firewall/views.pyc

<03>
<EFBFBD>T2Zc@sGddlmZmZddlmZddlmZddlZddlm	Z	ddl
Z
ddlZddlm
Z
ddlm	Z	ddlmZddlZddlmZddljZd	<00>Zd
<00>Zd<00>Zd<00>Zd
<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Zd<00>Z d<00>Z!dS(i<><69><EFBFBD><EFBFBD>(trendertredirecti(t
FirewallRules(tHttpResponseN(tFirewallUtilities(t
loadLoginPage(t
AdministratorcCs=y|jd}t|d<00>SWntk
r8tt<00>SXdS(NtuserIDsfirewall/index.html(tsessionRtKeyErrorRR(trequestR((s$/usr/local/CyberCP/firewall/views.pytsecurityHomes


cCskyL|jd}tjjd|<00>}|jdkr>td<00>St|d<00>SWntk
rftt	<00>SXdS(NRtpkis5You don't have enough priviliges to access this page.sfirewall/firewall.html(
RRtobjectstgetttypeRRR	RR(R
Rtadmin((s$/usr/local/CyberCP/firewall/views.pytfirewallHomes

cCs<>yW|jd}y|jdkrtj|j<00>}tjj<00>}d}d}x<>|D]}}i|jd6|j	d6|j
d6|jd6|jd	6}|dkr<>|tj
|<00>}d
}qV|dtj
|<00>}qVW|d}tj
id
d
6dd6|d6<>}t|<00>SWnCtk
rU}	idd
6t|	<00>d6}
tj
|
<00>}t|<00>SXWn;tk
r<>idd
6dd6}
tj
|
<00>}t|<00>SXdS(NRtPOSTt[itidtnametprototportt	ipAddressit,t]tfetchStatustNonet
error_messagetdatas6Not Logged In, please refresh the page or login again.(RtmethodtjsontloadstbodyRR
tallRRRRRtdumpsRt
BaseExceptiontstrR	(R
tvalRtrulest	json_datatcheckertitemstdict
final_jsontmsgt	final_dic((s$/usr/local/CyberCP/firewall/views.pytgetCurrentRules's:


$
c	CsSy|jd}y<>|jdkr<>tj|j<00>}|d}|d}|d}|d}tj|||<00>td|d|d	|d
|<00>}|j<00>idd6d
d6}tj	|<00>}	t
|	<00>SWnCtk
r
}
idd6t|
<00>d6}tj	|<00>}	t
|	<00>SXWn=t
k
rN}
idd6dd6}tj	|<00>}	t
|	<00>SXdS(NRRtruleNametruleProtocoltrulePorttruleIPRRRRit
add_statusRRis6Not Logged In, please refresh the page or login again.(RRR R!R"RtaddRuleRtsaveR$RR%R&R	(R
R'RR1R2R3R4t	newFWRuleR/R-R.((s$/usr/local/CyberCP/firewall/views.pyR6Rs.


!
cCsGy|jd}y<>|jdkr<>tj|j<00>}|d}|d}|d}|d}tj|||<00>tjj	d|<00>}|j
<00>idd6d	d
6}tj|<00>}	t|	<00>SWnCt
k
r}
idd6t|
<00>d
6}tj|<00>}	t|	<00>SXWn=tk
rB}
idd6dd
6}tj|<00>}	t|	<00>SXdS(
NRRRRRR4it
delete_statusRRis6Not Logged In, please refresh the page or login again.(RRR R!R"Rt
deleteRuleRR
RtdeleteR$RR%R&R	(R
R'RtruleIDR2R3R4tdelRuleR/R-R.((s$/usr/local/CyberCP/firewall/views.pyR:ss.


cCs;y<>|jd}y<>|jdkr<>d}tj|<00>}tj|<00>}|dkridd6dd6}tj|<00>}t|<00>Sidd6d	d6}tj|<00>}t|<00>SnWnCt	k
r<>}idd6t
|<00>d6}tj|<00>}t|<00>SXWn=tk
r6}idd6d
d6}tj|<00>}t|<00>SXdS(NRRssudo firewall-cmd --reloadiit
reload_statusRRs3Can not reload firewall, see CyberCP main log file.s6Not Logged In, please refresh the page or login again.(RRtshlextsplitt
subprocesstcallR R$RR%R&R	(R
R'tcommandtcmdtresR/R-R.((s$/usr/local/CyberCP/firewall/views.pytreloadFirewall<6C>s,
cCs;y<>|jd}y<>|jdkr<>d}tj|<00>}tj|<00>}|dkridd6dd6}tj|<00>}t|<00>Sidd6d	d6}tj|<00>}t|<00>SnWnCt	k
r<>}idd6t
|<00>d6}tj|<00>}t|<00>SXWn=tk
r6}idd
6dd6}tj|<00>}t|<00>SXdS(NRRssudo systemctl start firewalldiitstart_statusRRs2Can not start firewall, see CyberCP main log file.R>s6Not Logged In, please refresh the page or login again.(RRR?R@RARBR R$RR%R&R	(R
R'RCRDRER/R-R.((s$/usr/local/CyberCP/firewall/views.pyt
startFirewall<6C>s,
cCs;y<>|jd}y<>|jdkr<>d}tj|<00>}tj|<00>}|dkridd6dd6}tj|<00>}t|<00>Sidd6d	d6}tj|<00>}t|<00>SnWnCt	k
r<>}idd6t
|<00>d6}tj|<00>}t|<00>SXWn=tk
r6}idd6d
d6}tj|<00>}t|<00>SXdS(NRRssudo systemctl stop firewalldiitstop_statusRRs1Can not stop firewall, see CyberCP main log file.s6Not Logged In, please refresh the page or login again.(RRR?R@RARBR R$RR%R&R	(R
R'RCRDRER/R-R.((s$/usr/local/CyberCP/firewall/views.pytstopFirewall<6C>s,
cCsFy|jd}y<>|jdkr<>tjdddg<00>}|jd<00>dkr<>idd6d	d
6dd6}tj|<00>}t|<00>Sidd6d	d
6dd6}tj|<00>}t|<00>SnWnCtk
r}idd6t	|<00>d
6}tj|<00>}t|<00>SXWn=t
k
rA}idd
6dd
6}tj|<00>}t|<00>SXdS(NRRt	systemctltstatust	firewalldtactivei<65><69><EFBFBD><EFBFBD>itnoneRtfirewallStatusitvs6Not Logged In, please refresh the page or login again.(RRRAtcheck_outputtfindR R$RR%R&R	(R
R'RLR/R-R.((s$/usr/local/CyberCP/firewall/views.pyRP<00>s(
cCskyL|jd}tjjd|<00>}|jdkr>td<00>St|d<00>SWntk
rftt	<00>SXdS(NRRis5You don't have enough priviliges to access this page.sfirewall/secureSSH.html(
RRR
RRRRR	RR(R
RR((s$/usr/local/CyberCP/firewall/views.pyt	secureSSHs

cCs<>y]|jd}y|jdkrtj|j<00>}|d}|dkr<>d}tj|<00>}tj|<00>}d}t	|d<00>j
<00>}d}d	}	x<>|D]<5D>}
|
jd
<00>dkr<>|
jd<00>dks<>|
jd
<00>dkr<>d}q<>q<>n|
jd<00>dkr<>|
jd<00>dkr<>|
jd<00>djd<00>}	q<>q<>Wd}tj|<00>}tj|<00>}i|d6|	d6}tj
|<00>}t|<00>Sd}tj|<00>}tj|<00>}d}
d}d}t	|
d<00>j
<00>}x<>|D]<5D>}
|
jd<00>dkr<>|
jd<00>}d|dd d|d}y|d|djd<00> }Wn|d}nXi|d6|d 6}|dkr<>|tj
|<00>}d}q<>|d!tj
|<00>}q<>q<>W|d"}d#}tj|<00>}tj|<00>}tj
idd$6d%d&6|d'6<>}t|<00>SnWnCtk
r[}idd$6t|<00>d&6}tj
|<00>}t|<00>SXWn=tk
r<>}idd$6d(d&6}tj
|<00>}t|<00>SXdS()NRRRt1s9sudo chown -R  cyberpanel:cyberpanel /etc/ssh/sshd_configs/etc/ssh/sshd_configtrit22tPermitRootLogini<6E><69><EFBFBD><EFBFBD>tYestyesitPorttGatewayPortst s
s-sudo chown -R  root:root /etc/ssh/sshd_configtpermitRootLogintsshPorts*sudo chown -R  cyberpanel:cyberpanel /roots/root/.ssh/authorized_keysRsssh-rsasssh-rsa i2s ... it@tuserNametkeyRRssudo chown -R  root:root /rootRLRRRs6Not Logged In, please refresh the page or login again.(RRR R!R"R?R@RARBtopent	readlinesRStstripR$RtindexR%R&R	(R
R'RRRCRDREt	pathToSSHR^R_R+R/R-t
pathToKeyFileR)R*tkeydataRbRaR,R.((s$/usr/local/CyberCP/firewall/views.pyt
getSSHConfigs's|

*	+#


$cCsMy|jd}y<>|jdkr<>tj|j<00>}|d}|dkr<>|d}|d}d|}tj|<00>}tj|<00>}t	j
d|d	<00>y?tjj
d
d<00>}	t	jd|	j<00>||	_|	j<00>Wn\y)td
dd|d
d<00>}
|
j<00>Wq7tk
r2}tjjt|<00><00>q7XnXd}tj|<00>}tj|<00>}|tkrpd}nd}d|d}d}t|d<00>j<00>}t|d<00>}
x<>|D]<5D>}|jd<00>dkr
|jd<00>dks<>|jd<00>r<|
j|<00>q<>q<q<>|jd<00>dkr/|
j|<00>q<>|
j|<00>q<>W|
j<00>d}tj|<00>}tj|<00>}d}tj|<00>}tj|<00>}idd6}tj|<00>}t|<00>SnWnCtk
r}idd6t|<00>d 6}tj|<00>}t|<00>SXWnCtk
rH}idd6t|<00>d 6}tj|<00>}t|<00>SXdS(!NRRRRUR_t	rootLogins+sudo semanage port -a -t ssh_port_t -p tcp ttcps	0.0.0.0/0Rt	SSHCustomRRs9sudo chown -R  cyberpanel:cyberpanel /etc/ssh/sshd_configsPermitRootLogin yes
sPermitRootLogin no
sPort s
s/etc/ssh/sshd_configRVtwRXi<><69><EFBFBD><EFBFBD>RYRZR[ssudo systemctl restart sshds-sudo chown -R  root:root /etc/ssh/sshd_configit
saveStatusiR(RRR R!R"R?R@RARBRR6RR
RR:RR7R%tloggingtCyberCPLogFileWritertwriteToFileR&tTrueRcRdRSt
writelinestcloseR$RR	(R
R'RRR_RkRCRDREtupdateFWtnewFireWallRuleR.RgRrR+R/R-((s$/usr/local/CyberCP/firewall/views.pytsaveSSHConfigs<67>sx


$
	

cCs<>y||jd}y2|jdkrAtj|j<00>}|d}d}tj|<00>}tj|<00>}|jd<00>d}d}t	|d<00>j
<00>}t	|d	<00>}	xK|D]C}
|
jd
<00>dkr<>|
j|<00>dkr<>q<>q<>|	j|
<00>q<>W|	j
<00>d}tj|<00>}tj|<00>}idd
6}tj|<00>}t|<00>SWn6tk
rz}
idd
6}tj|<00>}t|<00>SXWn6tk
r<>}
idd
6}tj|<00>}t|<00>SXdS(NRRRbs*sudo chown -R  cyberpanel:cyberpanel /rootR]is/root/.ssh/authorized_keysRVRnsssh-rsai<61><69><EFBFBD><EFBFBD>ssudo chown -R  root:root /rootR9i(RRR R!R"R?R@RARBRcRdRSRtRuR$RR%R	(R
R'RRbRCRDREtkeyPartRgRrR+R/R-R.((s$/usr/local/CyberCP/firewall/views.pytdeleteSSHKey<65>s@

*


cCs<>y<>|jd}yF|jdkrUtj|j<00>}|d}d}tj|<00>}tj|<00>}d}d}t	j
j|<00>r<>n
t	j|<00>t	j
j|<00>r<>n&t
|d<00>}	|	jd<00>|	j<00>t
|d	<00>}
|
jd
<00>|
j|<00>|
jd
<00>|
j<00>d}tj|<00>}tj|<00>}idd
6}tj|<00>}t|<00>SWn6tk
r<>}
idd
6}tj|<00>}t|<00>SXWn6tk
r<>}
idd
6}tj|<00>}t|<00>SXdS(NRRRbs*sudo chown -R  cyberpanel:cyberpanel /roots
/root/.sshs/root/.ssh/authorized_keysRns#Created by CyberPanel
tas
ssudo chown -R  root:root /rootiR5i(RRR R!R"R?R@RARBtostpathtexiststmkdirRcRtRuR$RR%R	(R
R'RRbRCRDREtsshDirRgtsshFileRrR/R-R.((s$/usr/local/CyberCP/firewall/views.pyt	addSSHKey6sL


("tdjango.shortcutsRRtmodelsRtdjango.httpRR tplogical.firewallUtilitiesRR?RAtloginSystem.viewsRR|tloginSystem.modelsRtplogical.CyberCPLogFileWriterRqRpRRR0R6R:RFRHRJRPRTRjRxRzR<>(((s$/usr/local/CyberCP/firewall/views.pyt<module>s4			+	!	 	#	#	#			m	h	: