package com.fiberlink.maas360.android.control.services.impl;

import android.os.AsyncTask;
import android.text.TextUtils;
import com.fiberlink.maas360.android.control.ControlApplication;
import com.fiberlink.maas360.android.control.Dao.model.devicepolicies.ac;
import com.samsung.android.knox.AppIdentity;
import com.samsung.android.knox.net.firewall.DomainFilterRule;
import com.samsung.android.knox.net.firewall.FirewallRule;
import defpackage.awe;
import defpackage.bew;
import defpackage.bfr;
import defpackage.bgd;
import defpackage.bqb;
import defpackage.ckq;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class di {

    /* renamed from: a, reason: collision with root package name */
    private static final String f6589a = di.class.getSimpleName();

    /* renamed from: b, reason: collision with root package name */
    private static final Object f6590b = new Object();
    private static di d;

    /* renamed from: c, reason: collision with root package name */
    private ControlApplication f6591c = ControlApplication.e();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class a extends AsyncTask<Void, Void, Void> {
        private a() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public Void doInBackground(Void... voidArr) {
            awe a2 = di.this.f6591c.w().a();
            if (bqb.a(di.this.f6591c.aN().g(), 15) <= 0) {
                di.this.e();
                return null;
            }
            if (!di.this.d()) {
                return null;
            }
            a2.d("ResetFirewallPolicyChanged");
            a2.d("FIREWALL_ENFORCED_BELOW_5_5");
            return null;
        }
    }

    private di() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static di a() {
        if (d == null) {
            synchronized (f6590b) {
                if (d == null) {
                    d = new di();
                }
            }
        }
        return d;
    }

    private List<String> a(String str) {
        String[] split = str.split(",");
        for (int i = 0; i < split.length; i++) {
            split[i] = split[i].replace("\"", "");
        }
        return Arrays.asList(split);
    }

    private void a(com.fiberlink.maas360.android.control.Dao.model.devicepolicies.ac acVar, bfr bfrVar) {
        if (bqb.a(this.f6591c.aN().g(), 19) >= 0) {
            List<ac.b> i = acVar.i();
            bfrVar.a(true);
            List<String> a2 = bgd.a(f());
            for (ac.b bVar : i) {
                ArrayList arrayList = new ArrayList();
                String a3 = bVar.a();
                ArrayList arrayList2 = new ArrayList();
                ArrayList arrayList3 = new ArrayList();
                if (!TextUtils.isEmpty(a3)) {
                    arrayList2.addAll(Arrays.asList(a3.split("\\s*,\\s*")));
                }
                String b2 = bVar.b();
                if (!TextUtils.isEmpty(b2)) {
                    arrayList3.addAll(Arrays.asList(b2.split("\\s*,\\s*")));
                }
                if (!arrayList3.contains("*")) {
                    arrayList3.addAll(a2);
                }
                if (ckq.d()) {
                    ckq.a(f6589a, "domain filter block rules:", arrayList2.toString());
                    ckq.a(f6589a, "domain filter exception rules ", arrayList3.toString());
                }
                if (bVar.c().a().equals("*")) {
                    arrayList.add(new DomainFilterRule(new AppIdentity("*", (String) null), arrayList2, arrayList3));
                } else {
                    String d2 = bVar.d();
                    ArrayList arrayList4 = new ArrayList();
                    if (!TextUtils.isEmpty(d2)) {
                        arrayList4.addAll(Arrays.asList(d2.split("\\s*,\\s*")));
                    }
                    Iterator it = arrayList4.iterator();
                    while (it.hasNext()) {
                        arrayList.add(new DomainFilterRule(new AppIdentity((String) it.next(), (String) null), arrayList2, arrayList3));
                    }
                }
                bfrVar.b(arrayList);
            }
        }
    }

    private boolean c() {
        bfr l = this.f6591c.aN().l();
        l.a();
        com.fiberlink.maas360.android.control.Dao.model.devicepolicies.ac J = this.f6591c.H().S().J();
        if (J == null) {
            l.b(true);
            ckq.b(f6589a, "firewall Policy is empty/null.");
            return false;
        }
        if (!J.b()) {
            l.b(true);
            ckq.b(f6589a, "firewall Policy is not configured.");
            return false;
        }
        if (!TextUtils.isEmpty(this.f6591c.w().m().b())) {
            return true;
        }
        dx.a().a(false);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean d() {
        try {
            ckq.b(f6589a, "Enforcing 5.5 and above firewall rules for device");
            if (!c()) {
                return false;
            }
            bfr l = this.f6591c.aN().l();
            l.c(true);
            l.b(false);
            com.fiberlink.maas360.android.control.Dao.model.devicepolicies.ac J = this.f6591c.H().S().J();
            if (J.c() && !g()) {
                return false;
            }
            if (J.d()) {
                a(J, l);
            }
            if (J.c()) {
                ArrayList arrayList = new ArrayList();
                for (ac.c cVar : J.h()) {
                    if (bgd.a(cVar.a())) {
                        arrayList.add(bgd.b(cVar.a(), cVar.b(), cVar.c(), cVar.d(), cVar.e()));
                    } else {
                        try {
                            for (InetAddress inetAddress : InetAddress.getAllByName(cVar.a())) {
                                arrayList.add(bgd.b(inetAddress.getHostAddress(), cVar.b(), cVar.c(), cVar.d(), cVar.e()));
                            }
                        } catch (UnknownHostException unused) {
                            ckq.c(f6589a, "Failed to do DNS for 5.6 IP deny rules");
                        }
                    }
                }
                l.a((FirewallRule[]) arrayList.toArray(new FirewallRule[arrayList.size()]));
            }
            if (J.e()) {
                ArrayList arrayList2 = new ArrayList();
                for (ac.d dVar : J.j()) {
                    if (bgd.a(dVar.a())) {
                        arrayList2.add(bgd.b(dVar.a(), dVar.b(), dVar.c(), dVar.d()));
                    } else {
                        try {
                            for (InetAddress inetAddress2 : InetAddress.getAllByName(dVar.a())) {
                                arrayList2.add(bgd.b(inetAddress2.getHostAddress(), dVar.b(), dVar.c(), dVar.d()));
                            }
                        } catch (UnknownHostException unused2) {
                            ckq.c(f6589a, "Failed to do DNS for 5.6 IP allow rules");
                        }
                    }
                }
                l.b((FirewallRule[]) arrayList2.toArray(new FirewallRule[arrayList2.size()]));
            }
            if (J.f()) {
                ArrayList arrayList3 = new ArrayList();
                for (ac.e eVar : J.k()) {
                    arrayList3.add(bgd.b(eVar.c(), eVar.d(), eVar.a(), eVar.b(), eVar.e(), eVar.f()));
                }
                l.b((FirewallRule[]) arrayList3.toArray(new FirewallRule[arrayList3.size()]));
            }
            if (J.n()) {
                ArrayList arrayList4 = new ArrayList();
                for (ac.i iVar : J.m()) {
                    arrayList4.add(bgd.b(iVar.a(), iVar.b()));
                }
                l.b((FirewallRule[]) arrayList4.toArray(new FirewallRule[arrayList4.size()]));
            }
            if (J.g()) {
                for (ac.f fVar : J.l()) {
                    try {
                        int parseInt = Integer.parseInt(fVar.b());
                        ckq.b(f6589a, "Apply firewall proxy rules result + " + l.a(fVar.a(), parseInt));
                        ckq.b(f6589a, "firewall block proxy rules ", fVar.a(), ":" + parseInt);
                    } catch (Exception e) {
                        ckq.c(f6589a, e.getMessage());
                    }
                }
            }
            return true;
        } catch (Exception e2) {
            ckq.d(f6589a, "Error while enforcing Firewall Settings.");
            ckq.d(f6589a, e2);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean e() {
        try {
            this.f6591c.w().a().b("FIREWALL_ENFORCED_BELOW_5_5", true);
            bew aN = this.f6591c.aN();
            if (bqb.a(aN.g(), 2) < 0) {
                ckq.b(f6589a, "Samsung Device SDK version needs to be atleast of 2.0,which is not found on this device.");
                return false;
            }
            if (!c()) {
                return false;
            }
            ckq.b(f6589a, "re evaluating firewall policy for below 5.5 devices");
            bfr l = aN.l();
            l.b(false);
            com.fiberlink.maas360.android.control.Dao.model.devicepolicies.ac J = this.f6591c.H().S().J();
            if (J.c()) {
                ArrayList arrayList = new ArrayList();
                for (ac.c cVar : J.h()) {
                    arrayList.add(bgd.a(cVar.a(), cVar.b(), cVar.c(), cVar.d(), cVar.e()));
                }
                boolean a2 = l.a(arrayList);
                ckq.b(f6589a, "Apply firewall block rules result + " + a2);
                ckq.b(f6589a, "firewall block rules ", arrayList.toString());
            }
            ArrayList arrayList2 = new ArrayList();
            arrayList2.addAll(f());
            if (J.e()) {
                for (ac.d dVar : J.j()) {
                    arrayList2.add(bgd.a(dVar.a(), dVar.b(), dVar.c(), dVar.d()));
                }
            }
            if (arrayList2.size() > 0) {
                boolean e = l.e(arrayList2);
                ckq.b(f6589a, "Apply firewall block rules exceptions result + " + e);
                ckq.b(f6589a, "firewall block exception rules ", arrayList2.toString());
            }
            if (J.f()) {
                ArrayList arrayList3 = new ArrayList();
                for (ac.e eVar : J.k()) {
                    arrayList3.add(bgd.a(eVar.a(), eVar.b(), eVar.c(), eVar.d(), eVar.e(), eVar.f()));
                }
                boolean f = l.f(arrayList3);
                ckq.b(f6589a, "Apply firewall reroute rules result + " + f);
                ckq.b(f6589a, "firewall reroute rules ", arrayList3.toString());
            }
            if (J.n()) {
                ArrayList arrayList4 = new ArrayList();
                for (ac.i iVar : J.m()) {
                    arrayList4.add(bgd.a(iVar.a(), iVar.b()));
                }
                boolean g = l.g(arrayList4);
                ckq.b(f6589a, "Apply firewall redirect rules result + " + g);
                ckq.b(f6589a, "firewall redirect exception Rules ", arrayList4.toString());
            }
            if (J.g()) {
                for (ac.f fVar : J.l()) {
                    try {
                        int parseInt = Integer.parseInt(fVar.b());
                        boolean a3 = l.a(fVar.a(), parseInt, null);
                        ckq.b(f6589a, "Apply firewall proxy rules result + " + a3);
                        ckq.b(f6589a, "firewall block proxy rules ", fVar.a(), ":" + parseInt);
                    } catch (Exception e2) {
                        ckq.c(f6589a, e2.getMessage());
                    }
                }
            }
            return true;
        } catch (Exception e3) {
            ckq.d(f6589a, "Error while enforcing Firewall Settings.");
            ckq.d(f6589a, e3);
            return false;
        }
    }

    private List<String> f() {
        return a(ControlApplication.e().w().m().b());
    }

    private boolean g() {
        bfr l = this.f6591c.aN().l();
        HashSet hashSet = new HashSet();
        Iterator<String> it = bgd.a(f()).iterator();
        while (it.hasNext()) {
            try {
                for (InetAddress inetAddress : InetAddress.getAllByName(it.next())) {
                    hashSet.add(inetAddress.getHostAddress());
                }
            } catch (UnknownHostException unused) {
                ckq.c(f6589a, "Global whitelist DNS failed, Not applying firewall rules");
                return false;
            }
        }
        ArrayList arrayList = new ArrayList();
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            arrayList.add(bgd.b((String) it2.next(), "*", ac.h.ALL, ac.g.ALL));
        }
        l.b((FirewallRule[]) arrayList.toArray(new FirewallRule[arrayList.size()]));
        ckq.a(f6589a, "Global Whitelist rules : " + hashSet);
        return true;
    }

    boolean a(int i) {
        if (bqb.a(i, 19) < 0) {
            return true;
        }
        awe a2 = this.f6591c.w().a();
        if (a2.a("FIREWALL_ENFORCED_BELOW_5_5", false)) {
            ckq.b(f6589a, "Enforcing firewall policy on Upgrade");
            return true;
        }
        if (!a2.a("ResetFirewallPolicyChanged", false)) {
            return false;
        }
        ckq.b(f6589a, "Execute Firewall Task on Policy Change");
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b() {
        if (a(this.f6591c.aN().g())) {
            new a().execute(new Void[0]);
        }
    }
}
