a iI@sddlZddlZddlmZddlmZmZmZddlm Z ddl m Z m Z m Z mZddlmZddlmZddlmZmZmZmZdd lmZdd lmZGd d d eZdS) N)config)dbus_to_python%dbus_introspection_prepare_properties!dbus_introspection_add_properties)IPSet) IPSET_TYPESnormalize_ipset_entrycheck_entry_overlaps_existingcheck_for_overlapping_entries)log)DbusServiceObject)handle_exceptionsdbus_handle_exceptionsdbus_service_methoddbus_polkit_require_auth)errors) FirewallErrorcseZdZdZdZejjZe fddZ e ddZ e ddZ e d d Zeejd d d e dWddZeejddd e dXddZeejjeejdde dYddZejjejddddZeejjeejdde dZfdd Zeejjejde d[d d!Zeejjejde d\d"d#Zeejje d]d$d%Z ejjejjdde d&d'Z!eejje d^d(d)Z"ejjejjdde d*d+Z#eejjdde d_d,d-Z$ejjejjdde d.d/Z%eejjdde d`d0d1Z&eejjdde dad2d3Z'eejjdde dbd4d5Z(eejjdde dcd6d7Z)eejjdde ddd8d9Z*eejjdde ded:d;Z+eejjdde dfdd?Z-eejjd@de dhdAdBZ.eejjd@de didCdDZ/eejjd de djdEdFZ0eejjdde dkdGdHZ1eejjd dId e dldJdKZ2eejjdLde dmdMdNZ3eejjdLde dndOdPZ4eejjdde dodQdRZ5eejjdde dpdSdTZ6eejjddId e dqdUdVZ7Z8S)rFirewallDConfigIPSetzFirewallD main classTcs`tt|j|i|||_||_||_||_|d|_|d|_d|j|_ t |tj j dS)Nrzconfig.ipset.%d) superr__init__parentrobjitem_idbusnamepath _log_prefixrdbusDBUS_INTERFACE_CONFIG_IPSET)selfrZconfZipsetrargskwargs __class__@/usr/lib/python3.9/site-packages/firewall/server/config_ipset.pyr6s   zFirewallDConfigIPSet.__init__cCsdSNr$rr$r$r%__del__CszFirewallDConfigIPSet.__del__cCs |dSr&)Zremove_from_connectionr'r$r$r% unregisterGszFirewallDConfigIPSet.unregistercCs|dkrt|jjS|dkr,t|jjS|dkrBt|jjS|dkrXt|jjS|dkrnt|jjStj d|dS)NnamefilenamerdefaultbuiltinzDorg.freedesktop.DBus.Error.InvalidArgs: Property '%s' does not exist) rStringrr*r+rZBooleanr,r- exceptions DBusException)r property_namer$r$r% _get_propertyOsz"FirewallDConfigIPSet._get_propertyssv) in_signature out_signatureNcCsLt|t}t|t}td|j|||tjjkrBtj d|| |S)Nz%s.Get('%s', '%s')Jorg.freedesktop.DBus.Error.UnknownInterface: Interface '%s' does not exist) rstrr debug1rrrrr/r0r2)rinterface_namer1senderr$r$r%Get`s    zFirewallDConfigIPSet.Getsza{sv}cCs`t|t}td|j||tjjkr6tj d|i}dD]}| |||<q>tj |ddS)Nz%s.GetAll('%s')r7)r*r+rr,r-svZ signature) rr8r r9rrrrr/r0r2Z Dictionary)rr:r;retxr$r$r%GetAllqs  zFirewallDConfigIPSet.GetAllZssv)r5cCslt|t}t|t}t|}td|j||||j||tjj krXtj d|tj d|dS)Nz%s.Set('%s', '%s', '%s')r7zGorg.freedesktop.DBus.Error.PropertyReadOnly: Property '%s' is read-only) rr8r r9rr accessCheckrrrr/r0)rr:r1Z new_valuer;r$r$r%Sets$     zFirewallDConfigIPSet.Setzsa{sv}asr?cCs2t|t}t|}t|}td|j|||dS)Nz&%s.PropertiesChanged('%s', '%s', '%s'))rr8r r9r)rr:Zchanged_propertiesZinvalidated_propertiesr$r$r%PropertiesChangeds   z&FirewallDConfigIPSet.PropertiesChanged)r6cs8td|jtt||j|j}t ||t j j S)Nz%s.Introspect()) r Zdebug2rrr IntrospectrrZget_busrrrr)rr;datar"r$r%rFs   zFirewallDConfigIPSet.IntrospectcCstd|j|j|jS)zget settings for ipset z%s.getSettings())r r9rrZget_ipset_configrrr;r$r$r% getSettingssz FirewallDConfigIPSet.getSettingscCsFt|}td|j|j||j|j||_| |jj dS)z"update settings for ipset z%s.update('...')N) rr r9rrrCrZset_ipset_configrUpdatedr*)rsettingsr;r$r$r%updates  zFirewallDConfigIPSet.updatecCs<td|j|j||j|j|_||jj dS)z0load default settings for builtin ipset z%s.loadDefaults()N) r r9rrrCrZload_ipset_defaultsrrJr*rHr$r$r% loadDefaultss z!FirewallDConfigIPSet.loadDefaultscCstd|j|fdS)Nz%s.Updated('%s')r r9rrr*r$r$r%rJszFirewallDConfigIPSet.UpdatedcCs:td|j|j||j|j|j|jdS)zremove ipset z %s.remove()N) r r9rrrCrZ remove_ipsetrZ removeIPSetrHr$r$r%removes zFirewallDConfigIPSet.removecCstd|j|fdS)Nz%s.Removed('%s')rNrOr$r$r%RemovedszFirewallDConfigIPSet.RemovedcCsFt|t}td|j||j||j|j ||_ | |dS)zrename ipset z%s.rename('%s')N) rr8r r9rrrCrZ rename_ipsetrRenamed)rr*r;r$r$r%renames   zFirewallDConfigIPSet.renamecCstd|j|fdS)Nz%s.Renamed('%s')rNrOr$r$r%rRszFirewallDConfigIPSet.RenamedcCstd|j|dS)Nz%s.getVersion()rr r9rrIrHr$r$r% getVersionszFirewallDConfigIPSet.getVersioncCsHt|t}td|j||j|t|}||d<| |dS)Nz%s.setVersion('%s')r rr8r r9rrrClistrIrL)rversionr;rKr$r$r% setVersions    zFirewallDConfigIPSet.setVersioncCstd|j|dS)Nz %s.getShort()rrTrHr$r$r%getShortszFirewallDConfigIPSet.getShortcCsHt|t}td|j||j|t|}||d<| |dS)Nz%s.setShort('%s')rrV)rZshortr;rKr$r$r%setShorts    zFirewallDConfigIPSet.setShortcCstd|j|dS)Nz%s.getDescription()rTrHr$r$r%getDescription#sz#FirewallDConfigIPSet.getDescriptioncCsHt|t}td|j||j|t|}||d<| |dS)Nz%s.setDescription('%s')r\rV)r descriptionr;rKr$r$r%setDescription*s    z#FirewallDConfigIPSet.setDescriptioncCstd|j|dS)Nz %s.getType()rTrHr$r$r%getType8szFirewallDConfigIPSet.getTypecCs\t|t}td|j||j||tvr:tt j |t | }||d<| |dS)Nz%s.setType('%s')r`)rr8r r9rrrCrrrZ INVALID_TYPErWrIrL)rZ ipset_typer;rKr$r$r%setType?s    zFirewallDConfigIPSet.setTypeza{ss}cCstd|j|dS)Nz%s.getOptions()rTrHr$r$r% getOptionsNszFirewallDConfigIPSet.getOptionscCsLt|t}td|jt||j|t| }||d<| |dS)Nz%s.setOptions('[%s]')rc) rdictr r9rreprrrCrWrIrL)roptionsr;rKr$r$r% setOptionsUs    zFirewallDConfigIPSet.setOptionscCst|t}t|t}td|j|||j|t|}||dvrn|d||krnt t j d||f||d|<| |dS)Nz%s.addOption('%s', '%s')rcz '%s': '%s') rr8r r9rrrCrWrIrrALREADY_ENABLEDrLrkeyvaluer;rKr$r$r% addOptionas      zFirewallDConfigIPSet.addOptioncCsbt|t}td|j||j|t|}||dvrJt t j ||d|=| |dS)Nz%s.removeOption('%s')rc) rr8r r9rrrCrWrIrr NOT_ENABLEDrL)rrkr;rKr$r$r% removeOptionps      z!FirewallDConfigIPSet.removeOptionbcCsNt|t}t|t}td|j||t|}||dvoL|d||kS)Nz%s.queryOption('%s', '%s')rc)rr8r r9rrWrIrjr$r$r% queryOption}s    z FirewallDConfigIPSet.queryOptionascCstd|j|dS)Nz%s.getEntries()rTrHr$r$r% getEntriesszFirewallDConfigIPSet.getEntriescCs|t|t}t|td|jd||j|t| }d|dvrf|dddkrft t j ||d<| |dS)Nz%s.setEntries('[%s]'),timeoutrc0rs)rrWr r r9rjoinrrCrIrrIPSET_WITH_TIMEOUTrL)rentriesr;rKr$r$r% setEntriess     zFirewallDConfigIPSet.setEntriescCst|t}t|}td|j||j|t| }d|dvr`|dddkr`t t j ||dvrxt t j |t||d|d|||dS)Nz%s.addEntry('%s')rvrcrwrs)rr8rr r9rrrCrWrIrrryrir appendrLrentryr;rKr$r$r%addEntrys      zFirewallDConfigIPSet.addEntrycCst|t}t|}td|j||j|t| }d|dvr`|dddkr`t t j ||dvrxt t j ||d|||dS)Nz%s.removeEntry('%s')rvrcrwrs)rr8rr r9rrrCrWrIrrryrnrPrLr}r$r$r% removeEntrys      z FirewallDConfigIPSet.removeEntrycCs`t|t}t|}td|j|t|}d|dvrT|dddkrTtt j ||dvS)Nz%s.queryEntry('%s')rvrcrwrs) rr8rr r9rrWrIrrryr}r$r$r% queryEntrys   zFirewallDConfigIPSet.queryEntry)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)9__name__ __module__ __qualname____doc__Z persistentrrZPK_ACTION_CONFIGZdefault_polkit_auth_requiredr rrr(r)r2rZPROPERTIES_IFACEr<rBrrDZservicesignalrEZPK_ACTION_INFOZINTROSPECTABLE_IFACErFrrZDBUS_SIGNATURErIrLrMrJrPrQrSrRrUrYrZr[r]r_rarbrdrhrmrorqrtr{rrr __classcell__r$r$r"r%r.s0                           r)rZ dbus.serviceZfirewallrZfirewall.dbus_utilsrrrZfirewall.core.io.ipsetrZfirewall.core.ipsetrrr r Zfirewall.core.loggerr Zfirewall.server.dbusr Zfirewall.server.decoratorsr rrrrZfirewall.errorsrrr$r$r$r%s