One Hat Cyber Team

Your IP : 13.58.214.82

Server IP : 192.145.235.60

Server : Linux ngx365.inmotionhosting.com 5.14.0-427.33.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Aug 30 09:45:56 EDT 2024 x86_64

Server Software : Apache

PHP Version : 8.2.27

Buat File | Buat Folder

Dir : ~/opt/support/lib/__pycache__/

Edit File: firewall_tools.cpython-39.pyc

a

������g�����������������������@���s����d�dl�mZmZ�d�dlmZ�d�dlZd�dlZd�dlZd�dlm	Z	m
Z
mZ�d�dlm
Z
mZ�d�dlmZ�eed�ed�eeeeef��ef�f�d	�d
d�Zdd
��Zeed�d�dd�Zeeeef��ejeeeedf�f�d�dd�Zejed�dd�ZdS�)�����)�Union�Literal)�PathN)�err_exit�print_listed�warn)�is_exe�which)�yellow)�APF�CSF�ipset+fail2ban)�/usr/local/sbin/apf�
/usr/sbin/csfN)�returnc������������������C���s����t�d�rd}�td�}d}n@t�d�r4d}�td�}d}n&t�d�rRtd�rRd	}d
}d
}�ntd��|d
u�rntt���}n4z|jdd
�}W�n"�ty����td|��d���Y�n0�||�|fS�)a���Yields a tuple of fw_name, fw_command, fw_data.
    fw_name will be "APF", "CSF", or "ipset+fail2ban".

If fw_name was "APF" or "CSF", fw_command will be the path to its exe.

If fw_name was "APF" or "CSF", fw_data will be the contents of its deny
    file. Otherwise, fw_data will be a list of dicts containing "listname"
    and "ip".

Returns:
        tuple[str, str | None, list[dict[str, str] | None]]: see above
    r���z/etc/apf/deny_hosts.rulesr���r���z/etc/csf/csf.denyr���z#/opt/imh-python/bin/fail2ban-client�ipsetr
���NzCannot identify firewall�utf-8��encodingzCannot read z. Firewall is misconfigured.)r���r���r	���r����list�read_ipset_save�	read_text�FileNotFoundError)Zfw_cmdZ	deny_file�nameZ	deny_data��r����#./opt/support/lib/firewall_tools.py�fw_info���s(����r���c������������������c���sn���t��d�}�tjddgdtjdd��8}|jD�] }|��|�����}r*|���V��q*W�d�����n1�s`0����Y��d�S�)Nz4add (?P<listname>[a-zA-Z0-9\-_]+) (?P<ip>[0-9\./]+)$r���Zsaver���T)r����stdoutZuniversal_newlines)	�re�compile�
subprocess�Popen�PIPEr����match�rstrip�	groupdict)Zirgx�proc�liner#���r���r���r���r���5���s����
�
r���)�ACCEPTZDROPZDENY�UNKNOWN)�listnamer���c��������������	���C���sx���zt�jddgdd�}W�n �tt�jfy6���td��Y�n0�dd��|���D��}|D�]$}|�|���d�krN|���d	���S�qNd
S�)z;Check whether an ipset list is set to ACCEPT, DROP, or DENY�iptables�-nLr���r���z1Failed to execute iptables to determine list typec�����������������S���s���g�|�]}|��d��dkr|�qS�)z	match-setr���)�find)�.0�xr���r���r����
<listcomp>L��������z%ipset_list_action.<locals>.<listcomp>����r���r)���)r ����check_output�OSError�CalledProcessErrorr����
splitlines�split)r*���r+���Zipt_dataZtliner���r���r����ipset_list_actionB���s�����
r8���)�fw_data�ipaddrr���c��������������	���C���s����d}|�D�]F}z(|t��|d��v�}|r2|d�}W��qPW�q�t�jyL���Y�qY�q0�qt|�}|slt|dd��dS�t|dd|��d	|��d
���|dkr�t|��d�td
��dS�|�d�r�td|�dd�td
��||�dd�fS�|dfS�)a���Check deny_data ``fw_info()`` for an IP address. If found, return whether
    it's blocked and in what fail2ban list if it was automatically blocked

Args:
        fw_data (list[dict[str, str]]): third arg returned by ``fw_info()``
        ipaddr (netaddr.IPAddress): IP address to check

Returns:
        tuple[bool, str | None]]: if blocked and in what fail2ban list if any
    NZipr*���Fzany ipset or fail2ban list)FNTzthe � z listr(���z# is NOT BLOCKED. It is whitelisted.)Zcolorzf2b-z*Automatically blocked by fail2ban in jail:��)	�netaddrZ	IPNetworkZAddrFormatErrorr8���r���r���r
����
startswith�replace)r9���r:���Z	list_nameZtnetZlistedZlist_actionr���r���r����ipset_fail2ban_checkS���s2����

�r@���)r:���r���c��������������	���C���sf���zt�jddgdd�}W�n �tt�jfy6���td��Y�n0�|���D�] }|�d�s@t|��|v�r@�dS�q@dS�)	zTSearch iptables -nL for a line containing an IP which does not start with
    ACCEPTr+���r,���r���r���zcould not run iptables -nLr(���TF)r ���r3���r4���r5���r���r6���r>����str)r:���r9���r'���r���r���r����check_iptables{���s����rB���)�typingr���r����pathlibr���r���r ���r=����outputr���r���r���Zrun_cmdr���r	���Z
rads.colorr
����tupler����dictrA���r���r���r8���Z	IPAddress�boolr@���rB���r���r���r���r����<module>���s*�����*��(