HEX
Server: LiteSpeed
System: Linux cpir1.prohostdns.com 4.18.0-553.123.2.lve.el8.x86_64 #1 SMP Thu May 7 23:17:13 UTC 2026 x86_64
User: pelakir (2976)
PHP: 8.2.31
Disabled: exec, shell_exec, system, passthru, proc_open, proc_close, proc_terminate, proc_get_status, popen, pclose, pcntl_exec
Upload Files
File: //usr/lib/python3.6/site-packages/sshuttle/methods/__pycache__/ipfw.cpython-36.pyc
3

�f4_�!�@s:ddlZddlZddlmZddlmZmZmZm	Z	m
Z
dZy ddlZ
ee
jd�e
ZdZWnRek
r�y ddlZeejd�eZdZWnek
r�ddlZYnXYnXdZdZd	Zd
Zedkr�dd�Znedkr�d
d�Zndd�Zdd�ZiZdd�Zdd�ZgZddd�Zdd�Zdd�ZGdd�de�ZdS)�N)�
BaseMethod)�log�debug1�debug3�Fatal�family_to_string�recvmsg�python�
socket_ext���)�JcCsztd�|jdtjd��\}}}}d}xH|D]@\}}}	|tjkr,|tkr,d}
tjtj|	dd��}||
f}Pq,W|||fS)Nz!Accept UDP python using recvmsg.
i��5r)rr�socket�
CMSG_SPACE�SOL_IP�IP_RECVDSTADDR�	inet_ntop�AF_INET)�listener�bufsize�dataZancdata�_�srcip�dstip�
cmsg_level�	cmsg_type�	cmsg_data�port�ip�r"�/usr/lib/python3.6/ipfw.py�recv_udpsr$c
Cs�td�|j|ftjd��\}}}}d}xH|D]@}|jtjkr.|jtkr.d}tjtj	|j
dd��}	|	|f}Pq.W|||dfS)Nz%Accept UDP using socket_ext recvmsg.
rrr)rrrrrrrrrrr)
rrrrZadatarr�ar r!r"r"r#r$+s
cCs td�|j|�\}}|d|fS)NzAccept UDP using recvfrom.
)rZrecvfrom)rrrrr"r"r#r$8scCs�ddg}tjddd�}tj|tj|d�}d}xL|jD]B}|jd|�r6d	|kpVd
|ksttd|j��t	d|��d
}q6W|j
�}|r�t	d||f��|S)N�ipfw�list�PATH�C)r(�LC_ALL)�stdout�envFs%05d zipttl 63zcheck-stateznon-sshuttle ipfw rule: %r
z*non-sshuttle ipfw rule #%d already exists!Tz%r returned %d)�os�environ�ssubprocess�Popen�PIPEr+�
startswithr�stripr�wait)�n�argvr,�p�found�line�rvr"r"r#�ipfw_rule_exists>sr;cCs�d|g}tjddd�}tj|tj|d�}xJ|jD]@}|j�}|ddksNt�|dd�jdd�\}}|j	�t
|<q2W|j�}|r�td	||f��|s�td
|f��dS)
N�sysctlr(r))r(r*)r+r,��
z: z%r returned %dz%r returned no data���r?)
r-r.r/r0r1r+�decode�AssertionError�splitr3�_oldctlsr4r)�prefixr6r,r7r9�k�vr:r"r"r#�
_fill_oldctlsVsrGcCs:ddd||fg}tddj|��tj|ttjd�d�S)Nr<z-wz%s=%sz>> %s
� �w)r+)r�joinr/�call�openr-�devnull)�name�valr6r"r"r#�_sysctl_setisrPFcCs�d}|j|d�st�t|�}ts*t|�|tkrBtd|�dSt|}||kr�t||�}|dkr�|r�td�tdd�}|jd	||f�|j	�n
t
j|�d
SdS)Nznet.inet.ip�.z>> No such sysctl: %r
Frz/>>   ...saving permanently in /etc/sysctl.conf
z/etc/sysctl.confr%z
# Added by sshuttle
%s=%s
T)r2rA�strrCrGrrPrL�write�close�_changedctls�append)rNrOZ	permanentZPREFIX�oldvalr:�fr"r"r#�
sysctl_setss&



rYcGsDddgt|�}tddj|��tj|�}|r@td||f��dS)Nr&z-qz>> %s
rHz%r returned %d)r'rrJr/rKr)�argsr6r:r"r"r#r&�s

r&cGs0ddgt|�}tddj|��tj|�dS)Nr&z-qz>> %s
rH)r'rrJr/rK)rZr6r"r"r#�ipfw_noexit�sr[csLeZdZ�fdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	�Z
S)�Methodcs$tt|�j�}d|_d|_d|_|S)NFT)�superr\�get_supported_featuresZipv6�udpZdns)�self�result)�	__class__r"r#r^�s
zMethod.get_supported_featurescCs|j�S)N)Zgetsockname)r`�sockr"r"r#�
get_tcp_dstip�szMethod.get_tcp_dstipcCs0t||�\}}}|s&td|f�dS|||fS)NzB-- ignored UDP from %r: couldn't determine destination IP address
)r$r)r`�udp_listenerrrrrr"r"r#r$�s
zMethod.recv_udpcCs�|std|f�dStj|jtj�}|jtjtd�|jtjtjd�|jtjtj	d�|jtjtj
d�|j|�|j||�|j
�dS)Nz;-- ignored UDP to %r: couldn't determine source IP address
r=�?)rr�familyZ
SOCK_DGRAM�
setsockoptr�
IP_BINDANYZ
SOL_SOCKETZSO_REUSEADDRZSO_REUSEPORTZIP_TTLZbindZsendtorT)r`rcrrrZsenderr"r"r#�send_udp�s

zMethod.send_udpcCs |jdk	r|jjtjtd�dS)Nr=)Zv4rhrrr)r`rer"r"r#�setup_udp_listener�s
zMethod.setup_udp_listenercs��tjgkrtdt����tdd�x"trHtj�}t|}	t||	�q(W|sR|r\t	dd�t
ddddd	d
dd
�t
dddd
dd	d
dd�	t
dddd|dd	d
ddddddd�tddd�d}
x8�fdd�|D�D]"\}}t
dddd|�|
d7}
q�W|
dk�r&t
dddd|dd	d
dd ddd�t
ddd!dd	d
dd
dd�
|�r�xVt|d"d#�d$d%�D]*\}}
}}|�rZt
dd&dd'||
f��qZWt
dd(dd'||
f�dS))Nz3Address family "%s" unsupported by ipfw method_name�delete�1znet.inet.ip.fw.enabler=�addzcheck-stater!�from�anyZtoZskipto�2Ztcpz
table(125)Zfwdz127.0.0.1,%dz
table(126)�notZipttlZ63z
keep-stateZsetup�table�124�flushrcsg|]}|d�kr|�qS)rr")�.0�i)rgr"r#�
<listcomp>�sz)Method.setup_firewall.<locals>.<listcomp>z%sr_z
table(124)ZallowcSs|dS)Nr=r")�sr"r"r#�<lambda>�sz'Method.setup_firewall.<locals>.<lambda>T)�key�reverse�125z%s/%s�126)rr�	Exceptionrr[rU�poprCrPrYr&�sorted)r`r ZdnsportZnslistrgZsubnetsr_�userrNrWZdnscountrr!ZswidthZsexcludeZsnetr")rgr#�setup_firewall�sR





zMethod.setup_firewallcCsN|tjgkrtdt|���tdd�tddd�tddd�tddd�dS)	Nz0Address family "%s" unsupported by tproxy methodrlrmrsrtrur}r~)rrrrr[)r`r rgr_r�r"r"r#�restore_firewall�s
zMethod.restore_firewall)�__name__�
__module__�__qualname__r^rdr$rjrkr�r��
__classcell__r"r")rbr#r\�s	7r\)F) r-�
subprocessr/Zsshuttle.methodsrZsshuttle.helpersrrrrrrrZpythonsocket�getattr�AttributeErrorr
�ImportErrorrirZSOL_IPV6ZIPV6_RECVDSTADDRr$r;rCrGrPrUrYr&r[r\r"r"r"r#�<module>sF