自动使用本地防火墙/增加edge-node [ip.drop|ip.reject|ip.remove]等命令

2025-12-26 23:16:35 +08:00 · 2022-01-09 17:07:37 +08:00
parent 9f4738af0d
commit 15fc2e4f41
17 changed files with 482 additions and 24 deletions
--- a/internal/firewalls/firewall.go
+++ b/internal/firewalls/firewall.go
@@ -0,0 +1,42 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package firewalls
+
+import (
+	"github.com/TeaOSLab/EdgeNode/internal/events"
+	"github.com/TeaOSLab/EdgeNode/internal/remotelogs"
+)
+
+var currentFirewall FirewallInterface
+
+// 初始化
+func init() {
+	events.On(events.EventLoaded, func() {
+		var firewall = Firewall()
+		if firewall.Name() == "mock" {
+			remotelogs.Warn("FIREWALL", "'firewalld' on this system should be enabled to block attackers more effectively")
+		} else {
+			remotelogs.Println("FIREWALL", "found local firewall '"+firewall.Name()+"'")
+		}
+	})
+}
+
+// Firewall 查找当前系统中最适合的防火墙
+func Firewall() FirewallInterface {
+	if currentFirewall != nil {
+		return currentFirewall
+	}
+
+	// firewalld
+	{
+		var firewalld = NewFirewalld()
+		if firewalld.IsReady() {
+			currentFirewall = firewalld
+			return currentFirewall
+		}
+	}
+
+	// 至少返回一个
+	currentFirewall = NewMockFirewall()
+	return currentFirewall
+}