mirror of
https://github.com/TeaOSLab/EdgeAdmin.git
synced 2025-11-11 18:30:25 +08:00
自动将端口加入到本地防火墙
This commit is contained in:
GoEdgeLab
@@ -13,9 +13,12 @@ import (
|
|||||||
"github.com/iwind/TeaGo/maps"
|
"github.com/iwind/TeaGo/maps"
|
||||||
"github.com/iwind/TeaGo/rands"
|
"github.com/iwind/TeaGo/rands"
|
||||||
"github.com/iwind/TeaGo/sessions"
|
"github.com/iwind/TeaGo/sessions"
|
||||||
|
"github.com/iwind/TeaGo/types"
|
||||||
"github.com/iwind/gosock/pkg/gosock"
|
"github.com/iwind/gosock/pkg/gosock"
|
||||||
|
"gopkg.in/yaml.v3"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
|
"net"
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
@@ -58,6 +61,9 @@ func (this *AdminNode) Run() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// 添加端口到防火墙
|
||||||
|
this.addPortsToFirewall()
|
||||||
|
|
||||||
// 监听信号
|
// 监听信号
|
||||||
sigQueue := make(chan os.Signal)
|
sigQueue := make(chan os.Signal)
|
||||||
signal.Notify(sigQueue, syscall.SIGTERM, syscall.SIGINT, syscall.SIGKILL, syscall.SIGQUIT)
|
signal.Notify(sigQueue, syscall.SIGTERM, syscall.SIGINT, syscall.SIGKILL, syscall.SIGQUIT)
|
||||||
@@ -201,6 +207,44 @@ https:
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// 添加端口到防火墙
|
||||||
|
func (this *AdminNode) addPortsToFirewall() {
|
||||||
|
var configFile = Tea.ConfigFile("server.yaml")
|
||||||
|
data, err := ioutil.ReadFile(configFile)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
var config = &TeaGo.ServerConfig{}
|
||||||
|
err = yaml.Unmarshal(data, config)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
var ports = []int{}
|
||||||
|
if config.Http.On {
|
||||||
|
for _, listen := range config.Http.Listen {
|
||||||
|
_, portString, _ := net.SplitHostPort(listen)
|
||||||
|
var port = types.Int(portString)
|
||||||
|
if port > 0 && !lists.ContainsInt(ports, port) {
|
||||||
|
ports = append(ports, port)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if config.Https.On {
|
||||||
|
for _, listen := range config.Https.Listen {
|
||||||
|
_, portString, _ := net.SplitHostPort(listen)
|
||||||
|
var port = types.Int(portString)
|
||||||
|
if port > 0 && !lists.ContainsInt(ports, port) {
|
||||||
|
ports = append(ports, port)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
utils.AddPortsToFirewall(ports)
|
||||||
|
}
|
||||||
|
|
||||||
// 启动API节点
|
// 启动API节点
|
||||||
func (this *AdminNode) startAPINode() {
|
func (this *AdminNode) startAPINode() {
|
||||||
configPath := Tea.Root + "/edge-api/configs/api.yaml"
|
configPath := Tea.Root + "/edge-api/configs/api.yaml"
|
||||||
|
|||||||
28
internal/utils/firewall.go
Normal file
28
internal/utils/firewall.go
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
|
||||||
|
|
||||||
|
package utils
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/iwind/TeaGo/logs"
|
||||||
|
"github.com/iwind/TeaGo/types"
|
||||||
|
"os/exec"
|
||||||
|
"runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
func AddPortsToFirewall(ports []int) {
|
||||||
|
for _, port := range ports {
|
||||||
|
// Linux
|
||||||
|
if runtime.GOOS == "linux" {
|
||||||
|
// firewalld
|
||||||
|
firewallCmd, _ := exec.LookPath("firewall-cmd")
|
||||||
|
if len(firewallCmd) > 0 {
|
||||||
|
err := exec.Command(firewallCmd, "--add-port="+types.String(port)+"/tcp").Run()
|
||||||
|
if err == nil {
|
||||||
|
logs.Println("API_NODE", "add port '"+types.String(port)+"' to firewalld")
|
||||||
|
|
||||||
|
_ = exec.Command(firewallCmd, "--add-port="+types.String(port)+"/tcp", "--permanent").Run()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user