update

6 months ago · 9ce92eb69e
parent a4079c09ef
commit 9ce92eb69e
4 changed files with 86 additions and 12 deletions
--- a/panel_task.py
+++ b/panel_task.py
@ -107,7 +107,6 @@ def runPanelTask():
                downloadFile(argv[0], argv[1])
            elif run_task['type'] == 'execshell':
                execShell(run_task['cmd'])
-            # print(run_task)
            end = int(time.time())
            thisdb.setTaskData(run_task['id'], end=end)
            thisdb.setTaskStatus(run_task['id'], 1)
--- a/web/admin/firewall/init.py
+++ b/web/admin/firewall/init.py
@ -66,6 +66,16 @@ def add_accept_port():

    return MwFirewall.instance().addAcceptPort(port, ps, stype, protocol=protocol)

+# 添加放行端口
+@blueprint.route('/del_accept_port', endpoint='del_accept_port', methods=['POST'])
+@panel_login_required
+def del_accept_port():
+    port = request.form.get('port', '').strip()
+    firewall_id = request.form.get('id', '').strip()
+    protocol = request.form.get('protocol', '').strip()
+    return MwFirewall.instance().delAcceptPort(firewall_id, port, protocol=protocol)
+
+



--- a/web/core/mw.py
+++ b/web/core/mw.py
@ -87,16 +87,21 @@ def getMWLogs():
 def getPanelTmp():
    return getPanelDir() + '/tmp'

-def getPanelTaskLog():
-    return getMWLogs() + '/panel_task.log'
-
-
 def getServerDir():
    return getFatherDir() + '/server'

 def getLogsDir():
    return getFatherDir() + '/wwwlogs'

+def getRecycleBinDir():
+    rb_dir = getFatherDir() + '/recycle_bin'
+    if not os.path.exists(rb_dir):
+        os.system('mkdir -p ' + rb_dir)
+    return rb_dir
+
+def getPanelTaskLog():
+    return getMWLogs() + '/panel_task.log'
+
 def getWwwDir():
    file = getPanelDir() + '/data/site.pl'
    if os.path.exists(file):
@ -104,11 +109,12 @@ def getWwwDir():
    return getFatherDir() + '/wwwroot'


-def getRecycleBinDir():
-    rb_dir = getFatherDir() + '/recycle_bin'
-    if not os.path.exists(rb_dir):
-        os.system('mkdir -p ' + rb_dir)
-    return rb_dir
+def getPanelPort():
+    port_file = mw.getPanelDir()+'/data/port.pl'
+    port = mw.readFile(port_file).strip()
+    if not port:
+        return 7200
+    return int(port)

 def getRandomString(length):
    # 取随机字符串
--- a/web/utils/firewall.py
+++ b/web/utils/firewall.py
@ -246,5 +246,64 @@ class Firewall(object):
        mw.writeLog("防火墙管理", msg)
        return mw.returnData(True, msg)

+    def delAcceptPort(self, firewall_id, port,
+        protocol: str  | None ='tcp'
+    ):
+        panel_port = mw.getPanelPort()
+
+        if(port == panel_port):
+            return mw.returnData(False, '失败，不能删除当前面板端口!')
+        try:
+            self.delAcceptPortCmd(port, protocol)
+            mw.M('firewall').where("id=?", (firewall_id,)).delete()
+            return mw.returnData(True, '删除成功!')
+        except Exception as e:
+            return mw.returnData(False, '删除失败!:' + str(e))
+
+    def delAcceptPortCmd(self, port,
+        protocol: str  | None ='tcp'
+    ):
+        if self.__isUfw:
+            if protocol == 'tcp':
+                mw.execShell('ufw delete allow ' + port + '/tcp')
+            if protocol == 'udp':
+                mw.execShell('ufw delete allow ' + port + '/udp')
+            if protocol == 'tcp/udp':
+                mw.execShell('ufw delete allow ' + port + '/tcp')
+                mw.execShell('ufw delete allow ' + port + '/udp')
+        elif self.__isFirewalld:
+            port = port.replace(':', '-')
+            if protocol == 'tcp':
+                mw.execShell(
+                    'firewall-cmd --permanent --zone=public --remove-port=' + port + '/tcp')
+            if protocol == 'udp':
+                mw.execShell(
+                    'firewall-cmd --permanent --zone=public --remove-port=' + port + '/udp')
+            if protocol == 'tcp/udp':
+                mw.execShell(
+                    'firewall-cmd --permanent --zone=public --remove-port=' + port + '/tcp')
+                mw.execShell(
+                    'firewall-cmd --permanent --zone=public --remove-port=' + port + '/udp')
+        elif self.__isIptables:
+            if protocol == 'tcp':
+                mw.execShell(
+                    'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT')
+            if protocol == 'udp':
+                mw.execShell(
+                    'iptables -D INPUT -p udp -m state --state NEW -m udp --dport ' + port + ' -j ACCEPT')
+            if protocol == 'tcp/udp':
+                mw.execShell(
+                    'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT')
+                mw.execShell(
+                    'iptables -D INPUT -p udp -m state --state NEW -m udp --dport ' + port + ' -j ACCEPT')
+        else:
+            pass
+
+        mw.M('firewall').where("port=?", (port,)).delete()
+        msg = mw.getInfo('删除防火墙放行端口[{1}][{2}]成功!', (port, protocol,))
+        mw.writeLog("防火墙管理", msg)
+        self.reload()
+        return True
+