g$pSSKrSSKJrJr SSKJr SSKrSSKJrJ r SSK J r Sr Sr "SS \\ 5rg) N)PopenPIPE)which) gp_pol_ext gp_applier)logc[S5nUbPU/nUR[U55 [U[[S9nUR 5upEUR U4$g)Nz firewall-cmd)stdoutstderr)zfirewall-cmd not found)rextendlistrr communicate returncode)argsfw_cmdcmdp stdoutdata_s ;/usr/lib/python3/dist-packages/samba/gp/gp_firewalld_ext.py firewall_cmdrsV > "F h 4: #d4 0  ||Z''+c [U[5(a U<SU<3S-$U<SSRUR5VVs/sHup#U<SU<3PM snn5<S3$s snnf)N= ) isinstancestrjoinitems)name rule_segmentkvs rrule_segment_parser%$s^,$$.#55 HH<3E3E3GH3G41A&3GH IK KHsA%c>\rSrSrSrSrSrSrSrSr Sr S r g ) gp_firewalld_ext+cg)NzSecurity/Firewalld)selfs r__str__gp_firewalld_ext.__str__,s#rc/n[SSU-5SnUS:wa[R"SU5 O(SU-nURXU5 UR U5 [S5upFUS:wa[R"SU5 UR 5R 5HCn[SSU-S UR5-5nUS:wdM,[R"SU5 ME U$) N --permanentz --new-zone=%srzFailed to add new zonezzone:%sz--list-interfacesz!Failed to set interfaces for zone --zone=%sz--add-interface=%s)rrerrorcache_add_attributeappendstripsplitdecode)r+guidzone zone_attrsret attributeout interfaces r apply_zonegp_firewalld_ext.apply_zone/s =/D*@A!D !8 II. 5!D(I  $ $Td ;   i ( 34 !8 II94 @**,I}kD.@3i6F6F6HHJCax =tD - rc T/nUR5GHupEUGH~nSU;a[SUS5nOSnSHTnUR5V s/sHoRU5(dMU PM n n U Hn U[XU 5- nM MV [ /SQ5n [ UR55n U R U 5n[ U5S:Xa+U[[U5SU[U5S5- nO[R"S5 [SS U-S UR55SnUS:wa[R"S U5 GM?URU5nS U<S U<3nURUUU5 URU5 GM GM U$s sn f)Nrulezrule ) source destinationserviceportprotocolz icmp-block masqueradez icmp-typez forward-portz source-portraudit)acceptrejectdropmarkrzInvalid firewall rule syntaxr/r0z--add-rich-rulezFailed to add firewall rulezrule::)r r%keys startswithset intersectionlenrrr1rr4generate_value_hashr2r3)r+r7 rule_dict rule_attrsr8rulesrA rule_parsedsegmentsnamesr!actionssegmentsactionr:rhashr;s r apply_rulesgp_firewalld_ext.apply_rulesCs $??,KDT>"4VT&\"JK")K 0G)- M 1||G7LQ EM %#'9$T 'KK !&  0BCtyy{+ --h7v;!##5d6l1o6:4<?6K$MMKII<="=+2D#4k6G6G6IKKLN!8II;[I 44[AE04e Cax 159++D<  ! !& ) )"-JAQ}kD.@3U<<=?Cax :EB++D<*rc U"U6$)Nr*)r+ applier_funcrs rapplygp_firewalld_ext.applyvs T""rc UHMup4[U5U;dMU[U5R5HupVURX5U5 M MO UGHnUR(dMSnSn [R R URU 5n URU 5n U (dM_/n U RGHn U RRU5(dM&U RRS5(aVU RURURUR[ R""U R$555 MU RRS5(dMU R&S:XaMU RURUR(URU R$55 GM UR+URU S9 GM g)N/Software\Policies\Samba\Unix Settings\FirewalldMACHINE/Registry.polRulesZones **delvals.)keep)rr re file_sys_pathospathrparseentrieskeynamerPendswithr rir`r!jsonloadsdata valuenamer>clean)r+deleted_gpo_listchanged_gpo_listr7settingsr;rdgposectionpol_filertpol_confattrses rprocess_group_policy%gp_firewalld_ext.process_group_policyysr.ND4yH$(0T(;(A(A(C$ILL%8)D/ $C   O1ww||C$5$5x@::d+!))Ayy++G4499--g66!LLD4D4Dchh48JJqvv4F*HIYY//88 {{l: (!LLDOOSXX45FF*<=* 388% 0+$rc0nSnSnUR(GaQ[RRURU5nUR U5nU(dU$UR HnUR RU5(dM%UR RS5(aKURS:XaMWSUR5;a/US'USRUR5 MUR RS5(dMSUR5;a/US'USR[R"UR55 M U$)Nrmrlrorprn)rrrsrtrrurvrwrPrxr|rOr3r{ryrz)r+routputrrrtrrs rrsopgp_firewalld_ext.rsops)G    77<< 1 18r`rerirr__static_attributes__r*rrr'r'+s&$( D="#1:rr')rs subprocessrrshutilrrysamba.gp.gpclassrrsamba.gp.util.loggingrrr%r'r*rrrs4" " 3% ,K@z:@r