%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/modules/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/modules/win_firewall.pyc

�
���^c@@s&dZddlmZmZmZddlZddlZddlm	Z	ddl
ZdZd�Zd�Z
dd	�Zdd
�Zdd�Zd
dddd�Zdddddd�Zd�Zdd�Zdd�Zdd�Zdddd�Zdd�Zdd�Zdd�ZdS(u9
Module for configuring Windows Firewall using ``netsh``
i(tabsolute_importtunicode_literalstprint_functionN(tCommandExecutionErrorufirewallcC@s tjjj�stdfStS(u'
    Only works on Windows systems
    u5Module win_firewall: module only available on Windows(tsalttutilstplatformt
is_windowstFalset__virtualname__(((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyt__virtual__s
cC@s�i}d}ddddg}td|dtdt�}|dd	kr]t|d
��nx}|d
j�D]k}|s�tjd|�}|r�|jd�}q�qn|j	d
�rn|j
�ddk||<d}qnqnW|S(u
    Get the status of all the firewall profiles

    Returns:
        dict: A dictionary of all profiles on the system

    Raises:
        CommandExecutionError: If the command fails

    CLI Example:

    .. code-block:: bash

        salt '*' firewall.get_config
    unetshuadvfirewallushowuallprofilesucmd.run_alltpython_shelltignore_retcodeuretcodeiustdoutu(.*) Profile Settings:iuStateuONN(tNonet__salt__RtTrueRt
splitlinestretsearchtgroupt
startswithtsplit(tprofilestcurrtcmdtrettlinettmp((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyt
get_configs
uallprofilescC@s[ddd|ddg}td|dtdt�}|d	d
krWt|d��ntS(u�
    Disable firewall profile

    Args:
        profile (Optional[str]): The name of the profile to disable. Default is
            ``allprofiles``. Valid options are:

            - allprofiles
            - domainprofile
            - privateprofile
            - publicprofile

    Returns:
        bool: True if successful

    Raises:
        CommandExecutionError: If the command fails

    CLI Example:

    .. code-block:: bash

        salt '*' firewall.disable
    unetshuadvfirewallusetustateuoffucmd.run_allRRuretcodeiustdout(RRRR(tprofileRR((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pytdisableDs
cC@s[ddd|ddg}td|dtdt�}|d	d
krWt|d��ntS(u�
    .. versionadded:: 2015.5.0

    Enable firewall profile

    Args:
        profile (Optional[str]): The name of the profile to enable. Default is
            ``allprofiles``. Valid options are:

            - allprofiles
            - domainprofile
            - privateprofile
            - publicprofile

    Returns:
        bool: True if successful

    Raises:
        CommandExecutionError: If the command fails

    CLI Example:

    .. code-block:: bash

        salt '*' firewall.enable
    unetshuadvfirewallusetustateuonucmd.run_allRRuretcodeiustdout(RRRR(RRR((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pytenablees
uallcC@soddddddj|�g}td|dtd	t�}|d
dkr`t|d��ni|d|6S(
u�
    .. versionadded:: 2015.5.0

    Display all matching rules as specified by name

    Args:
        name (Optional[str]): The full name of the rule. ``all`` will return all
            rules. Default is ``all``

    Returns:
        dict: A dictionary of all rules or rules that match the name exactly

    Raises:
        CommandExecutionError: If the command fails

    CLI Example:

    .. code-block:: bash

        salt '*' firewall.get_rule 'MyAppPort'
    unetshuadvfirewallufirewallushowuruleuname={0}ucmd.run_allRRuretcodeiustdout(tformatRRRR(tnameRR((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pytget_rule�sutcpuallowuinuanycC@s�ddddddj|�dj|�dj|�d	j|�d
j|�g
}|dksud|kr�d|kr�|jd
j|��ntd|dtdt�}|ddkr�t|d��ntS(u�
    .. versionadded:: 2015.5.0

    Add a new inbound or outbound rule to the firewall policy

    Args:

        name (str): The name of the rule. Must be unique and cannot be "all".
            Required.

        localport (int): The port the rule applies to. Must be a number between
            0 and 65535. Can be a range. Can specify multiple ports separated by
            commas. Required.

        protocol (Optional[str]): The protocol. Can be any of the following:

            - A number between 0 and 255
            - icmpv4
            - icmpv6
            - tcp
            - udp
            - any

        action (Optional[str]): The action the rule performs. Can be any of the
            following:

            - allow
            - block
            - bypass

        dir (Optional[str]): The direction. Can be ``in`` or ``out``.

        remoteip (Optional [str]): The remote IP. Can be any of the following:

            - any
            - localsubnet
            - dns
            - dhcp
            - wins
            - defaultgateway
            - Any valid IPv4 address (192.168.0.12)
            - Any valid IPv6 address (2002:9b3b:1a31:4:208:74ff:fe39:6c43)
            - Any valid subnet (192.168.1.0/24)
            - Any valid range of IP addresses (192.168.0.1-192.168.0.12)
            - A list of valid IP addresses

            Can be combinations of the above separated by commas.

    Returns:
        bool: True if successful

    Raises:
        CommandExecutionError: If the command fails

    CLI Example:

    .. code-block:: bash

        salt '*' firewall.add_rule 'test' '8080' 'tcp'
        salt '*' firewall.add_rule 'test' '1' 'icmpv4'
        salt '*' firewall.add_rule 'test_remote_ip' '8000' 'tcp' 'allow' 'in' '192.168.0.1'
    unetshuadvfirewallufirewalluadduruleuname={0}uprotocol={0}udir={0}u
action={0}uremoteip={0}uicmpv4uicmpv6u
localport={0}ucmd.run_allRRuretcodeiustdoutN(R R
tappendRRRR(R!t	localporttprotocoltactiontdirtremoteipRR((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pytadd_rule�s@cC@s0dddddg}|r4|jdj|��n|rS|jdj|��n|rr|jdj|��n|r�|jd	j|��n|dks�d
|kr�d|kr�|r�|s�|jd�n|jd
j|��q�ntd|dtdt�}|ddkr,t|d��ntS(u>
    .. versionadded:: 2015.8.0

    Delete an existing firewall rule identified by name and optionally by ports,
    protocols, direction, and remote IP.

    Args:

        name (str): The name of the rule to delete. If the name ``all`` is used
            you must specify additional parameters.

        localport (Optional[str]): The port of the rule. If protocol is not
            specified, protocol will be set to ``tcp``

        protocol (Optional[str]): The protocol of the rule. Default is ``tcp``
            when ``localport`` is specified

        dir (Optional[str]): The direction of the rule.

        remoteip (Optional[str]): The remote IP of the rule.

    Returns:
        bool: True if successful

    Raises:
        CommandExecutionError: If the command fails

    CLI Example:

    .. code-block:: bash

        # Delete incoming tcp port 8080 in the rule named 'test'
        salt '*' firewall.delete_rule 'test' '8080' 'tcp' 'in'

        # Delete the incoming tcp port 8000 from 192.168.0.1 in the rule named
        # 'test_remote_ip'
        salt '*' firewall.delete_rule 'test_remote_ip' '8000' 'tcp' 'in' '192.168.0.1'

        # Delete all rules for local port 80:
        salt '*' firewall.delete_rule all 80 tcp

        # Delete a rule called 'allow80':
        salt '*' firewall.delete_rule allow80
    unetshuadvfirewallufirewalludeleteuruleuname={0}uprotocol={0}udir={0}uremoteip={0}uicmpv4uicmpv6uprotocol=tcpu
localport={0}ucmd.run_allRRuretcodeiustdoutN(R#R R
RRRR(R!R$R%R'R(RR((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pytdelete_rule�s&1cC@s+yt|�tSWntk
r&tSXdS(ua
    .. versionadded:: 2016.11.6

    Checks if a firewall rule exists in the firewall policy

    Args:
        name (str): The name of the rule

    Returns:
        bool: True if exists, otherwise False

    CLI Example:

    .. code-block:: bash

        # Is there a rule named RemoteDesktop
        salt '*' firewall.rule_exists RemoteDesktop
    N(R"RRR(R!((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pytrule_existsBs


ulocalcC@s"tjjjd|d|d|�S(u
    Get the firewall property from the specified profile in the specified store
    as returned by ``netsh advfirewall``.

    .. versionadded:: 2018.3.4
    .. versionadded:: 2019.2.0

    Args:

        profile (str):
            The firewall profile to query. Valid options are:

            - domain
            - public
            - private

        section (str):
            The property to query within the selected profile. Valid options
            are:

            - firewallpolicy : inbound/outbound behavior
            - logging : firewall logging settings
            - settings : firewall properties
            - state : firewalls state (on | off)

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        dict: A dictionary containing the properties for the specified profile

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect

    CLI Example:

    .. code-block:: bash

        # Get the inbound/outbound firewall settings for connections on the
        # local domain profile
        salt * win_firewall.get_settings domain firewallpolicy

        # Get the inbound/outbound firewall settings for connections on the
        # domain profile as defined by local group policy
        salt * win_firewall.get_settings domain firewallpolicy lgpo
    Rtsectiontstore(RRtwin_lgpo_netshtget_settings(RR,R-((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyR/\s6cC@stjjjd|d|�S(u�
    Gets all the properties for the specified profile in the specified store

    .. versionadded:: 2018.3.4
    .. versionadded:: 2019.2.0

    Args:

        profile (str):
            The firewall profile to query. Valid options are:

            - domain
            - public
            - private

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        dict: A dictionary containing the specified settings

    CLI Example:

    .. code-block:: bash

        # Get all firewall settings for connections on the domain profile
        salt * win_firewall.get_all_settings domain

        # Get all firewall settings for connections on the domain profile as
        # defined by local group policy
        salt * win_firewall.get_all_settings domain lgpo
    RR-(RRR.tget_all_settings(tdomainR-((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyR0�s'cC@stjjjd|�S(u�
    Gets all properties for all profiles in the specified store

    .. versionadded:: 2018.3.4
    .. versionadded:: 2019.2.0

    Args:

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        dict: A dictionary containing the specified settings for each profile

    CLI Example:

    .. code-block:: bash

        # Get all firewall settings for all profiles
        salt * firewall.get_all_settings

        # Get all firewall settings for all profiles as defined by local group
        # policy

        salt * firewall.get_all_settings lgpo
    R-(RRR.tget_all_profiles(R-((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyR2�s!c	C@s(tjjjd|d|d|d|�S(u�
    Set the firewall inbound/outbound settings for the specified profile and
    store

    .. versionadded:: 2018.3.4
    .. versionadded:: 2019.2.0

    Args:

        profile (str):
            The firewall profile to query. Valid options are:

            - domain
            - public
            - private

        inbound (str):
            The inbound setting. If ``None`` is passed, the setting will remain
            unchanged. Valid values are:

            - blockinbound
            - blockinboundalways
            - allowinbound
            - notconfigured

            Default is ``None``

        outbound (str):
            The outbound setting. If ``None`` is passed, the setting will remain
            unchanged. Valid values are:

            - allowoutbound
            - blockoutbound
            - notconfigured

            Default is ``None``

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect

    CLI Example:

    .. code-block:: bash

        # Set the inbound setting for the domain profile to block inbound
        # connections
        salt * firewall.set_firewall_settings domain='domain' inbound='blockinbound'

        # Set the outbound setting for the domain profile to allow outbound
        # connections
        salt * firewall.set_firewall_settings domain='domain' outbound='allowoutbound'

        # Set inbound/outbound settings for the domain profile in the group
        # policy to block inbound and allow outbound
        salt * firewall.set_firewall_settings domain='domain' inbound='blockinbound' outbound='allowoutbound' store='lgpo'
    RtinboundtoutboundR-(RRR.tset_firewall_settings(RR3R4R-((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyR5�sFc	C@s(tjjjd|d|d|d|�S(uA	
    Configure logging settings for the Windows firewall.

    .. versionadded:: 2018.3.4
    .. versionadded:: 2019.2.0

    Args:

        profile (str):
            The firewall profile to configure. Valid options are:

            - domain
            - public
            - private

        setting (str):
            The logging setting to configure. Valid options are:

            - allowedconnections
            - droppedconnections
            - filename
            - maxfilesize

        value (str):
            The value to apply to the setting. Valid values are dependent upon
            the setting being configured. Valid options are:

            allowedconnections:

                - enable
                - disable
                - notconfigured

            droppedconnections:

                - enable
                - disable
                - notconfigured

            filename:

                - Full path and name of the firewall log file
                - notconfigured

            maxfilesize:

                - 1 - 32767
                - notconfigured

            .. note::
                ``notconfigured`` can only be used when using the lgpo store

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect

    CLI Example:

    .. code-block:: bash

        # Log allowed connections and set that in local group policy
        salt * firewall.set_logging_settings domain allowedconnections enable lgpo

        # Don't log dropped connections
        salt * firewall.set_logging_settings profile=private setting=droppedconnections value=disable

        # Set the location of the log file
        salt * firewall.set_logging_settings domain filename C:\windows\logs\firewall.log

        # You can also use environment variables
        salt * firewall.set_logging_settings domain filename %systemroot%\system32\LogFiles\Firewall\pfirewall.log

        # Set the max file size of the log to 2048 Kb
        salt * firewall.set_logging_settings domain maxfilesize 2048
    RtsettingtvalueR-(RRR.tset_logging_settings(RR6R7R-((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyR82sXc	C@s(tjjjd|d|d|d|�S(u�
    Configure firewall settings.

    .. versionadded:: 2018.3.4
    .. versionadded:: 2019.2.0

    Args:

        profile (str):
            The firewall profile to configure. Valid options are:

            - domain
            - public
            - private

        setting (str):
            The firewall setting to configure. Valid options are:

            - localfirewallrules
            - localconsecrules
            - inboundusernotification
            - remotemanagement
            - unicastresponsetomulticast

        value (str):
            The value to apply to the setting. Valid options are

            - enable
            - disable
            - notconfigured

            .. note::
                ``notconfigured`` can only be used when using the lgpo store

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect

    CLI Example:

    .. code-block:: bash

        # Merge local rules with those distributed through group policy
        salt * firewall.set_settings domain localfirewallrules enable

        # Allow remote management of Windows Firewall
        salt * firewall.set_settings domain remotemanagement enable
    RR6R7R-(RRR.tset_settings(RR6R7R-((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyR9�s=cC@s"tjjjd|d|d|�S(u�
    Configure the firewall state.

    .. versionadded:: 2018.3.4
    .. versionadded:: 2019.2.0

    Args:

        profile (str):
            The firewall profile to configure. Valid options are:

            - domain
            - public
            - private

        state (str):
            The firewall state. Valid options are:

            - on
            - off
            - notconfigured

            .. note::
                ``notconfigured`` can only be used when using the lgpo store

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect

    CLI Example:

    .. code-block:: bash

        # Turn the firewall off when the domain profile is active
        salt * firewall.set_state domain off

        # Turn the firewall on when the public profile is active and set that in
        # the local group policy
        salt * firewall.set_state public on lgpo
    RtstateR-(RRR.t	set_state(RR:R-((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyR;�s5(t__doc__t
__future__RRRRtsalt.utils.platformRtsalt.exceptionsRtsalt.utils.win_lgpo_netshR	R
RRRR"R)R
R*R+R/R0R2R5R8R9R;(((s=/usr/lib/python2.7/site-packages/salt/modules/win_firewall.pyt<module>s4	
	'!#	QE	;+$L^C

Zerion Mini Shell 1.0