible,
       otherwise dotted netmask and for IPv6, use cidr.
    R%R$Rit128t32s255.255.255.255iisUsing '%s' for address '%s'sInvalid address '%s'(RRRRRtappendR
Rt_dotted_netmask_to_cidrRt	inet_ntopRRt_address4_to_networktdebugR'R(	torigR#RtchangedR&ts_typeRtnetworktdbg_msg((s,/usr/lib/python2.7/dist-packages/ufw/util.pytnormalize_addresssJ	
'

,

	


	cCs.yt|d}Wntk
r)nX|S(s"Opens the specified file read-onlytr(topenR(tfnR/((s,/usr/lib/python2.7/dist-packages/ufw/util.pytopen_file_reads

cCs{yt|}Wntk
r&nXyt\}}Wntk
rZ|jnXi|d6|d6|d6|d6S(s=Opens the specified file read-only and a tempfile read-write.R/torignameRttmpname(R8RRtclose(R7R/RR:((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt
open_filess


cCs\|dkrdS|s+ttjdntj||dkrXttjdndS(s~Write to the file descriptor and error out of 0 bytes written. Intended
       to be used with open_files() and close_files().RNsNot a valid file descriptoris"Could not write to file descriptor(tOSErrorterrnotENOENTtostwritetEIO(tfdtout((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt
write_to_filescCs|djtj|d|rsy4tj|d|dtj|d|dWqstk
roqsXnytj|dWntk
rnXdS(suCloses the specified files (as returned by open_files), and update
       original file with the temporary file.
    R/RR9R:N(R;R@tshutiltcopystattcopyRtunlinkR=(tfnstupdate((s,/usr/lib/python2.7/dist-packages/ufw/util.pytclose_filess


cCsot|y%tj|dtjdtj}Wn tk
rQ}dt|gSX|jd}|j|gS(s!Try to execute the given command.tstdouttstderrii(	R.t
subprocesstPopentPIPEtSTDOUTR=tstrtcommunicatet
returncode(tcommandtsptexRD((s,/usr/lib/python2.7/dist-packages/ufw/util.pytcmds
cCsty4tj|dtj}tj|d|j}Wn tk
rV}dt|gSX|jd}|j|gS(s#Try to pipe command1 into command2.RMtstdinii(RORPRQRMR=RSRTRU(tcommand1tcommand2tsp1tsp2RXRD((s,/usr/lib/python2.7/dist-packages/ufw/util.pytcmd_pipescCsCytjd|IJWntk
r(nX|r?tjdndS(sPrint error message and exits	ERROR: %siN(tsysRNtIOErrortexit(RDtdo_exit((s,/usr/lib/python2.7/dist-packages/ufw/util.pyterrors
cCs-ytjd|IJWntk
r(nXdS(sPrint warning messagesWARN: %sN(R`RNRa(RD((s,/usr/lib/python2.7/dist-packages/ufw/util.pyR*s
cCs*y|d|IJWntk
r%nXdS(s
Print messages%sN(Ra(RDtoutput((s,/usr/lib/python2.7/dist-packages/ufw/util.pytmsg2s
cCs6tr2ytjd|IJWq2tk
r.q2XndS(sPrint debug messages	DEBUG: %sN(t	DEBUGGINGR`RNRa(RD((s,/usr/lib/python2.7/dist-packages/ufw/util.pyR.:s

cCst|d|jdS(s
    A word-wrap function that preserves existing line breaks
    and most spaces in the text. Expects that existing line
    breaks are posix newlines (
).
    cSsLd|dt||jddt|jddd|k|fS(Ns%s%s%ss 
s
ii(R
trfindR(tlinetwordtwidth((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt<lambda>Is
4t (treduceR(ttextRk((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt	word_wrapCscCs
t|dS(sWord wrap to a specific widthiK(Rp(Ro((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt	wrap_textSscs&d|jdfddS(s$Sorts list of strings into numeric order, with text case-insensitive.
       Modifies list in place.

       Eg:
       [ '80', 'a222', 'a32', 'a2', 'b1', '443', 'telnet', '3', 'http', 'ZZZ']

       sorts to:
       ['3', '80', '443', 'a2', 'a32', 'a222', 'b1', 'http', 'telnet', 'ZZZ']
    cSs |jrt|S|jS(N(tisdigittinttlower(tt((s,/usr/lib/python2.7/dist-packages/ufw/util.pyRlbstkeycs)gtjd|D]}|^qS(Ns([0-9]+)(RR(tktc(tnorm(s,/usr/lib/python2.7/dist-packages/ufw/util.pyRlcsN(tsort(tlst((Rys,/usr/lib/python2.7/dist-packages/ufw/util.pyt
human_sortXs
	cCsyt|}Wntk
r/tdnXtjjdt|d}tjj|sstd|ny$t	|j
djd}Wntk
rnXt|S(sdFinds parent process id for pid based on /proc/<pid>/stat. See
       'man 5 proc' for details.
    spid must be an integers/proctstatsCouldn't find '%s'ii(RsRRR@tpathtjoinRStisfileRatfilet	readlinesR(tmypidtpidtnametppid((s,/usr/lib/python2.7/dist-packages/ufw/util.pytget_ppidfs
$
cCsXyt|}WnZtk
r:td}t|tStk
rltdt|}t|nX|dks|dkrtStj	j
dt|d}tj	j|std|}t|ny$t|j
djd}Wn-tk
r+td|}t|nXtd	||d
krJtSt|SdS(s1Determine if current process is running under sshs%Couldn't find pid (is /proc mounted?)s!Couldn't find parent pid for '%s'is/procR}sCouldn't find '%s'is"Could not find executable for '%s'sunder_ssh: exe is '%s's(sshd)N(RRat_RRRRSRR@R~RRRRRR.Rt	under_ssh(RRtwarn_msgterr_msgR~texe((s,/usr/lib/python2.7/dist-packages/ufw/util.pyR{s0


$
cCsTd}|rd}ntjd|sLt|dksLt||krPtStS(sVerifies cidr netmasksi is^[0-9]+$i(RRRsRR(R"R#tnum((s,/usr/lib/python2.7/dist-packages/ufw/util.pyRs	7cCs|r
tStjd|rtjd|}t|dkrDtSxD|D]5}|s|t|dks|t|dkrKtSqKWntStS(s.Verifies dotted quad ip addresses and netmaskss^[0-9]+\.[0-9\.]+$s\.iii(RRRRR
RsR(R"R#tquadstq((s,/usr/lib/python2.7/dist-packages/ufw/util.pyRs
+cCsd}|rtnt||s-tnd}ttjdtj|d}t}xKtdD]=}||?d@dkrt	}qk|rd}Pqk|d7}qkW|dkr|dkrt
d|}nt||stn|S(s@Convert netmask to cidr. IPv6 dotted netmasks are not supported.Ris>Li ii(RRtlongtstructtunpackRt	inet_atonRtrangeRRSR(R"R#tcidrtmbitstbitst	found_onetn((s,/usr/lib/python2.7/dist-packages/ufw/util.pyR+s(		%		cCsd}|rtnwt||s-tnd}x;tdD]-}|t|kr@|dd|>O}q@q@Wtjtjd|}t||stn|S(s<Convert cidr to netmask. IPv6 dotted netmasks not supported.Rli iis>L(	RRRRsRt	inet_ntoaRtpackR(RR#R"RR((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt_cidr_to_dotted_netmasks			c	Cs+d|krtd|S|jd}t|dksOt|dtrXtn|d}|d}|}t|tryt|t}Wqtk
rqXnt	t
jdtj
|d}t	t
jdtj
|d}||@}tjt
jd|}d||fS(s8Convert an IPv4 address and netmask to a network addressRs8_address4_to_network: skipping address without a netmaskiiis>Ls%s/%s(R.RR
RRRRRRRRRRRRR(	RRthosttorig_nmR"t	host_bitstnm_bitstnetwork_bitsR2((s,/usr/lib/python2.7/dist-packages/ufw/util.pyR-s&
&	



%%
cCsd}d|kr#td|S|jd}t|dksXt|dtratn|d}|d}tjdtj	tj
|}d}xftd	D]X}|||d
}x<td
D].}	|dt||	@d|	|d
>O}qWqWd}
x;tdD]-}|t|kr|
dd|>O}
qqW||
@}g}xFtd	D]8}|j
t||d|d
|d
d
!dqfWtjtj
tjd|d|d|d|d
|d|d|d|d	}
d|
|fS(s8Convert an IPv6 address and netmask to a network addresscSs>djgt|dddD]}t||?d@^qS(sDecimal to binaryRii(RRRS(Rtcountty((s,/usr/lib/python2.7/dist-packages/ufw/util.pytdec2binsRs8_address6_to_network: skipping address without a netmaskiiis>8Hliiiiiiiiis%s/%si(R.RR
R RRRRRRRRRsR*R,R(RRRt	orig_hosttnetmasktunpackedRtiRtjRRR{R2((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt_address6_to_networks:	
&	

0
6c	Cs|jd}t|dks5t|d|r>tn|d}|d}|dksj|dkrntS|}d|kr|jd}t|dkst|d|rtn|d}n|dks|dkrtS|rt|st|r6tq6n#t|s-t|r6tnt||ry|ryyt||}Wqyt	k
ruqyXn|rt
d||fjdd}t
d||fjdd}nFtd||fjdd}td||fjdd}||kS(s&Determine if address x is in network yRiiis0.0.0.0s::s%s/%s(RR
R RRRR!RRRRR-(	t
tested_addt
tested_netR#RRRtaddresstorig_networkR2((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt
in_networkOsF&	

&	
	

 s/sbin/iptablescCsft|dg\}}|dkr=ttjd|ntjd|}tjdd|dS(sReturn iptables versions-VisError running '%s's\ss^vRi(RYR=R>R?RRtsub(RtrcRDR((s,/usr/lib/python2.7/dist-packages/ufw/util.pytget_iptables_versions
cCs{t|}t}x_|jD]Q}|jdrN|jdrNq"n|j}|d}|djdd}t}dj|djdd |d<|d|d	<|d
jdd|d<|dd
kr|d|d<n|d
jdd|d<|j|s:t||<g|||<n$||j|s^g|||<n|||j|q"W|S(s:Get and parse netstat the output from get_netstat_outout()RRiit:itladdrituidiRRt-R(tget_netstat_outputtdictt
splitlinest
startswithRRthas_keyR*(R#tnetstat_outputtdRiRR	Rtitem((s,/usr/lib/python2.7/dist-packages/ufw/util.pytparse_netstat_outputs,	 
	$
cCsd}|r d}tjj|s=ttjd|nxt|jD]}|j}||dkrPdj	gt
dt|ddD]}|d||d!^q}|djd	krd
|t
|djdf}qqPqPW|dkrttjdqn}tjtjtj}y?tjtj|jd
tjd|d dd!}Wn#tk
rttjdnXt||dS(sGet IP address for interfaceRs/proc/net/if_inet6s'%s' does not existiRiiit80s%s/%sisNo such deviceit256siii(R@R~texistsR=R>R?RRRRRR
RtRsRatENODEVRRt
SOCK_DGRAMRtfcntltioctltfilenoRRRR4(tifnameR#RtprocRiRRts((s,/usr/lib/python2.7/dist-packages/ufw/util.pytget_ip_from_ifs*A-'
c
Cst}d}t|r't}d}n!t|sHttjdntjj	|sst
tjd|nd}|rrxxt|j
D]}|j}|dj}djgtdt|dd	D]}|d||d	!^q}|d
jdkr7d|t|d
jd
f}n||ksad|krt||tr|}PqqWnxt|j
D]q}d|krqn|jddj}yt|t}	Wntk
rqnX|	|kr|}PqqW|S(sGet interface for IP addresss
/proc/net/devs/proc/net/if_inet6sNo such devices'%s' does not existRiRiiiRs%s/%siR(RRRR!RaR>RR@R~RR=R?RRRtstripRRR
RtRsRR(
RR#RtmatchedRiRRRttmp_addrtip((s,/usr/lib/python2.7/dist-packages/ufw/util.pytget_if_from_ipsD	A&
c	Csbtjd}|jtjd}t}x*|D]"}|j|sSq8ntjjd|d}tj	|tj
tjBsq8nd}y%tjtjjd|d}Wnt
k
rnXytj|}Wn
q8nXxk|D]c}y&tjtjj||d}Wnt
k
r5qnXd|tjj|f||<qWq8W|S(sGet inodes of files in /procs/procs^[0-9]+$RCRRis%s/%s(R@tlistdirRzRtcompileRRR~RtaccesstF_OKtR_OKtreadlinkRR}tbasename(	t
proc_filestpattinodesRtfd_pathtexe_pathtdirsRtinode((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt_get_proc_inodess4
	
%

&
(cCsidd6dd6dd6dd6d	d
6dd6d
d6dd6dd6dd6dd6}idd6dd6dd6dd6}tjjd|}tj|tjtjBstng}t}t|j	}x|D]}|j
}|st}qn|t||dd}	|j
dr+d}	n!|j
drL|	dkrLqn||dj
d \}
}||d}||d}
|j|
t|d||
|	fqW|S(!s=Read /proc/net/(tcp|udp)[6] file and return a list of tuples tESTABLISHEDitSYN_SENTitSYN_RECVit	FIN_WAIT1it	FIN_WAIT2it	TIME_WAITitCLOSEit
CLOSE_WAITitLAST_ACKi	tLISTENi
tCLOSINGit
local_addrtstateRRs	/proc/netiRtNARR(R@R~RRRRRRRRRRRsRR*(tprotocolt
tcp_statestproc_net_fieldsR7R{t
skipped_firsttlinesRitfieldsRRRRR((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt_read_proc_net_protocol!sH



	
	)cCsNd}t|dkrd}x[tdddD]G}|djgt|d|dD]}||d|!^qW7}q1Wtdjgtdt|dD]}|||d!j^qtd}nyg}xTgtdddD]}||d|!^qD]"}|jtt|d	qWtd
j|t	d}|S(sDConvert an address from /proc/net/(tcp|udp)* to a normalized addressRiii iiRiit.(
R
RRR4RtRR*RSRsR(tpaddrt	convertedRRR((s,/usr/lib/python2.7/dist-packages/ufw/util.pytconvert_proc_addressOsE	<7 c
CsFt}ddg}|r.|ddg7}nxS|D]K}yt|||<Wq5tk
rtd|}t|q5q5Xq5Wt}|j}|jd}x|D]}x||D]y\}}	}
}}t|}
d}|j	t
|r|t
|}n|d|d	|
|	f||
||f7}qWqW|S(
s5netstat-style output, without IPv6 address truncationRRttcp6tudp6s!Could not get statistics for '%s'RRs%-5s %-46s %-11s %-5s %-11s %s
s%s:%s(RRRRRRtkeysRzRRRs(R#t
proc_net_dataR	tpRRt	protocolsRRRRRRRR((s,/usr/lib/python2.7/dist-packages/ufw/util.pyRbs2	


	

 	
(6t__doc__R>RR@RRFRRROR`ttempfileRRRgR
RRR!R R'R4R8R<RERRLRYR_RdRRMRfR.RpRqR|tgetpidRRRRR+RR-RRRRRRRRRR(((s,/usr/lib/python2.7/dist-packages/ufw/util.pyt<module>s`						7	
		
	
							&			&			2	2		&	.	%	.