diff --git a/yunohost_firewall.py b/yunohost_firewall.py
index 378d0334..467b19a1 100644
--- a/yunohost_firewall.py
+++ b/yunohost_firewall.py
@@ -15,57 +15,57 @@ from yunohost import YunoHostError, win_msg
def firewall_allow(protocol=None,port=None,ipv6=None):
"""
Allow port in iptables
-
+
Keyword arguments:
protocol -- Protocol used
port -- Port to open
ipv6 -- Boolean ipv6
-
+
Return
Dict
-
+
"""
- if int(port)<65536 and int(port)>0:
- if protocol == "Both":
- update_yml(port,'tcp','a',ipv6)
- update_yml(port,'udp','a',ipv6)
+ if int(port)<65536 and int(port)>0:
+ if protocol == "Both":
+ update_yml(port,'tcp','a',ipv6)
+ update_yml(port,'udp','a',ipv6)
- else:
-
- update_yml(port,protocol,'a',ipv6)
+ else:
+ update_yml(port,protocol,'a',ipv6)
- win_msg(_("Port successfully openned"))
- else:
- raise YunoHostError(22,_("Port not between 1 and 65535 : ")+port)
-
- firewall_reload()
- return firewall_list()
+ win_msg(_("Port successfully openned"))
+
+ else:
+ raise YunoHostError(22,_("Port not between 1 and 65535 : ")+port)
+
+ firewall_reload()
+ return firewall_list()
def firewall_disallow(protocol=None,port=None,ipv6=None):
"""
Disallow port in iptables
-
+
Keyword arguments:
protocol -- Protocol used
port -- Port to open
ipv6 -- Boolean ipv6
-
+
Return
Dict
-
+
"""
if protocol == "Both":
update_yml(port,'tcp','r',ipv6)
- update_yml(port,'udp','r',ipv6)
+ update_yml(port,'udp','r',ipv6)
else:
update_yml(port,protocol,'r',ipv6)
win_msg(_("Port successfully closed"))
-
- firewall_reload()
+
+ firewall_reload()
return firewall_list
@@ -73,13 +73,13 @@ def firewall_disallow(protocol=None,port=None,ipv6=None):
def firewall_list():
"""
Allow port in iptables
-
+
Keyword arguments:
None
-
+
Return
Dict
-
+
"""
with open ('firewall.yml') as f:
firewall = yaml.load(f)
@@ -92,7 +92,7 @@ def firewall_reload():
Reload iptables configuration
Keyword arguments:
- None
+ None
Return
Dict
@@ -103,53 +103,51 @@ def firewall_reload():
os.system ("iptables -P INPUT ACCEPT")
os.system ("iptables -F")
os.system ("iptables -X")
- if '22' not in firewall['ipv4']['TCP']:
- update_yml('22','TCP','a',False)
+ if '22' not in firewall['ipv4']['TCP']:
+ update_yml('22','TCP','a',False)
os.system ("ip6tables -P INPUT ACCEPT")
os.system ("ip6tables -F")
os.system ("ip6tables -X")
- if '22' not in firewall['ipv6']['TCP']:
- update_yml('22','TCP','a',True)
+ if '22' not in firewall['ipv6']['TCP']:
+ update_yml('22','TCP','a',True)
for i,port in enumerate (firewall['ipv4']['TCP']):
os.system ("iptables -A INPUT -p tcp -i eth0 --dport "+ str(port) +" -j ACCEPT")
-
+
for i,port in enumerate (firewall['ipv4']['UDP']):
os.system ("iptables -A INPUT -p udp -i eth0 --dport "+ str(port) +" -j ACCEPT")
-
+
for i,port in enumerate (firewall['ipv6']['TCP']):
os.system ("ip6tables -A INPUT -p tcp -i eth0 --dport "+ str(port) +" -j ACCEPT")
-
+
for i,port in enumerate (firewall['ipv6']['UDP']):
os.system ("ip6tables -A INPUT -p udp -i eth0 --dport "+ str(port) +" -j ACCEPT")
-
+
os.system ("iptables -P INPUT DROP")
os.system ("ip6tables -P INPUT DROP")
-
+
win_msg(_("Firewall successfully reloaded"))
return firewall_list()
def update_yml(port=None,protocol=None,mode=None,ipv6=None):
- """
+ """
Update firewall.yml
-
Keyword arguments:
protocol -- Protocol used
- port -- Port to open
+ port -- Port to open
mode -- a=append r=remove
- ipv6 -- Boolean ipv6
-
+ ipv6 -- Boolean ipv6
+
Return
None
-
"""
if ipv6:
ip = 'ipv6'
@@ -178,7 +176,4 @@ def update_yml(port=None,protocol=None,mode=None,ipv6=None):
os.system("mv firewall.yml firewall.yml.old")
with open('firewall.yml','w') as f:
yaml.dump(firewall,f)
-
-
-