def check_dpkg():
purge_list = []
with hide('stdout'):
for i, line in enumerate(str(run('dpkg -l')).splitlines()):
if i < 6:
continue
if line.startswith(b'ii'):
continue
line = line.strip()
if line.startswith(b'rc'):
purge_list.append(line.split()[1])
continue
print(line)
if purge_list:
sudo('aptitude -y purge ' + ' '.join(purge_list))
def check_dpkg():
purge_list = []
with hide('stdout'):
for i, line in enumerate(str(run('dpkg -l')).splitlines()):
if i < 6:
continue
if line.startswith(b'ii'):
continue
line = line.strip()
if line.startswith(b'rc'):
purge_list.append(line.split()[1])
continue
print(line)
if purge_list:
sudo('aptitude -y purge ' + ' '.join(purge_list))
def ip6tables():
with hide('stdout'):
rules = sudo('ip6tables -n -v -L INPUT')
tcpports = ';'.join(get_port_list(rules, 'tcp')) or '22'
udpports = ';'.join(get_port_list(rules, 'udp'))
sudo('ip6tables -P INPUT ACCEPT')
sudo('ip6tables -F INPUT')
sudo('ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT')
sudo('ip6tables -A INPUT -i lo -j ACCEPT')
sudo('ip6tables -A INPUT -p ipv6-icmp -j ACCEPT')
print('line split by semicolon.')
if '22' not in tcpports:
print('WARNING: ssh default port not in tcp list,\
this may cause connection broken.')
set_ports('ipv6', 'tcp', 'ip6tables', tcpports)
set_ports('ipv6', 'udp', 'ip6tables', udpports)
sudo('ip6tables -P INPUT DROP')
def ip6tables():
with hide('stdout'):
rules = sudo('ip6tables -n -v -L INPUT')
tcpports = ';'.join(get_port_list(rules, 'tcp')) or '22'
udpports = ';'.join(get_port_list(rules, 'udp'))
sudo('ip6tables -P INPUT ACCEPT')
sudo('ip6tables -F INPUT')
sudo('ip6tables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT')
sudo('ip6tables -A INPUT -i lo -j ACCEPT')
sudo('ip6tables -A INPUT -p ipv6-icmp -j ACCEPT')
print('line split by semicolon.')
if '22' not in tcpports:
print('WARNING: ssh default port not in tcp list,\
this may cause connection broken.')
set_ports('ipv6', 'tcp', 'ip6tables', tcpports)
set_ports('ipv6', 'udp', 'ip6tables', udpports)
sudo('ip6tables -P INPUT DROP')