package brooklyn.util.ssh;

import brooklyn.util.net.Networking;
import brooklyn.util.text.Strings;
import com.google.common.annotations.Beta;
import com.google.common.base.Optional;

/* loaded from: input_file:brooklyn/util/ssh/IptablesCommands.class */
public class IptablesCommands {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: brooklyn.util.ssh.IptablesCommands$1, reason: invalid class name */
    /* loaded from: input_file:brooklyn/util/ssh/IptablesCommands$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$brooklyn$util$ssh$IptablesCommands$Protocol = new int[Protocol.values().length];

        static {
            try {
                $SwitchMap$brooklyn$util$ssh$IptablesCommands$Protocol[Protocol.TCP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$brooklyn$util$ssh$IptablesCommands$Protocol[Protocol.UDP.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$brooklyn$util$ssh$IptablesCommands$Protocol[Protocol.ALL.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:brooklyn/util/ssh/IptablesCommands$Chain.class */
    public enum Chain {
        INPUT,
        FORWARD,
        OUTPUT
    }

    /* loaded from: input_file:brooklyn/util/ssh/IptablesCommands$Policy.class */
    public enum Policy {
        ACCEPT,
        REJECT,
        DROP,
        LOG
    }

    @Deprecated
    /* loaded from: input_file:brooklyn/util/ssh/IptablesCommands$Protocol.class */
    public enum Protocol {
        TCP("tcp"),
        UDP("udp"),
        ALL("all");

        final String protocol;

        Protocol(String str) {
            this.protocol = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.protocol;
        }

        brooklyn.util.net.Protocol convert() {
            switch (AnonymousClass1.$SwitchMap$brooklyn$util$ssh$IptablesCommands$Protocol[ordinal()]) {
                case Networking.MIN_PORT_NUMBER /* 1 */:
                    return brooklyn.util.net.Protocol.TCP;
                case 2:
                    return brooklyn.util.net.Protocol.UDP;
                case 3:
                    return brooklyn.util.net.Protocol.ALL;
                default:
                    throw new IllegalStateException("Unexpected protocol " + this);
            }
        }
    }

    @Beta
    public static String iptablesService(String str) {
        return BashCommands.sudo(BashCommands.alternatives(BashCommands.ifExecutableElse1("service", "service iptables " + str), "/sbin/service iptables " + str));
    }

    @Beta
    public static String iptablesServiceStop() {
        return iptablesService("stop");
    }

    @Beta
    public static String iptablesServiceStart() {
        return iptablesService("start");
    }

    @Beta
    public static String iptablesServiceRestart() {
        return iptablesService("restart");
    }

    @Beta
    public static String iptablesServiceStatus() {
        return iptablesService("status");
    }

    @Beta
    public static String firewalldService(String str) {
        return BashCommands.sudo(BashCommands.alternatives(BashCommands.ifExecutableElse1("systemctl", "systemctl " + str + " firewalld"), "/usr/bin/systemctl " + str + " firewalld"));
    }

    @Beta
    public static String firewalldServiceStop() {
        return firewalldService("stop");
    }

    @Beta
    public static String firewalldServiceStart() {
        return firewalldService("start");
    }

    @Beta
    public static String firewalldServiceRestart() {
        return firewalldService("restart");
    }

    @Beta
    public static String firewalldServiceStatus() {
        return firewalldService("status");
    }

    @Beta
    public static String firewalldServiceIsActive() {
        return firewalldService("is-active");
    }

    public static String saveIptablesRules() {
        return BashCommands.alternatives(BashCommands.sudo("service iptables save"), BashCommands.chain(BashCommands.installPackage("iptables-persistent"), BashCommands.sudo("/etc/init.d/iptables-persistent save")));
    }

    public static String cleanUpIptablesRules() {
        return BashCommands.sudo("/sbin/iptables -F");
    }

    public static String listIptablesRule() {
        return BashCommands.sudo("/sbin/iptables -L -v -n");
    }

    public static String insertIptablesRule(Chain chain, brooklyn.util.net.Protocol protocol, int i, Policy policy) {
        return addIptablesRule("-I", chain, (Optional<String>) Optional.absent(), protocol, i, policy);
    }

    @Deprecated
    public static String insertIptablesRule(Chain chain, Protocol protocol, int i, Policy policy) {
        return insertIptablesRule(chain, protocol.convert(), i, policy);
    }

    public static String insertIptablesRule(Chain chain, String str, brooklyn.util.net.Protocol protocol, int i, Policy policy) {
        return addIptablesRule("-I", chain, (Optional<String>) Optional.of(str), protocol, i, policy);
    }

    @Deprecated
    public static String insertIptablesRule(Chain chain, String str, Protocol protocol, int i, Policy policy) {
        return insertIptablesRule(chain, str, protocol.convert(), i, policy);
    }

    public static String appendIptablesRule(Chain chain, brooklyn.util.net.Protocol protocol, int i, Policy policy) {
        return addIptablesRule("-A", chain, (Optional<String>) Optional.absent(), protocol, i, policy);
    }

    @Deprecated
    public static String appendIptablesRule(Chain chain, Protocol protocol, int i, Policy policy) {
        return appendIptablesRule(chain, protocol.convert(), i, policy);
    }

    public static String appendIptablesRule(Chain chain, String str, brooklyn.util.net.Protocol protocol, int i, Policy policy) {
        return addIptablesRule("-A", chain, (Optional<String>) Optional.of(str), protocol, i, policy);
    }

    @Deprecated
    public static String appendIptablesRule(Chain chain, String str, Protocol protocol, int i, Policy policy) {
        return appendIptablesRule(chain, str, protocol.convert(), i, policy);
    }

    public static String addIptablesRule(String str, Chain chain, Optional<String> optional, brooklyn.util.net.Protocol protocol, int i, Policy policy) {
        return BashCommands.sudo(optional.isPresent() ? String.format("/sbin/iptables %s %s -i %s -p %s --dport %d -j %s", str, chain, optional.get(), protocol, Integer.valueOf(i), policy) : String.format("/sbin/iptables %s %s -p %s --dport %d -j %s", str, chain, protocol, Integer.valueOf(i), policy));
    }

    @Deprecated
    public static String addIptablesRule(String str, Chain chain, Optional<String> optional, Protocol protocol, int i, Policy policy) {
        return addIptablesRule(str, chain, optional, protocol.convert(), i, policy);
    }

    public static String addFirewalldRule(Chain chain, brooklyn.util.net.Protocol protocol, int i, Policy policy) {
        return addFirewalldRule(chain, Optional.absent(), protocol, i, policy);
    }

    public static String addFirewalldRule(Chain chain, Optional<String> optional, brooklyn.util.net.Protocol protocol, int i, Policy policy) {
        String str = new String("/usr/bin/firewall-cmd");
        String str2 = new String("/usr/bin/firewall-cmd --permanent");
        Object[] objArr = new Object[1];
        objArr[0] = optional.isPresent() ? " -i " + ((String) optional.get()) : Strings.EMPTY;
        String format = String.format(" --direct --add-rule ipv4 filter %s 0 %s -p %s --dport %d -j %s", chain, String.format("%s", objArr), protocol, Integer.valueOf(i), policy);
        return BashCommands.sudo(BashCommands.chain(str + format, str2 + format));
    }
}
