Firewall rules (intermediate version)

2025-11-12 00:06:09 +01:00 · 2018-11-14 12:39:42 -05:00
parent 54c423c311
commit 457bd42dcb
1 changed files with 24 additions and 20 deletions
--- a/install/firewallUtilities.py
+++ b/install/firewallUtilities.py
@@ -14,19 +14,21 @@ class FirewallUtilities:
    @staticmethod
    def addRule(proto,port):
        try:
-            if port == "21":
-                command = "sudo firewall-cmd --add-service=ftp --permanent"
-                cmd = shlex.split(command)
-                res = subprocess.call(cmd)
+            command = 'sudo firewall-cmd --permanent --zone-public --add-port=' + port + '/' + proto

-            ipAddress = "0.0.0.0/0"
+            #if port == "21":
+            #    command = "sudo firewall-cmd --add-service=ftp --permanent"
+            #    cmd = shlex.split(command)
+            #    res = subprocess.call(cmd)

-            ruleFamily = 'rule family="ipv4"'
-            sourceAddress = 'source address="' + ipAddress + '"'
-            ruleProtocol = 'port protocol="' + proto + '"'
-            rulePort = 'port="' + port + '"'
+            #ipAddress = "0.0.0.0/0"

-            command = "sudo firewall-cmd --permanent --zone=public --add-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
+            #ruleFamily = 'rule family="ipv4"'
+            #sourceAddress = 'source address="' + ipAddress + '"'
+            #ruleProtocol = 'port protocol="' + proto + '"'
+            #rulePort = 'port="' + port + '"'
+
+            #command = "sudo firewall-cmd --permanent --zone=public --add-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"

            cmd = shlex.split(command)

@@ -50,19 +52,21 @@ class FirewallUtilities:
    @staticmethod
    def deleteRule(proto, port):
        try:
-            if port=="21":
-                command = "sudo firewall-cmd --remove-service=ftp --permanent"
-                cmd = shlex.split(command)
-                res = subprocess.call(cmd)
+            command = 'sudo firewall-cmd --permanent --zone-public --remove-port=' + port + '/' + proto

-            ipAddress = "0.0.0.0/0"
+            #if port=="21":
+            #    command = "sudo firewall-cmd --remove-service=ftp --permanent"
+            #    cmd = shlex.split(command)
+            #    res = subprocess.call(cmd)

-            ruleFamily = 'rule family="ipv4"'
-            sourceAddress = 'source address="' + ipAddress + '"'
-            ruleProtocol = 'port protocol="' + proto + '"'
-            rulePort = 'port="' + port + '"'
+            #ipAddress = "0.0.0.0/0"

-            command = "sudo firewall-cmd --permanent --zone=public --remove-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"
+            #ruleFamily = 'rule family="ipv4"'
+            #sourceAddress = 'source address="' + ipAddress + '"'
+            #ruleProtocol = 'port protocol="' + proto + '"'
+            #rulePort = 'port="' + port + '"'
+
+            #command = "sudo firewall-cmd --permanent --zone=public --remove-rich-rule='" + ruleFamily + " " + sourceAddress + " " + ruleProtocol + " " + rulePort + " " + "accept'"

            cmd = shlex.split(command)