File: //lib/python3.6/site-packages/sshuttle/methods/__pycache__/nat.cpython-36.pyc
3
7��]� � @ sX d dl Z d dlmZ d dlmZ d dlmZmZmZm Z d dl
mZ G dd� de�ZdS )� N)�
subnet_weight)�family_to_string)�ipt�ipt_ttl�ipt_chain_exists�nonfatal)�
BaseMethodc s, e Zd Zdd� Zdd� Z� fdd�Z� ZS )�Methodc s � t jkrtdt� � ��|r&td��d�� �fdd�}� �fdd�} � fdd �}
d
| }| j|� ||� |d|� |d|� |d k r�|
d
dddddt|�dddt|�� dddt|�d|f}nd|f}|d.|�� |d/|�� |d|ddddddddd � |d|dddddddd dd!d"�
x�t|td#d$�D ]�\}
}}}}}d0}|�rZ|d!d&||f f }|�r�|d|ddd'd(||f f|�� n,| d|dd)d'd(||f f|d*t|�f �� �q,W xF� fd+d,�|D �D ]0\}
}| d|dd)d'd-| dd d!d"d*t|�� �q�W d S )1Nz2Address family "%s" unsupported by nat method_namez$UDP not supported by nat method_name�natc s t � �f| �� S )N)r )�args)�family�table� �/usr/lib/python3.6/nat.py�_ipt s z#Method.setup_firewall.<locals>._iptc s t � �f| �� S )N)r )r )r r
r r �_ipt_ttl s z'Method.setup_firewall.<locals>._ipt_ttlc s t � df| �� S )N�mangle)r )r )r r r �_ipm! s z#Method.setup_firewall.<locals>._ipmzsshuttle-%sz-Nz-F�-I�OUTPUT�1z-m�ownerz--uid-ownerz-j�MARKz
--set-mark�markz--mark�
PREROUTINGz-AZRETURNZaddrtypez
--dst-typeZLOCAL�!�-p�udpz--dportZ53T)�key�reverse�tcpz%d:%dz--destz%s/%sZREDIRECTz
--to-portsc s g | ]}|d � kr|�qS )r r )�.0�i)r r r �
<listcomp>Q s z)Method.setup_firewall.<locals>.<listcomp>z%s/32)r r r )r r r )r r )�socket�AF_INET� Exceptionr �restore_firewall�str�sortedr )�self�portZdnsportZnslistr Zsubnetsr �userr r r �chainr �_ZswidthZsexcludeZsnetZfportZlportZ tcp_portsZipr )r r
r �setup_firewall s^
zMethod.setup_firewallc
s� � t jkrtdt� � ��|r&td��d�� �fdd�}� �fdd�}� fdd �}d
| }t� �|�r�|d k r�t|ddd
ddt|�dddt|�� d
ddt|�d|f} nd|f} t|ddf| �� t|ddf| �� t|d|� |d|� d S )Nz2Address family "%s" unsupported by nat method_namez$UDP not supported by nat method_namer
c s t � �f| �� S )N)r )r )r r
r r r c s z%Method.restore_firewall.<locals>._iptc s t � �f| �� S )N)r )r )r r
r r r f s z)Method.restore_firewall.<locals>._ipt_ttlc s t � df| �� S )Nr )r )r )r r r r i s z%Method.restore_firewall.<locals>._ipmzsshuttle-%sz-Dr z-mr z--uid-ownerz-jr z
--set-markr z--markr z-Fz-X)r$ r% r&