mirror of
https://github.com/Ysurac/openmptcprouter-vps-admin.git
synced 2025-03-09 15:40:05 +00:00
Add shorewall settings change
This commit is contained in:
parent
a193a9189c
commit
36368f57c3
1 changed files with 41 additions and 1 deletions
42
omr-admin.py
42
omr-admin.py
|
@ -1,7 +1,12 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
import json
|
import json
|
||||||
import base64
|
import base64
|
||||||
import uuid
|
import uuid
|
||||||
import configparser
|
import configparser
|
||||||
|
import os
|
||||||
|
from tempfile import mkstemp
|
||||||
|
from shutil import move
|
||||||
from pprint import pprint
|
from pprint import pprint
|
||||||
from flask import Flask, jsonify, request
|
from flask import Flask, jsonify, request
|
||||||
from flask_jwt_simple import (
|
from flask_jwt_simple import (
|
||||||
|
@ -46,6 +51,9 @@ def login():
|
||||||
if not request.is_json:
|
if not request.is_json:
|
||||||
return jsonify({"msg": "Missing JSON in request"}), 400
|
return jsonify({"msg": "Missing JSON in request"}), 400
|
||||||
|
|
||||||
|
with open('omr-admin-config.json') as f:
|
||||||
|
omr_config_data = json.load(f)
|
||||||
|
|
||||||
params = request.get_json()
|
params = request.get_json()
|
||||||
username = params.get('username', None)
|
username = params.get('username', None)
|
||||||
password = params.get('password', None)
|
password = params.get('password', None)
|
||||||
|
@ -55,7 +63,7 @@ def login():
|
||||||
if not password:
|
if not password:
|
||||||
return jsonify({"msg": "Missing password parameter"}), 400
|
return jsonify({"msg": "Missing password parameter"}), 400
|
||||||
|
|
||||||
if username != 'test' or password != 'test':
|
if username != omr_config_data["user"] or password != omr_config_data["pass"]:
|
||||||
return jsonify({"msg": "Bad username or password"}), 401
|
return jsonify({"msg": "Bad username or password"}), 401
|
||||||
|
|
||||||
# Identity can be any data that is json serializable
|
# Identity can be any data that is json serializable
|
||||||
|
@ -116,6 +124,8 @@ def shadowsocks():
|
||||||
no_delay = params.get('no_delay', None)
|
no_delay = params.get('no_delay', None)
|
||||||
mptcp = params.get('mptcp', None)
|
mptcp = params.get('mptcp', None)
|
||||||
obfs = params.get('obfs', None)
|
obfs = params.get('obfs', None)
|
||||||
|
if not port or not method or not fast_open or not reuse_port or not no_delay or not mptcp or not obfs:
|
||||||
|
raise BadRequestError("Invalid parameters")
|
||||||
if obfs:
|
if obfs:
|
||||||
shadowsocks_config = {'server': ('[::0]', '0.0.0.0'),'server_port': port,'local_port': 1081,'mode': 'tcp_and_udp','key': key,'timeout': timeout,'method': method,'verbose': verbose,'prefer_ipv6': prefer_ipv6,'fast_open': fast_open,'no_delay': no_delay,'reuse_port': reuse_port,'mptcp': mptcp,'plugin': '/usr/local/bin/obfs-server','plugin_opts': 'obfs=http;mptcp;fast-open;t=400'}
|
shadowsocks_config = {'server': ('[::0]', '0.0.0.0'),'server_port': port,'local_port': 1081,'mode': 'tcp_and_udp','key': key,'timeout': timeout,'method': method,'verbose': verbose,'prefer_ipv6': prefer_ipv6,'fast_open': fast_open,'no_delay': no_delay,'reuse_port': reuse_port,'mptcp': mptcp,'plugin': '/usr/local/bin/obfs-server','plugin_opts': 'obfs=http;mptcp;fast-open;t=400'}
|
||||||
else:
|
else:
|
||||||
|
@ -124,9 +134,39 @@ def shadowsocks():
|
||||||
if ordered(data) != ordered(json.loads(json.dumps(shadowsocks_config))):
|
if ordered(data) != ordered(json.loads(json.dumps(shadowsocks_config))):
|
||||||
with open('/etc/shadowsocks-libev/config.json.new','w') as outfile:
|
with open('/etc/shadowsocks-libev/config.json.new','w') as outfile:
|
||||||
json.dump(shadowsocks_config,outfile)
|
json.dump(shadowsocks_config,outfile)
|
||||||
|
os.system("systemctl restart shadowsocks-libev-server@config.service")
|
||||||
|
for x in range (1,os.cpu_count()):
|
||||||
|
os.system("systemctl restart shadowsocks-libev-server@config" + x + ".service")
|
||||||
return jsonify(**shadowsocks_config)
|
return jsonify(**shadowsocks_config)
|
||||||
else:
|
else:
|
||||||
return jsonify({'result': 'done'})
|
return jsonify({'result': 'done'})
|
||||||
|
|
||||||
|
# Set shorewall config
|
||||||
|
@app.route('/shorewall', methods=['POST'])
|
||||||
|
@jwt_required
|
||||||
|
def shorewall():
|
||||||
|
params = request.get_json()
|
||||||
|
state = params.get('redirect_ports', None)
|
||||||
|
if not state:
|
||||||
|
raise BadRequestError('Invalid parameter')
|
||||||
|
fd, tmpfile = mkstemp()
|
||||||
|
with open('/etc/shorewall/rules','r') as f, open(tmpfile,'a+') as n:
|
||||||
|
for line in f:
|
||||||
|
if state == 'enable' and '#DNAT net vpn:$OMR_ADDR tcp 1-64999' in line:
|
||||||
|
n.write(line.replace(line[:1], ''))
|
||||||
|
elif state == 'enable' and '#DNAT net vpn:$OMR_ADDR udp 1-64999' in line:
|
||||||
|
n.write(line.replace(line[:1], ''))
|
||||||
|
elif state == 'disable' and 'DNAT net vpn:$OMR_ADDR tcp 1-64999' in line:
|
||||||
|
n.write('#' + line)
|
||||||
|
elif state == 'disable' and 'DNAT net vpn:$OMR_ADDR udp 1-64999' in line:
|
||||||
|
n.write('#' + line)
|
||||||
|
else:
|
||||||
|
n.write(line)
|
||||||
|
os.close(fd)
|
||||||
|
move(tmpfile,'/etc/shorewall/rules.new')
|
||||||
|
# Need to do the same for IPv6...
|
||||||
|
return jsonify({'result': 'done'})
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
app.run(host='0.0.0.0',port=65500,ssl_context=('cert.pem','key.pem'))
|
app.run(host='0.0.0.0',port=65500,ssl_context=('cert.pem','key.pem'))
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue