HEX
Server: LiteSpeed
System: Linux cpir1.prohostdns.com 4.18.0-553.123.2.lve.el8.x86_64 #1 SMP Thu May 7 23:17:13 UTC 2026 x86_64
User: pelakir (2976)
PHP: 8.2.31
Disabled: exec, shell_exec, system, passthru, proc_open, proc_close, proc_terminate, proc_get_status, popen, pclose, pcntl_exec
Upload Files
File: //usr/lib/python3.6/site-packages/sshuttle/methods/__pycache__/ipfw.cpython-36.opt-1.pyc
3

�f4_�!�@s:ddlZddlZddlmZddlmZmZmZm	Z	m
Z
dZy ddlZ
ee
jd�e
ZdZWnRek
r�y ddlZeejd�eZdZWnek
r�ddlZYnXYnXdZdZd	Zd
Zedkr�dd�Znedkr�d
d�Zndd�Zdd�ZiZdd�Zdd�ZgZddd�Zdd�Zdd�ZGdd�de�ZdS)�N)�
BaseMethod)�log�debug1�debug3�Fatal�family_to_string�recvmsg�python�
socket_ext���)�JcCsztd�|jdtjd��\}}}}d}xH|D]@\}}}	|tjkr,|tkr,d}
tjtj|	dd��}||
f}Pq,W|||fS)Nz!Accept UDP python using recvmsg.
i��5r)rr�socket�
CMSG_SPACE�SOL_IP�IP_RECVDSTADDR�	inet_ntop�AF_INET)�listener�bufsize�dataZancdata�_�srcip�dstip�
cmsg_level�	cmsg_type�	cmsg_data�port�ip�r"�/usr/lib/python3.6/ipfw.py�recv_udpsr$c
Cs�td�|j|ftjd��\}}}}d}xH|D]@}|jtjkr.|jtkr.d}tjtj	|j
dd��}	|	|f}Pq.W|||dfS)Nz%Accept UDP using socket_ext recvmsg.
rrr)rrrrrrrrrrr)
rrrrZadatarr�ar r!r"r"r#r$+s
cCs td�|j|�\}}|d|fS)NzAccept UDP using recvfrom.
)rZrecvfrom)rrrrr"r"r#r$8scCs�ddg}tjddd�}tj|tj|d�}d}xL|jD]B}|jd|�r6d	|kpVd
|ksttd|j��t	d|��d
}q6W|j
�}|r�t	d||f��|S)N�ipfw�list�PATH�C)r(�LC_ALL)�stdout�envFs%05d zipttl 63zcheck-stateznon-sshuttle ipfw rule: %r
z*non-sshuttle ipfw rule #%d already exists!Tz%r returned %d)�os�environ�ssubprocess�Popen�PIPEr+�
startswithr�stripr�wait)�n�argvr,�p�found�line�rvr"r"r#�ipfw_rule_exists>sr;cCs�d|g}tjddd�}tj|tj|d�}x:|jD]0}|j�}|dd
�jdd�\}}|j�t	|<q2W|j
�}|r�td||f��|s�td	|f��dS)N�sysctlr(r))r(r*)r+r,�z: z%r returned %dz%r returned no data���)r-r.r/r0r1r+�decode�splitr3�_oldctlsr4r)�prefixr6r,r7r9�k�vr:r"r"r#�
_fill_oldctlsVsrEcCs:ddd||fg}tddj|��tj|ttjd�d�S)Nr<z-wz%s=%sz>> %s
� �w)r+)r�joinr/�call�openr-�devnull)�name�valr6r"r"r#�_sysctl_setisrNFcCs�d}t|�}tst|�|tkr0td|�dSt|}||kr�t||�}|dkr�|r�td�tdd�}|jd||f�|j�n
tj	|�d	SdS)
Nznet.inet.ipz>> No such sysctl: %r
Frz/>>   ...saving permanently in /etc/sysctl.conf
z/etc/sysctl.confr%z
# Added by sshuttle
%s=%s
T)
�strrArErrNrJ�write�close�_changedctls�append)rLrMZ	permanentZPREFIX�oldvalr:�fr"r"r#�
sysctl_setss$



rVcGsDddgt|�}tddj|��tj|�}|r@td||f��dS)Nr&z-qz>> %s
rFz%r returned %d)r'rrHr/rIr)�argsr6r:r"r"r#r&�s

r&cGs0ddgt|�}tddj|��tj|�dS)Nr&z-qz>> %s
rF)r'rrHr/rI)rWr6r"r"r#�ipfw_noexit�srXcsLeZdZ�fdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	�Z
S)�Methodcs$tt|�j�}d|_d|_d|_|S)NFT)�superrY�get_supported_featuresZipv6�udpZdns)�self�result)�	__class__r"r#r[�s
zMethod.get_supported_featurescCs|j�S)N)Zgetsockname)r]�sockr"r"r#�
get_tcp_dstip�szMethod.get_tcp_dstipcCs0t||�\}}}|s&td|f�dS|||fS)NzB-- ignored UDP from %r: couldn't determine destination IP address
)r$r)r]�udp_listenerrrrrr"r"r#r$�s
zMethod.recv_udpcCs�|std|f�dStj|jtj�}|jtjtd�|jtjtjd�|jtjtj	d�|jtjtj
d�|j|�|j||�|j
�dS)Nz;-- ignored UDP to %r: couldn't determine source IP address
r=�?)rr�familyZ
SOCK_DGRAM�
setsockoptr�
IP_BINDANYZ
SOL_SOCKETZSO_REUSEADDRZSO_REUSEPORTZIP_TTLZbindZsendtorQ)r]r`rrrZsenderr"r"r#�send_udp�s

zMethod.send_udpcCs |jdk	r|jjtjtd�dS)Nr=)Zv4rerrr)r]rbr"r"r#�setup_udp_listener�s
zMethod.setup_udp_listenercs��tjgkrtdt����tdd�x"trHtj�}t|}	t||	�q(W|sR|r\t	dd�t
ddddd	d
dd
�t
dddd
dd	d
dd�	t
dddd|dd	d
ddddddd�tddd�d}
x8�fdd�|D�D]"\}}t
dddd|�|
d7}
q�W|
dk�r&t
dddd|dd	d
dd ddd�t
ddd!dd	d
dd
dd�
|�r�xVt|d"d#�d$d%�D]*\}}
}}|�rZt
dd&dd'||
f��qZWt
dd(dd'||
f�dS))Nz3Address family "%s" unsupported by ipfw method_name�delete�1znet.inet.ip.fw.enabler=�addzcheck-stater!�from�anyZtoZskipto�2Ztcpz
table(125)Zfwdz127.0.0.1,%dz
table(126)�notZipttlZ63z
keep-stateZsetup�table�124�flushrcsg|]}|d�kr|�qS)rr")�.0�i)rdr"r#�
<listcomp>�sz)Method.setup_firewall.<locals>.<listcomp>z%sr\z
table(124)ZallowcSs|dS)Nr=r")�sr"r"r#�<lambda>�sz'Method.setup_firewall.<locals>.<lambda>T)�key�reverse�125z%s/%s�126)rr�	ExceptionrrXrR�poprArNrVr&�sorted)r]r ZdnsportZnslistrdZsubnetsr\�userrLrTZdnscountrr!ZswidthZsexcludeZsnetr")rdr#�setup_firewall�sR





zMethod.setup_firewallcCsN|tjgkrtdt|���tdd�tddd�tddd�tddd�dS)	Nz0Address family "%s" unsupported by tproxy methodrirjrprqrrrzr{)rrr|rrX)r]r rdr\rr"r"r#�restore_firewall�s
zMethod.restore_firewall)�__name__�
__module__�__qualname__r[rar$rgrhr�r��
__classcell__r"r")r_r#rY�s	7rY)F) r-�
subprocessr/Zsshuttle.methodsrZsshuttle.helpersrrrrrrrZpythonsocket�getattr�AttributeErrorr
�ImportErrorrfrZSOL_IPV6ZIPV6_RECVDSTADDRr$r;rArErNrRrVr&rXrYr"r"r"r#�<module>sF