a qéqeã@s~ddlZddlmZmZddlmZmZmZmZddl m Z ddl m Z ddl mZmZmZddlmZGd d „d e e ƒZdS) éN)Ú IPPROTO_TCPÚ IPPROTO_UDP)ÚIterableÚOptionalÚTupleÚUnioné)Ú MatchContext)Ú PolicyQuery)ÚPortconÚ PortconRangeÚPortconProtocol)Ú match_rangecsúeZdZUdZdZeeed<dZee ed<dZ e ed<dZ e ed<dZ e ed<dZe ed <eee d œd d „ƒZejeeeefdd œdd „ƒZeeed œdd„ƒZejeeeefdd œdd„ƒZdd œ‡fdd„ Zeed œdd„Z‡ZS)Ú PortconQuerya_ Port context query. Parameter: policy The policy to query. Keyword Parameters/Class attributes: protocol The protocol to match (socket.IPPROTO_TCP for TCP or socket.IPPROTO_UDP for UDP) ports A 2-tuple of the port range to match. (Set both to the same value for a single port) ports_subset If true, the criteria will match if it is a subset of the portcon's range. ports_overlap If true, the criteria will match if it overlaps any of the portcon's range. ports_superset If true, the criteria will match if it is a superset of the portcon's range. ports_proper If true, use proper superset/subset operations. No effect if not using set operations. user The criteria to match the context's user. user_regex If true, regular expression matching will be used on the user. role The criteria to match the context's role. role_regex If true, regular expression matching will be used on the role. type_ The criteria to match the context's type. type_regex If true, regular expression matching will be used on the type. range_ The criteria to match the context's range. range_subset If true, the criteria will match if it is a subset of the context's range. range_overlap If true, the criteria will match if it overlaps any of the context's range. range_superset If true, the criteria will match if it is a superset of the context's range. range_proper If true, use proper superset/subset operations. No effect if not using set operations. NÚ _protocolÚ_portsFÚ ports_subsetÚ ports_overlapÚports_supersetÚ ports_proper)ÚreturncCs|jS©N)r©Úself©rú:/usr/lib64/python3.9/site-packages/setools/portconquery.pyÚportsDszPortconQuery.ports)ÚvaluercCsb|rXt|Ž}t|ƒr^|jdks(|jdkr6td |¡ƒ‚|j|jkrPtd |¡ƒ‚||_nd|_dS)Nrz/Port numbers must be positive: {0.low}-{0.high}zAThe low port must be smaller than the high port: {0.low}-{0.high})r ÚallZlowZhighÚ ValueErrorÚformatr)rrZ pending_portsrrrrHsÿ ÿÿcCs|jSr)rrrrrÚprotocol[szPortconQuery.protocolcCs|rt |¡|_nd|_dSr)r Úlookupr)rrrrrr!_sc s(tt|ƒj|fi|¤Žt t¡|_dSr)ÚsuperrÚ__init__ÚloggingZ getLoggerÚ__name__Úlog)rÚpolicyÚkwargs©Ú __class__rrr$fszPortconQuery.__init__ccs¤|j d |¡¡|j d |¡¡|j d |¡¡| |j¡|j ¡D]R}|jrvt|j|j|j |j |j |j ƒsvqL|j rŠ|j |j krŠqL| |j¡s˜qL|VqLdS)z-Generator which yields all matching portcons.z*Generating portcon results from {0.policy}z~Ports: {0.ports}, overlap: {0.ports_overlap}, subset: {0.ports_subset}, superset: {0.ports_superset}, proper: {0.ports_proper}zProtocol: {0.protocol!r}N)r'Úinfor ÚdebugZ_match_context_debugr(Zportconsrrrrrrr!Z_match_contextÚcontext)rZportconrrrÚresultsjs* þ ú zPortconQuery.results)r&Ú __module__Ú __qualname__Ú__doc__rrr Ú__annotations__rr rÚboolrrrÚpropertyrÚsetterrÚintr!rÚstrr$rr r/Ú __classcell__rrr*rrs" ,    r)r%ZsocketrrÚtypingrrrrZmixinsr Úqueryr Z policyrepr r r ÚutilrrrrrrÚs