ok
Direktori : /proc/self/root/opt/imunify360/venv/lib64/python3.11/site-packages/im360/plugins/ |
Current File : //proc/self/root/opt/imunify360/venv/lib64/python3.11/site-packages/im360/plugins/export_wblist.py |
import asyncio import logging import os from defence360agent.contracts.config import AcronisBackup from defence360agent.utils import ensure_line_in_file_bytes from im360 import files from im360.contracts.plugins import IDSAwareMessageSink from im360.internals import strategy from im360.simple_rpc.resident_socket import send_to_socket from im360.plugins.protector import RULES_CHECK_IN_PROGRESS from im360.subsys import csf from im360.utils.net import OUT, TCP logger = logging.getLogger(__name__) class ExportWBList(IDSAwareMessageSink): STRATEGY = strategy.Strategy.CSF_COOP_STRATEGY AVAILABLE_ON_FREEMIUM = False async def create_sink(self, loop): self._loop = loop async def _allow_acronis_ports(self) -> bool: """ Puts Acronis ports to TCP_IN and TCP_OUT lists in csf.conf :return: """ ports = AcronisBackup.PORTS ranges = AcronisBackup.RANGE return csf.add_ports(TCP, OUT, *ports, ranges=ranges) async def activate(self): """ When switching to CSF mode, some critical addresses added to csf allow list :return: """ prefix = files.Index.files_path(files.WHITELISTS) ALLOW_LIST = os.path.join(prefix, "imunify360.txt") try: # add captcha ports to csf.conf csf_config_changed = await self._allow_acronis_ports() if csf_config_changed: logger.info("Need to restart CSF to add acronis ports") # NOTE: it assumes ascii-based locale encoding/fs (very likely) if include_added := ensure_line_in_file_bytes( csf.CSF_ALLOW_FILE, b"Include " + os.fsencode(ALLOW_LIST) ): logger.info("Need to restart CSF to include imunify360.txt") csf_config_changed |= include_added if csf_config_changed: logger.info("CSF config was changed, restarting CSF") while RULES_CHECK_IN_PROGRESS.exists(): await asyncio.sleep(1) await csf.restart_all() # on CSF restart we need to recheck rules immediately await send_to_socket( msg={ "method": "RECREATE_RULES", }, wait_for_response=False, ) self._mark_as_active() except asyncio.CancelledError: pass except Exception: logger.exception("Failed to activate %r plugin", self)