From 3135a519281c52c256130e6de64a5427b5446c8f Mon Sep 17 00:00:00 2001 From: kload Date: Fri, 8 May 2015 02:18:38 +0200 Subject: [PATCH] [fix] Mandatory protocol for backward compatibility --- data/actionsmap/yunohost.yml | 28 +++++++++++++--------------- lib/yunohost/firewall.py | 8 ++++---- 2 files changed, 17 insertions(+), 19 deletions(-) diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index 97592259c..d05ffeb5c 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -905,20 +905,19 @@ firewall: action_help: Allow connections on a port api: POST /firewall/port arguments: + protocol: + help: "Protocol type to allow (TCP/UDP/Both)" + choices: + - TCP + - UDP + - Both + default: TCP port: help: Port or range of ports to open extra: pattern: &pattern_port_or_range - !!str ((^|(?!\A):)([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])){1,2}?$ - "pattern_port_or_range" - -p: - full: --protocol - help: "Protocol type to allow (default: TCP)" - choices: - - TCP - - UDP - - Both - default: TCP -4: full: --ipv4-only help: Only add a rule for IPv4 connections @@ -940,18 +939,17 @@ firewall: action_help: Disallow connections on a port api: DELETE /firewall/port arguments: - port: - help: Port or range of ports to close - extra: - pattern: *pattern_port_or_range - -p: - full: --protocol - help: "Protocol type to allow (default: TCP)" + protocol: + help: "Protocol type to allow (TCP/UDP/Both)" choices: - TCP - UDP - Both default: TCP + port: + help: Port or range of ports to close + extra: + pattern: *pattern_port_or_range -4: full: --ipv4-only help: Only remove the rule for IPv4 connections diff --git a/lib/yunohost/firewall.py b/lib/yunohost/firewall.py index 7e114f4a1..0b78d0ee6 100644 --- a/lib/yunohost/firewall.py +++ b/lib/yunohost/firewall.py @@ -44,14 +44,14 @@ upnp_cron_job = '/etc/cron.d/yunohost-firewall-upnp' logger = getActionLogger('yunohost.firewall') -def firewall_allow(port, protocol='TCP', ipv4_only=False, ipv6_only=False, +def firewall_allow(protocol, port, ipv4_only=False, ipv6_only=False, no_upnp=False, no_reload=False): """ Allow connections on a port Keyword arguments: + protocol -- Protocol type to allow (TCP/UDP/Both) port -- Port or range of ports to open - protocol -- Protocol type to allow (default: TCP) ipv4_only -- Only add a rule for IPv4 connections ipv6_only -- Only add a rule for IPv6 connections no_upnp -- Do not add forwarding of this port with UPnP @@ -95,14 +95,14 @@ def firewall_allow(port, protocol='TCP', ipv4_only=False, ipv6_only=False, return firewall_reload() -def firewall_disallow(port, protocol='TCP', ipv4_only=False, ipv6_only=False, +def firewall_disallow(protocol, port, ipv4_only=False, ipv6_only=False, upnp_only=False, no_reload=False): """ Disallow connections on a port Keyword arguments: + protocol -- Protocol type to disallow (TCP/UDP/Both) port -- Port or range of ports to close - protocol -- Protocol type to disallow (default: TCP) ipv4_only -- Only remove the rule for IPv4 connections ipv6_only -- Only remove the rule for IPv6 connections upnp_only -- Only remove forwarding of this port with UPnP