(method_name, syslog)
| 198 | # supersede it in the transproxy list, at least, so the leftover rules |
| 199 | # are hopefully harmless. |
| 200 | def main(method_name, syslog): |
| 201 | helpers.logprefix = 'fw: ' |
| 202 | stdin, stdout = setup_daemon() |
| 203 | hostmap = {} |
| 204 | debug1('Starting firewall with Python version %s' |
| 205 | % platform.python_version()) |
| 206 | |
| 207 | if method_name == "auto": |
| 208 | method = get_auto_method() |
| 209 | else: |
| 210 | method = get_method(method_name) |
| 211 | |
| 212 | if syslog: |
| 213 | ssyslog.start_syslog() |
| 214 | ssyslog.stderr_to_syslog() |
| 215 | |
| 216 | if not method.is_supported(): |
| 217 | raise Fatal("The %s method is not supported on this machine. " |
| 218 | "Check that the appropriate programs are in your " |
| 219 | "PATH." % method_name) |
| 220 | |
| 221 | debug1('ready method name %s.' % method.name) |
| 222 | stdout.write(('READY %s\n' % method.name).encode('ASCII')) |
| 223 | stdout.flush() |
| 224 | |
| 225 | def _read_next_string_line(): |
| 226 | try: |
| 227 | line = stdin.readline(128) |
| 228 | if not line: |
| 229 | return # parent probably exited |
| 230 | return line.decode('ASCII').strip() |
| 231 | except IOError as e: |
| 232 | # On windows, ConnectionResetError is thrown when parent process closes it's socket pair end |
| 233 | debug3('read from stdin failed: %s' % (e,)) |
| 234 | return |
| 235 | # we wait until we get some input before creating the rules. That way, |
| 236 | # sshuttle can launch us as early as possible (and get sudo password |
| 237 | # authentication as early in the startup process as possible). |
| 238 | try: |
| 239 | line = _read_next_string_line() |
| 240 | if not line: |
| 241 | return # parent probably exited |
| 242 | except IOError as e: |
| 243 | # On windows, ConnectionResetError is thrown when parent process closes it's socket pair end |
| 244 | debug3('read from stdin failed: %s' % (e,)) |
| 245 | return |
| 246 | |
| 247 | subnets = [] |
| 248 | if line != 'ROUTES': |
| 249 | raise Fatal('expected ROUTES but got %r' % line) |
| 250 | while 1: |
| 251 | line = _read_next_string_line() |
| 252 | if not line: |
| 253 | raise Fatal('expected route but got %r' % line) |
| 254 | elif line.startswith("NSLIST"): |
| 255 | break |
| 256 | try: |
| 257 | (family, width, exclude, ip, fport, lport) = line.split(',', 5) |
nothing calls this directly
no test coverage detected