Added copypasted srcports= support

2021-06-22 18:51:59 +02:00 · 2021-06-22 18:51:59 +02:00 · a366eec201
commit a366eec201
parent 8dbe6213e1
1 changed files with 23 additions and 0 deletions
--- a/qubes/firewall.py
+++ b/qubes/firewall.py
@ -193,6 +193,29 @@ class DstPorts(RuleOption):
        return 'dstports=' + '{!s}-{!s}'.format(*self.range)


+class SrcPorts(RuleOption):
+    def __init__(self, untrusted_value):
+        if isinstance(untrusted_value, int):
+            untrusted_value = str(untrusted_value)
+        if untrusted_value.count('-') == 1:
+            self.range = [int(x) for x in untrusted_value.split('-', 1)]
+        elif not untrusted_value.count('-'):
+            self.range = [int(untrusted_value), int(untrusted_value)]
+        else:
+            raise ValueError(untrusted_value)
+        if any(port < 0 or port > 65536 for port in self.range):
+            raise ValueError('Ports out of range')
+        if self.range[0] > self.range[1]:
+            raise ValueError('Invalid port range')
+        super().__init__(
+            str(self.range[0]) if self.range[0] == self.range[1]
+            else '-'.join(map(str, self.range)))
+
+    @property
+    def rule(self):
+        return 'srcports=' + '{!s}-{!s}'.format(*self.range)
+
+
 class IcmpType(RuleOption):
    def __init__(self, untrusted_value):
        untrusted_value = int(untrusted_value)