o(d=ddlZddlZddlZddlmZddlmZddlmZm Z m Z ddl m Z ddl mZmZmZddlmZddlmZdd lmZdd lmZdd lmZdd lmZdd lmZm Z ddl!m"Z"ej#e$Z%dZ&dZ'dZ(dZ)edZ*Gdde+Z,de-fdZ.dZ/de-fdZ0dZ1dZ2dZ3dZ4dZ5dZ6de e7e7ffd Z8de e7fd!Z9ej:fd"ede e7fd#Z;dee7e7ffd$ZMs '((0022J"H->I9oo 999011q89sA A$AA$cpK|r1tdtgd{VdSdS)zhUpdates whitelists for webshield and reloads service. Should be run after static whitelist updates.zUUpdating webshield internal whitelist using imunify360-webshield-compose-lists scriptN)loggerinfo compose_lists)_ is_updateds rupdate_internal_whitelistrEXs]   8   B   rcKttg|zd{Vtjrt d{VdSdSN)r _COMPOSE_LISTS_SCRIPTrENABLEr>) script_argss rrBrBdsh *+k9 : ::::::::rcjKttj|d{V}tg}t |D]*}|d|+t|d|dtj rtd{VdSdS)z:Rewrite config file with autogenerated data from database.Nz{} 1; F)backup) r asyncioget_event_loop_HEADERsortedappendformatr joinrrIr>) gather_items config_fileitemscontentitems r_rewrite_webshield_configrZjs!'"8":":LII I I I I I IEiGu //y''--....; 0 0????rcBKtdtd{VdS)zFill webshield config file with blacklisted country (from CountryList) Should be called after add/delete record from CountryList. c>tjtjSrG)r country_codesBLACKrrrz1update_country_blacklist_config..zs )+*;<<rN)rZ_CONFIG_COUNTRY_BLACKLISTrrrupdate_country_blacklist_configrausK $<<!  rcBKtdtd{VdS)zAFill webshield config file with remote proxies (from RemoteProxy)c\tdtjdddDS)Nc3&K|] }|dV dS)networkNr).0rYs r z?update_remote_proxy_config....s7  $DO      rT)setrlistrrrr_z,update_remote_proxy_config..s;  (3(8tT(J(J     rN)rZ_CONFIGrrrupdate_remote_proxy_configrksO #      rcdS)zReturn a range of ports used by webshield to provide captcha and assist in remote proxy processing, as a tuple (first, last). (last value is not included in that range).)iirrrr port_rangerms  >rcttj}t|}|z }|rt d|fd|zD}|S)z=Return a set of Webshield ports which could be redirected to.zXGot unexpected ports to redirect from: %s, which are not present in the redirect map: %sc h|] }| Srr)rfportredirection_maps r z.destination_webshield_ports..s+"&r)port_redirect_map WebshieldModer5redirected_to_webshield_portskeysr@warning) current_mode from_portsunexpected_from_ports dest_portsrqs @rdestination_webshield_portsr|s'))O $&&L.|< !     *47K7K7M7M*MJ rmodec|tjks*tstst rt nddh}|t t jt t jzz}|t t zz}|S)zNReturn a set of TCP destination ports that can be redirected to Webshield.P) rtAPACHErrrrhWebServicesConfig HTTP_PORTS HTTPS_PORTSr http_ports https_ports)r}portss rrurus =' ' '   ( " $ $ (    (  #Y   S"- . .%22E \^^ & & ( (<>>+E+E+G+G GGE Lrct}d|d<d|d<d|d<d|d<d |d <d |d <d |d<d|d<d|d<d|d<d|d<|S)zYReturn a mapping of destination TCP ports to their redirect target port of Webshield.iririi"ii&ii#ii'ii/ii0i ii i i i"r)ms rrsrssu  A AbE AcFAdGAdGAdGAdGAdGAdGAdGAdGAdG Hr)=rNr"logging collectionsrpathlibrtypingrrr$defence360agent.model.simplificationr defence360agent.utilsr r r im360.contracts.configr rrim360.model.countryrim360.model.firewallr!im360.subsys.panels.hosting_panelrim360.subsys.webshield_moderrt im360.utilsrrim360.subsys.int_configr getLoggerrr@rPrjr`rHr( Exceptionrr!r&r*r:r>rErBrZrarkintrmr| STANDALONErursrrrrs ################@@@@@@JJJJJJJJJJCCCCCC,,,,,,++++++,,,,,,::::::======BBBBBBBB777777  8 $ $ * 8:G#t$FGG)))))I)))=t====555 $6999     E#s(OSX((2 X4 4S>      r