Vhq.ddlmZmZmZddlmZddlmZmZddl m Z e Z dZ dZdZdZ ddlZej&j(Z ddlmZdd lmZdd lmZdZ eZej5Gdde#Z$y#eef$r>dZ dd lmZeZn#e$rdd lm Z e d ZYnwxYwejCYPwxYw#e"$rY[wxYw))absolute_importdivisionprint_function) LooseVersion)respawn_moduleHAS_RESPAWN_UTIL)missing_required_libNFT)FirewallClient)FirewallClientZoneSettings) FirewallError) Firewall_test)Firewall)offlinecheZdZdZ ddZdZdZdZdZdZ d Z d Z d Z d Z d ZedZy)FirewallTransactionzn FirewallTransaction This is the base class for all firewalld transactions we might want to have Nc V||_t|_||_|r||_n9trtj |_ntj |_||_||_||_ t|_|xsdg|_ |xsdg|_ g|_ d|_ d|_y)aq initializer the transaction :module: AnsibleModule, instance of AnsibleModule :action_args: tuple, args to pass for the action to take place :zone: str, firewall zone :desired_state: str, the desired state (enabled, disabled, etc) :permanent: bool, action should be permanent :immediate: bool, action should take place immediately :enabled_values: str[], acceptable values for enabling something (default: enabled) :disabled_values: str[], acceptable values for disabling something (default: disabled) enableddisabledN)modulefw action_argszone fw_offlineget_default_zonegetDefaultZone desired_state permanent immediateenabled_valuesdisabled_valuesmsgs enabled_msg disabled_msg) selfrrrrrrrr s p/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/ansible/posix/plugins/module_utils/firewalld.py__init__zFirewallTransaction.__init__;s  & DI//1 --/ *""$,; .>:,   c n ||S#t$r}dd|zvr|jjdt|jdkDr<|jj d|ddj |jn$|jj d |zYd }~y Yd }~y d }~wwxYw) z Function to wrap calls to make actions on firewalld in try/except logic and emit (hopefully) useful error messages INVALID_SERVICEz%szfServices are defined by port/tcp relationship and named as they are in /etc/services (on most systems)rzERROR: Exception caught:  z, msgzERROR: Exception caught: %sN) Exceptionr!appendlenr fail_jsonjoin)r$ action_funcaction_func_argses r%action_handlerz"FirewallTransaction.action_handlerjs  M 01 1 M!D1H,   "JK499~! %%<=tyy?ST& %%*G!*K%LL  Ms B4BB//B4c||jrj|jjj|j}t t |jjj|}||fS|jjj|j}|j}||fSN) rrconfigget_zonerr listget_zone_config getZoneByName getSettingsr$fw_zone fw_settingss r%get_fw_zone_settingsz(FirewallTransaction.get_fw_zone_settingss ??ggnn--dii8G4TWW^^33G<=K%%ggnn&44TYY?G!--/K%%r'c|jr1|jjj||jy|j |yr7)rrr8set_zone_configsettingsupdater>s r%update_fw_settingsz&FirewallTransaction.update_fw_settingss3 ?? GGNN * *7K4H4H I NN; 'r'ctr7NotImplementedErrorr$s r%get_enabled_immediatez)FirewallTransaction.get_enabled_immediate!!r'ctr7rHrJs r%get_enabled_permanentz)FirewallTransaction.get_enabled_permanentrLr'ctr7rHrJs r%set_enabled_immediatez)FirewallTransaction.set_enabled_immediaterLr'ctr7rHrJs r%set_enabled_permanentz)FirewallTransaction.set_enabled_permanentrLr'ctr7rHrJs r%set_disabled_immediatez*FirewallTransaction.set_disabled_immediaterLr'ctr7rHrJs r%set_disabled_permanentz*FirewallTransaction.set_disabled_permanentrLr'c( d|_|jrO|jrB|j|j|j }|j|j |j }|jjd|j|jvr|r|s2|jjr|jjd|s-|j|j|j d|_|s-|j|j|j d|_|jr|j r|jj|j n|j|j"vrm|s|r2|jjr|jjd|r-|j|j$|j d|_|r-|j|j&|j d|_|jr|j(r|jj|j(n|jr|js|j|j|j }|jjd|j|jvr|s_|jjr|jjd|j|j|j d|_|jr|j r|jj|j n|j|j"vrj|r_|jjr|jjd|j|j$|j d|_|jr|j(r|jj|j(n|jr|js|j|j |j }|jjd|j|jvr|s_|jjr|jjd|j|j|j d|_|jr|j r|jj|j n|j|j"vr|r_|jjr|jjd|j|j&|j d|_|jr1|j(r%|jj|j(|j|jfS)z run This function contains the "transaction logic" where as all operations follow a similar pattern in order to perform their action but simply call different functions to carry that action out. Fz0Permanent and Non-Permanent(immediate) operationT)changedzPermanent operationzNon-permanent operation)rXrrr5rNrrKr!r.rrr check_mode exit_jsonrRrPr"r rVrTr#)r$is_enabled_permanentis_enabled_immediate is_enableds r%runzFirewallTransaction.runs >>dnn#'#6#6**  $ $(#6#6**  $  II  O P!!T%8%88+3G{{-- --d-;+''22(($(DL+''22(($(DL<= 0.3.9 - found: {0}r+z0.2.11zAunsupported version of firewalld, requires >= 0.2.11 - found: {0}Fz;firewalld service must be running, or try with offline=truezfirewalld connection can't be established, installed version (%s) likely too old. Requires firewalld >= 0.2.11firewallzJ. Version 0.2.11 or newer required (0.3.9 or newer for offline operations)N) FW_VERSIONrrr0formatr connectedAttributeErrorimport_failurerrr )rs r% sanity_checkz FirewallTransaction.sanity_check$s *J',w*??  %y&A&ABL&M N  J',x*@@  %h%o%opz%{ | k<<5($$)f$g z*   (48DD    " k  &]_i&j k ks$C66"DD)NNFFNN)__name__ __module__ __qualname____doc__r&r5rArFrKrNrPrRrTrVr^ staticmethodrfrgr'r%rr4s` IMX\*!^M, &( """"""~)@r'r)% __future__rrr>ansible_collections.ansible.posix.plugins.module_utils.versionr?ansible_collections.ansible.posix.plugins.module_utils._respawnrransible.module_utils.basicr type __metaclass__rarrrefirewall.configr`r8VERSIONfirewall.clientr r firewall.errorsr rrdfirewall.core.fw_testr ModuleNotFoundErrorfirewall.core.fwrstart ImportErrorobjectrrgr'r%r}s A@Wl;      ((J.:-N   .N&N+ M *  ( ;B# ( 1$'B (  !"  sS.CA<< C BCB+(C*B++C>CCCC  C