From b1128cbddba1c950ec986b58253e74dab8f43c03 Mon Sep 17 00:00:00 2001 From: midoks Date: Tue, 26 Sep 2023 21:21:42 +0800 Subject: [PATCH] update --- class/core/firewall_api.py | 80 ++++++++++++++++++++----------------- plugins/phpmyadmin/index.py | 17 ++++++++ 2 files changed, 60 insertions(+), 37 deletions(-) diff --git a/class/core/firewall_api.py b/class/core/firewall_api.py index 08d8bf225..81d8a1e06 100755 --- a/class/core/firewall_api.py +++ b/class/core/firewall_api.py @@ -141,50 +141,56 @@ class firewall_api: self.firewallReload() return mw.returnJson(True, '删除成功!') + def delAcceptPortArgs(self, port, protocol='tcp'): + if self.__isUfw: + if protocol == 'tcp': + mw.execShell('ufw delete allow ' + port + '/tcp') + if protocol == 'udp': + mw.execShell('ufw delete allow ' + port + '/udp') + if protocol == 'tcp/udp': + mw.execShell('ufw delete allow ' + port + '/tcp') + mw.execShell('ufw delete allow ' + port + '/udp') + elif self.__isFirewalld: + port = port.replace(':', '-') + if protocol == 'tcp': + mw.execShell( + 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/tcp') + if protocol == 'udp': + mw.execShell( + 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/udp') + if protocol == 'tcp/udp': + mw.execShell( + 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/tcp') + mw.execShell( + 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/udp') + elif self.__isIptables: + if protocol == 'tcp': + mw.execShell( + 'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT') + if protocol == 'udp': + mw.execShell( + 'iptables -D INPUT -p udp -m state --state NEW -m udp --dport ' + port + ' -j ACCEPT') + if protocol == 'tcp/udp': + mw.execShell( + 'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT') + mw.execShell( + 'iptables -D INPUT -p udp -m state --state NEW -m udp --dport ' + port + ' -j ACCEPT') + else: + pass + return True + # 删除放行端口 def delAcceptPortApi(self): port = request.form.get('port', '').strip() protocol = request.form.get('protocol', 'tcp').strip() sid = request.form.get('id', '').strip() mw_port = mw.readFile('data/port.pl') + + if(port == mw_port): + return mw.returnJson(False, '失败,不能删除当前面板端口!') try: - if(port == mw_port): - return mw.returnJson(False, '失败,不能删除当前面板端口!') - if self.__isUfw: - if protocol == 'tcp': - mw.execShell('ufw delete allow ' + port + '/tcp') - if protocol == 'udp': - mw.execShell('ufw delete allow ' + port + '/udp') - if protocol == 'tcp/udp': - mw.execShell('ufw delete allow ' + port + '/tcp') - mw.execShell('ufw delete allow ' + port + '/udp') - elif self.__isFirewalld: - port = port.replace(':', '-') - if protocol == 'tcp': - mw.execShell( - 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/tcp') - if protocol == 'udp': - mw.execShell( - 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/udp') - if protocol == 'tcp/udp': - mw.execShell( - 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/tcp') - mw.execShell( - 'firewall-cmd --permanent --zone=public --remove-port=' + port + '/udp') - elif self.__isIptables: - if protocol == 'tcp': - mw.execShell( - 'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT') - if protocol == 'udp': - mw.execShell( - 'iptables -D INPUT -p udp -m state --state NEW -m udp --dport ' + port + ' -j ACCEPT') - if protocol == 'tcp/udp': - mw.execShell( - 'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT') - mw.execShell( - 'iptables -D INPUT -p udp -m state --state NEW -m udp --dport ' + port + ' -j ACCEPT') - else: - pass + self.delAcceptPortArgs(port, protocol) + msg = mw.getInfo('删除防火墙放行端口[{1}][{2}]成功!', (port, protocol,)) mw.writeLog("防火墙管理", msg) mw.M('firewall').where("id=?", (sid,)).delete() diff --git a/plugins/phpmyadmin/index.py b/plugins/phpmyadmin/index.py index d9d8c6a66..c256e3e8b 100755 --- a/plugins/phpmyadmin/index.py +++ b/plugins/phpmyadmin/index.py @@ -196,12 +196,28 @@ def __release_port(port): return "Release failed {}".format(e) +def __delete_port(port): + from collections import namedtuple + try: + import firewall_api + firewall_api.firewall_api().delAcceptPortArgs(port, 'tcp') + return port + except Exception as e: + return "Release failed {}".format(e) + + def openPort(): for i in ["888"]: __release_port(i) return True +def delPort(): + for i in ["888"]: + __delete_port(i) + return True + + def start(): initCfg() @@ -257,6 +273,7 @@ def stop(): conf = getConf() if os.path.exists(conf): os.remove(conf) + delPort() mw.restartWeb() return 'ok'