TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-12-25 14:36:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

优化Firewalld添加端口方法,自动聚合连续的端口号

Browse Source
This commit is contained in:
刘祥超
2022-07-21 11:53:23 +08:00
parent 25c11f3d69
commit 62f9d1f09a
4 changed files with 156 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
internal/firewalls/firewall_firewalld.go
View File

@@ -75,6 +75,24 @@ func (this *Firewalld) AllowPort(port int, protocol string) error {
return nil
}
func (this *Firewalld) AllowPortRangesPermanently(portRanges [][2]int, protocol string) error {
for _, portRange := range portRanges {
var port = this.PortRangeString(portRange, protocol)
{
var cmd = exec.Command(this.exe, "--add-port="+port, "--permanent")
this.pushCmd(cmd)
}
{
var cmd = exec.Command(this.exe, "--add-port="+port)
this.pushCmd(cmd)
}
}
return nil
}
func (this *Firewalld) RemovePort(port int, protocol string) error {
if !this.isReady {
return nil
@@ -84,6 +102,30 @@ func (this *Firewalld) RemovePort(port int, protocol string) error {
return nil
}
func (this *Firewalld) RemovePortRangePermanently(portRange [2]int, protocol string) error {
var port = this.PortRangeString(portRange, protocol)
{
var cmd = exec.Command(this.exe, "--remove-port="+port, "--permanent")
this.pushCmd(cmd)
}
{
var cmd = exec.Command(this.exe, "--remove-port="+port)
this.pushCmd(cmd)
}
return nil
}
func (this *Firewalld) PortRangeString(portRange [2]int, protocol string) string {
if portRange[0] == portRange[1] {
return types.String(portRange[0]) + "/" + protocol
} else {
return types.String(portRange[0]) + "-" + types.String(portRange[1]) + "/" + protocol
}
}
func (this *Firewalld) RejectSourceIP(ip string, timeoutSeconds int) error {
if !this.isReady {
return nil