%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/states/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/states/csf.pyo

�
���^c	@@s�dZddlmZmZmZddlZddlmZeje	�Z
d�Zddddd	dd
e
d�Zddddd	de
d�Zddd
�Zd�Ze
d�Ze
d�Ze
d�Ze
d�ZdS(u"
CSF Ip tables management
========================

:depends:   - csf utility
:configuration: See http://download.configserver.com/csf/install.txt
 for setup instructions.

.. code-block:: yaml

    Simply allow/deny rules:
      csf.rule_present:
        ip: 1.2.3.4
        method: allow
i(tabsolute_importtprint_functiontunicode_literalsN(tsixcC@sdS(Nucsf((((s3/usr/lib/python2.7/site-packages/salt/states/csf.pyt__virtual__sutcpuinudusuc
C@s8i|d6id6td6dd6}
|}tdd|d|d	|d
|d|d|d
|d|d|�	}|ru|
S|r�dj|�}ntdj|�}
|
|d	|d
|d|d|d
|d|d|�}|r�d}n|	rtd�r|d7}q|d7}t|
d<n||
d<d|
dd<|
S(ut
    Ensure iptable rule exists.

    name
        The ip address or CIDR for the rule.

    method
        The type of rule.  Either 'allow' or 'deny'.

    port
        Optional port to be open or closed for the
        iptables rule.

    proto
        The protocol. Either 'tcp', or 'udp'.
        Only applicable if port is specified.

    direction
        The diretion of traffic to apply the rule to.
        Either 'in', or 'out'. Only applicable if
        port is specified.

    port_origin
        Specifies either the source or destination
        port is relevant for this rule. Only applicable
        if port is specified.  Either 's', or 'd'.

    ip_origin
        Specifies whether the ip in this rule refers to
        the source or destination ip. Either 's', or
        'd'. Only applicable if port is specified.

    ttl
        How long the rule should exist. If supplied,
        `csf.tempallow()` or csf.tempdeny()` are used.

    comment
        An optional comment to appear after the rule
        as a #comment .

    reload
        Reload the csf service after applying this rule.
        Default false.

    unameuchangesuresultuRule already exists.ucommentu
csf.existstmethodtiptporttprotot	directiontport_origint	ip_origintttltcommentutemp{0}ucsf.{0}uRule has been added.u
csf.reloadu Csf reloaded.u Unable to reload csf.uCreateduRule(tTruet__salt__tformattFalse(tnameRRRR	R
RRR
treloadtretRtexiststfunctrule((s3/usr/lib/python2.7/site-packages/salt/states/csf.pytrule_presentsJ7

				




c	C@s|}	i|d6id6td6dd6}
td||	d|d|d	|d
|d|d|�}|si|
Std
d|d|	d|d|d	|d
|d|ddd|�	}|r�d}
n|r�td�r�|
d7}
q�|
d7}
n|
|
d<d|
dd<|
S(u
    Ensure iptable is not present.

    name
        The ip address or CIDR for the rule.

    method
        The type of rule.  Either 'allow' or 'deny'.

    port
        Optional port to be open or closed for the
        iptables rule.

    proto
        The protocol. Either 'tcp', 'udp'.
        Only applicable if port is specified.

    direction
        The diretion of traffic to apply the rule to.
        Either 'in', or 'out'. Only applicable if
        port is specified.

    port_origin
        Specifies either the source or destination
        port is relevant for this rule. Only applicable
        if port is specified.  Either 's', or 'd'.

    ip_origin
        Specifies whether the ip in this rule refers to
        the source or destination ip. Either 's', or
        'd'. Only applicable if port is specified.

    ttl
        How long the rule should exist. If supplied,
        `csf.tempallow()` or csf.tempdeny()` are used.

    reload
        Reload the csf service after applying this rule.
        Default false.
    unameuchangesuresultuRule not present.ucommentu
csf.existsRRR	R
RRucsf.remove_ruleRRR
uuRule has been removed.u
csf.reloadu Csf reloaded.uCsf unable to be reloaded.uRemoveduRule(RR(RRRRR	R
RRRRRRRR
((s3/usr/lib/python2.7/site-packages/salt/states/csf.pytrule_absent�sB1


			



c	C@sttjjtj|��}t}idj|�d6id6td6dd6}tdd|d	|�}|j	�}td
|�}xK|D]C}t
jd||�t
jd|�|||kr�t}q�q�W|rtd
|d|d	|�}d|dd<||d<n|S(u�
    Ensure ports are open for a protocol, in a direction.
    e.g. - proto='tcp', direction='in' would set the values
    for TCP_IN in the csf.conf file.

    ports
        A list of ports that should be open.

    proto
        The protocol. May be one of 'tcp', 'udp',
        'tcp6', or 'udp6'.

    direction
        Choose 'in', 'out', or both to indicate the port
        should be opened for inbound traffic, outbound
        traffic, or both.
    u,unameuchangesuresultuPorts open.ucommentu
csf.get_portsRR	ucsf.build_directionsucurrent_ports[direction]: %su	ports: %sucsf.allow_portsuChangeduPorts(tlistRtmovestmapt	text_typeRtjoinRRtuppertlogttrace(	RtportsRR	tdiffRt
current_portst
directionstresult((s3/usr/lib/python2.7/site-packages/salt/states/csf.pyt
ports_open�s&



cC@st|d|d|�S(uJ
    Alias for :mod:`csf.nics_skipped <salt.states.csf.nics_skipped>`
    tnicstipv6(tnics_skipped(RR(R)((s3/usr/lib/python2.7/site-packages/salt/states/csf.pyt	nics_skipscC@svidj|�d6id6td6dd6}tdd|�}||krN|Std	|d|�}d
|dd<|S(u�
    name
        Meaningless arg, but required for state.

    nics
        A list of nics to skip.

    ipv6
        Boolean. Set to true if you want to skip
        the ipv6 interface. Default false (ipv4).
    u,unameuchangesuresultu
NICs skipped.ucommentucsf.get_skipped_nicsR)u
csf.skip_nicsuChangeduSkipped NICs(RRR(RR(R)Rtcurrent_skipped_nicsR&((s3/usr/lib/python2.7/site-packages/salt/states/csf.pyR*s
cC@s�idd6id6td6dd6}i}td�}t|�dkrK|Std	�}|r�d
}|r�td�r�|d7}q�q�nd
|dd<||d<|S(u�
    Ensure testing mode is enabled in csf.

    reload
        Reload CSF after changing the testing status.
        Default false.
    utesting modeunameuchangesuresultuTesting mode already ON.ucommentucsf.get_testing_statusiucsf.enable_testing_modeuCsf testing mode enabledu
csf.reloadu and csf reloaded.uonuTesting Mode(RRtint(RRRR&ttestingtenableR
((s3/usr/lib/python2.7/site-packages/salt/states/csf.pyt
testing_on%s"	





cC@s�idd6id6td6dd6}i}td�}t|�dkrK|Std	�}|r�d
}|r�td�r�|d7}q�q�nd
|dd<||d<|S(u�
    Ensure testing mode is enabled in csf.

    reload
        Reload CSF after changing the testing status.
        Default false.
    utesting modeunameuchangesuresultuTesting mode already OFF.ucommentucsf.get_testing_statusiucsf.disable_testing_modeuCsf testing mode disabledu
csf.reloadu and csf reloaded.uoffuTesting Mode(RRR-(RRRR&R.tdisableR
((s3/usr/lib/python2.7/site-packages/salt/states/csf.pyttesting_offAs"	





c	C@s idd6id6td6dd6}|}td|�}|r�td|�}|d	}d
j|�|krq|Std||�}d|d<d
|dd<n:tddddj||��}d|d<d|dd<|rtd�r�|dcd7<q|dcd7<t|d<n|S(u�
    Ensure the state of a particular option/setting in csf.

    name
        The option name in csf.conf

    value
        The value it should be set to.

    reload
        Boolean. If set to true, csf will be reloaded after.
    utesting modeunameuchangesuresultuOption already present.ucommentucsf.get_optionucsf.split_optioniu"{0}"ucsf.set_optionuOption modified.uChangeduOptionufile.appendu/etc/csf/csf.conftargsu{0} = "{1}"u(Option not present. Appended to csf.confuChanged.u
csf.reloadu. Csf reloaded.u. Csf failed to reload.(RRRR(	RtvalueRRtoptiontcurrent_optiontltoption_valueR&((s3/usr/lib/python2.7/site-packages/salt/states/csf.pytoption_present^s0







(t__doc__t
__future__RRRtloggingtsalt.extRt	getLoggert__name__R RtNoneRRRR'R+R*R0R2R9(((s3/usr/lib/python2.7/site-packages/salt/states/csf.pyt<module>s4	]Q)	

Zerion Mini Shell 1.0