Merge pull request #10 from YunoHost/dev_beudbeud

add reload upnp only
2024-09-03 20:06:10 +02:00 · 2014-06-26 12:32:30 +02:00 · 2014-06-26 12:32:30 +02:00 · a0d4a90ab2
commit a0d4a90ab2
parent 13e29c038d ffc0f0bd53
2 changed files with 26 additions and 17 deletions
--- a/actionsmap/yunohost.yml
+++ b/actionsmap/yunohost.yml
@ -881,6 +881,7 @@ firewall:
                    choices:
                        - enable
                        - disable
+                        - reload
                        - []
                    nargs: "*"

--- a/firewall.py
+++ b/firewall.py
@ -172,21 +172,7 @@ def firewall_reload():
    if os.system("iptables -P INPUT ACCEPT") != 0:
        raise MoulinetteError(errno.ESRCH, m18n.n('iptables_unavailable'))
    if upnp:
-        try:
-            upnpc = miniupnpc.UPnP()
-            upnpc.discoverdelay = 3000
-            if upnpc.discover() == 1:
-                upnpc.selectigd()
-                for protocol in ['TCP', 'UDP']:
-                    for port in firewall['uPnP'][protocol]:
-                        if upnpc.getspecificportmapping(port, protocol):
-                            try: upnpc.deleteportmapping(port, protocol)
-                            except: pass
-                        upnpc.addportmapping(port, protocol, upnpc.lanaddr, port, 'yunohost firewall : port %d' % port, '')
-            else:
-                raise MoulinetteError(errno.ENXIO, m18n.n('upnp_dev_not_found'))
-        except:
-            msignals.display(m18n.n('upnp_port_open_failed'), 'warning')
+        firewall_upnp(action=['reload'])

    os.system("iptables -F")
    os.system("iptables -X")
@ -236,7 +222,7 @@ def firewall_upnp(action=None):
    Add uPnP cron and enable uPnP in firewall.yml, or the opposite.

    Keyword argument:
-        action -- enable/disable
+        action -- enable/disable/reload

    """
    firewall = firewall_list(raw=True)
@ -248,7 +234,9 @@ def firewall_upnp(action=None):
        firewall['uPnP']['enabled'] = True

        with open('/etc/cron.d/yunohost-firewall', 'w+') as f:
-            f.write('*/50 * * * * root PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin yunohost firewall reload >>/dev/null\n')
+            f.write('PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
+            \n*/50 * * * * root yunohost firewall upnp reload >>/dev/null \
+            \n*/50 * * * * root iptables -L | grep ^fail2ban-dovecot > /dev/null 2>&1; if [ $? != 0 ]; then yunohost firewall reload; fi >>/dev/null')

        msignals.display(m18n.n('upnp_enabled'), 'success')

@ -273,6 +261,26 @@ def firewall_upnp(action=None):

        msignals.display(m18n.n('upnp_disabled'), 'success')

+    if action == 'reload':
+        upnp = firewall['uPnP']['enabled']
+
+        if upnp:
+            try:
+                upnpc = miniupnpc.UPnP()
+                upnpc.discoverdelay = 3000
+                if upnpc.discover() == 1:
+                    upnpc.selectigd()
+                    for protocol in ['TCP', 'UDP']:
+                        for port in firewall['uPnP'][protocol]:
+                            if upnpc.getspecificportmapping(port, protocol):
+                                try: upnpc.deleteportmapping(port, protocol)
+                                except: pass
+                            upnpc.addportmapping(port, protocol, upnpc.lanaddr, port, 'yunohost firewall : port %d' % port, '')
+                else:
+                    raise MoulinetteError(errno.ENXIO, m18n.n('upnp_dev_not_found'))
+            except:
+                msignals.display(m18n.n('upnp_port_open_failed'), 'warning')
+
    if action:
        os.system("cp /etc/yunohost/firewall.yml /etc/yunohost/firewall.yml.old")
        with open('/etc/yunohost/firewall.yml', 'w') as f: