mirror of
https://github.com/Ysurac/openmptcprouter-vps-admin.git
synced 2025-03-09 15:40:05 +00:00
Fix IPv6 firewall
This commit is contained in:
parent
4f8dc4f997
commit
7185adad0e
2 changed files with 14 additions and 6 deletions
6
debian/changelog
vendored
6
debian/changelog
vendored
|
@ -1,3 +1,9 @@
|
||||||
|
omr-vps-admin (0.3+20221001) unstable; urgency=medium
|
||||||
|
|
||||||
|
* Fix IPv6 firewall
|
||||||
|
|
||||||
|
-- OpenMPTCProuter <contact@openmptcprouter.com> Sat, 01 Oct 2022 07:26:42 +0200
|
||||||
|
|
||||||
omr-vps-admin (0.3+20220827) unstable; urgency=medium
|
omr-vps-admin (0.3+20220827) unstable; urgency=medium
|
||||||
|
|
||||||
* Fix SIP ALG
|
* Fix SIP ALG
|
||||||
|
|
14
omr-admin.py
14
omr-admin.py
|
@ -695,7 +695,7 @@ def shorewall6_add_port(user, port, proto, name, fwtype='ACCEPT', source_dip='',
|
||||||
fd, tmpfile = mkstemp()
|
fd, tmpfile = mkstemp()
|
||||||
with open('/etc/shorewall6/rules', 'r') as f, open(tmpfile, 'a+') as n:
|
with open('/etc/shorewall6/rules', 'r') as f, open(tmpfile, 'a+') as n:
|
||||||
for line in f:
|
for line in f:
|
||||||
if source_dip == '':
|
if source_dip == '' and dest_ip == '':
|
||||||
if fwtype == 'ACCEPT' and not port + ' # OMR open ' + name + ' port ' + proto + gencomment in line and not port + ' # OMR ' + user.username + ' open ' + name + ' port ' + proto + gencomment in line:
|
if fwtype == 'ACCEPT' and not port + ' # OMR open ' + name + ' port ' + proto + gencomment in line and not port + ' # OMR ' + user.username + ' open ' + name + ' port ' + proto + gencomment in line:
|
||||||
n.write(line)
|
n.write(line)
|
||||||
elif fwtype == 'DNAT' and not port + ' # OMR redirect ' + name + ' port ' + proto + gencomment in line and not port + ' # OMR ' + user.username + ' redirect ' + name + ' port ' + proto + gencomment in line:
|
elif fwtype == 'DNAT' and not port + ' # OMR redirect ' + name + ' port ' + proto + gencomment in line and not port + ' # OMR ' + user.username + ' redirect ' + name + ' port ' + proto + gencomment in line:
|
||||||
|
@ -706,11 +706,11 @@ def shorewall6_add_port(user, port, proto, name, fwtype='ACCEPT', source_dip='',
|
||||||
comment = ' to ' + source_dip
|
comment = ' to ' + source_dip
|
||||||
if dest_ip != '':
|
if dest_ip != '':
|
||||||
comment = comment + ' from ' + dest_ip
|
comment = comment + ' from ' + dest_ip
|
||||||
if fwtype == 'ACCEPT' and not port + '# OMR ' + user.username + ' open ' + name + ' port ' + proto + comment + gencomment in line:
|
if fwtype == 'ACCEPT' and not '# OMR ' + user.username + ' open ' + name + ' port ' + proto + comment + gencomment in line:
|
||||||
n.write(line)
|
n.write(line)
|
||||||
elif fwtype == 'DNAT' and not port + '# OMR ' + user.username + ' redirect ' + name + ' port ' + proto + comment + gencomment in line:
|
elif fwtype == 'DNAT' and not '# OMR ' + user.username + ' redirect ' + name + ' port ' + proto + comment + gencomment in line:
|
||||||
n.write(line)
|
n.write(line)
|
||||||
if source_dip == '':
|
if source_dip == '' and dest_ip == '':
|
||||||
if fwtype == 'ACCEPT':
|
if fwtype == 'ACCEPT':
|
||||||
n.write('ACCEPT net $FW ' + proto + ' ' + port + ' # OMR ' + user.username + ' open ' + name + ' port ' + proto + gencomment + "\n")
|
n.write('ACCEPT net $FW ' + proto + ' ' + port + ' # OMR ' + user.username + ' open ' + name + ' port ' + proto + gencomment + "\n")
|
||||||
elif fwtype == 'DNAT' and userid == 0:
|
elif fwtype == 'DNAT' and userid == 0:
|
||||||
|
@ -720,13 +720,15 @@ def shorewall6_add_port(user, port, proto, name, fwtype='ACCEPT', source_dip='',
|
||||||
else:
|
else:
|
||||||
net = 'net'
|
net = 'net'
|
||||||
comment = ''
|
comment = ''
|
||||||
if source_dip == '':
|
if source_dip != '':
|
||||||
comment = ' to ' + source_dip
|
comment = ' to ' + source_dip
|
||||||
if dest_ip == '':
|
if dest_ip != '':
|
||||||
comment = comment + ' from ' + dest_ip
|
comment = comment + ' from ' + dest_ip
|
||||||
net = 'net:' + dest_ip
|
net = 'net:' + dest_ip
|
||||||
if fwtype == 'ACCEPT':
|
if fwtype == 'ACCEPT':
|
||||||
n.write('ACCEPT ' + net + ' $FW ' + proto + ' ' + port + ' - ' + source_dip + ' # OMR ' + user.username + ' open ' + name + ' port ' + proto + comment + gencomment + "\n")
|
n.write('ACCEPT ' + net + ' $FW ' + proto + ' ' + port + ' - ' + source_dip + ' # OMR ' + user.username + ' open ' + name + ' port ' + proto + comment + gencomment + "\n")
|
||||||
|
elif fwtype == 'DNAT' and vpn != 'default':
|
||||||
|
n.write('DNAT ' + net + ' vpn:' + vpn + ' ' + proto + ' ' + port + ' - ' + source_dip + ' # OMR ' + user.username + ' redirect ' + name + ' port ' + proto + comment + gencomment + "\n")
|
||||||
elif fwtype == 'DNAT' and userid == 0:
|
elif fwtype == 'DNAT' and userid == 0:
|
||||||
n.write('DNAT ' + net + ' vpn:$OMR_ADDR ' + proto + ' ' + port + ' - ' + source_dip + ' # OMR ' + user.username + ' redirect ' + name + ' port ' + proto + comment + gencomment + "\n")
|
n.write('DNAT ' + net + ' vpn:$OMR_ADDR ' + proto + ' ' + port + ' - ' + source_dip + ' # OMR ' + user.username + ' redirect ' + name + ' port ' + proto + comment + gencomment + "\n")
|
||||||
elif fwtype == 'DNAT' and userid != 0:
|
elif fwtype == 'DNAT' and userid != 0:
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue