acepanel/panel
2
0
Fork 0
mirror of https://github.com/acepanel/panel.git synced 2026-02-04 06:47:20 +08:00
Code Issues Packages Releases Activity

fix: 修改部分端口报错

Browse Source
This commit is contained in:
耗子
2024-10-17 17:54:33 +08:00
parent 1a9fe40b80
commit f2c3569447
7 changed files with 64 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/apps/phpmyadmin/service.go
View File

@@ -80,7 +80,8 @@ func (s *Service) UpdatePort(w http.ResponseWriter, r *http.Request) {
err = fw.Port(firewall.FireInfo{
PortStart: req.Port,
PortEnd: req.Port,
Protocol: "tcp",
Direction: firewall.DirectionIn,
Strategy: firewall.StrategyAccept,
}, firewall.OperationAdd)
if err != nil {
service.Error(w, http.StatusInternalServerError, "%v", err)

3
internal/apps/pureftpd/service.go
View File

@@ -158,7 +158,8 @@ func (s *Service) UpdatePort(w http.ResponseWriter, r *http.Request) {
err = fw.Port(firewall.FireInfo{
PortStart: req.Port,
PortEnd: req.Port,
Protocol: "tcp",
Direction: firewall.DirectionIn,
Strategy: firewall.StrategyAccept,
}, firewall.OperationAdd)
if err != nil {
service.Error(w, http.StatusInternalServerError, "%v", err)

3
internal/data/setting.go
View File

@@ -207,7 +207,8 @@ func (r *settingRepo) UpdatePanelSetting(ctx context.Context, setting *request.P
err = fw.Port(firewall.FireInfo{
PortStart: uint(config.HTTP.Port),
PortEnd: uint(config.HTTP.Port),
Protocol: "tcp",
Direction: firewall.DirectionIn,
Strategy: firewall.StrategyAccept,
}, firewall.OperationAdd)
if err != nil {
return false, err

4
internal/service/firewall.go
View File

@@ -80,7 +80,7 @@ func (s *FirewallService) CreateRule(w http.ResponseWriter, r *http.Request) {
}
if err = s.firewall.Port(firewall.FireInfo{
Family: req.Family, PortStart: req.PortStart, PortEnd: req.PortEnd, Protocol: req.Protocol, Address: req.Address, Strategy: req.Strategy, Direction: req.Direction,
Family: req.Family, PortStart: req.PortStart, PortEnd: req.PortEnd, Protocol: firewall.Protocol(req.Protocol), Address: req.Address, Strategy: firewall.Strategy(req.Strategy), Direction: firewall.Direction(req.Direction),
}, firewall.OperationAdd); err != nil {
Error(w, http.StatusInternalServerError, "%v", err)
return
@@ -97,7 +97,7 @@ func (s *FirewallService) DeleteRule(w http.ResponseWriter, r *http.Request) {
}
if err = s.firewall.Port(firewall.FireInfo{
Family: req.Family, PortStart: req.PortStart, PortEnd: req.PortEnd, Protocol: req.Protocol, Address: req.Address, Strategy: req.Strategy, Direction: req.Direction,
Family: req.Family, PortStart: req.PortStart, PortEnd: req.PortEnd, Protocol: firewall.Protocol(req.Protocol), Address: req.Address, Strategy: firewall.Strategy(req.Strategy), Direction: firewall.Direction(req.Direction),
}, firewall.OperationRemove); err != nil {
Error(w, http.StatusInternalServerError, "%v", err)
return

62
pkg/firewall/consts.go
View File

@@ -1,26 +1,56 @@
package firewall
type Operation string
var (
OperationAdd Operation = "add" // 添加
OperationRemove Operation = "remove" // 移除
)
type Protocol string
var (
ProtocolTCP Protocol = "tcp" // tcp
ProtocolUDP Protocol = "udp" // udp
ProtocolTCPUDP Protocol = "tcp/udp" // tcp/udp
)
type Strategy string
var (
StrategyAccept Strategy = "accept" // 接受
StrategyDrop Strategy = "drop" // 丢弃
StrategyReject Strategy = "reject" // 拒绝
)
type Direction string
var (
DirectionIn Direction = "in" // 传入
DirectionOut Direction = "out" // 传出
)
type FireInfo struct {
Family string `json:"family"` // ipv4 ipv6
Address string `json:"address"` // 源地址或目标地址
PortStart uint `json:"port_start"` // 1-65535
PortEnd uint `json:"port_end"` // 1-65535
Protocol string `json:"protocol"` // tcp udp tcp/udp
Strategy string `json:"strategy"` // accept drop reject
Direction string `json:"direction"` // in out 入站或出站
Family string `json:"family"` // ipv4 ipv6
Address string `json:"address"` // 源地址或目标地址
PortStart uint `json:"port_start"` // 1-65535
PortEnd uint `json:"port_end"` // 1-65535
Protocol Protocol `json:"protocol"` // tcp udp tcp/udp
Strategy Strategy `json:"strategy"` // accept drop reject
Direction Direction `json:"direction"` // in out 入站或出站
}
type FireForwardInfo struct {
Address string `json:"address"`
Port uint `json:"port"` // 1-65535
Protocol string `json:"protocol"` // tcp udp tcp/udp
TargetIP string `json:"targetIP"`
TargetPort string `json:"targetPort"` // 1-65535
Address string `json:"address"` // 源地址
Port uint `json:"port"` // 1-65535
Protocol Protocol `json:"protocol"` // tcp udp tcp/udp
TargetIP string `json:"targetIP"` // 目标地址
TargetPort string `json:"targetPort"` // 1-65535
}
type Forward struct {
Protocol string `json:"protocol"`
Port uint `json:"port"` // 1-65535
TargetIP string `json:"targetIP"`
TargetPort uint `json:"targetPort"` // 1-65535
Protocol Protocol `json:"protocol"` // tcp udp tcp/udp
Port uint `json:"port"` // 1-65535
TargetIP string `json:"targetIP"` // 目标地址
TargetPort uint `json:"targetPort"` // 1-65535
}

23
pkg/firewall/firewall.go
View File

@@ -14,13 +14,6 @@ import (
"github.com/TheTNB/panel/pkg/systemctl"
)
type Operation string
var (
OperationAdd Operation = "add"
OperationRemove Operation = "remove"
)
type Firewall struct {
forwardListRegex *regexp.Regexp
richRuleRegex *regexp.Regexp
@@ -70,7 +63,7 @@ func (r *Firewall) ListRule() ([]FireInfo, error) {
item.PortStart = cast.ToUint(ruleItem[0])
item.PortEnd = cast.ToUint(ruleItem[0])
}
item.Protocol = ruleItem[1]
item.Protocol = Protocol(ruleItem[1])
}
item.Family = "ipv4"
item.Strategy = "accept"
@@ -112,7 +105,7 @@ func (r *Firewall) ListForward() ([]FireForwardInfo, error) {
}
data = append(data, FireForwardInfo{
Port: cast.ToUint(match[1]),
Protocol: match[2],
Protocol: Protocol(match[2]),
TargetIP: match[4],
TargetPort: match[3],
})
@@ -154,7 +147,7 @@ func (r *Firewall) Port(rule FireInfo, operation Operation) error {
return r.RichRules(rule, operation)
}
protocols := strings.Split(rule.Protocol, "/")
protocols := strings.Split(string(rule.Protocol), "/")
for protocol := range slices.Values(protocols) {
stdout, err := shell.Execf("firewall-cmd --zone=public --%s-port=%d-%d/%s --permanent", operation, rule.PortStart, rule.PortEnd, protocol)
if err != nil {
@@ -167,7 +160,7 @@ func (r *Firewall) Port(rule FireInfo, operation Operation) error {
}
func (r *Firewall) RichRules(rule FireInfo, operation Operation) error {
protocols := strings.Split(rule.Protocol, "/")
protocols := strings.Split(string(rule.Protocol), "/")
for protocol := range slices.Values(protocols) {
var ruleBuilder strings.Builder
ruleBuilder.WriteString(fmt.Sprintf(`rule family="%s" `, rule.Family))
@@ -177,6 +170,8 @@ func (r *Firewall) RichRules(rule FireInfo, operation Operation) error {
ruleBuilder.WriteString(fmt.Sprintf(`source address="%s" `, rule.Address))
} else if rule.Direction == "out" {
ruleBuilder.WriteString(fmt.Sprintf(`destination address="%s" `, rule.Address))
} else if rule.Direction != "" {
return fmt.Errorf("invalid direction: %s", rule.Direction)
}
}
if rule.PortStart != 0 && rule.PortEnd != 0 && (rule.PortStart != 1 && rule.PortEnd != 65535) { // 1-65535是解析出来无端口规则的情况
@@ -189,7 +184,7 @@ func (r *Firewall) RichRules(rule FireInfo, operation Operation) error {
ruleBuilder.WriteString(fmt.Sprintf(`protocol="%s" `, protocol))
}
ruleBuilder.WriteString(rule.Strategy)
ruleBuilder.WriteString(string(rule.Strategy))
_, err := shell.Execf("firewall-cmd --zone=public --%s-rich-rule '%s' --permanent", operation, ruleBuilder.String())
if err != nil {
return fmt.Errorf("%s rich rules (%s) failed, err: %v", operation, ruleBuilder.String(), err)
@@ -236,8 +231,8 @@ func (r *Firewall) parseRichRule(line string) (FireInfo, error) {
fireInfo := FireInfo{
Family: match[1],
Address: match[3],
Protocol: match[5],
Strategy: match[6],
Protocol: Protocol(match[5]),
Strategy: Strategy(match[6]),
}
if match[2] == "destination" {

2
web/src/main.ts
View File

@@ -33,7 +33,7 @@ async function setupApp() {
app.mount('#app')
}
const title = ref('')
const title = ref(import.meta.env.VITE_APP_TITLE)
const setupPanel = async () => {
const themeStore = useThemeStore()