HEX
Server: LiteSpeed
System: Linux kapuas.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: mirz4654 (1666)
PHP: 8.1.33
Disabled: system,exec,escapeshellarg,escapeshellcmd,passthru,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,popen,pclose,dl,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setsid,posix_setuid,posix_setpgid,ini_alter,show_source,define_syslog_variables,symlink,syslog,openlog,openlog,closelog,ocinumcols,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dll,ftp,myshellexec,socket_bind,mail,posix_getwpuid
$ pwd: /opt/imunify360/venv/share/imunify360/config_schema/__pycache__/
Upload Files
File: //opt/imunify360/venv/share/imunify360/config_schema/__pycache__/firewall.cpython-311.pyc
�

l.\h�T���ddlZddlZddlmZdZdZdZdZdZdZ	dZ
d	�Zd
�Zd�Z
d�Zd
�Zd�Zd�Zd�Zd�Zd�Zd�Zd�ZdS)�N)�HostingPanel�FULL�MINIMAL���DENY�ALLOWc�6�tjt|��S�N)�	functools�partial�max)�minimums �?/opt/imunify360/venv/share/imunify360/config_schema/firewall.py�
not_less_thanrs����S�'�*�*�*�c�n�tttd�|D������d����S)Nc�:�g|]}|�dd����S)�:�-)�replace)�.0�vs  r�
<listcomp>z%coerce_sort_ports.<locals>.<listcomp>s&��5�5�5�!�!�)�)�C��%�%�5�5�5rc�R�t|�d��d��S)Nrr)�int�rsplit)rs r�<lambda>z#coerce_sort_ports.<locals>.<lambda>s��c�!�(�(�3�-�-��*�+�+�r)�key)�sorted�list�set)�values r�coerce_sort_portsr$sA����S�5�5�u�5�5�5�
6�
6�7�7�+�+����rc�@�t��j||Sr)r�
OPEN_PORTS)�protocol�	directions  r�get_default_portsr)s���>�>�$�X�.�y�9�9rc�<�dt|��cxkodkncS)Nri��)r)�ports r�
port_in_ranger,s*����D�	�	�"�"�"�"�U�"�"�"�"�"rc�@�t|��s||d��dSdS)N�#Port should be within range 0-65535)r,��fieldr#�errors   r�validate_port_in_ranger2#s5������<�
��e�:�;�;�;�;�;�<�<rc�`�	t|��dS#t$r||d��YdSwxYw)NzValue should be int)r�
ValueErrorr/s   r�validate_intable_stringr5(sM��,��E�
�
�
�
�
���,�,�,�
��e�*�+�+�+�+�+�+�,���s��-�-c�>�tjd|��}|s||d��dSt|�d����s||d��dS|�d���0t|�d����s||d��dSdSdS)z
    {'type': 'boolean'}
    z^(\d+)([:|-](\d+))?$z,Port should be integer or range (2-4 or 2:4)Nrr.�)�re�matchr,�group)r0r#r1�portss    r�_validate_is_port_or_ranger</s���
�H�,�e�4�4�E���
��e�C�D�D�D�������Q���(�(��
��e�:�;�;�;����{�{�1�~�~�!�-����A���*G�*G�!�
��e�:�;�;�;���"�!�!�!rc�6���ddtd���fd�td�S)Nr!�string)�type�
check_withc�$��t����Sr)r))r#r(�protos ��rrzlist_of_ports.<locals>.<lambda>Fs���(9�%��(K�(K�r)r?�schema�default_setter�coerce)r<r$)rBr(s``r�
list_of_portsrF?s;������4�
�
�L�K�K�K�K�#���rc�2�d|vr|dr
d|d<d|d<|S)N�php_immunity�KILL�modeT�blamer�)�proactive_defenses r�proactive_defense_rulesrNKs9���+�+�+��n�-�	,�%+��&�!�&*��(�#��rc�F�d|vrt��jdkrg|d<|S)z9
    Coerce the disabled types to a list of strings.
    �disabled_types�cPanel)r�NAME)�files_updates r�files_update_disabled_typesrTUs1��
�<�'�'�L�N�N�,?�8�,K�,K�)+��%�&��rc�~�idddtdddd�dtdddd�d�id	��d
ddddd
�dddd
�dgd�d�id	��ddiddd�dtttgd�ddd�tdd��tdd��tdd��tdd��ddd�d�d��dddtt	t
��ft
td�dtt	t��fddd�ddttd�dtt	t
��ft
d �id!�ddd�d"�id	��d#dddd�dtdd$�dtd%d$�ddttd�dtt	t
��ft
d �id!�d&�id	��d'dddd�dtttgd�dddd(�ddd)d*�d+�id	��d,dddd�dtdd-d�dtdd.d�dtdd/d-d�dtdd-d�d0�id	��d1ddttd�ddtdd-d�dtdd.d�d2�d3�d.d4d5�d.d4d5�d6�d!��d7ddtdd8d�dtdd9d�dtdd:d�dtd;d4d�d<�id	��d=ddd>digd	�dd>digd	�d?�id	��d@ddAddBd�iid	��dCdddd�ddDd�dd8d�ddEd�dF�id	��dGddHddIdIdJgd�iid	��dKddLddd�iid	��dMdttfdddNgdO�dP�dddd(�dddd(�dQ�idR��dSdddd�dddd(�ddddT�ddddT�ddd�ddddT�ddd�ddUd�dV�id	��dWddXdddd(�iid	��ddYdddd(�iid	�ddZdddd(�iid	�ddddd(�dddd(�dddd(�dddd(�d[�id	�dd\dddd(�iid	�dddd�ddtd]�gd^�d	�dd>digd	�dd>did_gd	�ddd�ddd�d`�id	�dddd�ddd�ddd�ddd�da�id	�dddd�ddd�db�id	�dttfdddcgdd�gd	�dtddd�de�idR�df��S)gN�AUTO_WHITELIST�dict�integerripi�)r?rE�minr�default)�timeout�after_unblock_timeout�r?rCrZ�NETWORK_INTERFACEr>T�r?rZ�nullabler!)r?rZ)�
eth_device�eth6_device�eth_device_skip�FIREWALL�boolean)r?rZ�allowedF�tcp�in�out�udp)�unified_access_logger�port_blocking_mode�block_port_scan�TCP_IN_IPv4�TCP_OUT_IPv4�UDP_IN_IPv4�UDP_OUT_IPv4�internal_use_remote_iplist)r?rZrC�DOS)r?rErYrZr�)r?rEr@)r?rErY)r?�	keysrules�valuesrulesrZ)�
default_limit�interval�port_limits�enabled�ENHANCED_DOS)r?rErZr)rz�	timeframerwry�MOD_SEC�r?r`rZ�)r?�requiredrZ)�app_specific_ruleset�ruleset�!cms_account_compromise_prevention�
prev_settings�MOD_SEC_BLOCK_BY_SEVERITY��x�)�enable�
max_incidents�check_period�severity_limit�denied_num_limit�MOD_SEC_BLOCK_BY_CUSTOM_RULE)r�r�)r?rC�
)r�r�)�33332�33339�INCIDENT_LOGGING�di����)�num_days�limit�
min_log_level�ui_autorefresh_timeout�WEB_SERVICESr?)�
http_ports�https_ports�CAPTCHA�cert_refresh_timeouti�CAPTCHA_DOSi`Ti/
)rz�
time_frame�	max_countr[�
BLOCKED_PORTS�default_moderf�denied�
STOP_MANAGING�modsec_directives�PROACTIVE_DEFENCE�LOG��DISABLEDr�rI)r?r`rZrf)rJrKrH)r?rErCrZ�	WEBSHIELD)r?r`�readonly�proxy)r��known_proxies_support�captcha_site_key�captcha_secret_key�
splash_screen�invisible_captcha�panel_protectionrJ�SCANLOGDr��active_response�catch_lfd_events)r��exim_dovecot_protection�exim_dovecot_native�ftp_protection�edf)r?rE)�iKi��mail)r�r;�allow_users�allow_groups�allow_local�redirect)�compromised_user_password_reset�#compromised_user_admin_notification�smart_advice_allowed�advice_email_notification)�allow_local_rules_management�allow_local_ip_managementzmodsec-rules)r?rf)rP�days_to_keep)�OSSEC�CSF_INTEGRATION�PAM�
KERNELCARE�
SMTP_BLOCKING�
CONTROL_PANEL�PERMISSIONS�FILES_UPDATE)r�PORT_BLOCKING_MODE_ALLOW�PORT_BLOCKING_MODE_DENYrFr�_DOS_DETECTOR_MIN_LIMIT�_DOS_DETECTOR_DEFAULT_LIMIT�_DOS_DETECTOR_MIN_INTERVAL�strr2�MODSEC_RULESET_FULL�MODSEC_RULESET_MINIMALr5rWrNrTrLrr�get_root_configr�_s��p���&�!�� �#���&�!�� �#�*�*��� �%
�
�p�*	��%�#� $���%�#� $� � �
-3�r�#B�#B����
�
�+p�L	���&�#�*�*�
%�7�/�0� �'�'�&�$�$�$� -�U�D�9�9� -�e�U� ;� ;�,�U�D�9�9� -�e�U� ;� ;�&�$�/�/�-��
�
�Mp�J	��&�"�M�2I�$J�$J�K�2�:�	"�"�&�"�M�2L�$M�$M�N��!�	��#� (�"%�&<�"�"�!*��)�*A�B�B�#� 7�
$�$� "� � �$&�#���="�"�F�K&
�&
�Kp�X	��&�$���
&�!�!���&�!�"�"�"�#�
!)�"%�&<�
"�"�!*��)�*A�B�B�#� 7�
$�$� "�% � �#�#�H�M'
�'
�Yp�h	��&�#�)�)�
%�2� 6�8K�L���&� %�$�6�6�%� %�!�"�"���*�/
�
�ip�Z	$��&�#���
&�!�� �	"�"�&�!��"�	!�!�&�!��� �#�#�&�!�� �	%�%�1��>�C"&
�"&
�[p�`	'�� ��5����!*�"%� �#$�	&�&�!*�"%� �#&�	%�%�
�
���$+.��C�C�*-��C�C���1)
�)
�ap�Z	��&�!��"�	��&�!��%�	��&�!�� �	"�"�&�!��!�	+�+�'��4�9
�
�[p�V	��#�%�y�1�!���#�%�y�1�!� � �
���
�
�Wp�v	��&��t�(L�(L���
�
�wp�D		��&�#���
&�$���'0�C�@�@�$-�&�A�A����
�
�E	p�d		���$�(� )�8�4�!�!���

�

�e	p�z		��#�%�$�&�&���	
�	
�{	p�N
	���4�5�%� %�$�:�:�:�	��&� %�#���&� %�$�!�!���$�+
�
�O
p�|
	��#,��>�>�%� %�#�*�*�%� $� $�%�%�%� $� $�'�'�&�#�"�"�
&� $� $�&�&�&�$�%�%�
%�&���="�"�F�K&
�&
�}
p�J	���%� %�$�����

�

�Kp�b�!�%� %�$�$�$���

�

��"�%� %�$�%�%���

�

��&� %�#���&� %�#�,�,�&� %�$�(�(�&� %�$�#�#�!��,�1
�
�6��%� %�$�����

�

��&�$���
#� )�"%��� .�~�~�
��#���� "� � �#����!'�x�!�!�&�$� � �
&�$���?#�#�H�M'
�'
�R�&�$�4�4�
&�#�8�8�&�#�)�)�&�#�.�.���(�-
�
�2�&�#�1�1�
&�#�.�.�	�	��

�

���8�9�#� (�*�$��� "�	#�	#�&�!��!�	!�!���$�+
�
�sp�p�p�prc�N�dddgd�dd�dddd�d�id	�ddddd
�dddd
�d�id	�d�S)
NrWr>Tr�)r?r`rfrZrer~)rJrKr]r_)r�r�)r�r�rLrLrr�get_non_root_configr��s����%� $�:�:�:�#�	��&� $�#������
�
�$�&�#� $�)�)�&�#� $�.�.�
�
��!
�
�%$�$�$r)rr8�+defence360agent.subsys.panels.hosting_panelrr�r�r�r�r�r�r�rr$r)r,r2r5r<rFrNrTr�r�rLrr�<module>r�s������	�	�	�	�D�D�D�D�D�D���"��!������ ��"��+�+�+����:�:�:�#�#�#�<�<�<�
,�,�,�
�
�
� 	�	�	�������q�q�q�h%�%�%�%�%r
@ Telegram