%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/lib/python3/dist-packages/ufw/__pycache__/
Upload File :
Create Path :
Current File : //usr/lib/python3/dist-packages/ufw/__pycache__/backend_iptables.cpython-312.pyc

�

#fd�����dZddlZddlZddlZddlZddlZddlZddlmZm	Z	ddl
mZmZm
Z
mZmZmZddlZGd�dej&j(�Zy)z-backend_iptables.py: iptables backend for ufw�N)�UFWError�UFWRule)�warn�debug�msg�cmd�cmd_pipe�	_findpathc��eZdZdZdd�Zd�Zd�Zd�Zdd�Zd�Z	d	�Z
d
�Zd�Zd�Z
d
�Zd�Zdd�Zdd�Zd�Zdd�Zd�Zd�Zd�Zy)�UFWBackendIptableszInstance class for UFWBackendNc��dtjjzdz|_||_||_i}t
tjj|�}tjj|d�|d<tjj|d�|d<tjj|d�|d<tjj|d	�|d
<tjj|d�|d<tjj|d
�|d<tjjt
tjj|�d�|d<tjjj|d||||��ggggd�|_dD]�}d}|dk(r|j!�r||z
}n|dk(r�&dD]1}dD]*}	|�d|�d|	��}
|j|j#|
��,�3|jdj#|dz�|jdj#|dz���gd�|_d|_y )!z!UFWBackendIptables initializationz# z
_comment #zufw/user.rules�ruleszufw/before.rules�before_ruleszufw/after.rules�after_ruleszufw/user6.rules�rules6zufw/before6.rules�
before6_ruleszufw/after6.rules�after6_ruleszufw-init�init�iptables)�rootdir�datadir)�before�user�after�misc)�4�6�ufwr)rrr��input�output�forward�-z	-logging-rz
-logging-denyz-logging-allow)�-m�limit�--limitz3/minute�-j�LOG�--log-prefixz[UFW LIMIT BLOCK]N)r�common�programName�comment_strrrr
�
config_dir�os�path�join�	state_dir�backend�
UFWBackend�__init__�chains�use_ipv6�append�ufw_user_limit_log�ufw_user_limit_log_text)�self�dryrunrr�filesr-�ver�chain_prefix�loc�target�chains           �6/usr/lib/python3/dist-packages/ufw/backend_iptables.pyr4zUFWBackendIptables.__init__ s���#�*�*�"8�"8�8�<�G������������s�z�z�4�4�g�>�
������j�2B�C��g�� "�����Z�9K� L��n��!�w�w�|�|�J�8I�J��m���'�'�,�,�z�3D�E��h��!#�����j�:M�!N��o�� "�����Z�9K� L��n��
�����Y�s�z�z�/C�/C�W�%M�%/�1��f�
�	�����'�'��j�&�%�07��	(�	J�"$�R�"�b�I����
	H�C� �L��c�z��=�=�?� �C�'�L��C�Z��2�
3��<�3�F�2>��V�L�E��K�K��$�+�+�E�2�3�
3�
�K�K���&�&�|�o�'E�F��K�K���&�&�|�6F�'F�G�
	H�"#3���(;��$�c��td�}|jddk(r|dz
}|S|jddk(r|dz
}|S|jddk(r|dz
}|S|d	z
}|S)
zGet current policyz
New profiles:�default_application_policy�acceptz allow�dropz deny�rejectz rejectz skip)�_�defaults)r:�rstrs  rB�get_default_application_policyz1UFWBackendIptables.get_default_application_policyPs�����!���=�=�5�6�(�B��H��D����]�]�7�
8�F�
B��G�O�D����]�]�7�
8�H�
D��I��D���
�G�O�D��rCc	��|j�s�|dk7r#|dk7r|dk7rtd�|z}t|��|dk7r#|dk7r|dk7rtd�|z}t|��d	}|dk(rd
}n|dk(rd}d}d}|dk(r)	|j|jd
d|zd�d}d}nV|dk(r)	|j|jd
d|zd�d}d}n(	|j|jd
d|zd�d}d}t
jd|z�}|jd|jdfD]�}	tjj|�}	|	d}
|	dD]d}|j|�r1tjj|
|j||���Etjj|
|��f	tjj|	���td�||d�z}|td�z
}|S#t
$r�wxYw#t
$r�wxYw#t
$r�wxYw#t
$r�wxYw#t
$r�wxYw)zSets default policy of firewall�allow�denyrHzUnsupported policy '%s'�incoming�outgoing�routedz%Unsupported policy for direction '%s'�INPUT�OUTPUT�FORWARD�rJzDEFAULT_%s_POLICYz"ACCEPT"z	UFW BLOCKz	UFW ALLOWz"REJECT"z"DROP"rr�tmp�origz5Default %(direction)s policy changed to '%(policy)s'
)�	direction�policyz*(be sure to update your rules accordingly))r;rIr�set_defaultr<�	Exception�re�compiler�util�
open_files�search�
write_to_file�sub�close_files)
r:rZrY�err_msgrA�old_log_str�new_log_str�pat�f�fns�fd�linerKs
             rB�set_default_policyz%UFWBackendIptables.set_default_policy^s����{�{��� �V�v�%5�&�H�:L��5�6�&�A���w�'�'��J�&�9�
�+B��H�$��C�D�&�(���w�'�'��E��J�&� ���h�&�!���K��K��� ���$�$�T�Z�Z�
�%;�,?�5�,I�,8�:�
*��)���8�#���$�$�T�Z�Z�
�%;�,?�5�,I�,8�:�
*��)����$�$�T�Z�Z�
�%;�,?�5�,I�,6�8�
*��)���*�*�S�;�.�/�C��j�j��/����N�1K�L�
����(�(�-�-�a�0�C���Z����K�9�D��z�z�$�'����.�.�r�3�7�7�;��3M�N����.�.�r�4�8�	9���H�H�(�(��-�
�$�I�J� )�V�<�>����>�?�?�����_!�����!�����!�����!�����!����s<�9#H�'#H�#H �1H.�H<�H�H� H+�.H9�<Ic�2�|jr!dtd�z}|dtd�zz
}|S|j�gd�}g}g}|dk(r|jd�gd�}gd�}�n�|d	k(r�d
D]*}|jd|z�|jd|z��,dD]*}|jd
|z�|jd
|z��,dD]*}|jd|z�|jd|z��,dD]}|jd|z���n�|dk(r1dD]*}|jd|z�|jd|z��,�n�|dk(r�dD]*}|jd|z�|jd|z��,|jddr"|jd�|jd�|jdd�r |jd�|jd�n�|d k(r0dD]*}|jd!|z�|jd"|z��,n�|d#k(r�dD]z}|jd$|z�|jd%|z�|jd&|z�|jd'|z�|jd(|z�|jd)|z��||jd*�|jd+�|jd,�|jd-�d.|z}|D]�}d/|vr?|jd/�\}	}|d0|	zz
}t
|jg|z|d|	gz�\}
}n t
|jg|z|gz�\}
}||z
}|dk7r|d1z
}|
d2k7s�{t|��|dk(s|j�r�|d3z
}|D]�}d/|vr?|jd/�\}	}|d0|	zz
}t
|jg|z|d|	gz�\}
}n t
|jg|z|gz�\}
}||z
}|dk7r|d1z
}|
d2k7s�{t|��|S)4z'Show current running status of firewall�> zChecking raw iptables
zChecking raw ip6tables
)�-nz-vz-x�-L�rawz-t)�filter�nat�manglerr)rsrurr�builtins)rSrUrTz	filter:%s)�
PREROUTINGrSrUrT�POSTROUTINGz	mangle:%s)rwrTzraw:%s)rwrxrTznat:%sr)r r"r!z
ufw-before-%szufw6-before-%sr�ufw-user-%s�ufw6-user-%sr%rzufw-user-limit-accept�ufw-user-limitrzufw6-user-limit-accept�ufw6-user-limitrzufw-after-%sz
ufw6-after-%s�loggingzufw-before-logging-%szufw6-before-logging-%szufw-user-logging-%szufw6-user-logging-%szufw-after-logging-%szufw6-after-logging-%szufw-logging-allowzufw-logging-denyzufw6-logging-allowzufw6-logging-denyzIPV4 (%s):
�:z(%s) �
rz

IPV6:
)r;rI�initcapsr7�caps�splitrrrr6�	ip6tables)r:�
rules_type�out�args�items�items6�c�b�i�t�rcrWs            rB�get_running_rawz"UFWBackendIptables.get_running_raw�s\���;�;���4�5�5�C��4�!�6�7�7�7�C��J�	
�
�
��'����������K�K���6�E�0�F�
�:�
%�3�
/�����[�1�_�-��
�
�k�A�o�.�
/�%�
/�����[�1�_�-��
�
�k�A�o�.�
/�.�
,�����X��\�*��
�
�h��l�+�
,�=�
+�����X��\�*�
+�
�8�
#�3�
4�����_�q�0�1��
�
�.��2�3�
4��6�
!�3�
2�����]�Q�.�/��
�
�n�q�0�1�
2��y�y��!�#�&����4�5����-�.��y�y��!�#�&��
�
�6�7��
�
�/�0�
�7�
"�3�
3�����^�a�/�0��
�
�o��1�2�
3��9�
$�3�
;�����4�q�8�9��
�
�6��:�;����2�Q�6�7��
�
�4�q�8�9����3�a�7�8��
�
�5��9�:�

;�
�L�L�,�-��L�L�+�,��M�M�.�/��M�M�-�.��
�+���	$�A��a�x��������A��w�!�}�$�������$� 6�!�T�1�� E�F�	��S������$� 6�!�� <�=�	��S��3�J�C��U�"��t����Q�w��s�m�#�	$����$�-�-�/��=� �C��
(���!�8��W�W�S�\�F�Q���7�a�=�(�C� #�T�]�]�O�d�$:�a��q�\�$I� J�I�R�� #�T�^�^�$4�t�$;�q�c�$A� B�I�R���s�
����&��4�K�C���7�"�3�-�'�
(��
rCc	���d}|jr1dtd�z}|j�r|dtd�zz
}|Std�}dD]�}t|jdd|zd	g�\}}|d
k(r
td�cS|dk7rt|d
|zz��|j�s�[t|jdd|zd	g�\}}|dk7s��t|dz��d}d}	d}
|j|jz}d
}i}
|D�]�}d}i}d}d}|sH|jdk7s|jdk7r*d}|j�}||
vrtd|z��Qd|
|<dD�]�}d||<d}d}|dk(rM|j}|s2|jdk7r#|j}|jrd|dk(r_|dz
}nY|j}nL|j }|s2|jdk7r#|j}|jr|dk(r|dz
}n|j"}|dk7r
|dk7r|||<|dk7r�||dk(r|||<n||xxd|zz
cc<|r)|j$dk7r||xxd|j$zz
cc<|r�|dk(rT|jdk7rE||xxd|jzz
cc<|jr|dk(r
||xxdz
cc<||xxdz
cc<|dk(rT|jdk7rE||xxd|jzz
cc<|jr|dk(r
||xxdz
cc<||xxdz
cc<|dk(r�|dk(s|dk(rud||<|r[|j$dk7rL|j|j k(r3|j|j"k(r||xxd|j$zz
cc<|dk(r�||xxdz
cc<n�|r�|j$dk7rr|j|j"k(rY||xxd|j$zz
cc<n>|jr2|j dk(r#|jdk(rd||vr
||xxdz
cc<|j&rb|dk(r)|j(dk7r||xxd|j(zz
cc<|dk(s��|j*dk7s��||xxd|j*zz
cc<��1|dk(r)|j(dk7r||xxd|j(zz
cc<|dk(s��f|j*dk7s��w||xxd|j*zz
cc<���g}d}|j,s|j.j1�d k(r�|j,r)|j3|j,j1��|r*|j.d k(r|j3|j.�t5|�dkDrd!d"j7|�z}|r|d#|zz
}|j.j9�}|j&rd$}|j.d%k(r|j&s|s|sd}d}|j:dk7rd&|j=�z}||dd'�ddj7|j>j9�|g�d(�|dd'�|�|�d)�z
}|r||z
}n,|j&r|
|z
}
n|j.d k(r|	|z
}	n||z
}|d
z
}���|dk7s
|	dk7s|
dk7r�d*}|r|d+z
}td,�}td-�}td.�}d/}||||fz}|r|d+z
}||d0t5|�zd0t5|�zd0t5|�zfzz
}||z
}|dk7r||z
}|dk7r|	dk7r|td)�z
}|	dk7r||	z
}|dk7r|
dk7r|td)�z
}|
dk7r||
z
}|}|ru|jA�\} }!td1�|jC�|jCd2�|jCd3d�d4�z}"|jE�}#td5�|!|"|#|d6�zStd7�|zS)8zShow ufw managed rulesrVrozChecking iptables
zChecking ip6tables
�problem runningrrqryrp�zStatus: inactiverz iptables: %s
rz�
 ip6tablesTFzSkipping found tuple '%s')�dst�srcr�z::/0� (v6)z	0.0.0.0/0�any� �/z (%s�)r��Anywherez on %sr�z (%s)z, z[%2d] �FWD�inz # %s�26�12rz

z     �To�From�Actionz%-26s %-12s%s
r#zCDefault: %(in)s (incoming), %(out)s (outgoing), %(routed)s (routed)r!r")r�r�rRz0Status: active
%(log)s
%(pol)s
%(app)s%(status)s)�log�pol�app�statuszStatus: active%s)#r;rIr6rrrr�rr�dapp�sapp�
get_app_tuplerr��v6�dportr��sport�protocolr"�interface_in�
interface_out�logtyperY�lowerr7�lenr0�upper�comment�get_comment�action�get_loglevel�_get_default_policyrL)$r:�verbose�
show_countr�rerYr��out6�s�str_out�str_rter�count�	app_rules�r�tmp_str�location�tupl�
show_protor?�portrW�attribs�
attrib_str�dir_strr,�full_str�str_to�str_from�
str_action�rules_header_fmt�rules_header�level�logging_str�
policy_str�app_policy_strs$                                    rB�
get_statuszUFWBackendIptables.get_statuss�����;�;���0�1�1�C��}�}���t�a� 6�7�7�7���J��%�&��7�
	;�I��T�]�]�D�)�Y�7��?�@�I�R���Q�w��+�,�,��q���w�):�c�)B�B�C�C��}�}�� �$�.�.�$�!/�9�!=�t�"E�F�
��T���7�"�7�\�#9�:�:�
	;�
�������
�
�T�[�[�(�����	��T	�A��G��H��D��J�����"�����"��"�
����(���9�$��5��>�?��&*�I�d�O�'�X
F�� "���
������%�<��%�%�C�"�q�v�v��|� �v�v���4�4�C�6�M� �G�O�D� �w�w���%�%�C�"�q�v�v��|� �v�v���4�4�C�6�M� �G�O�D� �w�w���+�%�#��-�$'�H�S�M��5�=���}��*�(,���
� ��
��t��3�
�!�a�j�j�E�&9� ��
��q�z�z�)9�9�
���%�<�A�F�F�b�L�$�S�M�V�q�v�v�->�>�M� �t�t��v�
� (��
�� 8�
�$�S�M�S�0�M��%�<�A�F�F�b�L�$�S�M�V�q�v�v�->�>�M� �t�t��v�
� (��
�� 8�
�$�S�M�S�0�M��5�=��k�)�S�F�]�(2���
�&�!�*�*��*=��5�5�A�E�E�>�a�g�g����.@�$�S�M�S�1�:�:�-=�=�M��&�=�$�S�M�W�4�M�&�!�*�*��*=��7�7�a�g�g�-�$�S�M�S�1�:�:�-=�=�M��T�T�a�e�e�v�o�!�%�%�6�/��h�s�m�3��S�M�W�,�M��9�9��e�|����"�(<� ��
��Q�^�^�)D�D�
��e�|����2�(=� ��
��Q�_�_�)E�E�
��e�|����"�(<� ��
��Q�^�^�)D�D�
��e�|����2�(=� ��
��Q�_�_�)E�E�
�qX
F�t�G��J��y�y�A�K�K�-�-�/�5�8��9�9��N�N�1�9�9�?�?�#4�5��!�+�+��"6��N�N�1�;�;�/��w�<�!�#�!(�D�I�I�g�,>�!?�J���8�u�-�-���k�k�'�'�)�G��y�y����{�{�d�"�1�9�9��:����K��y�y�B��%��
�
��7���8�E�?�03���!�(�(�.�.�:J�:A�:C�1D�08����0;�	=�
=�G���W����9�9��w�&�G��[�[�E�)��w�&�G���L�A��Q�J�E�iT	�l
��7�g��m�w�"�}��H���G�#���t�W�F���y�H��8��J�0��+�v�z�8�.L�L�L����'���,� �3�v�;�.� �3�z�?�2� �3�x�=�0�2�2�
2�L�

��$�H��B�w��A�
���B�w�7�b�=��A�d�G�#���"�}��G�#���B�w�7�b�=��A�d�G�#���"�}��G�#���A��#'�#4�#4�#6� �U�K��1�2�&*�%=�%=�%?�&*�&>�&>�x�&H�)-�)A�)A�)�BF�*H�I�J�J�"�@�@�B�N��J�K�)�*�,��;�<�
<��'�(�A�.�.rCc���|jrtdtd�z�yg}|j|jd�|j
�d|j�X|jd�|j|j
�|jd�|j|j�|jd�t|�\}}|dk7rtd	|z�}t|��y)
zStop the firewallro�running ufw-initrN�	--rootdir�	--datadirz
force-stopr�problem running ufw-init
%s)	r;rrIr7r<rrrr�r:r�r�r�res     rB�
stop_firewallz UFWBackendIptables.stop_firewall�s����;�;���q�+�,�,�-��D��K�K��
�
�6�*�+��|�|�'�D�L�L�,D����K�(����D�L�L�)����K�(����D�L�L�)��K�K��%��D�	�I�R���Q�w��:�S�@�A���w�'�'�rCc�V�|jrtdtd�z�yg}|j|jd�|j
�d|j�X|jd�|j|j
�|jd�|j|j�|jd�t|�\}}|dk7rtd	|z�}t|��d
|jvs2|jd
t|jj��vr	|jd�y	|j|jd
�y#t$rtd�}t|��wxYw#t$rtd
�}t|��wxYw)zStart the firewallror�rNr�r��startrr��loglevel�lowzCould not set LOGLEVELzCould not load logging rules)r;rrIr7r<rrrrrJ�list�	loglevels�keys�set_loglevelr\�update_loggingr�s     rB�start_firewallz!UFWBackendIptables.start_firewall�sg���;�;���q�+�,�,�-��D��K�K��
�
�6�*�+��|�|�'�D�L�L�,D����K�(����D�L�L�)����K�(����D�L�L�)��K�K�� ��D�	�I�R���Q�w��:�S�@�A���w�'�'�����.��}�}�Z�(��T�^�^�5H�5H�5J�0K�K�,��%�%�e�,�
,��'�'��
�
�j�(A�B��!�,�� 8�9�G�"�7�+�+�,��!�,�� >�?�G�"�7�+�+�,�s�3E%�F�% F� F(c�D�|jry|j�d}|j}|rd}|j}dD]`}|dk(s|dk(r*|r|jdds�"|s|jdds�7t|d	d
|dz|zg�\}}|dk7s�Ut
d
�yy)zCheck if all chains existFr�ufw6)r r!r"r%�limit-acceptr%r�rrrprq�-user-rz_need_reload: forcing reloadT)r;r�rr�r�rr)r:r��prefix�exerAr�r�s       rB�_need_reloadzUFWBackendIptables._need_reloads����;�;��	
�
�
�����m�m��
��F��.�.�C�N�
	�E����5�N�#:��d�i�i��0��5���D�I�I�g�$6�s�$;���S�$��f�x�.?�%�.G�H�I�I�R���Q�w��4�5��
	�rCc�f�td�}|jr(td�|j�rtd�yy|j	�r�	|j
dD]*}|j
|d|g�|j
|d|g��,	td|jdg|jd	g�\}}|d
k7rt|dz��|j�r>td|jdg|jd	g�\}}|d
k7rt|d
z��yyy#t$rt|��wxYw)zReload firewall rules filer�z> | iptables-restorez> | ip6tables-restorer�-F�-Z�catrrprz	 iptablesrr�N)
rIr;rr6�
is_enabledr5�
_chain_cmdr\rr	r<�iptables_restore�ip6tables_restore)r:rer�r�r�s     rB�_reload_user_rulesz%UFWBackendIptables._reload_user_rules:s=���%�&���;�;��&�'��}�}���+�,��
�_�_�
�
(����V�,�2�A��O�O�A��a�y�1��O�O�A��a�y�1�2�!�%����G�)<�!=�"&�"7�"7��!>�@�I�R���Q�w��w��4�5�5��}�}��$�e�T�Z�Z��-A�%B�&*�&<�&<�d�%C�E�	��S���7�"�7�\�#9�:�:������
(��w�'�'�
(�s�<D�D0c��g}tjd�}tjd�}tjd�}|j|�r�|j|�r�|j|�r2|j|j	d|j	d|���n!|j|j	d|��|j|j	d|��n3|j|j	d|��n|j|�tjd�}tjd	�}	tjd
�}
d}t|�D�]=\}}
|j|
�s�|j	d|
�j
�}|j�d
k(rd}n|j�dk(rd}nd}|�d|�d�}|	j|
�sd|z}|j	d|
�||<|j||j	d|zdz|z|
��|j||
j	d|zdz|z|j	d|
���|j||
j	d|zdz|z|j	d|z|
�����@tjd�}t|�D]�\}}
|j|
�s�|j	d|
�}|j	d|zdz|
�}|j	d|zd z|
�}|||<|j||�|j||���|S)!z5Return list of iptables rules appropriate for sendingz-p all zport z-j (REJECT(_log(-all)?)?)z-p tcp z-j \1 --reject-with tcp-resetz-p udp rVz(.*)-j ([A-Z]+)_log(-all)?(.*)z-j [A-Z]+_log-allz(-A|-D) ([a-zA-Z0-9\-]+)z'-m limit --limit 3/min --limit-burst 10�\2rF�ALLOWr%�LIMIT�BLOCKz -j LOG --log-prefix "[UFW �] "z-m conntrack --ctstate NEW z	\1-j \2\4z\1-j z-user-logging-z\1 z\1-j RETURN�\1z	 -j LIMITz+ -m conntrack --ctstate NEW -m recent --setzL -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j z-user-limitz -j z-user-limit-accept)	r]r^rar7rc�	enumerate�stripr��insert)r:�fruler��suffix�snippets�	pat_proto�pat_port�
pat_reject�pat_log�
pat_logall�	pat_chain�
limit_argsr�r�rZ�lstr�	pat_limit�tmp1�tmp2�tmp3s                    rB�_get_rules_from_formattedz,UFWBackendIptables._get_rules_from_formattedVs+�����J�J�z�*�	��:�:�h�'���Z�Z� <�=�
����E�"����u�%��$�$�U�+��O�O�I�M�M�)�"���'G���% �!��O�O�I�M�M�)�U�$C�D����	�
�
�i�� ?�@����	�
�
�b�%� 8�9��O�O�E�"��*�*�>�?���Z�Z� 4�5�
��J�J�:�;�	�>�
��h�'�	P�D�A�q��~�~�a� � ���U�A�.�4�4�6���<�<�>�X�-�$�F��\�\�^�w�.�$�F�$�F�?I����!�(�(��+�8�4�?�D�%�k�k�,��:��������7�;�;�x�&�/@�/?�0@�BH�0I�JK�$M�N�����9�=�=��&��1A�2B�DJ�2K�18���^�12�24�$5�6�����9�=�=��&��1A�2B�DJ�2K�18���U�T�\�1�1M�$O�P�+	P�4�J�J�|�,�	��h�'�
	)�D�A�q�����"� �}�}�%R�%&�(�� �}�}�&,�.4�&5�7D�&E�FG�I��!�}�}�V�f�_�7K�%K�Q�O��"��������4�(�����4�(�
	)��rCc���g}|j|||�}tjd�}t|�D]�\}}|j	|jd|�j
��|j|�s�G||j	d�||j	|jd|�jdd��||xx|jd|�j
�z
cc<��|S)z_Return list of iptables rules appropriate for sending as arguments
           to cmd()
        z(.*) --log-prefix (".* ")(.*)r�r)r��"rVz\3)	rr]r^r�r7rcr��match�replace)	r:r�r�rr�str_snippetsrhr�r�s	         rB�_get_lists_from_formattedz,UFWBackendIptables._get_lists_from_formatted�s������5�5�e�V�V�L���j�j�9�:���l�+�	9�D�A�q��O�O�C�G�G�E�1�-�3�3�5�6��y�y��|����"�"�>�2����"�"�3�7�7�5�!�#4�#<�#<�S�"�#E�F����s�w�w�u�a�0�6�6�8�8��	9��rCc
��|jdg}|j�r|j|jd�|D�]�}	tjj|�}tjd�}tjd�}tjd�}|D�]K}|}	d}
d|vr$|jd�\}	}|j�}
|j|	�s�B|jd|	�}tjd	|j��}
t|
�d
kst|
�dkDrtd�|z}t!|���d
}d}d}t|
�dk(st|
�dk(�rtd�|z}|
djd�d}d|
dvr�d|
dvr{|j#|
d�rg|j#|
d�rS|
djd�dj%d�d}|
djd�dj%d�d}ne|
dj'd�r|
dj%d�d}n9|
dj'd�r|
dj%d�d}n
t!|����	|
d}d}d|vrd}|jd�d}t|
�dkr#t)||
d|
d|
d|
d|
d|||
�	}n{t)||
d|
d|
d|
d|
d|||
�	}tjd�}|
d
d k7r|jd!|
d
�|_|
dd k7r|jd!|
d�|_|dk7r|j/d
|�|dk7r|j/d"|�||jdk(r.|j1d�|j2j|��� |j1d�|j4j|���N|j7����y$#t$rtd�|z}t|��wxYw#t$rtd#�|z}t!|�Y���wxYw)%z$Read in rules that were added by ufwrrzCouldn't open '%s' for readingz^### tuple ###\s*zin_\w+zout_\w+rVz	 comment=z\s+��	z)Skipping malformed tuple (bad length): %sr��z$Skipping malformed tuple (iface): %s���rIr�!�r��in_�out_Fr~T�����%20r#r�r�zSkipping malformed tuple: %sN)r<r6r7rr_�open_file_readr\rIrr]r^r�r�rrcr�rra�	partition�
startswithrr�r��
set_interface�set_v6rr�close)r:�rfnsrirXre�	pat_tuple�pat_iface_in�
pat_iface_out�	orig_linerlr��hexr�rW�wmsg�dtyper�r�r�r"�rule�	pat_space�warn_msgs                       rB�_read_ruleszUFWBackendIptables._read_rules�sJ���
�
�7�#�$���=�=�?��K�K��
�
�8�,�-��]	�A�
(��x�x�.�.�q�1��
�
�
�#7�8�I��:�:�i�0�L��J�J�z�2�M�!�Q
4�	� �����)�+� )���� =�I�D�#�!�i�i�k�G��?�?�4�(�$�=�=��T�2�D��(�(�6�4�:�:�<�8�C��3�x�!�|�s�3�x�!�|� �!L�M�$(� *���T�
� �!%��')��(*�
��s�8�q�=�C��H��M�#$�%K�#L�(,�$.�D�$'��G�M�M�#�$6�q�$9�E�"�c�"�g�~�#&�#�b�'�>�#/�#6�#6�s�2�w�#?�#0�#7�#7��B��#@�),�B��
�
�c�(:�1�(=�(G�(G��(L�Q�(O�%1�),�B��
�
�c�(:�1�(=�(G�(G��(L�Q�(O�%2�%(��W�%7�%7��%>�36�r�7�3D�3D�S�3I�!�3L�L�%(��W�%7�%7��%?�47��G�4E�4E�c�4J�1�4M�M�$(��J�$,�%�%(��V�F�&+�G�"�f�}�*.��)/���c�):�1�)=��"�3�x�!�|�'.�v�s�1�v�s�1�v�s�1�v�/2�1�v�s�1�v�u�g�/6�(8��(/�v�s�1�v�s�1�v�s�1�v�/2�1�v�s�1�v�u�g�/6�(8��-/�J�J�u�,=�	�#&�q�6�S�=�09�
�
�c�3�q�6�0J�D�I�#&�q�6�S�=�09�
�
�c�3�q�6�0J�D�I�+�r�1� $� 2� 2�4�� F�,��2� $� 2� 2�5�-� H���
�
�8� 4�4� �K�K��-� �K�K�.�.�t�4� �K�K��.� �J�J�-�-�d�3�cQ
4�f
�J�J�L�{]	���
(��<�=��C���w�'�'�
(��\ (�%�'(�)G�'H�)-�(/�H� ��N�$�	%�s�P	�C;P/�	#P,�/"Q�Qc�"�|jd}|r|jd}tj|tj�st	d|z�}t|��	tjj|�}|j�d}|j}|rd}|j}|jrtjj!�}n|d}tjj#|d�tjj#|d|zd	z�tjj#|d|zd
z�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zd
z�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zdz�tjj#|d|zdz�|dk(r|j$dds|dk(r^|j$ddrLtjj#|d|zdz�tjj#|d|zdz�tjj#|d�|D�]}|j&}	|j(rd|j&z}	|j*dk7r|	d|j*zz
}	d}
|j,dk(r|j.dk(r
|j0}
n�|j,dk7r,|j.dk7rd |j,�d!|j.��}
nL|j,dk7r|
|j0�d|j,��z
}
n|
|j0�d|j.��z
}
|j2dk(r�|j4dk(r�d"|	�d#|j6�d#|j8�d#|j:�d#|j<�d#|j>�d#|
��}|j@dk7r|d$|j@zz
}tjj#||d%z�n�tCjDd#�}d&}
|j2r|jGd'|j2�}
d&}|j4r|jGd'|j4�}d"|	�d#|j6�d#|j8�d#|j:�d#|j<�d#|j>�d#|
�d#|�d#|
��}|j@dk7r|d$|j@zz
}tjj#||d%z�d(}|j(rd)}n|j0d*k(rd+}|�d,|��}d-|�d#|jI��d%�}|jK|||�D]"}tjj#||��$��"tjj#|d.�tjj#|d/�	|jM|jNd0�}|D]�\}}}tQ|�d1kDr	|d1d2k(r�|jS|d&z�s�3tjj#|d#jU|�jWd3d4�jWd5d6�d%z���tjj#|d7�|dk(r|j$dds|dk(�r|j$ddr�tjj#|d8�|jNd0d9k7rUtjj#|d-|zd:zd#jU|jX�zd;z|jZzd<z�tjj#|d-|zd=z�tjj#|d-|zd>z�tjj#|d?�tjj#|d@�	|jr!tjj]|dA�yBtjj]|�yB#t$r�wxYw#t$r�wxYw#t$r�wxYw)Cz.Write out new rules to file to user chain filerrz'%s' is not writablerr�rWz*filter
r~z-user-input - [0:0]
z-user-output - [0:0]
z-user-forward - [0:0]
z-before-logging-input - [0:0]
z-before-logging-output - [0:0]
z -before-logging-forward - [0:0]
z-user-logging-input - [0:0]
z-user-logging-output - [0:0]
z-user-logging-forward - [0:0]
z-after-logging-input - [0:0]
z-after-logging-output - [0:0]
z-after-logging-forward - [0:0]
z-logging-deny - [0:0]
z-logging-allow - [0:0]
r%rrz-user-limit - [0:0]
z-user-limit-accept - [0:0]
z### RULES ###
zroute:rVrIrz!out_z
### tuple ### r�z comment=%srr#r"r r"r�r!r�z-A z
### END RULES ###
z
### LOGGING ###
r�r�-D�[z"[z] r�z### END LOGGING ###
z
### RATE LIMITING ###
�offz-user-limit z "z "
z-user-limit -j REJECT
z-user-limit-accept -j ACCEPT
z### END RATE LIMITING ###
zCOMMIT
FN)/r<r.�access�W_OKrIrrr_r`r\r�rrr;�sys�stdout�filenorbr�r�r"r�r�r�rYr�r�r�r�r�r�r�r�r]r^rc�format_ruler�_get_logging_rulesrJr�r%r0rr8r9rd)r:r��
rules_filererjr>rrkr�r��ifaces�tstrr2r�r��chain_suffixrA�rule_strr��lrules_tr��qs                      rB�_write_ruleszUFWBackendIptables._write_rulessV���Z�Z��(�
�
����H�-�J��y�y��R�W�W�-��.�*�=�>�G��7�#�#�	��(�(�%�%�j�1�C�
	
�
�
�����
�
��
�!�L��K�K�E��;�;����"�"�$�B��U��B�	�����r�;�/������r�3��#5�8O�#O�P������r�3��#5�)A�$B�	C������r�3��#5�)B�$C�	D�	�����r�3��#5�)J�$K�	L������r�3��#5�)K�$L�	M������r�3��#5�)L�$M�	N������r�3��#5�)H�$I�	J������r�3��#5�)I�$J�	K������r�3��#5�)J�$K�	L������r�3��#5�)I�$J�	K������r�3��#5�)J�$K�	L������r�3��#5�)K�$L�	M������r�3��#5�)B�$C�	D������r�3��#5�)C�$D�	E�
�E�!�d�i�i��&8��&=��F�"�t�y�y��'9�#�'>��H�H�"�"�2�s�\�'9�-D�(E�
F��H�H�"�"�2�s�\�'9�-K�(L�
M�	�����r�#4�5��3	.�A��X�X�F��y�y�!�A�H�H�,���y�y�B���#��	�	�/�)���F��~�~��#����2�(=��������2�%�!�/�/�R�*?�+,�>�>�1�?�?�K���>�>�R�'�����a�n�n�E�E�F�����a�o�o�F�F�F��v�v��|����"���a�j�j�!�'�'�1�5�5�!�'�'�1�5�5�����9�9��?��M�A�I�I�5�5�D����&�&�r�4�$�;�7��J�J�s�O�	����6�6�$�=�=�����7�D����6�6�$�=�=�����7�D����
�
�A�G�G�Q�U�U�A�G�G�Q�U�U��d�F�,���9�9��?��M�A�I�I�5�5�D����&�&�r�4�$�;�7�"�L��y�y�(������%�'��$0�,�?�E�',�a�m�m�o�>�H��3�3�H�l�4@�B�
.�����&�&�r�1�-�
.�c3	.�l	�����r�#:�;�	�����r�#8�9�	��.�.�t�}�}�Z�/H�I�H� �	�G�A�q�!��1�v��z�a��d�d�l���|�|�L�3�.�/����&�&�r��H�H�Q�K�'�'��T�2�:�:�4��G����		�	�����r�#:�;�
�E�!�d�i�i��&8��&=��F�"�t�y�y��'9�#�'>��H�H�"�"�2�'B�C��}�}�Z�(�E�1����&�&�r�5�%�,&�(6�,7����$�"9�"9�:�,;��,�"&�!=�!=�,>�AH�,H�I�
�H�H�"�"�2�u�|�';�2�(3�
4��H�H�"�"�2�u�|�';�9�(:�
;��H�H�"�"�2�'D�E������r�:�.�	��{�{����$�$�S�%�0����$�$�S�)��o�	��	��n�	��	��B�	��	�s*�e'�e5�,f�f�'e2�5f�fc�d�|j�d}|jr_|j�std�}t	|��|j
dk(rc|jddsQtd�|j
zS|j
dk(r*|jddstd�|j
zS|jr4|jdk7r%|jd	k7rtd
�}t	|��g}d}d}|j}|j}	|jrD|jdkr)|jdk7s|jdk7rtd
�S|j}|	dks|	t|�kDrtd�|	z}t	|��|	dkDr"|j rtd�}t	|��	|j#�d}
d}d}d}
|D�]f}	|j#�|j&|j(|j|jf}|
|	k(rS|
ddk(r
|
ddk(r|
dkDs|ddk(r|ddk(s|
|k7r$d}|j+|j-��d}
n|	dz
}	|}
|
dz
}
t/j0||�}|dkr|dz
}|dk(r3|s1|s/d}|j r��|j+|j-����|dk(r|j r|j2dk(rd}��|dkr3|j s'|s%d}d}|j+|j-����V|j+|���i|r#|dkDr�td�}|jr|dz
}|S|s+|j s|j+|j-��|s6|j r*|j4std�}|jr|dz
}|S|r,|j s |std�}|jr|dz
}|S|jr||_n||_		|j7|j�td�}|jrtd�}|j9��rj|j4�s]d}|s|j;|j�s|rUd}|r|td�z
}n|td�z
}|jr|dz
}|r	|j=�n}|td �z
}nn|rO|j rCd!}td"�}|jr|dz
}|r	|j=�d}n,|td �z
}n|s|s|j s
d#}td$�}|dk7�rs|j>}d%}|jr|j@}d&}|dz
}d'}|jBrd(}n|jDd)k(rd*}|�d+|��}td,�}tG|d-|d.g�\}}|dk7rt	|��|�d/|�d/|jI���}tKjLd0�}|jO|||�D]�}tG|g|z�\}}|dk7r%tQ|tRjT�t	|�|d#k(s�E|jWd/jY|��s�f|j[d1d/jY|��}tG|d!|d2d3g�\}}|dk7s��t]d4|z���|S#t$$r�wxYw#t$$r�wxYw#t$r�t$$rtd�}t	|�Y���wxYw#t$$r�wxYw#t$$r�wxYw)5aXUpdates firewall with rule by:
        * appending the rule to the chain if new rule and firewall enabled
        * deleting the rule from the chain if found and firewall enabled
        * inserting the rule if possible and firewall enabled
        * updating user rules file
        * reloading the user rules file if rule is modified
        rVz)Adding IPv6 rule failed: IPv6 not enabledr%rz#Skipping unsupported IPv6 '%s' rulerz#Skipping unsupported IPv4 '%s' rule�udp�tcpz/Must specify 'tcp' or 'udp' with multiple portsFz1.4z:Skipping IPv6 application rule. Need at least iptables 1.4rzInvalid position '%d'z Cannot specify insert and deleter�)rVrVrVrVrrT���z Skipping inserting existing ruler�z"Could not delete non-existent rulezSkipping adding existing rulezCouldn't update rules filez
Rules updatedzRules updated (v6)z
Rule insertedzRule updatedz (skipped reloading firewall)r6zRule deleted�-Az
Rule addedrr�r r"r�r!r��!Could not update running firewallrqrpr�z(-A +)(ufw6?-user-[a-z\-]+)(.*)r�r'�RETURNzFAILOK: -D %s -j RETURN)/r�r�r6rIrr�r��multir�r�position�iptables_versionr�r�rr��remove�	normalizer\r�r�r7�dup_rulerrr�r;rGr�r�r�rr�r"rYrr>r]r^rrr;�stderrrar0rcr)r:r1�allow_reloadrKre�newrules�found�modifiedrrPr��inserted�matches�lastr��current�ret�flagr�r>rCrAr�r�rDrr�r�s                            rB�set_rulezUFWBackendIptables.set_rule�s���	
�
�
�����7�7��=�=�?��G�H���w�'�'��{�{�g�%�d�i�i��.@��.E��>�?�4�;�;�O�O��{�{�g�%�d�i�i��.@��.E��>�?�4�;�;�O�O��:�:�$�-�-�5�0�T�]�]�e�5K��I�J�G��7�#�#��������
�
���=�=���7�7��$�$�u�,�$�)�)�r�/�26�)�)�r�/��U�V�V��K�K�E��a�<�8�c�%�j�0��/�0�H�=�G��7�#�#��a�<�D�K�K��:�;�G��7�#�#�	��N�N�����������,	#�A�
����
��u�u�a�e�e�Q�V�V�Q�V�V�4�G��� ���G�r�M�d�1�g��m���	��A�J�"�$����r�)9��7�?�#�H��O�O�D�M�M�O�4�+�D���M�H��D��Q�J�E��-�-��4�(�C��Q�w��1����a�x��h����{�{��O�O�D�M�M�O�4����t�{�{�t�|�|�r�/A����q�����X���������
�
��0�����"�Y,	#�\���{��;�<���7�7��G�O�D�����������
�
��0��T�[�[�����=�>���7�7��G�O�D����t�{�{�8��8�9���7�7��G�O�D����7�7�"�D�K�!�D�J�	����d�g�g�&���!���7�7��)�*�D��?�?��T�[�[��D��4�,�,�T�W�W�5������A�o�.�.�D��A�n�-�-�D��7�7��G�O�D����/�/�1��A�=�>�>�D��4�;�;�����(���7�7��G�O�D����/�/�1��D��A�=�>�>�D��8�D�K�K��������r�z��m�m��$���7�7��.�.�C�#)�L��G�O�D�&���<�<�#,�L��^�^�u�,�#+�L�(4�l�C���?�@����d�E�4� 8�9�	��S���7�"�7�+�+�)-�u�d�6F�6F�6H�I���*�*�%G�H���7�7��8D�8D�F�
C�A�!$�S�E�A�I��I�R���Q�w��C����,� ��)��t�|����s�x�x��{�(C�#�K�K��s�x�x��{�;��$'��d�A�t�X�(F�$G�	��S���7�!�";�q�"A�B�
C����[�	��	���
��
��T�	���	��4�5�G��W��	��2%����� %����sB�9[�[�['�\�\$�[�[$�'(\�\�\!�$\/c�b�g}g}|r
|j}n|j}|j�}|j|�|j	�|j�}|D]I}|j�}|j	�|j�}	|	|k(s�9|j
|��K|S)z@Return a list of UFWRules from the system based on template rule)rrrTr'rSr�r7)
r:�templater�rr��normr�r�rW�	tmp_tuples
          rB�get_app_rules_from_systemz,UFWBackendIptables.get_app_rules_from_system�s������	�
��K�K�E��J�J�E�� � �"�����B�������!�!�#���	&�A��*�*�,�C��M�M�O��)�)�+�I��D� �� � ��%�	&��rCc���|j}|jd�r|j}t|g|z�\}}|dk7r*t	d|z�}|rtd|z�yt
|��y)zPerform command on chainr�rzCould not perform '%s'zFAILOK: N)rr%r�rrIrr)r:rAr��fail_okr�r�r�res        rBr�zUFWBackendIptables._chain_cmd�sm���m�m�����F�#��.�.�C������%�	��S�
��7��0�D�9�:�G���j�7�*�+��w�'�'�rCc��|jry|j�g}	|j|�}	|j	d��|j	d��|j�syt
d�}|jd|jdz|jd	z|jd
zD]}	|j|d|dg��	|jd|jd	z|jd
zD]*}|j|d
|g�|j|d|g��,	|D]b\}}}d}t|�dkDr
|ddk(rd}	|dk(r)t|�dkDr|j|dg|ddzd��|j|||��ddD]�}|jddr|dk(s|jdds�-|dk(s�3|j|d|g|jz|jdzgzd��|jddk7s�z|j|d|g|jz|jdzgzd����y#t$r�wxYw#t
$r�t$rt
d�}t|�Y��'wxYw#t$rt|��wxYw#t$rt|��wxYw#t$rt|��wxYw)z#Update loglevel of running firewallNF)r�Tz&Couldn't update rules file for loggingrMrrrrrqrpr�r�rr6�delete_firstr�)rg)r{r|r%rr{rr|r�r�r8�-I)r;r�r?r\rGrrIr�r5r�r�r�r8r9rJ)	r:r��rules_trer�r�rFrgrAs	         rBr�z!UFWBackendIptables.update_logging�s ���;�;��	
�
�
����	��-�-�e�4�G�
	������'������&���� ���7�8�����X�&����V�)<�<��;�;�w�� �"&�+�+�f�"5�6�	(�A�
(�����D�!�T�?�3�	(�	$��[�[��*�T�[�[��-A�A��{�{�6�"�#�
.������D�!�9�-�����D�!�9�-�
.��		(�G�A�q�!��G��1�v��z�a��d�d�l���
(���&�3�q�6�A�:��O�O�A��v��!�"��~�t�O�D�����1�g�.�		(�;�	2�E��	�	�'�"�3�'�E�5E�,E��	�	�'�"�3�'�E�5F�,F������e�}� $� 7� 7�(8�!%�!=�!=��!C� D�(E�)-� �.��=�=��,��5��O�O�E�D�%�=�$(�$;�$;�,<�%)�%A�%A�C�%G�$H�,I�-1�$�2�	2��e�	��	���	���	��@�A�G��W��	���
(��w�'�'�
(���	$��7�#�#�	$���
(��w�'�'�
(�sB�I�$I�6J�AJ�AJ2�I�(I?�>I?�J�J/�2Kc�&�g}|t|jj��vrtd�|z}t	|��|dk(r.|j
dD]}|j
|d|ddgdg��|S|j
dD]}|j
|d|ddgd	g��gd
�}|j||jdk\�r�g}|j||jdkr|}|j
d
D]�}dD]�}|j|�s�|j|�dk(s|j|�dk(r d}|j
|d|ddd|g|zd	g��]|j||jdk\s�}d}|j
|d|ddd|g|zd	g�����g}|j||jdkr|}|j
dD]�}|jd�rd}ns|jd�rbd}|j||jdkr |j
|d|ddddddg|zd	g�n!|j
|d|ddddddddg
|zd	g�|j
|d|dddg|zd	g���|j||jdk\r|g}|j||jdkr|}|j||jdkrgd�|z}d }|j
d!D]}|j
|d|ddd|g|zd	g��!|S)"z%Get rules for specified logging levelzInvalid log level '%s'r8rrjr'rNrir6rV)r$r%r&z3/minz
--limit-burst�10r��highrrrHrOz[UFW BLOCK] rLr(r)�mediumz[UFW ALLOW] rrNr$�	conntrack�	--ctstate�INVALIDz[UFW AUDIT INVALID] �full)r$rprq�NEWz[UFW AUDIT] r)	r�r�r�rIrr5r7�endswithr�)	r:r�rkrer�r�largsr�r�s	         rBr?z%UFWBackendIptables._get_logging_ruless�������T�^�^�0�0�2�3�3��0�1�U�;�G��7�#�#��E�>��[�[��(�
O������D�!�T�8�#<�n�M�N�
O��N��[�[��(�
C������D�!�T�8�#<�b�A�B�
C�P�
��>�>�%� �D�N�N�5�$9�9��E��~�~�e�$�t�~�~�f�'=�=�"���[�[��)�

<��7�<�A��z�z�!�}��3�3�A�6�(�B��3�3�A�6�&�@�%3�F�#�N�N�A��a��u�0>��0H�05�06�79�,;�<�"�^�^�E�2�d�n�n�X�6N�N�%3�F�#�N�N�A��a��u�0>��0H�05�06�79�,;�<�<�

<� �E��~�~�e�$�t�~�~�f�'=�=�"���[�[��(�
J���:�:�g�&�+�F��Z�Z��'�+�F��~�~�e�,�t�~�~�h�/G�G�����D�!�T�;�,7��,0�(�,<�>C�,D�EG�(I�J� ����D�!�T�;�,7��,0�%�,:�,B�	,D�
).�,.�
02�(3�4�����D�!�T�5�$2�F�$<�>C�$D�EG� I�J�#
J�*�>�>�%� �D�N�N�8�$<�<��E��~�~�e�$�t�~�~�f�'=�=�"���~�~�e�$�t�~�~�f�'=�=�?�*�L��#�F��[�[��*�
J������D�!�T�5�$2�F�$<�>C�$D�EG� I�J�
J��rCc
���d}ttjj|j�}g}|j
D]�}|j
|j
d�s�"|j|j
|�tjj|dtjj|j
|��}tjj|�r��td�|z}t|��tj d�}|D]A}|�d|��}tjj#|�s�*td�|z}t|��|D]P}|�d|��}|td�tjj|�|d	�zz
}tj$||��R|D�]}|�d|��}t'j(tjj|dtjj|��tjj+|��t'j,||�	tj.|�}	|	t.j0}
|
t.j6zr|td�|zz
}��|
t.j8zs��|td�|zz
}��|S#t2$rtd
�|z}t5|�Y��-wxYw)
zReset the firewallrVz.rulesrzCould not find '%s'. Abortingz
%Y%m%d_%H%M%S�.z'%s' already exists. Abortingz"Backing up '%(old)s' to '%(new)s'
)�old�newzCouldn't stat '%s'zWARN: '%s' is world writablezWARN: '%s' is world readable)r
rr*�	share_dirrr<rur7r.r/r0�basename�isfilerIr�time�strftime�exists�rename�shutil�copy�dirname�copymode�stat�ST_MODEr\r�S_IWOTH�S_IROTH)r:�resr{�allfilesr��fnre�extry�statinfo�moder3s            rB�resetzUFWBackendIptables.resethsp�����c�j�j�2�2�D�L�L�A�	������	(�A��:�:�a�=�)�)�(�3���O�O�D�J�J�q�M�*������i�� �g�g�.�.�t�z�z�!�}�=�?�B��7�7�>�>�"�%��;�<��C���w�'�'�	(��m�m�O�,���	(�A��s�#�B��w�w�~�~�b�!��;�<��C���w�'�'�		(��	�A��s�#�B��1�:�;��W�W�-�-�a�0��<�>�
>�C��I�I�a���		��	?�A���$�C��K�K������Y�
�%'�W�W�%5�%5�a�%8�:�������*�
,�
�O�O�C��#�
��7�7�1�:������-���d�l�l�"��q�7�8�A�>�>������$��q�7�8�A�>�>��%	?�(�
���
��1�2�a�8���X���
�s�(J>�>"K$�#K$)NN)FF)F)T)�__name__�
__module__�__qualname__�__doc__r4rLrmr�r�r�r�r�r�rrr4rGr`rer�r�r?r��rCrBrrsx��'�.;�`�I�V[�zc/�J(�$,�B�8;�8B�H�$c�Jg�Rc�J�0(�H2�TX�t8rCr)r�r.r]r�r�r;r~�
ufw.commonrr�ufw.utilrrrrr	r
�ufw.backendrr2r3rr�rCrB�<module>r�s@��3�"
�	�
��
��(�?�?��B����/�/�BrC

Zerion Mini Shell 1.0