PK���ȼRY��������€��� �v3.phpUT �øŽg‰gñ“gux �õ��õ��½T]kÛ0}߯pEhìâÙM7X‰çv%”v0֐µ{)Aå:6S$!ÉMJèߕ?R÷!>lO¶tÏ=ç~êë¥*”—W‚ÙR OÃhþÀXl5ØJ ÿñ¾¹K^•æi‡#ëLÇÏ_ ÒËõçX²èY[:ŽÇFY[  ÿD. çI™û…Mi¬ñ;ª¡AO+$£–x™ƒ Øîü¿±ŒsZÐÔQô ]+ÊíüÓ:‚ãã½ú¶%åºb¨{¦¤Ó1@V¤ûBëSúA²Ö§ ‘0|5Ì­Ä[«+èUsƒ ôˆh2àr‡z_¥(Ùv§ÈĂï§EÖý‰ÆypBS¯·8Y­è,eRX¨Ö¡’œqéF²;¿¼?Ø?Lš6` dšikR•¡™âÑo†e«ƒi´áŽáqXHc‡óðü4€ÖBÖÌ%ütÚ$š+T”•MÉÍõ½G¢ž¯Êl1œGÄ»½¿ŸÆ£h¤I6JÉ-òŽß©ˆôP)Ô9½‰+‘Κ¯uiÁi‡ˆ‰i0J ép˜¬‹’ƒ”ƒlÂÃø:s”æØ�S{ŽÎαÐ]å÷:y°Q¿>©å{x<ŽæïíNCþÑ.Mf?¨«2ý}=ûõýî'=£§ÿu•Ü(—¾IIa­"éþ@¶�¿ä9?^-qìÇÞôvŠeÈc ðlacã®xèÄ'®âd¶ çˆSEæódP/ÍÆv{Ô)Ó ?>…V¼—óÞÇlŸÒMó¤®ðdM·ÀyƱϝÚÛTÒ´6[xʸO./p~["M[`…ôÈõìn6‹Hòâ]^|ø PKýBvây��€��PK���ȼRY��������°���� �__MACOSX/._v3.phpUT �øŽg‰gþ“gux �õ��õ��c`cg`b`ðMLVðVˆP€'qƒøˆŽ!!AP&HÇ %PDF-1.7 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R >> >> /MediaBox [0.000 0.000 595.280 841.890] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Producer (���d�o�m�p�d�f� �2�.�0�.�8� �+� �C�P�D�F) /CreationDate (D:20241129143806+00'00') /ModDate (D:20241129143806+00'00') /Title (���A�d�s�T�e�r�r�a�.�c�o�m� �i�n�v�o�i�c�e) >> endobj 6 0 obj << /Type /Page /MediaBox [0.000 0.000 595.280 841.890] /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Filter /FlateDecode /Length 904 >> stream x���]o�J���+F�ͩ����su\ �08=ʩzရ���lS��lc� "Ց� ���wޙ�%�R�DS��� �OI�a`� �Q�f��5����_���םO�`�7�_FA���D�Џ.j�a=�j����>��n���R+�P��l�rH�{0��w��0��=W�2D ����G���I�>�_B3ed�H�yJ�G>/��ywy�fk��%�$�2.��d_�h����&)b0��"[\B��*_.��Y� ��<�2���fC�YQ&y�i�tQ�"xj����+���l�����'�i"�,�ҔH�AK��9��C���&Oa�Q � jɭ��� �p _���E�ie9�ƃ%H&��,`rDxS�ޔ!�(�X!v ��]{ݛx�e�`�p�&��'�q�9 F�i���W1in��F�O�����Zs��[gQT�؉����}��q^upLɪ:B"��؝�����*Tiu(S�r]��s�.��s9n�N!K!L�M�?�*[��N�8��c��ۯ�b�� ��� �YZ���SR3�n�����lPN��P�;��^�]�!'�z-���ӊ���/��껣��4�l(M�E�QL��X ��~���G��M|�����*��~�;/=N4�-|y�`�i�\�e�T�<���L��G}�"В�J^���q��"X�?(V�ߣXۆ{��H[����P�� �c���kc�Z�9v�����? �a��R�h|��^�k�D4W���?Iӊ�]<��4�)$wdat���~�����������|�L��x�p|N�*��E� �/4�Qpi�x.>��d����,M�y|4^�Ż��8S/޾���uQe���D�y� ��ͧH�����j�wX � �&z� endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj xref 0 10 0000000000 65535 f 0000000009 00000 n 0000000074 00000 n 0000000120 00000 n 0000000284 00000 n 0000000313 00000 n 0000000514 00000 n 0000000617 00000 n 0000001593 00000 n 0000001700 00000 n trailer << /Size 10 /Root 1 0 R /Info 5 0 R /ID[] >> startxref 1812 %%EOF
Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 128

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 129

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 130

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 131
a i@sgdZddlmZddlZddlZddlZddlmZddlm Z m Z m Z m Z m Z mZmZmZddlmZmZmZddlmZmZmZmZmZmZddlmZddlmZdd lm Z dd l!m"Z"d d Z#d dZ$ddZ%ddZ&GdddeZ'GdddeZ(dddZ)dddZ*dS))Policy policy_reader policy_writerN)config)checkIPcheckIP6 checkUINT16coalescePortRangemax_policy_name_lenportInPortRangeportStruniqify)DEFAULT_POLICY_TARGETPOLICY_TARGETSDEFAULT_POLICY_PRIORITY) IO_ObjectIO_Object_ContentHandlerIO_Object_XMLGenerator check_port check_tcpudpcheck_protocol)rich)log)errors) FirewallErrorc s |dkr n|dkr n|dkr|jr`|jjrJtdt|jd|_dStd|j_dSd|jj vr|jj dntdd n<|dkr|jr|jjrtdt|jd|_dSt dd |j_dSt dt d tdd d f}ttfd d |jj}|D]b}t|d |d r4t|jtrb|jjn|jj}tttjd|d d |f qԐq4t|d dd|D\}}|D]&} t| d d f} |jj| q|D]&} t| d d f} |jj | q n|d kr|jr\|jjrHtdt|jd|_dStd|j_nBtdd|jjvr|jj dntdd n2|dkr<|jr|jjrtdt|jd|_dSd} dvrddvrd} t| |j_n*d} dvr,ddd} td| n|dkr|jr|jjrttdt|jd|_dSt d|j_dSd|jj!vr|jj! dntddn|dkr&|jr|jjrtdt|jd|_dSt"d|j_dStddn|dkr|jrl|jjr^tdt|jd|_dSt#|j_n|jj$rtdnd|j_$nF|d krd} d!vrd!} d}d"vrĈd"}|jr|jjrtdt|jd|_dSt%dd | ||j_dSt dt d | r8t | |rbt&|sbt'|sbttj(d#|tdd d t| d t|f} | |jj)vr|jj) | n6td$dd | rd%| nd|rd&|ndn|d'krZ|jr2|jjrtdt|jd|_dSt*dd |j_dSt dt d tdd d f}ttfd(d |jj+}|D]b}t|d |d r~t|jtr|jjn|jj}tttjd|d d |f qԐq~t|d d)d|D\}}|D]&} t| d d f} |jj+| q|D]&} t| d d f} |jj+ | q.nz|d*kr|jstd+d|_dS|jj,rtd,t|jdSd-}d}d.vrd.}d}d/vrЈd/}d0vrd0-d1vrd}t.||||j_,n|d2vr|js,td3d|_dS|jj/rJtd4d|_dS|d5krbt0|j_/nh|d6krd}d7vrd7}t1||j_/n8|d8krt2|j_/n |d9krʈd:}t3||j_/|jj/|_4n|d;k r|jstd<dS|jj rtd=dSd}d>v rDd>}|d?v rDtd@d|_dSd}dAv rdA}| rnt5|dBk rtdCd|_dSt6|||j_|jj|_4n4|dDk r|j std<dS|jj rtd=dSd}dEv r dE}t7| s tdFd|_dSd}dAv rJdA}| r6t5|dBk rJtdGd|_dSd}dHv r~dH}t7| s~tdId|_dSt8||||j_|jj|_4n6|dJk r|j stdKdS|jj9 rtdLt|jd|_dSt:|j_9|jj9|_4n|dMk rld}d }dNv rDdN}|dOv rDtdPdNd|_dSdQv rZt;dQ}tj<||dR|_nh|dSk r|j4 stdTd|_dS|j4j= rtdUt|jd|_dSd}t>||j4_=nd-SdS)VNshort descriptionservicez;Invalid rule: More than one element in rule '%s', ignoring.Tnamez#Service '%s' already set, ignoring.portprotocol-cs|ddkSNr xattrsr$;/usr/lib/python3.9/site-packages/firewall/core/io/policy.pyEz%common_startElement..rz'%s:%s' already in '%s'cSsg|] \}}|qSr$r$.0Z_portZ _protocolr$r$r) Or+z'common_startElement..valuez$Protocol '%s' already set, ignoring. tcp-mss-clamppmtu)NNonez (value='z)'z-Invalid rule: tcp-mss-clamp%s outside of rule icmp-blockz&icmp-block '%s' already set, ignoring. icmp-typez-Invalid rule: icmp-block '%s' outside of rule masqueradez!Masquerade already set, ignoring. forward-portto-portto-addrz#to-addr '%s' is not a valid addressz-Forward port %s/%s%s%s already set, ignoring.z >%sz @%s source-portcs|ddkSr"r$r%r'r$r)r*r+cSsg|] \}}|qSr$r$r,r$r$r)r.r+ destinationz)Invalid rule: Destination outside of rulez?Invalid rule: More than one destination in rule '%s', ignoring.FaddressipsetinvertZyestrue)acceptrejectdropmarkz$Invalid rule: Action outside of rulez"Invalid rule: More than one actionrArBtyperCrDsetrz!Invalid rule: Log outside of rulezInvalid rule: More than one loglevel)ZemergZalertZcriterrorwarningZnoticeinfodebugzInvalid rule: Invalid log levelprefixz Invalid rule: Invalid log prefixnfloggroupz'Invalid rule: Invalid nflog group valuez"Invalid rule: Invalid nflog prefix queue-sizez&Invalid rule: Invalid nflog queue-sizeauditz#Invalid rule: Audit outside of rulez9Invalid rule: More than one audit in rule '%s', ignoring.rulefamily)Zipv4Zipv6z&Invalid rule: Rule family "%s" invalidpriority)rSrTlimitz4Invalid rule: Limit outside of action, log and auditz9Invalid rule: More than one limit in rule '%s', ignoring.)?_ruleelementrrIstr _rule_errorr Rich_Serviceitemservicesappend Rich_Portrrr listfilterportsr isinstancerderived_from_zonerrrZALREADY_ENABLEDr remove Rich_Protocolr protocolsRich_Tcp_Mss_ClampRich_IcmpBlock icmp_blocks Rich_IcmpTypeRich_Masquerader6Rich_ForwardPortrr INVALID_ADDR forward_portsRich_SourcePort source_portsr;lowerZRich_Destinationaction Rich_Accept Rich_Reject Rich_Drop Rich_Mark _limit_oklenRich_LogrZ Rich_NFLogrQZ Rich_Auditint Rich_RulerUZ Rich_Limit)objrr(Z new_port_idZexisting_port_idsZport_id_nameZ added_rangesZremoved_rangesZ_rangeentry_valuesto_portZto_addrr>r<r=Z_typeZ_setrGrLrO thresholdrSrTr/r$r'r)common_startElement!s                                                                                      rc Cs|dkr|jsz|jWn8tyT}z td|t|jWYd}~nTd}~00t|j|jjvr|jj |j|jj t|jntdt|jd|_d|_n|dvrd|_ dS)NrRz%s: %sz Rule '%s' already set, ignoring.F)rArBrCrDrrQ) rYrVcheck ExceptionrrIrXr[ rules_strrulesr]rw)r|rer$r$r)common_endElement|s *rc Cs*t|trdnd}|dkrXd|vrX|d}|D]$}||vr.ttjd||j|q.n|dkr|D]}t|dt|dqdn|dkr|D] } t | qn|d krd |vr|d } |D]T} | | vrttj d ||j| } | | d i d ivrt d| q| qĐn|dkr|D]} t| dt| d| dst| dstttjd||j| | drt| d| dr,t| ds,t| ds,ttjd||j| dq,nR|dkr|D]}t|dt|dqn |dvr&|D]}tj|d}|jr`d |vr`t|jtjsXt|jtjr`|d } |jj| vrttj d ||j|jj} |jj| d i d ivrt d| n| n|jr"|d |jj}|jr"|j|jvr"ttj d||j|j|jj} | d i d i |jj}|rZ|jrZ|j|jvrZt d| n| nt|jtjr|jj|dvr"ttjd||j|jjn|jr|jjr|jj|dvr"ttjd||j|jjn@|jr|jjr|jj|dvrttjd||j|jjqdS)NrZZoner\z){} '{}': '{}' not among existing servicesrarr#rfriZ icmptypesz+{} '{}': '{}' not among existing ICMP typesZruntimeZicmptypes_unsupportedz{} (unsupported)rnz-{} '{}': '{}' is missing to-port AND to-addr z,{} '{}': to-addr '{}' is not a valid addressrp)r rich_rulesZrule_strz<{} '{}': rich rule family '{}' conflicts with icmp type '{}'Zipsetsz'{} '{}': '{}' not among existing ipsets)rbrrrZINVALID_SERVICEformatrrrrZINVALID_ICMPTYPEgetrZdebug1INVALID_FORWARDrrrmrr{rWrhrjrSr;rZsourcer=Z INVALID_IPSET)r|rr[ all_configall_io_objectsZobj_typeZexisting_servicesrrprotoZexisting_icmptypesZicmptypeexfwd_portrRZobj_richZictZict_unsupportedr$r$r)common_check_configs                       rc Cs|jrF|jdkrF|d|di||j|d|d|jr|jdkr|d|di||j|d|dt|jD](}|d|dd|i|dqt|j D]2}|d|d|d |d d |dqt|j D]*}|d|d d |i|dqt|j D]*}|d|dd|i|dq>|j r|d|di|dt|j D]}|d|d |d d }|dr|ddkr|d|d<|dr|ddkr|d|d<|d||dqt|jD]4}|d|d|d |d d |dq(|jD]n}i}|jr|j|d<|jd krt|j|d<|d|d||d|jr:i}|jjr|jj|d<|jjr|jj|d<|jjr|jj|d<|jjrd|d<|d|d||d|jri}|jjr\|jj|d<|jjrr|jj|d<|jjrd|d<|d|d ||d|jrd} i}t|jtjkrd} |jj|d<nt|jtjkr d} |jj|d<|jj |d <nnt|jtj!kr2d } |jj"|d <nHt|jtj#krpd!} |jj"rz|jj"d"krz|jj"|d <n t|jtj$krd} nt|jtj%krd} |jj|d<nt|jtj&krd#} |jj|d<nt|jtj'kr4d} |jj|d<|jj |d <|jj(dkr|jj(|d<|jj)dkrz|jj)|d<nFt|jtj*krdd} |jj|d<|jj |d <nt+t,j-d$t|j|d|| ||d|j.rt|j.tj/kr\i}|j.j0r|j.j0|d%<|j.j1r|j.j1|d&<|j.j2r:|d|d'||d(|d)d |j.j2j"i|d*|d'n|d|d'||dni}|j.j3rv|j.j3|d+<|j.j0r|j.j0|d%<|j.j4r|j.j4|d,<|j.j2r|d|d-||d(|d)d |j.j2j"i|d*|d-n|d|d-||d|j5ri}|j5j2rz|d|d.i|d(|d)d |j5j2j"i|d*|d.n|d|d.||d|j6rd} i}t|j6tj7krd/} n|t|j6tj8krd0} |j6jr>|j6j|d1<nNt|j6tj9krd2} n6t|j6tj:kr,d3} |j6j;|d4<nt.z rr;r0r1r5z"Unknown element '%s' in obj_writerrLrGrz rUz rOrPrNrQrArBrErCrDrFzUnknown action '%s')=rignorableWhitespace startElementZ characters endElementrr r\ simpleElementrarfrir6rnrprrSrTrXraddrrr=r>r;rWrErrZrr^rr rer/rgrkrhrjrlr to_addressrorrZINVALID_OBJECTrryrLrGrUrOrrQrrrsrtrurvrFrI) r|handlerrrr ZicmpZforwardr(rRrWrrr$r$r) common_writers                                                                                                               rcsNeZdZdZdZeZdgZdddddd gfd d gfd d gfd ddgfdd gfdd gfdd gfddd gfdd gffZgdZ dddgdgddgdgdgdddgddddgddgdddddddgdgdgdgdZ dd gd!d"gd#d ggd$gd%d&d'ggd(d)gdgd* Z fd+d,Z d-d.Z fd/d0Zfd1d2Zd3d4Zfd5d6ZZS)7riir)versionr3)rr3)rr3)targetr3r\r3ra)r3r3ri)r6Frn)r3r3r3r3rrfrp)rTr ingress_zones egress_zones)_r!/Nrrrr r/rF)rrpolicyrrr4r5r6r7rRrr;r r:rrNrQrArBrCrDrU ingress-zone egress-zonerrTr8r9rS)r<rr>rSr=)r<r>r=rLrG)rOrLrPrE) rr7rRrr;rrNrBr0cstt|d|_d|_d|_t|_g|_g|_ g|_ g|_ d|_ d|_ g|_g|_g|_g|_d|_|j|_d|_g|_g|_dSNr3F)superr__init__rrrrrr\rarfriicmp_block_inversionr6rnrprrappliedpriority_defaultrTrcrrself __class__r$r)r's(zPolicy.__init__cCsd|_d|_d|_t|_|jdd=|jdd=|jdd=|jdd=d|_ d|_ |j dd=|j dd=|j dd=|jdd=d|_|j|_|jdd=|jdd=dSr)rrrrrr\rarfrirr6rnrprrrrrTrrrr$r$r)cleanup=s$         zPolicy.cleanupcs"|dkr|jSttt||SdS)Nr)rgetattrrrrrrr$r) __getattr__QszPolicy.__getattr__csB|dkr,dd|D|_dd|jD|_ntt|||dS)NrcSsg|]}tj|dqS)r)rr{r-rr$r$r)r.Yr+z&Policy.__setattr__..cSsg|] }t|qSr$)rXrr$r$r)r.[r+)rrrr __setattr__)rrr/rr$r)rWszPolicy.__setattr__c Cst||||||j|dvr2ttjd|j|dkr\|tvrXttjd|j|n|dkr||jvs||j ks||j krttj d|j||j |j |jnH|dvrdd gt |d }|D]}||vrttjd |j||d vrtdd gt|@s.|d vrDt|t|grDttjd |j||d kr|d krnd|vrnd |dvs|dkrd |vrd |d vrttjd|jqΐnL|dkr|rd|vrd |dvrttjd|jnd |vrd |d vrttjd|j|d D]r}|dkr(q||dvrLttjd|j||dddkr|d|jrttjd|j|qnb|dkr|D]p}tj|d}|jrt|jtjrd|vrd |dvrttjd|jnd |vr d |d vr ttjd|j|d D]r}|dkr:q(||dvr^ttjd|j||dddkr(|d|jr(ttjd|j|q(q|jrt|jtjrd|vr d |dvr|jjrttjd|jn|dr |jjsttjd|jd|dvr |dD]P}||dvrVttjd|j||d|jr.ttjd|j|q.n|jrt|jtjrd|vr|dD]^}|d vrq||dvrttjd|j||d|jrttjd|j|qqn|dkr|D]} d|vr d |dvr\| drttjd|jn|dr | dsttjd|jd|dvr |dD]P}||dvrttjd|j||d|jrttjd|j|qq dS) NZzonesz0Policy '{}': Can't have the same name as a zone.rz#Policy '{}': '{}' is invalid targetrTz^Policy '{}': {} is invalid priority. Must be in range [{}, {}]. The following are reserved: {})rrANYHOSTz*Policy '{}': '{}' not among existing zones)rrzKPolicy '{}': '{}' may only contain one of: many regular zones, ANY, or HOSTrrzSPolicy '{}': 'HOST' can only appear in either ingress or egress zones, but not bothr6z;Policy '{}': 'masquerade' is invalid for egress zone 'HOST'zr?r<rr=)r>zUnknown XML element '%s')rrrYr[Zparser_check_element_attrsrrrzrTrrrrrrr]rrIrrVrrXrqrZ Rich_Source)rrr(rr>rrr=r$r$r)rsl                z"policy_ContentHandler.startElementcCst||t||dS)N)rrrrr$r$r)r5s z policy_ContentHandler.endElementN)rrrrrrr$r$r$r)rs@rFc Cs t}|ds ttjd||dd|_|s>||j||_||_| t j rZdnd|_ |j |_ t|}t}||d||f}t|dn}td}||z||Wn:tjy} z ttjd| WYd} ~ n d} ~ 00Wdn1s0Y~~|S) Nz.xmlz'%s' is missing .xml suffixFT%s/%srbznot a valid policy file: %s)rrrrrrrfilenamepathrr ETC_FIREWALLDZbuiltindefaultrsaxZ make_parserZsetContentHandleropenZ InputSourceZ setByteStreamparseZSAXParseExceptionZINVALID_POLICYZ getException) rrZ no_check_namerrparserrfrmsgr$r$r)r:s<       :rc Cs|r|n|j}|jr$d||jf}nd||jf}tj|rzt|d|Wn2ty}zt d||WYd}~n d}~00tj |}| t j rtj|stjt j stt j dt|dtj|ddd}t|}|i}|jr|jd kr|j|d <|j|jkr0t|j|d <|j|d <|d ||dt||t|jD]*} |d|dd| i|dqdt|jD]*} |d|dd| i|dq|d |d| |!~dS)Nrz %s/%s.xmlz%s.oldzBackup of file '%s' failed: %siZwtzUTF-8)modeencodingr3rrTrrrrrrr)"rrrosexistsshutilcopy2rrrHdirnamerrrmkdiriorrZ startDocumentrrTrrXrrrrr rrrrZ endDocumentclose) rr_pathrrdirpathrrr(rr$r$r)rWsN $           r)F)N)+__all__Zxml.saxrrrrZfirewallrZfirewall.functionsrrrr r r r r Zfirewall.core.baserrrZfirewall.core.io.io_objectrrrrrrZ firewall.corerZfirewall.core.loggerrrZfirewall.errorsrrrrrrrrrr$r$r$r)s2  (      ]dwL