ufw
This commit is contained in:
devdatt
parent
afd1257255
commit
4ffa926a77
|
|
@ -21,6 +21,10 @@ if (is_file($jsonFile)) {
|
|||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
|
||||
exec("sudo ufw reset");
|
||||
exec("sudo ufw default allow outgoing");
|
||||
exec("sudo ufw default deny incoming");
|
||||
|
||||
foreach ($defaults as $port => $_) {
|
||||
$data[$port] = trim($_POST["port_$port"] ?? '');
|
||||
}
|
||||
|
|
@ -31,6 +35,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|||
json_encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)
|
||||
);
|
||||
rename($tmp, $jsonFile);
|
||||
|
||||
foreach ($data as $port => $value) {
|
||||
$tmp = explode(",", trim($value));
|
||||
if (count($tmp) > 0)
|
||||
foreach ($tmp as $ip)
|
||||
exec("sudo ufw allow in on " . $port . " from " . $ip);
|
||||
else
|
||||
exec("sudo ufw allow " . $port);
|
||||
}
|
||||
|
||||
exec("sudo ufw --force enable");
|
||||
}
|
||||
?>
|
||||
|
||||
|
|
|
|||
|
|
@ -1,36 +0,0 @@
|
|||
<?php
|
||||
|
||||
$ethInterfaces = [];
|
||||
|
||||
foreach (scandir('/sys/class/net') as $iface) {
|
||||
if ($iface === '.' || $iface === '..' || $iface === 'lo') {
|
||||
continue;
|
||||
}
|
||||
|
||||
$base = "/sys/class/net/$iface";
|
||||
|
||||
// Must be physical hardware
|
||||
if (!is_dir("$base/device")) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Exclude wireless
|
||||
if (is_dir("$base/wireless")) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Must be Ethernet
|
||||
$type = @file_get_contents("$base/type");
|
||||
if (trim($type) !== '1') {
|
||||
continue;
|
||||
}
|
||||
|
||||
$ethInterfaces[] = $iface;
|
||||
}
|
||||
|
||||
$ethInterface = "";
|
||||
|
||||
$ethInterfaces
|
||||
? $ethInterface = $ethInterfaces[0]
|
||||
: 'No physical wired Ethernet NIC found';
|
||||
|
||||
Loading…
Reference in New Issue