package com.centrify.directcontrol.firewall;

import android.content.res.Resources;
import android.text.TextUtils;
import com.centrify.agent.samsung.KnoxVersionUtil;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.centrifypreference.CentrifyPreferenceUtils;
import com.centrify.directcontrol.CentrifyApplication;
import com.centrify.directcontrol.cps.ResourceItem;
import com.centrify.directcontrol.policy.AbstractProfileTableController;
import com.centrify.directcontrol.utilities.PolicyKeyConstants;
import com.centrify.directcontrol.utilities.SimplePolicyObject;
import com.dd.plist.NSArray;
import com.dd.plist.NSDictionary;
import com.dd.plist.NSObject;
import com.dd.plist.NSString;
import com.samsung.knoxemm.mdm.R;
import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public final class FirewallPolicyController extends AbstractProfileTableController {
    private static final String FIREWALL_DEFAULT_URLS = "firewall_default_urls";
    private static final String GCM_RULE = "*:5228-5230;*;*";
    private static final String HOST_RES_SEPARATOR = "/";
    private static final String PROTOCOL_HOST_SEPARATOR = "://";
    private static final String TAG = "FirewallPolicyController";
    private List<String> mCloudGcmAllowRules;
    private int mNonCompliantPolicyNumber;

    /* JADX WARN: Type inference failed for: r0v0, types: [T, java.util.HashMap] */
    public FirewallPolicyController() {
        this.mPoliciesInCache = new HashMap();
    }

    private boolean addIptablesAllowRules(List<String> list) {
        LogUtil.debug(TAG, "addIptablesAllowRules-begin");
        if (list == null) {
            List<SimplePolicyObject> profilePoliciesSAFE = this.mDbAdapter.getProfilePoliciesSAFE(14, 900);
            if (profilePoliciesSAFE.size() > 0) {
                list = convertStringToArray(profilePoliciesSAFE.get(0).mPolicyValue, ",");
            }
        }
        boolean z = false;
        FirewallPolicyManager applicationPolicyManager = FirewallPolicyManagerFactory.getApplicationPolicyManager();
        List<String> iptablesAllowRules = applicationPolicyManager.getIptablesAllowRules();
        ArrayList arrayList = iptablesAllowRules != null ? new ArrayList(iptablesAllowRules) : new ArrayList();
        boolean z2 = true;
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            Iterator<String> it2 = this.mCloudGcmAllowRules.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (it2.next().contains(str)) {
                    it.remove();
                    z2 = false;
                    break;
                }
            }
        }
        if (!z2) {
            LogUtil.info(TAG, "default urls are already added, check the policy values");
            int size = list != null ? list.size() : 0;
            if (size != arrayList.size()) {
                z2 = true;
            } else if (size != 0) {
                LogUtil.info(TAG, "same number (non zero) of values are found in policy and device, compare them");
                Iterator it3 = arrayList.iterator();
                while (it3.hasNext()) {
                    String str2 = (String) it3.next();
                    Iterator<String> it4 = list.iterator();
                    while (it4.hasNext()) {
                        if (it4.next().contains(str2)) {
                            it3.remove();
                        }
                    }
                }
                z2 = arrayList.size() != 0;
            }
        }
        if (!z2) {
            LogUtil.info(TAG, "already added in the allow table, skip it");
            return true;
        }
        ArrayList arrayList2 = new ArrayList(this.mCloudGcmAllowRules);
        if (list != null) {
            for (String str3 : list) {
                if (!arrayList2.contains(str3)) {
                    arrayList2.add(str3);
                }
            }
        }
        LogUtil.info(TAG, "cleanIptablesAllowRules: " + applicationPolicyManager.cleanIptablesAllowRules());
        if (arrayList2.size() > 0) {
            z = applicationPolicyManager.addIptablesAllowRules(arrayList2);
            LogUtil.info(TAG, "addIptablesAllowRules: " + z);
        }
        if (z) {
            LogUtil.info(TAG, "setIptablesOption: " + applicationPolicyManager.setIptablesOption(true));
        }
        LogUtil.debug(TAG, "add: " + arrayList2.toString() + " success: " + z);
        return z;
    }

    private boolean checkDefaultUrlChange() {
        LogUtil.info(TAG, "checkDefaultUrlChange-begin");
        String string = CentrifyPreferenceUtils.getString("firewall_default_urls", null);
        if (StringUtils.isBlank(string)) {
            this.mCloudGcmAllowRules = new ArrayList();
        } else {
            this.mCloudGcmAllowRules = convertStringToArray(string, ",");
        }
        List<String> cloudGcmAllowRules = getCloudGcmAllowRules();
        LogUtil.info(TAG, "savedDefaultUrls: " + this.mCloudGcmAllowRules.toString());
        LogUtil.info(TAG, "currentDefaultUrls: " + cloudGcmAllowRules.toString());
        boolean z = false;
        if (this.mCloudGcmAllowRules.size() == cloudGcmAllowRules.size()) {
            Iterator<String> it = cloudGcmAllowRules.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (!this.mCloudGcmAllowRules.contains(it.next())) {
                    z = true;
                    break;
                }
            }
        } else {
            z = true;
        }
        if (z) {
            CentrifyPreferenceUtils.putString("firewall_default_urls", TextUtils.join(",", cloudGcmAllowRules));
            this.mCloudGcmAllowRules = cloudGcmAllowRules;
        }
        LogUtil.info(TAG, "are default urls changed: " + z);
        return z;
    }

    private List<String> convertStringToArray(String str, String str2) {
        LogUtil.debug(TAG, "convertToStringArray--->Begin,  str=" + str);
        String[] split = StringUtils.split(str, str2);
        LogUtil.debug(TAG, "arr" + split);
        List<String> asList = Arrays.asList(split);
        LogUtil.debug(TAG, "array" + asList);
        LogUtil.debug(TAG, "convertToStringArray--->End");
        return asList;
    }

    private List<String> formatUrls(List<String> list) {
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            int indexOf = str.indexOf(PROTOCOL_HOST_SEPARATOR);
            String str2 = str;
            if (indexOf != -1) {
                str2 = str.substring(PROTOCOL_HOST_SEPARATOR.length() + indexOf);
            }
            arrayList.add(getHostNameFromUrl(str2));
        }
        return arrayList;
    }

    private String getAllowRuleUrl(String str) {
        if (!StringUtils.isNotBlank(str)) {
            return null;
        }
        try {
            return new URL(str).getHost() + ":*;*;*";
        } catch (MalformedURLException e) {
            LogUtil.error(TAG, e);
            return null;
        }
    }

    private List<String> getCloudGcmAllowRules() {
        Resources resources = CentrifyApplication.getAppInstance().getApplicationContext().getResources();
        ArrayList arrayList = new ArrayList();
        String string = CentrifyPreferenceUtils.getString("LOGINURL", resources.getString(R.string.loginpage_url));
        String allowRuleUrl = getAllowRuleUrl(string);
        if (StringUtils.isNotBlank(allowRuleUrl)) {
            arrayList.add(allowRuleUrl);
        }
        String string2 = CentrifyPreferenceUtils.getString("POD_URL", null);
        LogUtil.info(TAG, "login url: " + string + " podUrl: " + string2);
        String allowRuleUrl2 = getAllowRuleUrl(string2);
        if (StringUtils.isNotBlank(allowRuleUrl2)) {
            arrayList.add(allowRuleUrl2);
        }
        arrayList.add(GCM_RULE);
        return arrayList;
    }

    private List<SimplePolicyObject> getFirewallPolicies(NSDictionary nSDictionary) {
        LogUtil.debug(TAG, "getFirewallPolicies-begin");
        ArrayList arrayList = new ArrayList();
        Set<Map.Entry<Integer, String>> entrySet = FirewallPolicyManagerUltility.getSupportedFirewallPolicies().entrySet();
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<Integer, String> entry : entrySet) {
            if (nSDictionary.objectForKey(entry.getValue()) != null) {
                NSObject objectForKey = nSDictionary.objectForKey(entry.getValue());
                sb.setLength(0);
                switch (entry.getKey().intValue()) {
                    case 900:
                    case 901:
                    case 902:
                    case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_LIST /* 905 */:
                    case PolicyKeyConstants.FIREWALLPOLICYSET_IP_TABLES_REDIRECT_EXCEPTION_RULES /* 908 */:
                        if (objectForKey != null) {
                            for (NSObject nSObject : ((NSArray) objectForKey).getArray()) {
                                if (sb.length() > 0) {
                                    sb.append(",");
                                }
                                sb.append(((NSString) nSObject).toString());
                            }
                            break;
                        }
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_IP_TABLES_PROXY_RULES /* 903 */:
                        if (objectForKey != null) {
                            for (NSObject nSObject2 : ((NSArray) objectForKey).getArray()) {
                                if (sb.length() > 0) {
                                    sb.append(",");
                                }
                                if (((NSDictionary) nSObject2).objectForKey("IpAddress") != null) {
                                    sb.append(((NSDictionary) nSObject2).objectForKey("IpAddress").toString());
                                }
                                if (((NSDictionary) nSObject2).objectForKey(ResourceItem.PORT) != null) {
                                    sb.append(":" + ((NSDictionary) nSObject2).objectForKey(ResourceItem.PORT).toString());
                                }
                            }
                            break;
                        }
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_ENABLED /* 904 */:
                    default:
                        LogUtil.debug(TAG, "entry.getKey() is not found: " + entry.getKey());
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_REPORT_ENABLED /* 906 */:
                    case PolicyKeyConstants.FIREWALLPOLICYSET_NETWORK_FOR_MARKET /* 907 */:
                        if (objectForKey != null) {
                            sb.append(objectForKey.toString());
                            break;
                        }
                        break;
                }
                arrayList.add(new SimplePolicyObject(entry.getKey().intValue(), 14, sb.toString(), false, true));
            }
        }
        LogUtil.debug(TAG, "getFirewallPolicies-end");
        return arrayList;
    }

    private String getHostNameFromUrl(String str) {
        int indexOf = str.indexOf(HOST_RES_SEPARATOR);
        return indexOf != -1 ? str.substring(0, indexOf) : str;
    }

    private boolean removeIptablesAllowRules() {
        LogUtil.debug(TAG, "removeIptablesAllowRules-begin");
        ArrayList arrayList = new ArrayList(this.mCloudGcmAllowRules);
        FirewallPolicyManager applicationPolicyManager = FirewallPolicyManagerFactory.getApplicationPolicyManager();
        applicationPolicyManager.cleanIptablesAllowRules();
        boolean addIptablesAllowRules = applicationPolicyManager.addIptablesAllowRules(arrayList);
        if (addIptablesAllowRules) {
            LogUtil.info(TAG, "setIptablesOption: " + applicationPolicyManager.setIptablesOption(true));
        }
        LogUtil.debug(TAG, "removeIptablesAllowRules-end");
        return addIptablesAllowRules;
    }

    private void resetFirewallPolicySAFE(SimplePolicyObject simplePolicyObject) {
        FirewallPolicyManager applicationPolicyManager = FirewallPolicyManagerFactory.getApplicationPolicyManager();
        if (applicationPolicyManager == null) {
            LogUtil.debug(TAG, "firewallManager is null, probably it is a non-SAFE, return...");
            return;
        }
        switch (simplePolicyObject.mPolicyName) {
            case 900:
                removeIptablesAllowRules();
                return;
            case 901:
                LogUtil.debug(TAG, "cleanIptablesDenyRules: " + applicationPolicyManager.removeIptablesDenyRules(convertStringToArray(simplePolicyObject.mPolicyValue, ",")));
                return;
            case 902:
                LogUtil.debug(TAG, "cleanIptablesRerouteRules: " + applicationPolicyManager.cleanIptablesRerouteRules());
                return;
            case PolicyKeyConstants.FIREWALLPOLICYSET_IP_TABLES_PROXY_RULES /* 903 */:
                LogUtil.debug(TAG, "cleanIptablesProxyRules: " + applicationPolicyManager.cleanIptablesProxyRules());
                return;
            case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_ENABLED /* 904 */:
            default:
                LogUtil.debug(TAG, "policy not found, policy=" + simplePolicyObject.mPolicyName + ", value=" + simplePolicyObject.mPolicyValue);
                return;
            case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_LIST /* 905 */:
                LogUtil.debug(TAG, "setURLFilterList: " + applicationPolicyManager.setURLFilterList(new ArrayList()));
                LogUtil.debug(TAG, "setURLFilterEnabled(false): " + applicationPolicyManager.setURLFilterEnabled(false));
                return;
            case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_REPORT_ENABLED /* 906 */:
                LogUtil.debug(TAG, "setURLFilterReportEnabled: " + applicationPolicyManager.setURLFilterReportEnabled(false));
                return;
            case PolicyKeyConstants.FIREWALLPOLICYSET_NETWORK_FOR_MARKET /* 907 */:
                LogUtil.debug(TAG, "setNetworkForMarket: " + applicationPolicyManager.setNetworkForMarket(0));
                return;
            case PolicyKeyConstants.FIREWALLPOLICYSET_IP_TABLES_REDIRECT_EXCEPTION_RULES /* 908 */:
                LogUtil.debug(TAG, "cleanIptablesRedirectExceptionsRules: " + applicationPolicyManager.cleanIptablesRedirectExceptionsRules());
                return;
        }
    }

    private boolean syncObject(SimplePolicyObject simplePolicyObject, List<SimplePolicyObject> list) {
        for (SimplePolicyObject simplePolicyObject2 : list) {
            if (simplePolicyObject2.mPolicyName == simplePolicyObject.mPolicyName) {
                if (!simplePolicyObject2.mPolicyValue.equalsIgnoreCase(simplePolicyObject.mPolicyValue)) {
                    simplePolicyObject.mPolicyValue = simplePolicyObject2.mPolicyValue;
                    simplePolicyObject.mPolicySetResult = false;
                }
                list.remove(simplePolicyObject2);
                return true;
            }
        }
        return false;
    }

    /* JADX WARN: Type inference failed for: r2v2, types: [T, java.util.HashMap] */
    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public void checkPolicyCompliance() {
        this.mNonCompliantPolicyNumber = 0;
        this.mPoliciesInCache = this.mDbAdapter.getPolicies(14);
        if (this.mPoliciesInCache != 0) {
            for (SimplePolicyObject simplePolicyObject : ((Map) this.mPoliciesInCache).values()) {
                if (simplePolicyObject.mPolicySupported && !simplePolicyObject.mPolicySetResult) {
                    this.mNonCompliantPolicyNumber++;
                }
            }
        }
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean doesPolicyExist() {
        return this.mPoliciesInCache != 0 && ((Map) this.mPoliciesInCache).size() > 0;
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController
    protected int getDbProfileTable() {
        return 14;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public String getDependProfileId() {
        return PolicyKeyConstants.FIREWALL_SAFE_PROFILE_MDM56_IDENTIFIER;
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public int getNonCompliantPolicyNumber() {
        return this.mNonCompliantPolicyNumber;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Type inference failed for: r0v2, types: [T, java.util.HashMap] */
    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController
    public synchronized Map<Integer, SimplePolicyObject> getPolicies() {
        this.mPoliciesInCache = this.mDbAdapter.getPolicies(14);
        return (Map) this.mPoliciesInCache;
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public JSONObject getProfileToReport(NSObject nSObject, String str) throws JSONException {
        return doGetProfileReport(nSObject, str);
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController
    protected Map<String, Integer> getRecognizedPolicyKeys(String str) {
        return FirewallPolicyManagerUltility.mRecognizedPolicyKeys.get(str);
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void handleProfileIfDependExist() {
        LogUtil.info(TAG, "handleProfileIfDependExist");
        if (KnoxVersionUtil.isKnox26OrPlus()) {
            if (CentrifyPreferenceUtils.getString("firewall_default_urls", null) == null) {
                LogUtil.info(TAG, "We already reset all the old Firewall policies.");
                return;
            }
            LogUtil.info(TAG, "Reset all existing firewall policies ");
            FirewallPolicyManager applicationPolicyManager = FirewallPolicyManagerFactory.getApplicationPolicyManager();
            if (applicationPolicyManager != null) {
                if (applicationPolicyManager.getNetworkForMarket() != 0) {
                    LogUtil.info(TAG, "Clean Network market: " + applicationPolicyManager.setNetworkForMarket(0));
                } else {
                    LogUtil.info(TAG, "No policy for Network Market.");
                }
                List<String> iptablesAllowRules = applicationPolicyManager.getIptablesAllowRules();
                if (iptablesAllowRules == null || iptablesAllowRules.isEmpty()) {
                    LogUtil.info(TAG, "No policy for Ip tables allow Rules.");
                } else {
                    LogUtil.info(TAG, "Clean Ip tables allow Rules: " + applicationPolicyManager.cleanIptablesAllowRules());
                }
                List<String> iptablesDenyRules = applicationPolicyManager.getIptablesDenyRules();
                if (iptablesDenyRules == null || iptablesDenyRules.isEmpty()) {
                    LogUtil.info(TAG, "No policy for Ip tables deny Rules.");
                } else {
                    LogUtil.info(TAG, "clean Ip tables deny Rules: " + applicationPolicyManager.cleanIptablesDenyRules());
                }
                List<String> iptablesRerouteRules = applicationPolicyManager.getIptablesRerouteRules();
                if (iptablesRerouteRules == null || iptablesRerouteRules.isEmpty()) {
                    LogUtil.info(TAG, "No Ip tables redirect Rules.");
                } else {
                    LogUtil.info(TAG, "Clean Ip tables redirect Rules: " + applicationPolicyManager.cleanIptablesRerouteRules());
                }
                List<String> iptablesProxyRules = applicationPolicyManager.getIptablesProxyRules();
                if (iptablesProxyRules == null || iptablesProxyRules.isEmpty()) {
                    LogUtil.info(TAG, "No Ip tables proxy Rules.");
                } else {
                    LogUtil.info(TAG, "Clean Ip tables proxy Rules: " + applicationPolicyManager.cleanIptablesProxyRules());
                }
                List<String> iptablesRedirectExceptionsRules = applicationPolicyManager.getIptablesRedirectExceptionsRules();
                if (iptablesRedirectExceptionsRules == null || iptablesRedirectExceptionsRules.isEmpty()) {
                    LogUtil.info(TAG, "No Ip tables redirect exception Rules.");
                } else {
                    LogUtil.info(TAG, "Clean Ip tables redirect exception Rules: " + applicationPolicyManager.cleanIptablesRedirectExceptionsRules());
                }
                if (applicationPolicyManager.getIptablesOption()) {
                    LogUtil.info(TAG, "Clean Ip tables Option: " + applicationPolicyManager.setIptablesOption(false));
                } else {
                    LogUtil.info(TAG, "Ip tables Option is not enabled");
                }
                cleanDBCache();
                CentrifyPreferenceUtils.remove("firewall_default_urls");
                this.mCloudGcmAllowRules = null;
            } else {
                LogUtil.warning(TAG, "Not a Safe device.");
            }
        }
        LogUtil.info(TAG, "Reset all existing firewall policies END");
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public void initialize(File file) {
        getPolicies();
        if (doesPolicyExist() && checkDefaultUrlChange()) {
            LogUtil.info(TAG, "Add Iptables rules while initialise");
            addIptablesAllowRules(null);
        }
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public void loadPolicy() {
        LogUtil.debug(TAG, "loadFirewallPolicies-begin");
        FirewallPolicyManager applicationPolicyManager = FirewallPolicyManagerFactory.getApplicationPolicyManager();
        if (applicationPolicyManager == null) {
            LogUtil.debug(TAG, "wifiManager is null, probably it is a non-SAFE, return...");
            return;
        }
        boolean z = false;
        List<SimplePolicyObject> profilePoliciesSAFE = this.mDbAdapter.getProfilePoliciesSAFE(14);
        if (profilePoliciesSAFE.isEmpty()) {
            LogUtil.debug(TAG, "return as there is no old firewall policies");
            return;
        }
        if (checkDefaultUrlChange()) {
            LogUtil.debug(TAG, "Add default firewall polices.");
            addIptablesAllowRules(null);
        }
        for (SimplePolicyObject simplePolicyObject : profilePoliciesSAFE) {
            LogUtil.debug(TAG, simplePolicyObject.toString());
            if (!simplePolicyObject.mPolicySetResult) {
                switch (simplePolicyObject.mPolicyName) {
                    case 900:
                        simplePolicyObject.mPolicySetResult = addIptablesAllowRules(convertStringToArray(simplePolicyObject.mPolicyValue, ","));
                        LogUtil.debug(TAG, "addIptablesAllowRules: " + simplePolicyObject.mPolicySetResult);
                        break;
                    case 901:
                        List<String> convertStringToArray = convertStringToArray(simplePolicyObject.mPolicyValue, ",");
                        boolean cleanIptablesDenyRules = applicationPolicyManager.cleanIptablesDenyRules();
                        LogUtil.debug(TAG, "cleanIptablesDenyRules: " + cleanIptablesDenyRules);
                        if (cleanIptablesDenyRules) {
                            simplePolicyObject.mPolicySetResult = applicationPolicyManager.addIptablesDenyRules(convertStringToArray);
                        }
                        LogUtil.debug(TAG, "addIptablesDenyRules: " + simplePolicyObject.mPolicySetResult);
                        z = true;
                        break;
                    case 902:
                        List<String> convertStringToArray2 = convertStringToArray(simplePolicyObject.mPolicyValue, ",");
                        boolean cleanIptablesRerouteRules = applicationPolicyManager.cleanIptablesRerouteRules();
                        LogUtil.debug(TAG, "clear before add, cleanIptablesRerouteRules: " + cleanIptablesRerouteRules);
                        if (cleanIptablesRerouteRules) {
                            simplePolicyObject.mPolicySetResult = applicationPolicyManager.addIptablesRerouteRules(convertStringToArray2);
                        }
                        LogUtil.debug(TAG, "addIptablesRerouteRules: " + simplePolicyObject.mPolicySetResult);
                        z = true;
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_IP_TABLES_PROXY_RULES /* 903 */:
                        for (String str : convertStringToArray(simplePolicyObject.mPolicyValue, ",")) {
                            LogUtil.debug(TAG, "FIREWALLPOLICYSET_IP_TABLES_PROXY_RULES: " + str);
                            List<String> convertStringToArray3 = convertStringToArray(str, ":");
                            if (convertStringToArray3.size() == 2) {
                                LogUtil.debug(TAG, "cleanIptablesProxyRules: " + applicationPolicyManager.cleanIptablesProxyRules());
                                simplePolicyObject.mPolicySetResult = applicationPolicyManager.setIptablesProxyRules(convertStringToArray3.get(0), convertStringToArray3.get(1));
                                LogUtil.debug(TAG, "setIptablesProxyRules: " + simplePolicyObject.mPolicySetResult);
                                boolean iptablesProxyOption = applicationPolicyManager.setIptablesProxyOption(true);
                                LogUtil.debug(TAG, "setIptablesProxyOption: " + iptablesProxyOption);
                                simplePolicyObject.mPolicySetResult &= iptablesProxyOption;
                            }
                        }
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_LIST /* 905 */:
                        if (applicationPolicyManager.setURLFilterEnabled(true)) {
                            List<String> convertStringToArray4 = convertStringToArray(simplePolicyObject.mPolicyValue, ",");
                            LogUtil.debug(TAG, "convertStringToArray, array=" + convertStringToArray4);
                            List<String> formatUrls = formatUrls(convertStringToArray4);
                            LogUtil.debug(TAG, "formatUrls, array=" + formatUrls);
                            simplePolicyObject.mPolicySetResult = applicationPolicyManager.setURLFilterList(formatUrls);
                        }
                        LogUtil.debug(TAG, "setURLFilterList: " + simplePolicyObject.mPolicySetResult);
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_URL_FILTER_REPORT_ENABLED /* 906 */:
                        simplePolicyObject.mPolicySetResult = applicationPolicyManager.setURLFilterReportEnabled(Boolean.valueOf(simplePolicyObject.mPolicyValue).booleanValue());
                        LogUtil.debug(TAG, "setURLFilterReportEnabled: " + simplePolicyObject.mPolicySetResult);
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_NETWORK_FOR_MARKET /* 907 */:
                        simplePolicyObject.mPolicySetResult = applicationPolicyManager.setNetworkForMarket(Integer.valueOf(simplePolicyObject.mPolicyValue).intValue());
                        LogUtil.debug(TAG, "setNetworkForMarket: " + simplePolicyObject.mPolicySetResult);
                        break;
                    case PolicyKeyConstants.FIREWALLPOLICYSET_IP_TABLES_REDIRECT_EXCEPTION_RULES /* 908 */:
                        List<String> convertStringToArray5 = convertStringToArray(simplePolicyObject.mPolicyValue, ",");
                        boolean cleanIptablesRedirectExceptionsRules = applicationPolicyManager.cleanIptablesRedirectExceptionsRules();
                        LogUtil.debug(TAG, "cleanIptablesRedirectExceptionsRules: " + cleanIptablesRedirectExceptionsRules);
                        if (cleanIptablesRedirectExceptionsRules) {
                            simplePolicyObject.mPolicySetResult = applicationPolicyManager.addIptablesRedirectExceptionsRules(convertStringToArray5);
                        }
                        LogUtil.debug(TAG, "addIptablesRedirectExceptionsRules: " + simplePolicyObject.mPolicySetResult);
                        z = true;
                        break;
                }
            }
        }
        LogUtil.debug(TAG, "enableAllRules=" + z);
        if (z) {
            LogUtil.debug(TAG, "result=" + applicationPolicyManager.setIptablesOption(true));
        }
        this.mDbAdapter.insertPolicyData2("profile", profilePoliciesSAFE);
        LogUtil.debug(TAG, "loadFirewallPolicies-end");
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void resetAll() {
        resetPolicy(PolicyKeyConstants.FIREWALL_SAFE_PROFILE_IDENTIFIER);
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public void resetPolicy(String str) {
        LogUtil.debug(TAG, "resetFirewallPolicySAFE-begin");
        List<SimplePolicyObject> profilePoliciesSAFE = this.mDbAdapter.getProfilePoliciesSAFE(14);
        LogUtil.debug(TAG, "resetPolicy: " + profilePoliciesSAFE.size());
        if (profilePoliciesSAFE.size() > 0) {
            Iterator<SimplePolicyObject> it = profilePoliciesSAFE.iterator();
            while (it.hasNext()) {
                resetFirewallPolicySAFE(it.next());
            }
            this.mDbAdapter.deleteProfilePoliciesInDB(14);
        }
        LogUtil.debug(TAG, "resetFirewallPolicySAFE-end");
    }

    @Override // com.centrify.directcontrol.policy.AbstractProfileTableController, com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean savePolicy(NSDictionary nSDictionary) {
        if (!isSafeLicensed()) {
            LogUtil.info(TAG, "the safe entitlment is false");
            return false;
        }
        LogUtil.debug(TAG, "saveFirewallPolicies-begin");
        NSObject[] array = ((NSArray) nSDictionary.objectForKey("content")).getArray();
        if (array.length > 0) {
            NSDictionary nSDictionary2 = (NSDictionary) array[0];
            List<SimplePolicyObject> profilePoliciesSAFE = this.mDbAdapter.getProfilePoliciesSAFE(14);
            List<SimplePolicyObject> firewallPolicies = getFirewallPolicies(nSDictionary2);
            Iterator<SimplePolicyObject> it = profilePoliciesSAFE.iterator();
            while (it.hasNext()) {
                SimplePolicyObject next = it.next();
                if (!syncObject(next, firewallPolicies)) {
                    it.remove();
                    resetFirewallPolicySAFE(next);
                }
            }
            profilePoliciesSAFE.addAll(firewallPolicies);
            this.mDbAdapter.deleteProfilePoliciesInDB(14);
            this.mDbAdapter.insertPolicyData2("profile", profilePoliciesSAFE);
        }
        LogUtil.debug(TAG, "saveFirewallPolicies-end");
        return true;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean takePrecedenceToDependProfile(String str) {
        return !StringUtils.equals(str, getDependProfileId());
    }
}
