HEX
Server: LiteSpeed
System: Linux cpir1.prohostdns.com 4.18.0-553.123.2.lve.el8.x86_64 #1 SMP Thu May 7 23:17:13 UTC 2026 x86_64
User: pelakir (2976)
PHP: 8.2.31
Disabled: exec, shell_exec, system, passthru, proc_open, proc_close, proc_terminate, proc_get_status, popen, pclose, pcntl_exec
Upload Files
File: //lib/python3.6/site-packages/sshuttle/methods/__pycache__/nft.cpython-36.pyc
3

�f4_��@sDddlZddlmZddlmZmZddlmZGdd�de�ZdS)�N)�
subnet_weight)�nft�nonfatal)�
BaseMethodc@seZdZdd�Zdd�ZdS)�Methodc
s�|rtd��d|���fdd�}�}	|dd�|ddd	�|dd
d�|d|	�|d|	�|d
d|	�|d
d|	�x�t|tdd�D]�\}
}}}
}}d!}|r�||kr�|ddd||ff}n|r�||kr�|ddd|f}|�r|d
|	f|d|
|fdf��q�|d
|	f|d|
|fddt|�f��q�Wxv�fdd�|D�D]`\}
}�tjk�r||d
|	d|dddt|��n*�tjk�rH|d
|	d |dddt|���qHWdS)"NzUDP not supported by nftzsshuttle-%scst��|f|��S)N)r)�action�args)�family�table��/usr/lib/python3.6/nft.py�_nftsz#Method.setup_firewall.<locals>._nftz	add table�z	add chainZ
preroutingz:{ type nat hook prerouting priority -100; policy accept; }�outputz6{ type nat hook output priority -100; policy accept; }zflush chainzadd rulezoutput jump %szprerouting jump %sT)�key�reverse�ip�protocol�tcpZdportz	{ %d-%d }z%dzip daddr %s/%s�returnzip ttl != 63z
redirect to :csg|]}|d�kr|�qS)rr)�.0�i)r	rr�
<listcomp>8sz)Method.setup_firewall.<locals>.<listcomp>zip protocol udp ip daddr %szudp dport { 53 }zip6 protocol udp ip6 daddr %s)rrr)�	Exception�sortedr�str�socketZAF_INETZAF_INET6)�self�portZdnsportZnslistr	Zsubnets�udp�userr
�chain�_ZswidthZsexcludeZsnetZfportZlportZ	tcp_portsrr)r	r
r�setup_firewallsJ




zMethod.setup_firewallcs2|rtd��d|���fdd�}t|dd�dS)Nz$UDP not supported by nft method_namezsshuttle-%scst��|f|��S)N)r)rr)r	r
rrr
Hsz%Method.restore_firewall.<locals>._nftzdelete tabler)rr)rrr	rr r
r)r	r
r�restore_firewallBs
zMethod.restore_firewallN)�__name__�
__module__�__qualname__r#r$rrrrrs4r)	rZsshuttle.firewallrZsshuttle.linuxrrZsshuttle.methodsrrrrrr�<module>s