ok

Mini Shell

Direktori : /opt/imunify360/venv/lib64/python3.11/site-packages/im360/plugins/protector/
Upload File :
Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/im360/plugins/protector/import_wblist.py

import asyncio
import logging
import os

from defence360agent.contracts.config import AcronisBackup
from defence360agent.utils import ensure_line_in_file_bytes
from im360 import files
from im360.contracts.plugins import IDSAwareMessageSink
from im360.internals import strategy
from im360.subsys import csf
from im360.utils.net import OUT, TCP

logger = logging.getLogger(__name__)


class ExportWBList(IDSAwareMessageSink):
    STRATEGY = strategy.Strategy.CSF_COOP_STRATEGY
    AVAILABLE_ON_FREEMIUM = False

    async def create_sink(self, loop):
        self._loop = loop

    async def _allow_acronis_ports(self) -> bool:
        """
        Puts Acronis ports to TCP_IN and TCP_OUT lists in csf.conf
        :return:
        """
        ports = AcronisBackup.PORTS
        ranges = AcronisBackup.RANGE
        return csf.add_ports(TCP, OUT, *ports, ranges=ranges)

    async def activate(self):
        """
        When switching to CSF mode, some critical addresses added to csf
        allow list
        :return:
        """
        prefix = files.Index.files_path(files.WHITELISTS)
        ALLOW_LIST = os.path.join(prefix, "imunify360.txt")
        try:
            # add captcha ports to csf.conf
            csf_config_changed = await self._allow_acronis_ports()

            # NOTE: it assumes ascii-based locale encoding/fs (very likely)
            csf_config_changed |= ensure_line_in_file_bytes(
                csf.CSF_ALLOW_FILE, b"Include " + os.fsencode(ALLOW_LIST)
            )

            if csf_config_changed:
                await csf.restart_all()
            self._mark_as_active()
        except asyncio.CancelledError:
            pass
        except Exception:
            logger.exception("Failed to activate %r plugin", self)

Zerion Mini Shell 1.0