From d75958be2e7d2833032b0d9d059cfaffe2ca7fbc Mon Sep 17 00:00:00 2001
From: midoks <midoks@163.com>
Date: Fri, 10 Jun 2022 23:04:42 +0800
Subject: [PATCH] Update debian.sh

---
 scripts/install/debian.sh | 41 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/scripts/install/debian.sh b/scripts/install/debian.sh
index d27173a37..fdfc86388 100644
--- a/scripts/install/debian.sh
+++ b/scripts/install/debian.sh
@@ -20,6 +20,47 @@ if [ ! -d /root/.acme.sh ];then
 	curl  https://get.acme.sh | sh
 fi
 
+if [ -f /etc/init.d/iptables ];then
 
+	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
+	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
+	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
+	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 888 -j ACCEPT
+	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 7200 -j ACCEPT
+	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
+	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 30000:40000 -j ACCEPT
+	service iptables save
+
+	iptables_status=`service iptables status | grep 'not running'`
+	if [ "${iptables_status}" == '' ];then
+		service iptables restart
+	fi
+fi
+
+
+if [ "${isVersion}" == '' ];then
+	if [ ! -f "/etc/init.d/iptables" ];then
+		apt install firewalld
+		systemctl enable firewalld
+		systemctl start firewalld
+
+		firewall-cmd --permanent --zone=public --add-port=22/tcp
+		firewall-cmd --permanent --zone=public --add-port=80/tcp
+		firewall-cmd --permanent --zone=public --add-port=443/tcp
+		firewall-cmd --permanent --zone=public --add-port=888/tcp
+		firewall-cmd --permanent --zone=public --add-port=7200/tcp
+		firewall-cmd --permanent --zone=public --add-port=3306/tcp
+		firewall-cmd --permanent --zone=public --add-port=30000-40000/tcp
+		firewall-cmd --reload
+	fi
+fi
+
+
+#安装时不开启
+service iptables stop
+
+
+# apt install -y libevent libevent-devel mysql-devel libjpeg* libpng* gd* zip unzip libmcrypt libmcrypt-devel
+apt install unzip
 echo "debian dev..."