a i_u@sddlZddlZddlmZddlmZmZmZddlm Z ddl m Z ddl m Z mZmZmZddlmZddlmZGd d d e ZdS) N)config)dbus_to_python%dbus_introspection_prepare_properties!dbus_introspection_add_properties)log)DbusServiceObject)handle_exceptionsdbus_handle_exceptionsdbus_service_methoddbus_polkit_require_auth)errors) FirewallErrorcseZdZdZdZejjZe fddZ e ddZ e ddZ e d d Zeejd d d e dddZeejddd e dddZeejjeejdde dddZejjejddddZeejjeejdde dfdd Zeejjd de dd!d"Zeejjdde dd#d$Zeejjd de dd%d&Zeejjdde dd'd(Zeejje dd)d*Z ejjejjdde d+d,Z!eejje dd-d.Z"ejjejjdde d/d0Z#eejjdde dd1d2Z$ejjejjdde d3d4Z%eejjdde dd5d6Z&eejjdde dd7d8Z'eejjdde dd9d:Z(eejjdde dd;d<Z)eejjdde dd=d>Z*eejjdde dd?d@Z+eejjdAde ddBdCZ,eejjdAde ddDdEZ-eejjd de ddFdGZ.eejjd de ddHdIZ/eejjd dJd e ddKdLZ0eejjdMde ddNdOZ1eejjdMde ddPdQZ2eejjdde ddRdSZ3eejjdde ddTdUZ4eejjddJd e ddVdWZ5eejjdAde ddXdYZ6eejjdAde ddZd[Z7eejjd de dd\d]Z8eejjd de dd^d_Z9eejjd dJd e dd`daZ:eejjdMde ddbdcZ;eejjdMde ddddeZeejjddJd e ddjdkZ?eejjdlde ddmdnZ@eejjdlde ddodpZAeejjddd e ddqdrZBeejjd de ddsdtZCeejjdde ddudvZDeejjd dJd e ddwdxZEeejjdMde ddydzZFeejjdMde dd{d|ZGeejjdde dd}d~ZHeejjdde dddZIeejjddJd e dddZJZKS)FirewallDConfigServicezFirewallD main classTcs`tt|j|i|||_||_||_||_|d|_|d|_d|j|_ t |tj j dS)Nrzconfig.service.%d) superr__init__parentrobjitem_idbusnamepath _log_prefixrdbusDBUS_INTERFACE_CONFIG_SERVICE)selfrZconfservicerargskwargs __class__B/usr/lib/python3.9/site-packages/firewall/server/config_service.pyr2s   zFirewallDConfigService.__init__cCsdSNr rr r r!__del__?szFirewallDConfigService.__del__cCs |dSr")Zremove_from_connectionr#r r r! unregisterCsz!FirewallDConfigService.unregistercCs|dkrt|jjS|dkr,t|jjS|dkrBt|jjS|dkrXt|jjS|dkrnt|jjStj d|dS)NnamefilenamerdefaultbuiltinzDorg.freedesktop.DBus.Error.InvalidArgs: Property '%s' does not exist) rStringrr&r'rZBooleanr(r) exceptions DBusException)r property_namer r r! _get_propertyKsz$FirewallDConfigService._get_propertyssv) in_signature out_signatureNcCsLt|t}t|t}td|j|||tjjkrBtj d|| |S)Nz%s.Get('%s', '%s')Jorg.freedesktop.DBus.Error.UnknownInterface: Interface '%s' does not exist) rstrrdebug1rrrrr+r,r.)rinterface_namer-senderr r r!Get\s    zFirewallDConfigService.Getsza{sv}cCs`t|t}td|j||tjjkr6tj d|i}dD]}| |||<q>tj |ddS)Nz%s.GetAll('%s')r3)r&r'rr(r)svZ signature) rr4rr5rrrrr+r,r.Z Dictionary)rr6r7retxr r r!GetAllms  zFirewallDConfigService.GetAllZssv)r1cCslt|t}t|t}t|}td|j||||j||tjj krXtj d|tj d|dS)Nz%s.Set('%s', '%s', '%s')r3zGorg.freedesktop.DBus.Error.PropertyReadOnly: Property '%s' is read-only) rr4rr5rr accessCheckrrrr+r,)rr6r-Z new_valuer7r r r!Set~s$     zFirewallDConfigService.Setzsa{sv}asr;cCs2t|t}t|}t|}td|j|||dS)Nz&%s.PropertiesChanged('%s', '%s', '%s'))rr4rr5r)rr6Zchanged_propertiesZinvalidated_propertiesr r r!PropertiesChangeds   z(FirewallDConfigService.PropertiesChanged)r2cs8td|jtt||j|j}t ||t j j S)Nz%s.Introspect()) rZdebug2rrr IntrospectrrZget_busrrrr)rr7datarr r!rBs   z!FirewallDConfigService.Introspectz(sssa(ss)asa{ss}asa(ss))cCstd|j|j|jS)!get settings for service z%s.getSettings())rr5rrZget_service_configrrr7r r r! getSettingssz"FirewallDConfigService.getSettingscCstd|j|j|jS)rDz%s.getSettings2())rr5rrget_service_config_dictrrEr r r! getSettings2sz#FirewallDConfigService.getSettings2cCsFt|}td|j|j||j|j||_| |jj dS)z$update settings for service z%s.update('...')N) rrr5rrr?rZset_service_configrUpdatedr&rsettingsr7r r r!updates  zFirewallDConfigService.updatecCsFt|}td|j|j||j|j||_| |jj dS)Nz%s.update2('...')) rrr5rrr?rset_service_config_dictrrIr&rJr r r!update2s  zFirewallDConfigService.update2cCs<td|j|j||j|j|_||jj dS)z2load default settings for builtin service z%s.loadDefaults()N) rr5rrr?rZload_service_defaultsrrIr&rEr r r! loadDefaultss z#FirewallDConfigService.loadDefaultscCstd|j|fdS)Nz%s.Updated('%s')rr5rrr&r r r!rIszFirewallDConfigService.UpdatedcCs:td|j|j||j|j|j|jdS)zremove service z%s.removeService()N) rr5rrr?rZremove_servicerZ removeServicerEr r r!removes zFirewallDConfigService.removecCstd|j|fdS)Nz%s.Removed('%s')rPrQr r r!RemovedszFirewallDConfigService.RemovedcCsFt|t}td|j||j||j|j ||_ | |dS)zrename service z%s.rename('%s')N) rr4rr5rrr?rZrename_servicerRenamed)rr&r7r r r!renames   zFirewallDConfigService.renamecCstd|j|fdS)Nz%s.Renamed('%s')rPrQr r r!rTszFirewallDConfigService.RenamedcCstd|j|dS)Nz%s.getVersion()rrr5rrFrEr r r! getVersion sz!FirewallDConfigService.getVersioncCsHt|t}td|j||j|t|}||d<| |dS)Nz%s.setVersion('%s')r rr4rr5rrr?listrFrL)rversionr7rKr r r! setVersions    z!FirewallDConfigService.setVersioncCstd|j|dS)Nz %s.getShort()rrVrEr r r!getShortszFirewallDConfigService.getShortcCsHt|t}td|j||j|t|}||d<| |dS)Nz%s.setShort('%s')rrX)rZshortr7rKr r r!setShort$s    zFirewallDConfigService.setShortcCstd|j|dS)Nz%s.getDescription()rVrEr r r!getDescription1sz%FirewallDConfigService.getDescriptioncCsHt|t}td|j||j|t|}||d<| |dS)Nz%s.setDescription('%s')r^rX)r descriptionr7rKr r r!setDescription8s    z%FirewallDConfigService.setDescriptionza(ss)cCstd|j|dS)Nz %s.getPorts()rVrEr r r!getPortsFszFirewallDConfigService.getPortscCsg}t|tD](}t|tr,|t|q||q|}td|jddd|D|j |t| }||d<| |dS)Nz%s.setPorts('[%s]'),css"|]}d|d|dfVqdSz ('%s, '%s')rrNr .0portr r r! Zz2FirewallDConfigService.setPorts..rb rrY isinstanceappendtuplerr5rjoinrr?rFrLrZportsr7Z_portsrhrKr r r!setPortsMs     zFirewallDConfigService.setPortscCst|t}t|t}td|j|||j|t|}||f|dvrbt t j d||f|d ||f| |dS)Nz%s.addPort('%s', '%s')rb%s:%srr4rr5rrr?rYrFr r ALREADY_ENABLEDrmrLrrhprotocolr7rKr r r!addPort`s      zFirewallDConfigService.addPortcCst|t}t|t}td|j|||j|t|}||f|dvrbt t j d||f|d ||f| |dS)Nz%s.removePort('%s', '%s')rbrrrr4rr5rrr?rYrFr r NOT_ENABLEDrRrLrur r r! removePortps     z!FirewallDConfigService.removePortbcCs:t|t}t|t}td|j||||f|dvS)Nz%s.queryPort('%s', '%s')rbrr4rr5rrFrrhrvr7r r r! queryPorts    z FirewallDConfigService.queryPortascCstd|j|dS)Nz%s.getProtocols()rVrEr r r! getProtocolssz#FirewallDConfigService.getProtocolscCsNt|t}td|jd||j|t|}||d<| |dS)Nz%s.setProtocols('[%s]')rdr) rrYrr5rrorr?rFrL)rZ protocolsr7rKr r r! setProtocolss    z#FirewallDConfigService.setProtocolscCsft|t}td|j||j|t|}||dvrJt t j ||d || |dS)Nz%s.addProtocol('%s')rrsrrvr7rKr r r! addProtocols     z"FirewallDConfigService.addProtocolcCsft|t}td|j||j|t|}||dvrJt t j ||d || |dS)Nz%s.removeProtocol('%s')rrxrr r r!removeProtocols     z%FirewallDConfigService.removeProtocolcCs*t|t}td|j|||dvS)Nz%s.queryProtocol(%s')rr|)rrvr7r r r! queryProtocols z$FirewallDConfigService.queryProtocolcCstd|j|dS)Nz%s.getSourcePorts()rVrEr r r!getSourcePortssz%FirewallDConfigService.getSourcePortscCsg}t|tD](}t|tr,|t|q||q|}td|jddd|D|j |t| }||d<| |dS)Nz%s.setSourcePorts('[%s]')rdcss"|]}d|d|dfVqdSrer rfr r r!rirjz8FirewallDConfigService.setSourcePorts..rrkrpr r r!setSourcePortss     z%FirewallDConfigService.setSourcePortscCst|t}t|t}td|j|||j|t|}||f|dvrbt t j d||f|d ||f| |dS)Nz%s.addSourcePort('%s', '%s')rrrrsrur r r! addSourcePorts      z$FirewallDConfigService.addSourcePortcCst|t}t|t}td|j|||j|t|}||f|dvrbt t j d||f|d ||f| |dS)Nz%s.removeSourcePort('%s', '%s')rrrrxrur r r!removeSourcePorts     z'FirewallDConfigService.removeSourcePortcCs:t|t}t|t}td|j||||f|dvS)Nz%s.querySourcePort('%s', '%s')rr|r}r r r!querySourcePorts    z&FirewallDConfigService.querySourcePortcCstd|j|dS)Nz%s.getModules()rVrEr r r! getModulessz!FirewallDConfigService.getModulescCst|t}g}|D]8}|dr@|dd}d|vr@|dd}||q|}td|jd||j |t| }||d<| |dS)N nf_conntrack__-z%s.setModules('[%s]')rdr) rrY startswithreplacermrr5rrorr?rFrL)rmodulesr7Z_modulesmodulerKr r r! setModuless         z!FirewallDConfigService.setModulescCst|t}|dr4|dd}d|vr4|dd}td|j||j|t | }||dvrtt t j ||d|||dS)Nrrrrz%s.addModule('%s')r)rr4rrrr5rrr?rYrFr r rtrmrLrrr7rKr r r! addModule"s        z FirewallDConfigService.addModulecCst|t}|dr4|dd}d|vr4|dd}td|j||j|t | }||dvrtt t j ||d|||dS)Nrrrrz%s.removeModule('%s')r)rr4rrrr5rrr?rYrFr r ryrRrLrr r r! removeModule3s        z#FirewallDConfigService.removeModulecCsTt|t}|dr4|dd}d|vr4|dd}td|j|||dvS)Nrrrrz%s.queryModule('%s')r)rr4rrrr5rrF)rrr7r r r! queryModuleDs    z"FirewallDConfigService.queryModuleza{ss}cCstd|j|dS)Nz%s.getDestinations()rVrEr r r!getDestinationsRsz&FirewallDConfigService.getDestinationscCsVt|t}td|j|d|d|j|t| }||d<| |dS)Nz*%s.setDestinations({ipv4:'%s', ipv6:'%s'})Zipv4Zipv6r) rdictrr5rgetrr?rYrFrL)rZ destinationsr7rKr r r!setDestinationsYs    z&FirewallDConfigService.setDestinationscCsVt|t}td|j||j|t|}||dvrJt t j ||d|S)Nz%s.getDestination('%s')r) rr4rr5rrr?rYrFr r ryrfamilyr7rKr r r!getDestinationfs      z%FirewallDConfigService.getDestinationcCst|t}t|t}td|j|||j|t|}||dvrn|d||krnt t j d||f||d|<| |dS)Nz%s.setDestination('%s', '%s')rz '%s': '%s') rr4rr5rrr?rYrFr r rtrLrraddressr7rKr r r!setDestinationss       z%FirewallDConfigService.setDestinationcCsbt|t}td|j||j|t|}||dvrJt t j ||d|=| |dS)Nz%s.removeDestination('%s')r) rr4rr5rrr?rYrFr r ryrLrr r r!removeDestinations       z(FirewallDConfigService.removeDestinationcCsJt|t}t|t}td|j|||}||dvoH||d|kS)Nz%s.queryDestination('%s', '%s')rr|rr r r!queryDestinations    z'FirewallDConfigService.queryDestinationcCs<td|j|j||j|j}d|vr8|dSgS)Nz%s.getIncludes()includes)rr5rrr?rrGr)rr7rKr r r! getIncludess z"FirewallDConfigService.getIncludescCsZt|t}td|j||j|d|ddi}|j|j ||_ | |j j dS)Nz%s.setIncludes('%s')r) rrYrr5rrr?rrMrrIr&)rrr7rKr r r! setIncludess   z"FirewallDConfigService.setIncludescCsjt|t}td|j||j||j|j }| dg ||j |j ||_ | |j jdS)Nz%s.addInclude('%s')r)rr4rr5rrr?rrGr setdefaultrmrMrIr&rZincluder7rKr r r! addIncludes  z!FirewallDConfigService.addIncludecCsft|t}td|j||j||j|j }|d ||j |j ||_ | |j j dS)Nz%s.removeInclude('%s')r)rr4rr5rrr?rrGrrRrMrIr&rr r r! removeIncludes  z$FirewallDConfigService.removeIncludecCs@t|t}td|j||j|j}d|vr<||dvSdS)Nz%s.queryInclude('%s')rF)rr4rr5rrrGrrr r r! queryIncludes z#FirewallDConfigService.queryInclude)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)N)L__name__ __module__ __qualname____doc__Z persistentrrZPK_ACTION_CONFIGZdefault_polkit_auth_requiredrrr r$r%r.r ZPROPERTIES_IFACEr8r>r r@rsignalrAZPK_ACTION_INFOZINTROSPECTABLE_IFACErBrrFrHrLrNrOrIrRrSrUrTrWr[r\r]r_rarcrqrwrzr~rrrrrrrrrrrrrrrrrrrrrrrrrr __classcell__r r rr!r*s                                        r)rZ dbus.serviceZfirewallrZfirewall.dbus_utilsrrrZfirewall.core.loggerrZfirewall.server.dbusrZfirewall.server.decoratorsrr r r r Zfirewall.errorsr rr r r r!s