YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #10 from YunoHost/dev_beudbeud

Browse source 
add reload upnp only
This commit is contained in:
Alexis Gavoty 2014-06-26 12:32:30 +02:00
commit a0d4a90ab2
2 changed files with 26 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
actionsmap/yunohost.yml
View file

@ -881,6 +881,7 @@ firewall:
choices: choices:
- enable - enable
- disable - disable
- reload
- [] - []
nargs: "*" nargs: "*"

42
firewall.py
View file

@ -172,21 +172,7 @@ def firewall_reload():
if os.system("iptables -P INPUT ACCEPT") != 0: if os.system("iptables -P INPUT ACCEPT") != 0:
raise MoulinetteError(errno.ESRCH, m18n.n('iptables_unavailable')) raise MoulinetteError(errno.ESRCH, m18n.n('iptables_unavailable'))
if upnp: if upnp:
try: firewall_upnp(action=['reload'])
upnpc = miniupnpc.UPnP()
upnpc.discoverdelay = 3000
if upnpc.discover() == 1:
upnpc.selectigd()
for protocol in ['TCP', 'UDP']:
for port in firewall['uPnP'][protocol]:
if upnpc.getspecificportmapping(port, protocol):
try: upnpc.deleteportmapping(port, protocol)
except: pass
upnpc.addportmapping(port, protocol, upnpc.lanaddr, port, 'yunohost firewall : port %d' % port, '')
else:
raise MoulinetteError(errno.ENXIO, m18n.n('upnp_dev_not_found'))
except:
msignals.display(m18n.n('upnp_port_open_failed'), 'warning')
os.system("iptables -F") os.system("iptables -F")
os.system("iptables -X") os.system("iptables -X")
@ -236,7 +222,7 @@ def firewall_upnp(action=None):
Add uPnP cron and enable uPnP in firewall.yml, or the opposite. Add uPnP cron and enable uPnP in firewall.yml, or the opposite.
Keyword argument: Keyword argument:
action -- enable/disable action -- enable/disable/reload
""" """
firewall = firewall_list(raw=True) firewall = firewall_list(raw=True)
@ -248,7 +234,9 @@ def firewall_upnp(action=None):
firewall['uPnP']['enabled'] = True firewall['uPnP']['enabled'] = True
with open('/etc/cron.d/yunohost-firewall', 'w+') as f: with open('/etc/cron.d/yunohost-firewall', 'w+') as f:
f.write('*/50 * * * * root PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin yunohost firewall reload >>/dev/null\n') f.write('PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
\n*/50 * * * * root yunohost firewall upnp reload >>/dev/null \
\n*/50 * * * * root iptables -L | grep ^fail2ban-dovecot > /dev/null 2>&1; if [ $? != 0 ]; then yunohost firewall reload; fi >>/dev/null')
msignals.display(m18n.n('upnp_enabled'), 'success') msignals.display(m18n.n('upnp_enabled'), 'success')
@ -273,6 +261,26 @@ def firewall_upnp(action=None):
msignals.display(m18n.n('upnp_disabled'), 'success') msignals.display(m18n.n('upnp_disabled'), 'success')
if action == 'reload':
upnp = firewall['uPnP']['enabled']
if upnp:
try:
upnpc = miniupnpc.UPnP()
upnpc.discoverdelay = 3000
if upnpc.discover() == 1:
upnpc.selectigd()
for protocol in ['TCP', 'UDP']:
for port in firewall['uPnP'][protocol]:
if upnpc.getspecificportmapping(port, protocol):
try: upnpc.deleteportmapping(port, protocol)
except: pass
upnpc.addportmapping(port, protocol, upnpc.lanaddr, port, 'yunohost firewall : port %d' % port, '')
else:
raise MoulinetteError(errno.ENXIO, m18n.n('upnp_dev_not_found'))
except:
msignals.display(m18n.n('upnp_port_open_failed'), 'warning')
if action: if action:
os.system("cp /etc/yunohost/firewall.yml /etc/yunohost/firewall.yml.old") os.system("cp /etc/yunohost/firewall.yml /etc/yunohost/firewall.yml.old")
with open('/etc/yunohost/firewall.yml', 'w') as f: with open('/etc/yunohost/firewall.yml', 'w') as f: