Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
trilio-internal
trilio-internal / idna python
Repository URL to install this package:
|
Version:
2.5 ▾
|
ó
̍EYc�����������@���s
��d��d�l��Z��d��d�l�Z�d��d�l�Z�d��d�l�m�Z�d��d�l�m�Z�d��d�l�m�Z�d��d�l�Z�d���Z �e ���Z
�e�j
�j
�d����Z
�e�j
�j
�d����Z�e�j
�j
�d����Z�e�j
�j
�d ����Z�d
�e�f�d
�����YZ�d
�e�f�d
�����YZ�d�e�f�d�����YZ�d�S(���iÿÿÿÿN(���t ���lockutils(���t
���processutils(���t���privsepc�����������C���s"���t��j�j�t�j���d�d��d� S(���s-���Grab the name of the binary we're running in.iÿÿÿÿi���i���(���t���ost���patht���basenamet���inspectt���stack(����(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���get_binary_name&���s����c�����������C���s���t��j�d�d�d�d�S(���Ns
���iptables-saves���-ct���attemptsi���(���R���t���execute(����(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt
���iptables_save-���s���� c�����������C���s���t��j�d�d�d�d�S(���Ns���ip6tables-saves���-cR ���i���(���R���R
���(����(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���ip6tables_save3���s���� c���������C���s
���t��j�d�d�d�d�d�|��S(���Ns���iptables-restores���-cR ���i���t
���process_input(���R���R
���(���t���input(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���iptables_restore9���s����
c���������C���s
���t��j�d�d�d�d�d�|��S(���Ns���ip6tables-restores���-cR ���i���R
���(���R���R
���(���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���ip6tables_restore@���s����
t
���IptablesRulec�����������B���s8���e��Z�d��Z�e�e�d��Z�d���Z�d���Z�d���Z�RS(���sr���An iptables rule.
You shouldn't need to use this class directly, it's only used by
IptablesManager.
c���������C���s(���|�|��_��|�|��_�|�|��_�|�|��_�d��S(���N(���t���chaint���rulet���wrapt���top(���t���selfR���R���R���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���__init__O���s���� c���������C���sF���|��j��|�j��k�oE�|��j�|�j�k�oE�|��j�|�j�k�oE�|��j�|�j�k�S(���N(���R���R���R���R���(���R���t���other(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���__eq__U���s����c���������C���s
���|��|�k�
S(���N(����(���R���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���__ne__[���s����c���������C���s9���|��j��r �d�t�|��j�f�}�n �|��j�}�d�|�|��j�f�S(���Ns���%s-%ss���[0:0] -A %s %s(���R���t
���binary_nameR���R���(���R���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���__repr__^���s���� ( ���t���__name__t
���__module__t���__doc__t���Truet���FalseR���R���R���R
���(����(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyR���G���s
��� t
���IptablesTablec�����������B���sw���e��Z�d��Z�d���Z�e�d��Z�e�d��Z�e�d��Z�e�e�d��Z �d���Z
�e�e�d��Z
�d���Z
�e�d ��Z
�RS(
���s���An iptables table.c���������C���sC���g��|��_��g��|��_�t���|��_�t���|��_�t���|��_�t�|��_�d��S(���N(���t���rulest
���remove_rulest���sett���chainst���unwrapped_chainst
���remove_chainsR ���t���dirty(���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyR���j���s
����
c���������C���s$���|�r�|�|��j��k�S|�|��j�k�Sd��S(���N(���R&���R'���(���R���t���nameR���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt ���has_chainr���s����
c���������C���s6���|�r�|��j��j�|��n�|��j�j�|��t�|��_�d�S(���s¸��Adds a named chain to the table.
The chain name is wrapped to be unique for the component creating
it, so different components of Nova can safely create identically
named chains without interfering with one another.
At the moment, its wrapped name is <binary name>-<chain name>,
so if nova-compute creates a chain named 'OUTPUT', it'll actually
end up named 'nova-compute-OUTPUT'.
N(���R&���t���addR'���R ���R)���(���R���R*���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt ���add_chainx���s����
c���������C���sZ��|�r�|��j��}�n �|��j�}�|�|�k�r+�d�St�|��_�|�sM�|��j�j�|��n��|�j�|��|�s�|��j�g��|��j�D]�}�|�j �|�k�rq�|�^�qq�7_�n��g��|��j�D]�}�|�j �|�k�r¡�|�^�q¡�|��_�|�rÞ�d�t
�|�f�}�n
�d�|�f�}�|�s(|��j�g��|��j�D]�}�|�|�j
�k�r|�^�q7_�n��g��|��j�D]�}�|�|�j
�k�r2|�^�q2|��_�d�S(���s���Remove named chain.
This removal "cascades". All rule in the chain are removed, as are
all rules in other chains that jump to it.
If the chain is not found, this is merely logged.
Ns���-j %s-%ss���-j %s(
���R&���R'���R ���R)���R(���R,���t���removeR$���R#���R���R���R���(���R���R*���R���t ���chain_sett���rt
���jump_snippet(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt
���remove_chain���s&����
7.
c���������C���s´���|�r.�|�|��j��k�r.�t�t�d��|���n��d�|�k�ra�d�j�t�|��j�|�j�d����}�n��t�|�|�|�|��}�|�|��j�k�r°�|��j�j �t�|�|�|�|���t
�|��_
�n��d�S(���s=��Add a rule to the table.
This is just like what you'd feed to iptables, just without
the '-A <chain name>' bit at the start.
However, if you need to jump to one of your wrapped chains,
prepend its name with a '$' which will ensure the wrapping
is applied correctly.
s���Unknown chain: %rt���$t��� N(
���R&���t
���ValueErrort���_t���joint���mapt���_wrap_target_chaint���splitR���R#���t���appendR ���R)���(���R���R���R���R���R���t���rule_obj(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���add_rule°���s����
' c���������C���s%���|�j��d��r!�d�t�|�d� f�S|�S(���NR3���s���%s-%si���(���t
���startswithR���(���R���t���s(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyR9������s����c���������C���sl���yT�|��j��j�t�|�|�|�|���|�sJ�|��j�j�t�|�|�|�|���n��t�|��_�Wn�t�k
�rg�n�Xd�S(���s���Remove a rule from a chain.
Note: The rule must be exactly identical to the one that was added.
You cannot switch arguments around like you can with the iptables
CLI tool.
N(���R#���R.���R���R$���R;���R ���R)���R5���(���R���R���R���R���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt
���remove_rule���s���� "
c���������C���s���t��|�t�j��r$�t�j�|��}�n��t�|��j��}�g��|��j�D]!�}�|�j�t�|���s=�|�^�q=�|��_�|�t�|��j��}�|�d�k�r�t �|��_
�n��|�S(���s ���Remove all rules matching regex.i����(
���t
���isinstancet���sixt
���string_typest���ret���compilet���lenR#���t���matcht���strR ���R)���(���R���t���regext ���num_rulesR0���t���removed(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���remove_rules_regex���s����4
c���������C���sq���g��|��j��D]*�}�|�j�|�k�r
�|�j�|�k�r
�|�^�q
�}�|�rL�t�|��_�n��x
�|�D]�}�|��j��j�|��qS�Wd�S(���s
���Remove all rules from a chain.N(���R#���R���R���R ���R)���R.���(���R���R���R���R���t
���chained_rules(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt
���empty_chain��s
����*
(���R
���R
���R ���R���R ���R+���R-���R2���R!���R=���R9���R@���RL���RN���(����(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyR"���g���s���
&
t���IptablesManagerc�����������B���s���e��Z�d��Z�e�d
�d
�d�d
�d��Z�d���Z�d���Z�d���Z�d���Z �e
�j
�d�d�e
�d ����Z
�d
���Z�d
���Z�d
���Z�RS(���s��Wrapper for iptables.
See IptablesTable for some usage docs
A number of chains are set up to begin with.
First, nova-filter-top. It's added at the top of FORWARD and OUTPUT. Its
name is not wrapped, so it's shared between the various nova workers. It's
intended for rules that need to live at the top of the FORWARD and OUTPUT
chains. It's in both the ipv4 and ipv6 set of tables.
For ipv4 and ipv6, the built-in INPUT, OUTPUT, and FORWARD filter chains
are wrapped, meaning that the "real" INPUT chain has a rule that jumps to
the wrapped INPUT chain, etc. Additionally, there's a wrapped chain named
"local" which is jumped to from nova-filter-top.
For ipv4, the built-in PREROUTING, OUTPUT, and POSTROUTING nat chains are
wrapped in the same was as the built-in filter chains. Additionally,
there's a snat chain that is applied after the POSTROUTING chain.
t���DROPc���
������C���s¥��|�|��_��|�|��_�|�|��_�|�|��_�|�p0�d�g�|��_�i�t���d�6t���d�6t���d�6|��_�i�t���d�6|��_�t�|��_ �x�|��j�|��j�g�D]�}�|�d�j
�d�d�t�|�d�j
�d�d�d�t�d �t
�|�d�j
�d
�d�d�t�d �t
�|�d�j
�d
��|�d�j
�d�d
�d�t�q�Wi�i�d
�d
�d�g�d�6d�d
�d�g�d�6d�g�d�6d�6i�d
�d
�d�g�d�6d�6}�x¥�|�D]�}�|�d�k�r|��j�}�n�|�d�k�r£|��j�}�n��xd�t
�j�|�|��D]O�\�} �}
�x@�|
�D]8�}
�|�| �j
�|
��|�| �j
�|
�d�|
�f�d�t�qÊWq·WqmW|��j�d�j
�d�d�t�|��j�d�j
�d�d�d�t�|��j�d�j
�d��|��j�d�j
�d�d�d�t�|��j�d�j
�d��|��j�d�j
�d�d��d��S(���Nt���allt���filtert���natt���mangles���nova-filter-topR���t���FORWARDs���-j nova-filter-topR���t���OUTPUTt���locals ���-j $localt���INPUTt
���PREROUTINGt
���POSTROUTINGi���i���s���-j $%ss���nova-postrouting-bottoms���-j nova-postrouting-bottomt���snats���-j $snats
���float-snats���-j $float-snat(���t���use_ipv6t���iptables_top_regext���iptables_bottom_regext���iptables_drop_actiont���forward_bridge_interfaceR"���t���ipv4t���ipv6R!���t���iptables_apply_deferredR-���R=���R ���RB���t ���iteritems(
���R���R\���R]���R^���R_���R`���t���tablest���builtin_chainst
���ip_versiont���tableR&���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyR�����sR����
c���������C���s
���t��|��_�d��S(���N(���R ���Rc���(���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���defer_apply_onH��s����c���������C���s���t��|��_�|��j���d��S(���N(���R!���Rc���t���apply(���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���defer_apply_offK��s���� c���������C���sd���x'�t��j�|��j��D]�}�|�j�r�t�Sq�W|��j�r`�x*�t��j�|��j��D]�}�|�j�rF�t�SqF�Wn��t�S(���N(���RB���t
���itervaluesRa���R)���R ���R\���Rb���R!���(���R���Rh���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyR)���O��s����
c���������C���s*���|��j��r
�d��S|��j���r&�|��j���n��d��S(���N(���Rc���R)���t���_apply(���R���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyRj���Y��s����
s
���nova-iptablest���externalc���
������C���sí���t��t�|��j�f�g�}�|��j�r:�|�t�t�|��j�f�g�7}�n��x¬�|�D]¤�\�}�}�}�|���\�}�}�|�j�d��}�xa�t�j �|��D]P�\�}�} �|��j
�|�|��\�}
�}
�|��j
�|�|
�|
�!| �|��|�|
�|
�+t
�| �_
�q~�W|�d�j�|���qA�Wd�S(���s��Apply the current in-memory set of iptables rules.
This will blow away any rules left over from previous runs of the
same component of Nova, and replace them with our current set of
rules. This happens atomically, thanks to iptables-restore.
s���
N(���R
���R���Ra���R\���R
���R���Rb���R:���RB���Rd���t
���_find_tablet
���_modify_rulesR!���R)���R7���(
���R���R?���t���savet���restoreRe���t
���all_tablest���_errt ���all_linest
���table_nameRh���t���startt���end(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyRm���_��s����
c���������C���sk���t��|��d�k��r�d�Sy�|�j�d�|��d�}�Wn�t�k
�rE�d�SX|�|� j�d��|�d�}�|�|�f�S( ���Ni���i����s���*%si���t���COMMITi���(���i����i����(���i����i����(���RF���t���indexR5���(���R���t���linesRv���Rw���Rx���(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyRo���v��s����
c������������sU��|�j��}�t�|�j��}�|�j���|�j�}�|�j��|�sX�d�d�|�d�d�g�}�|�}�n��g��|�D]�}�t�|�k�r_�|�^�q_�} �g��}
�g��}
�|��j�rt�j �|��j��}
�g��| �D]�}�|
�j
�|��r«�|�^�q«�}
�x?�|
�D]7�}�g��| �D]$�}�|�j
���|�j
���k�rà�|�^�qà�} �qÓ�W|
�}
�n��|��j
�r¥t�j �|��j
��}
�g��| �D]�}�|
�j
�|��r9|�^�q9}
�x?�|
�D]7�}�g��| �D]$�}�|�j
���|�j
���k�rn|�^�qn} �qaW|
�}
�n��t
�}�d�}�xN�t�| ��D]@�\�}�}�|�së|�j�d��rþt�}�qþq¾|�j�d��s¾Pq¾q¾W|�sd�}�n��|
�}�g��}�x|�D]ý�}�t�|��}�|�j�r|�j�d��rg|�j�d �d
��d
�}�n��g��| �D]$�}�|�j
���|�j
���k�rn|�^�qn}�g��| �D]$�}�|�j
���|�j
���k�r|�^�q} �|�rît�|��d
�}�t�|��}�n
�t�|��}�|�j
���|�|�g�7}�q$|�|�g�7}�q$W|�|�7}�t�| ��} �|�| �|�|�+g��|�D]�}�d
�|�f�^�qO| �|�|�+g��|�D]�}�d
�t�|�f�^�qv| �|�|�+| �j�d��}�|
�| �|�|�+t�����f�d���}����f�d���}�t�| ��} �| �j���t�|�| ��} �t�|�| ��} �t�| ��} �| �j�����j���x��D]�}��j�|��q:W| �S(���Ns���#Generated by novat���*Ry���s���#Completed by novai����t���:i���t���[t���]i���iÿÿÿÿs
���:%s - [0:0]s���:%s-%s - [0:0]c������������sY���|��j��d��r(�|��j�d�d��d�}��n��|��j���}��|����k�rD�t�S��j�|���t�Sd��S(���NR~���R���i���(���R>���R:���t���stripR!���R,���R ���(���t���line(���t
���seen_lines(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���_weed_out_duplicates�s����
c������������s��|��j��d��rr�|��j�d��d�}��|��j�d��d�}��|��j���}��x¾���D]#�}�|�|��k�rH���j�|��t�SqH�Wn�|��j��d��r|��j�d�d��d�}��|��j���}��x\��D]Q�}�t�|��}�|�j�d�d��d�}�|�j���}�|�|��k�rª��j�|��t�Sqª�Wn��t�S(���NR}���i���s���- [i����R~���R���R4���(���R>���R:���R���R.���R!���RH���R ���(���R���R���R���t���rule_str(���R(���R$���(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���_weed_out_removesð��s&����
(���R'���t���sortedR&���R(���R#���R$���R���R]���RD���RE���t���searchR���R^���R!���t ���enumerateR>���R ���RH���R���R:���t���listRz���R%���t���reverseRR���t���clearR.���(���R���t
���current_linesRh���Rv���R'���R&���R#���t
���fake_tableR���t
���new_filtert ���top_rulest
���bottom_rulesRI���t
���temp_filterR���R?���t
���seen_chainst
���rules_indexR���t ���our_rulest ���bot_rulest
���dup_filtert���dupR*���t
���commit_indexR���R
���(����(���R(���R$���R���sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyRp�����s����
(
( (
(
$
$
$'
c���������C���s�|��j��}�d�|�k�r3�d�d�|�f�d�d�|�f�g�Sg��}�xT�|��j��D]I�}�|�rC�|�j�d�d�|�|�f�f��|�j�d�d�|�|�f�f��qC�qC�W|�j�d�d�|�|�f�f��|�j�d�d�|�|��j�f�f��|�j�d�d�|�|��j�f�f��|�S(���NRQ���RU���s���-i %s -j ACCEPTs���-o %s -j ACCEPTs���-i %s -o %s -j ACCEPTs
���-i %s -j %ss
���-o %s -j %s(���R`���R;���R_���(���R���t���bridget
���interfacesR#���t���iface(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���get_gateway_rules
��s"����
N(���R
���R
���R ���R!���t���NoneR���Ri���Rk���R)���Rj���R����t
���synchronizedR ���Rm���Ro���Rp���R���(����(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyRO����s���
?
(���R���R���RD���t���oslo_concurrencyR����R���t���vif_plug_linux_bridgeR���RB���R���R���t���vif_plugt
���entrypointR
���R
���R���R���t���objectR���R"���RO���(����(����(����sS���/home/tvault/.virtenv/lib/python2.7/site-packages/vif_plug_linux_bridge/iptables.pyt���<module>���s
���