修复firewalld无法删除规则的Bug

This commit is contained in:
GoEdgeLab
2021-11-05 14:39:08 +08:00
parent 45b43efb7b
commit e36b214cf0
2 changed files with 8 additions and 6 deletions

View File

@@ -11,7 +11,7 @@ import (
"time"
)
// Firewalld动作管理
// FirewalldAction Firewalld动作管理
// 常用命令:
// - 查询列表: firewall-cmd --list-all
// - 添加IPfirewall-cmd --add-rich-rule="rule family='ipv4' source address='192.168.2.32' reject" --timeout=30s
@@ -126,10 +126,12 @@ func (this *FirewalldAction) runActionSingleIP(action string, listType IPListTyp
}
args := []string{opt}
if item.ExpiredAt > timestamp {
args = append(args, "--timeout="+fmt.Sprintf("%d", item.ExpiredAt-timestamp)+"s")
} else {
// TODO 思考是否需要permanent不然--reload之后会丢失
if action == "addItem" {
if item.ExpiredAt > timestamp {
args = append(args, "--timeout="+fmt.Sprintf("%d", item.ExpiredAt-timestamp)+"s")
} else {
// TODO 思考是否需要permanent不然--reload之后会丢失
}
}
if runtime.GOOS == "darwin" {

View File

@@ -11,7 +11,7 @@ import (
"time"
)
// IPSet动作
// IPSetAction IPSet动作
// 相关命令:
// - 利用Firewalld管理set
// - 添加firewall-cmd --permanent --new-ipset=edge_ip_list --type=hash:ip --option="timeout=0"