%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/lib/python2.7/site-packages/salt/utils/
Upload File :
Create Path :
Current File : //usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pyc

�
���^c@@s4dZddlmZmZmZddlmZddlZddlZddl	Z	ddl
Z
ddlZddlZ
ddlmZddlmZeje�Ze
j�ZdZd�Zd	�Zd
�Zdd�Zdd
�Zdd�Zdddd�Zdd�Z dd�Z!dd�Z"dS(uF

A salt util for modifying firewall settings.

.. versionadded:: 2018.3.4
.. versionadded:: 2019.2.0

This util allows you to modify firewall settings in the local group policy in
addition to the normal firewall settings. Parameters are taken from the
netsh advfirewall prompt.

.. note::
    More information can be found in the advfirewall context in netsh. This can
    be access by opening a netsh prompt. At a command prompt type the following:

    c:\>netsh
    netsh>advfirewall
    netsh advfirewall>set help
    netsh advfirewall>set domain help

Usage:

.. code-block:: python

    import salt.utils.win_lgpo_netsh

    # Get the inbound/outbound firewall settings for connections on the
    # local domain profile
    salt.utils.win_lgpo_netsh.get_settings(profile='domain',
                                           section='firewallpolicy')

    # Get the inbound/outbound firewall settings for connections on the
    # domain profile as defined by local group policy
    salt.utils.win_lgpo_netsh.get_settings(profile='domain',
                                           section='firewallpolicy',
                                           store='lgpo')

    # Get all firewall settings for connections on the domain profile
    salt.utils.win_lgpo_netsh.get_all_settings(profile='domain')

    # Get all firewall settings for connections on the domain profile as
    # defined by local group policy
    salt.utils.win_lgpo_netsh.get_all_settings(profile='domain', store='lgpo')

    # Get all firewall settings for all profiles
    salt.utils.win_lgpo_netsh.get_all_settings()

    # Get all firewall settings for all profiles as defined by local group
    # policy
    salt.utils.win_lgpo_netsh.get_all_settings(store='lgpo')

    # Set the inbound setting for the domain profile to block inbound
    # connections
    salt.utils.win_lgpo_netsh.set_firewall_settings(profile='domain',
                                                    inbound='blockinbound')

    # Set the outbound setting for the domain profile to allow outbound
    # connections
    salt.utils.win_lgpo_netsh.set_firewall_settings(profile='domain',
                                                    outbound='allowoutbound')

    # Set inbound/outbound settings for the domain profile in the group
    # policy to block inbound and allow outbound
    salt.utils.win_lgpo_netsh.set_firewall_settings(profile='domain',
                                                    inbound='blockinbound',
                                                    outbound='allowoutbound',
                                                    store='lgpo')
i(tabsolute_importtunicode_literalstprint_function(tdedentN(tCommandExecutionError(tzipunetshcC@s tjjj�stdfStS(u*
    Only load if on a Windows system
    u&This utility only available on Windows(tsalttutilstplatformt
is_windowstFalset__virtualname__(((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pyt__virtual__Ys
c	C@s�tjdddddddt��}|j|�WdQXzEtjd	j|j|��tj	j
jd
j|j�dt�SWdt
j|j�XdS(u
    helper function to get the results of ``netsh -f content.txt``

    Running ``netsh`` will drop you into a ``netsh`` prompt where you can issue
    ``netsh`` commands. You can put a series of commands in an external file and
    run them as if from a ``netsh`` prompt using the ``-f`` switch. That's what
    this function does.

    Args:

        content (str):
            The contents of the file that will be run by the ``netsh -f``
            command

    Returns:
        str: The text returned by the netsh command
    tmodeuwtprefixusalt-tsuffixu.netshtdeleteNu{0}:
{1}unetsh -f {0}tpython_shell(ttempfiletNamedTemporaryFileR
twritetlogtdebugtformattnameRtmodulestcmdmodtruntTruetostremove(tcontenttfp((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pyt_netsh_filecs)cC@s|j�dkr*tdj|���n|j�dkrTtdj|��}ntdjt|��}td|�j�S(NulocalulgpouIncorrect store: {0}uM            advfirewall
            set store local 
            {0}
        uP            advfirewall
            set store gpo = {0}
            {1}
        R(ulocalulgpo(tlowert
ValueErrorRRt__hostname__R!t
splitlines(tcommandtstoretnetsh_script((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pyt_netsh_command�sulocalc
	C@s�|j�dkr*tdj|���n|j�dkrTtd	j|���n|j�dkr~tdj|���nd
j||�}td|d|�}t|�dkr�tdj|���ni}xJ|dD]>}|jttt	t
tjd|��gd����q�Wx(|D] }||j
dd�||<q)W|dkr�|djd�\}}	i|d6|	d6S|S(u$
    Get the firewall property from the specified profile in the specified store
    as returned by ``netsh advfirewall``.

    Args:

        profile (str):
            The firewall profile to query. Valid options are:

            - domain
            - public
            - private

        section (str):
            The property to query within the selected profile. Valid options
            are:

            - firewallpolicy : inbound/outbound behavior
            - logging : firewall logging settings
            - settings : firewall properties
            - state : firewalls state (on | off)

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        dict: A dictionary containing the properties for the specified profile

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect
    udomainupublicuprivateuIncorrect profile: {0}ustateufirewallpolicyusettingsulogginguIncorrect section: {0}ulocalulgpouIncorrect store: {0}ushow {0}profile {1}R&R'iuInvalid results: {0}u\s{2,}iu uuFirewall Policyu,uInbounduOutbound(udomainupublicuprivate(ustateufirewallpolicyusettingsulogging(ulocalulgpo(R"R#RR)tlenRtupdatetdicttlistRtitertretsplittreplace(
tprofiletsectionR'R&tresultstrettlinetitemtinboundtoutbound((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pytget_settings�s&(<
cC@s�t�}|jtd|ddd|��|jtd|ddd|��|jtd|ddd|��|jtd|ddd|��|S(u2
    Gets all the properties for the specified profile in the specified store

    Args:

        profile (str):
            The firewall profile to query. Valid options are:

            - domain
            - public
            - private

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        dict: A dictionary containing the specified settings
    R2R3ustateR'ufirewallpolicyusettingsulogging(R,R+R:(R2R'R5((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pytget_all_settings�s	""""cC@sFitddd|�d6tddd|�d6tddd|�d6S(	u�
    Gets all properties for all profiles in the specified store

    Args:

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        dict: A dictionary containing the specified settings for each profile
    R2udomainR'uDomain ProfileuprivateuPrivate ProfileupublicuPublic Profile(R;(R'((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pytget_all_profilesscC@sE|j�dkr*tdj|���n|rZ|j�dkrZtd	j|���n|r�|j�dkr�tdj|���n|r�|r�td
��n|s�|r�td|ddd|�}|s�|d}n|s�|d}q�ndj|||�}td|d|�}|rAtdj|���ntS(u�
    Set the firewall inbound/outbound settings for the specified profile and
    store

    Args:

        profile (str):
            The firewall profile to configure. Valid options are:

            - domain
            - public
            - private

        inbound (str):
            The inbound setting. If ``None`` is passed, the setting will remain
            unchanged. Valid values are:

            - blockinbound
            - blockinboundalways
            - allowinbound
            - notconfigured

            Default is ``None``

        outbound (str):
            The outbound setting. If ``None`` is passed, the setting will remain
            unchanged. Valid values are:

            - allowoutbound
            - blockoutbound
            - notconfigured

            Default is ``None``

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect
    udomainupublicuprivateuIncorrect profile: {0}ublockinboundublockinboundalwaysuallowinboundu
notconfigureduIncorrect inbound value: {0}u
allowoutboundu
blockoutbounduIncorrect outbound value: {0}uMust set inbound or outboundR2R3ufirewallpolicyR'uInbounduOutboundu%set {0}profile firewallpolicy {1},{2}R&uAn error occurred: {0}(udomainupublicuprivate(ublockinboundublockinboundalwaysuallowinboundu
notconfigured(u
allowoutboundu
blockoutboundu
notconfigured(R"R#RR:R)RR(R2R8R9R'R5R&R4((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pytset_firewall_settingss67			
cC@sz|j�dkr*tdj|���n|j�dkrTtd	j|���n|j�dkr�|j�dkr�td
j|���q�n|j�dkr.|j�dkr.yt|�Wn&tk
r�td
j|���nXdt|�kodkns+td
j|���q+q.ndj|||�}td|d|�}|rvtdj|���ntS(u�
    Configure logging settings for the Windows firewall.

    Args:

        profile (str):
            The firewall profile to configure. Valid options are:

            - domain
            - public
            - private

        setting (str):
            The logging setting to configure. Valid options are:

            - allowedconnections
            - droppedconnections
            - filename
            - maxfilesize

        value (str):
            The value to apply to the setting. Valid values are dependent upon
            the setting being configured. Valid options are:

            allowedconnections:

                - enable
                - disable
                - notconfigured

            droppedconnections:

                - enable
                - disable
                - notconfigured

            filename:

                - Full path and name of the firewall log file
                - notconfigured

            maxfilesize:

                - 1 - 32767 (Kb)
                - notconfigured

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect
    udomainupublicuprivateuIncorrect profile: {0}uallowedconnectionsudroppedconnectionsufilenameumaxfilesizeuIncorrect setting: {0}uenableudisableu
notconfigureduIncorrect value: {0}ii�uset {0}profile logging {1} {2}R&R'uAn error occurred: {0}(udomainupublicuprivate(uallowedconnectionsudroppedconnectionsufilenameumaxfilesize(uallowedconnectionsudroppedconnections(uenableudisableu
notconfigured(R"R#RtintR)RR(R2tsettingtvalueR'R&R4((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pytset_logging_settingsys.@		
"cC@s�|j�dkr*tdj|���n|j�dkrTtd
j|���n|j�dkr~tdj|���ndj|||�}td|d|�}|r�tdj|���ntS(u

    Configure firewall settings.

    Args:

        profile (str):
            The firewall profile to configure. Valid options are:

            - domain
            - public
            - private

        setting (str):
            The firewall setting to configure. Valid options are:

            - localfirewallrules
            - localconsecrules
            - inboundusernotification
            - remotemanagement
            - unicastresponsetomulticast

        value (str):
            The value to apply to the setting. Valid options are

            - enable
            - disable
            - notconfigured

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect
    udomainupublicuprivateuIncorrect profile: {0}ulocalfirewallrulesulocalconsecrulesuinboundusernotificationuremotemanagementuunicastresponsetomulticastuIncorrect setting: {0}uenableudisableu
notconfigureduIncorrect value: {0}uset {0}profile settings {1} {2}R&R'uAn error occurred: {0}(udomainupublicuprivate(ulocalfirewallrulesulocalconsecrulesuinboundusernotificationuremotemanagementuunicastresponsetomulticast(uenableudisableu
notconfigured(R"R#RR)RR(R2R?R@R'R&R4((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pytset_settings�s.		cC@s�|j�d
kr*tdj|���n|j�dkrTtdj|���nd	j||�}td
|d|�}|r�tdj|���ntS(u�
    Configure the firewall state.

    Args:

        profile (str):
            The firewall profile to configure. Valid options are:

            - domain
            - public
            - private

        state (str):
            The firewall state. Valid options are:

            - on
            - off
            - notconfigured

        store (str):
            The store to use. This is either the local firewall policy or the
            policy defined by local group policy. Valid options are:

            - lgpo
            - local

            Default is ``local``

    Returns:
        bool: ``True`` if successful

    Raises:
        CommandExecutionError: If an error occurs
        ValueError: If the parameters are incorrect
    udomainupublicuprivateuIncorrect profile: {0}uonuoffu
notconfigureduIncorrect state: {0}uset {0}profile state {1}R&R'uAn error occurred: {0}(udomainupublicuprivate(uonuoffu
notconfigured(R"R#RR)RR(R2tstateR'R&R4((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pyt	set_states%(#t__doc__t
__future__RRRttextwrapRtloggingRR/tsocketRtsalt.modules.cmdmodRtsalt.exceptionsRtsalt.ext.six.movesRt	getLoggert__name__RtgethostnameR$RRR!R)R:R;R<tNoneR=RARBRD(((s=/usr/lib/python2.7/site-packages/salt/utils/win_lgpo_netsh.pyt<module>Ds2	
		O!Y`D

Zerion Mini Shell 1.0