| Server IP : 23.254.227.96 / Your IP : 216.73.216.7 Web Server : Apache/2.4.62 (Unix) OpenSSL/1.1.1k System : Linux hwsrv-1277026.hostwindsdns.com 4.18.0-477.13.1.el8_8.x86_64 #1 SMP Tue May 30 14:53:41 EDT 2023 x86_64 User : viralblo ( 1001) PHP Version : 8.1.31 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/lib/python3.6/site-packages/firewall/core/io/__pycache__/ |
Upload File : |
3
K�]b��������������������@���s��d�ddgZ�ddljZddlZddlZddlZddlmZ�ddlm Z m
Z
�ddlm
Z
m
Z
m
Z
�ddlmZmZmZ�dd lmZmZmZmZmZmZ�dd
lmZ�dd
lm
Z
�dd
lm
Z
�dd
l
m Z �dd��Z dd��Z!dd��Z"dd��Z#G�dd���d�e�Z$G�dd��de�Z%d
dd�Z&d
dd�Z'dS�)
�Policy�
policy_reader�
policy_writer�����N)�config)�checkIP�checkIP6)�uniqify�max_policy_name_len�portStr)�DEFAULT_POLICY_TARGET�POLICY_TARGETS�DEFAULT_POLICY_PRIORITY)� IO_Object�IO_Object_ContentHandler�IO_Object_XMLGenerator�
check_port�
check_tcpudp�check_protocol)�rich)�log)�errors)�
FirewallErrorc���������� ���C���sn��|dkr
�n^|dkr�nR|dkr�|�j�r`|�j�jrJtjdt|�j����d|�_dS�tj|d��|�j�_dS�|d�|�jj kr�|�jj j
|d���ntjd|d����n�|dk�rN|�j�r�|�j�jr�tjdt|�j����d|�_dS�tj
|d�|d ��|�j�_dS�t
|d���t
|d ���t|d�d
�|d �f}||�jjk�r4|�jjj
|��ntjd
|d�|d ����n
|d k�r�|�j��r�|�j�j�r�tjdt|�j����d|�_dS�tj|d
��|�j�_nBt|d
���|d
�|�jjk�r�|�jjj
|d
���ntjd
|d
����n�|dk�rh|�j��r.|�j�j�rtjdt|�j����d|�_dS�tj|d��|�j�_dS�|d�|�jjk�rT|�jjj
|d���ntjd|d����n|dk�r�|�j��r�|�j�j�r�tjdt|�j����d|�_dS�tj|d��|�j�_dS�tjd|d����n�|dk�r2|�j��r|�j�j�rtjdt|�j����d|�_dS�tj��|�j�_n
|�jj�r&tjd��nd|�j_�n8|dk�r�d}d|k�rR|d�}d}d|k�rh|d�}|�j��r�|�j�j�r�tjdt|�j����d|�_dS�tj|d�|d �||�|�j�_dS�t
|d���t
|d ���|�r�t
|��|�r
t|�
��r
t|�
��r
tt
j
d|���t|d�d
�|d �t|d
�t|�f}||�jj
k�rL|�jj
j
|��n6tjd|d�|d �|�rld|�nd|�r|d|�nd���n�|d
k�r@|�j��r�|�j�j�r�tjdt|�j����d|�_dS�tj |d�|d ��|�j�_dS�t
|d���t
|d ���t|d�d
�|d �f}||�jj k�r&|�jj j
|��ntjd
|d�|d ����n*|d
k�r�|�j��sftjd ��d|�_dS�|�j�j!�r�tjd t|�j����dS�d!}d"|k�r�|d"�j"��dJk�r�d}tj#|d%�|�|�j�_!�n�|dKk�r�|�j��s�tjd*��d|�_dS�|�j�j$�rtjd+��d|�_dS�|d&k�r
tj%��|�j�_$nh|d'k�rNd�}d,|k�r>|d,�}tj&|�|�j�_$n8|d(k�rftj'��|�j�_$n |d)k�r�|d-�}tj(|�|�j�_$|�j�j$|�_)�n�|d.k�r4|�j��s�tjd/��dS�|�j�j�r�tjd0��dS�d�} d1|k�r�|d1�} | dLk�r�tjd:��d|�_dS�d;|k�r|d;�nd�}
tj*|
| �|�j�_|�j�j|�_)�n6|d<k�r�|�j��sTtjd=��dS�|�j�j+�rztjd>t|�j����d|�_dS�tj,��|�j�_+|�j�j+|�_)n�|d?k�rd�}
d@}
dA|k�r�|dA�}
|
dMk�r�tjdD|dA���d|�_dS�dE|k�r�t-|dE��}
tj.|
|
dF�|�_�nh|dGk�rf|�j)�s(tjdH��d|�_dS�|�j)j/�rNtjdIt|�j����d|�_dS�|d
�}
tj0|
�|�j)_/nd!S�dS�)NN�short�
description�servicez;Invalid rule: More than one element in rule '%s', ignoring.T�namez#Service '%s' already set, ignoring.�port�protocol�-z#Port '%s/%s' already set, ignoring.�valuez$Protocol '%s' already set, ignoring.z
icmp-blockz&icmp-block '%s' already set, ignoring.z icmp-typez-Invalid rule: icmp-block '%s' outside of rule�
masqueradez!Masquerade already set, ignoring.z
forward-port��zto-portzto-addrz#to-addr '%s' is not a valid addressz-Forward port %s/%s%s%s already set, ignoring.z >%sz @%sz
source-portz*Source port '%s/%s' already set, ignoring.�
destinationz)Invalid rule: Destination outside of rulez?Invalid rule: More than one destination in rule '%s', ignoring.F�invert�yes�true�address�accept�reject�drop�markz$Invalid rule: Action outside of rulez"Invalid rule: More than one action�type�setr���z!Invalid rule: Log outside of rulez Invalid rule: More than one log�level�emerg�alert�crit�error�warning�notice�info�debugz Invalid rule: Invalid log level�prefix�auditz#Invalid rule: Audit outside of rulez9Invalid rule: More than one audit in rule '%s', ignoring.�ruler����family�ipv4�ipv6z&Invalid rule: Rule family "%s" invalid�priority)r9���r<����limitz4Invalid rule: Limit outside of action, log and auditz9Invalid rule: More than one limit in rule '%s', ignoring.)r$���r%���)r'���r(���r)���r*���)r.���r/���r0���r1���r2���r3���r4���r5���)r:���r;���)1�_rule�elementr���r2����str�
_rule_errorr����
Rich_Service�item�services�append� Rich_Portr���r���r
����ports�
Rich_Protocolr���� protocols�Rich_IcmpBlock�
icmp_blocks�
Rich_IcmpType�Rich_Masquerader ����Rich_ForwardPortr���r���r���r����
INVALID_ADDR�
forward_ports�Rich_SourcePort�
source_portsr"����lowerZRich_Destination�action�
Rich_Accept�
Rich_Reject� Rich_Drop� Rich_Mark� _limit_okZRich_Logr7���Z
Rich_Audit�int� Rich_Ruler=���Z
Rich_Limit)�objr����attrs�entry�to_portZto_addrr#���Z_typeZ_setr-���r6���r9���r<���r �����r`����
/usr/lib/python3.6/policy.py�common_startElement���s����
rb���c�������������C���s����|dkr�|�j�s�y|�jj���W�n6�tk
rR�}�ztjd|t|�j���W�Y�d�d�}~X�nLX�t|�j�|�jjkr�|�jj j
|�j��|�jjj
t|�j���ntjdt|�j���d�|�_d|�_�n|d
kr�d�|�_
d�S�)
Nr8���z%s: %sz Rule '%s' already set, ignoring.Fr'���r(���r)���r*���r���r7���)r'���r(���r)���r*���r���r7���)
rA���r>���Zcheck� Exceptionr���r2���r@���rC���� rules_str�rulesrE���rY���)r\���r����er`���r`���ra����common_endElement��s
����&
rg���c�������������C���s���|dkrB|�j�rB|�j�j��}x$|D�]
}||kr
ttjd|���q
W��n@|dkrtx$|D�]
}t|d���t|d���qPW��n|dkr�x|D�]
}t|��q�W��n�|dkr�|�j�r�|�j�j��}x$|D�]
} | |kr�ttj d| ���q�W��n�|d k�r�x�|D�]�}
t|
d���t|
d���|
d
�
��r,|
d
�
��r,ttj
d
|
���|
d
��rBt|
d
���|
d
�r�t
|
d
��
�r�t
|
d
��
�r�ttj
d
|
d
����q�W��n�|dk�r�x�|D�]
}t|d���t|d����q�W�n�|dk�r�x�|D�]�}
tj|
d�}
|�j��r�|
j�r�t|
jtj��st|
jtj��r�|�j�j��}|
jj|k�r4ttj d|
jj���nH|
j�r�|�j�j|
jj�}
|
j�r�|
j|
jk�r�ttj d|
j|
jjf����q�W�d�S�)NrD���z '%s' not among existing servicesrG���r�������rI���rK���z"'%s' not among existing icmp typesrP�����������z$'%s' is missing to-port AND to-addr z#to-addr '%s' is not a valid addressrR���rd����
rich_rules)�rule_strz3rich rule family '%s' conflicts with icmp type '%s')rd���rk���)� fw_configZ
get_servicesr���r���ZINVALID_SERVICEr���r���r���Z
get_icmptypesZINVALID_ICMPTYPE�INVALID_FORWARDr���r���rO���r���r[���r?����
isinstancerJ���rL���r���r9���Z
get_icmptyper"���)r\���r���rC����
all_configZexisting_servicesr���r
����protoZexisting_icmptypesZicmptype�fwd_portr8���Zobj_richZictr`���r`���ra����common_check_config+��sp����
rs���c�������
������C���s���|�j�rF|�j�dkrF|jd��|jdi���|j|�j���|jd��|jd��|�jr�|�jdkr�|jd��|jdi���|j|�j��|jd��|jd��x6t|�j�D�](}|jd��|jdd|i��|jd��q�W�x@t|�j �D�]2}|jd��|jd|d �|d
�d
���|jd��q�W�x8t|�j
�D�]*}|jd��|jd
d
|i��|jd���qW�x8t|�j
�D�]*}|jd��|jdd|i��|jd���qLW�|�j
�r�|jd��|jdi���|jd��x�t|�j
�D�]�}|jd��|d �|d
�d
�}|d��r�|d�dk�r�|d�|d<�|d��r|d�dk�r|d�|d<�|jd|��|jd���q�W�xBt|�j�D�]4}|jd��|jd|d �|d
�d
���|jd���q>W��xH|�jD��]<}i�}|j�r�|j|d<�|jd k�r�t|j�|d<�|jd��|jd|��|jd��|j�rVi�}|jj�r�|jj|d<�|jj�r|jj|d<�|jj�r$|jj|d<�|jj�r6d
|d
<�|jd
��|jd |��|jd��|j�r�d|jji}|jj�r|d
|d
<�|jd
��|jd |��|jd��|j�rTd} i�}t|j�tj
k�r�d} |jj
|d<��nbt|j�tj
k�rd} |jj |d<�|jj |d
<��n0t|j�tj!k�r*d
} |jj"|d
<��n
t|j�tj#k�rBd} n�t|j�tj$k�rfd} |jj
|d<�n�t|j�tj%k�r�d!} |jj
|d<�n�t|j�tj&k�r�d} |jj |d<�|jj |d
<�|jj'dk�r�|jj'|d<�|jj(dk�r4|jj(|d<�nFt|j�tj)k�r
d} |jj |d<�|jj |d
<�nt*t+j,d"t|j����|jd
��|j| |��|jd��|j-�ri�}|j-j.�rv|j-j.|d#<�|j-j/�r�|j-j/|d$<�|j-j0�r�|jd
��|jd%|��|jd&��|jd'd
|j-j0j"i��|jd(��|jd%��n|jd
��|jd%|��|jd��|j1�r�i�}|j1j0�rd|jd
��|jd)i���|jd&��|jd'd
|j1j0j"i��|jd(��|jd)��n|jd
��|jd)|��|jd��|j2�r�d}
i�}t|j2�tj3k�r�d*}
n|t|j2�tj4k�r�d+}
|j2j�r(|j2j|d,<�nNt|j2�tj5k�r�d-}
n6t|j2�tj6k�rd.}
|j2j7|d/<�nt-j8d0t|j2���|j2j0�r~|jd
��|j|
|��|jd&��|jd'd
|j2j0j"i��|jd(��|j|
��n|jd
��|j|
|��|jd��|jd��|jd��|jd���q�W�d�S�)1Nr!���z r����
r���r���r���r
���r���rh���)r
���r
���r
���r ���z
icmp-blockr ���ri���zto-portrj���zto-addrz
forward-portz
source-portr9���r<���r8���r&����mac�ipset�Truer#���z �sourcer"���z icmp-typez"Unknown element '%s' in obj_writerr6���r-���r���z
r=���z
r7���r'���r(���r+���r)���r*���r,���zUnknown action '%s')9r����ignorableWhitespace�
startElementZ
characters�
endElementr���r���rD����
simpleElementrG���rI���rK���r ���rP���rR���re���r9���r<���r@���rx����addrru���rv���r#���r"���r?���r+���r���rB���r���rF���r
���r
���rH���r ���rM���rJ���rL���rN���r_����
to_addressrQ���r���r���ZINVALID_OBJECTr���r6���r-���r=���r7���rT���rU���rV���rW���rX���r,���r2���)
r\����handlerr���r
���r
���ZicmpZforwardr]���r8���r?���rT���r`���r`���ra����
common_writere��sZ���
r����c�������������������sJ��e�Zd�Zd6ZdZeZdgZd7d8d9d:d dgfd
d;gfd
dgfd<dd=gfddgfddgfdd>gfd?ddgfddgffZdddgZ dddgdgddgdgdgdddgddd
gd
gddgdddddd
gd
gdgdgd �Z
ddgd d!gd"dgd
d#d$d"d%gd$gd&d'gd(gd)�Z
��fd*d+�Z
d,d-��Z
��fd.d/�Z��fd0d1�Zd2d3��Z��fd4d5�Z���ZS�)@r���i����i���r����versionr!���r���r����targetrD���rG���rK���r ���FrP���rk���rI���rR���r<����
ingress_zones�
egress_zones�_r
����/Nr���r
���r
���r&���r ���r,���)r���r����policyr���r
���z
icmp-blockz icmp-typer ���z
forward-portr8���rx���r"���r
���z
source-portr���r7���r'���r(���r)���r*���r=���z
ingress-zonez
egress-zonezto-portzto-addrr9���ru���r#���rv���r6���r-���r+���)r����z
forward-portr8���rx���r"���r���r(���c����������������s����t�t|��j���d|�_d|�_d|�_t|�_g�|�_g�|�_ g�|�_
g�|�_
d|�_
g�|�_
g�|�_d�|�_g�|�_g�|�_d|�_|�j|�_d�|�_g�|�_g�|�_d�S�)Nr!���F)�superr����__init__r����r���r���r
���r����rD���rG���rI���rK���r ���rP���rR���rm���re���rd����applied�priority_defaultr<���Zderived_from_zoner����r����)�self)� __class__r`���ra���r����y��s(����zPolicy.__init__c�������������C���s����d|�_�d|�_d|�_t|�_|�jd�d��=�|�jd�d��=�|�jd�d��=�|�jd�d��=�d|�_ |�j
d�d��=�|�j
d�d��=�d�|�_
|�j
d�d��=�|�jd�d��=�d|�_|�j|�_|�jd�d��=�|�jd�d��=�d�S�)Nr!���F)r����r���r���r
���r����rD���rG���rI���rK���r ���rP���rR���rm���re���rd���r����r����r<���r����r����)r����r`���r`���ra����cleanup���s$����
zPolicy.cleanupc����������������s"���|dkr|�j�S�ttt|��|�S�d�S�)Nrk���)rd����getattrr����r���)r����r���)r����r`���ra����
__getattr__���s����zPolicy.__getattr__c����������������sB���|dkr,dd��|D��|�_�dd��|�j�D��|�_ntt|��j||��d�S�)Nrk���c�������������S���s���g�|�]}t�j|d���qS�))rl���)r���r[���)�.0�sr`���r`���ra����
<listcomp>���s����z&Policy.__setattr__.<locals>.<listcomp>c�������������S���s���g�|�]
}t�|��qS�r`���)r@���)r����r����r`���r`���ra���r�������s����)re���rd���r����r����
__setattr__)r����r���r ���)r����r`���ra���r�������s����zPolicy.__setattr__c�������
������C���s
��t�|�|||��|dkr2|tkr.ttjd|����n�|dkrz||�jksX||�jksX||�jk�rvttjd||�j|�j|�jf����n�|dk�rhddg}|�j r�||�j j
��7�}x�|D�]�}||kr�ttj
d |���|dkr�t
ddg�t
|�@���s�|d
k�rt
|�t
|g���rttj
d
|���|dkr�|dk�r8d|k�r8d|d�k�sT|dkr�d|kr�d|d�kr�ttj
d
��q�W��n�|d
k�r|�rd|k�r�d|d�k�r�ttj
d
��nxd|k�rd|d�k�r�ttj
d��xR|d�D�]F}|dk�rސq�|�j j
|�}|�j �r�d|�j j|�k�r�ttj
d���q�W��n�|dk�r4�x�|D��]�}tj|d�}|j�r�t|jtj��r�d|k�r|d|d�k�r|ttj
d
��nxd|k�r,d|d�k�r�ttj
d��xR|d�D�]F}|dk�r��q�|�j j
|�}|�j �r�d|�j j|�k�r�ttj
d���q�W��q,|j�r�t|jtj��r�d|k�r,d|d�k�r@|jj�r�ttjd��nt|d��r,|jj�s`ttjd��d|d�k�r,x�|d�D�]8}|�j j
|�}|�j �rxd|�j j|�k�rxttj
d���qxW�nv|j�r,t|jtj��r,d|k�r,xR|d�D�]F}|d
k�r�q�|�j j
|�}|�j �r�d|�j j|�k�r�ttj
d���q�W��q,W�n�|dk�rx�|D�]�} d|k�rnd|d�k�rnttj
d��n�d|k�rDd|d�k�r�| d��rttjd��nt|d��rD| d��s�ttjd��d|d�k�rDxD|d�D�]8}|�j j
|�}|�j �r�d|�j j|�k�r�ttj
d���q�W��qDW�d�S�)
Nr����z'%s' is invalid targetr<���zQ%d is invalid priority. Must be in range [%d, %d]. The following are reserved: %sr����r�����ANY�HOSTz
'%s' not among existing zonesz>'%s' may only contain one of: many regular zones, ANY, or HOSTzF'HOST' can only appear in either ingress or egress zones, but not bothr ���z.'masquerade' is invalid for egress zone 'HOST'z/'masquerade' is invalid for ingress zone 'HOST'Z
interfaceszR'masquerade' cannot be used in a policy if an ingress zone has assigned interfacesrk���)rl���zAA 'forward-port' with 'to-addr' is invalid for egress zone 'HOST'zC'forward-port' requires 'to-addr' if egress zone is 'ANY' or a zonezS'forward-port' cannot be used in a policy if an egress zone has assigned interfaceszR'mark' action cannot be used in a policy if an egress zone has assigned interfacesrP���z1'forward-port' is invalid for ingress zone 'HOST'rj���)r����r����)r����r����)r����r����)r����r����)rs���r
���r���r����INVALID_TARGET�priority_reserved�
priority_max�
priority_minZINVALID_PRIORITYrm���� get_zonesZ
INVALID_ZONEr,���Zget_zoneZget_zone_config_dictr���r[���r?���ro���rM���rN���r~���rn���rT���rX���)
r����r���rC���rp���Zexisting_zones�zoneZz_objr8���r\���rr���r`���r`���ra����
_check_config���s�����
"
zPolicy._check_configc����������������s����t�t|��j|��|jd�r,ttjd|���n�|jd�rHttjd|���n�|jd�dkrhttjd|���njd|kr�|d�|j d���}n|}t
|�t
��kr�ttjd|t
|�t
��f���|�j
r�||�j
j
��kr�ttjd��d�S�)Nr����z'%s' can't start with '/'z'%s' can't end with '/'rh���zmore than one '/' in '%s'z&Policy of '%s' has %d chars, max is %dz,Policies can't have the same name as a zone.)r����r����
check_name�
startswithr���r����
INVALID_NAME�endswith�count�find�lenr ���rm���r����Z
NAME_CONFLICT)r����r���Z
checked_name)r����r`���ra���r������s*����
zPolicy.check_namei����)r����r!���)r���r!���)r���r!���)r����r!���)r!���r!���)r ���F)r!���r!���r!���r!���)r!���r!���)r<���r���)�__name__�
__module__�
__qualname__r����r����r
���r����r����ZIMPORT_EXPORT_STRUCTUREZADDITIONAL_ALNUM_CHARSZ
PARSER_REQUIRED_ELEMENT_ATTRSZ
PARSER_OPTIONAL_ELEMENT_ATTRSr����r����r����r����r����r�����
__classcell__r`���r`���)r����ra���r���>��sp���
^c���������������@���s$���e�Zd�Zdd��Zdd��Zdd��ZdS�)�policy_ContentHandlerc�������������C���s"���t�j|�|��d�|�_d|�_d�|�_d�S�)NF)r���r����r>���rA���rY���)r����rC���r`���r`���ra���r����+��s����
z
policy_ContentHandler.__init__c�������������C���s���t�j|�||��|�jrd�S�|�jj||��t|�||�r6d�S�|dkr�d|krR|d�|�j_d|krjt|d��|�j_d|kr�|d�}|t kr�t
t
j
|��|r�||�j_
�n^|dkr�|d�|�jjkr�|�jjj|d���ntjd|d����n
|dk�r |d�|�jjk�r|�jjj|d���ntjd |d���n�|d
k�r�|�j�sFtjd
��d
|�_d�S�|�jj�rltjd
t|�j���d
|�_d�S�d}d|k�r�|d�j��dk�r�d
}d��}�}}d|k�r�|d�}d|k�r�|d�}d|k�r�|d�}tj||||d�|�j_d�S�tjd|��d�S�d�S�)Nr����r����r<���r����z
ingress-zoner���z(Ingress zone '%s' already set, ignoring.z
egress-zonez'Egress zone '%s' already set, ignoring.rx���z$Invalid rule: Source outside of ruleTz:Invalid rule: More than one source in rule '%s', ignoring.Fr#���r$���r%���r&���ru���rv���)r#���zUnknown XML element '%s')r$���r%���)r���rz���rA���rC���Zparser_check_element_attrsrb���r����rZ���r<���r
���r���r���r����r����r����rE���r���r2���r����r>���rx���r@���rS���r���Z
Rich_Source)r����r���r]���r����r#���r}���ru���rv���r`���r`���ra���rz���1��sf����
z"policy_ContentHandler.startElementc�������������C���s���t�j|�|��t|�|��d�S�)N)r���r{���rg���)r����r���r`���r`���ra���r{���q��s����
z policy_ContentHandler.endElementN)r����r����r����r����rz���r{���r`���r`���r`���ra���r����*��s���@r����Fc�������
������C���s��t���}|�jd�s ttjd|����|�d�d ��|_|s>|j|j��|�|_||_|j t
j
�rZdnd|_
|j
|_
t|�}tj��}|j|��d||�f�}t|d��b}tjd��}|j|��y|j|��W�n8�tjk
r��} �zttjd| j�����W�Y�d�d�} ~ X�nX�W�d�Q�R�X�~~|S�)
Nz.xmlz'%s' is missing .xml suffix����FTz%s/%s�rbznot a valid policy file: %s���)r���r����r���r���r����r���r�����filename�pathr����r����
ETC_FIREWALLDZbuiltin�defaultr�����saxZ
make_parserZsetContentHandler�openZ
InputSourceZ
setByteStream�parseZSAXParseExceptionZINVALID_POLICYZ
getException)
r����r����Z
no_check_namer����r����parserr����frx����msgr`���r`���ra���r���v��s6����
(c�������
������C���s���|r|n|�j�}|�jr$d||�jf�}nd||�jf�}tj�j|�r�ytj|d|���W�n0�tk
r��}�ztj d||��W�Y�d�d�}~X�nX�tj�j
|�}|j
t
j
�r�tj�j|�
�r�tj�jt
j
�s�tjt
j
d��tj|d��tj|ddd�}t|�}|j���i�}|�j�r|�jd k�r|�j|d
<�|�j|�jk�r0t|�j�|d
<�|�j|d
<�|jd
|��|jd��t|�|��x8t|�j
�D�]*} |jd��|j
dd| i��|jd���qfW�x8t|�j
�D�]*} |jd��|j
dd| i��|jd���q�W�|j d
��|jd��|j ���|j!���~d�S�)Nz%s/%sz %s/%s.xmlz%s.oldz
Backup of file '%s' failed: %si���ZwtzUTF-8)�mode�encodingr!���r����r<���r����r����rt���z z
ingress-zoner���z
egress-zone)"r����r����r����os�exists�shutilZcopy2rc���r���r1����dirnamer����r���r�����mkdir�ior����r���Z
startDocumentr����r<���r����r@���r����rz���ry���r����r���r����r|���r����r{���Z
endDocument�close)
r����r�����_pathr���r�����dirpathr����r���r]���r����r`���r`���ra���r������sN����
)F)N)(�__all__Zxml.saxr����r����r����r����Zfirewallr���Zfirewall.functionsr���r���r���r ���r
���Zfirewall.core.baser
���r
���r
���Zfirewall.core.io.io_objectr���r���r���r���r���r���Z
firewall.corer���Zfirewall.core.loggerr���r���Zfirewall.errorsr���rb���rg���rs���r����r���r����r���r���r`���r`���r`���ra����<module>���s2���
��:�Z�mL