free
/
freedombone
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Activity
Selaa lähdekoodia

Handle firewall when changing vpn tls port

Bob Mottram 7 vuotta sitten
vanhempi
f5a8c42645
commit
ef686e6264
1 muutettua tiedostoa jossa 20 lisäystä ja 4 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 20
    4
      src/freedombone-app-vpn

+ 20
- 4
src/freedombone-app-vpn Näytä tiedosto 

@@ -106,13 +106,17 @@ function install_interactive_vpn {
106 106 
 }
107 107
108 108 
 function vpn_change_tls_port {
109 
-    EXISTING_VPN_TLS_PORT=$VPN_TLS_PORT
109 
+    if ! grep -q "VPN-TLS" $FIREWALL_CONFIG; then
110 
+        EXISTING_VPN_TLS_PORT=443
111 
+    else
112 
+        EXISTING_VPN_TLS_PORT=$(cat $FIREWALL_CONFIG | grep "VPN-TLS" | awk -F '=' '{print $2}')
113 
+    fi
110 114
111 115 
     data=$(tempfile 2>/dev/null)
112 116 
     trap "rm -f $data" 0 1 2 5 15
113 117 
     dialog --title $"VPN Configuration" \
114 118 
            --backtitle $"Freedombone Control Panel" \
115 
-           --inputbox $'Change TLS port' 10 50 $VPN_TLS_PORT 2>$data
119 
+           --inputbox $'Change TLS port' 10 50 $EXISTING_VPN_TLS_PORT 2>$data
116 120 
     sel=$?
117 121 
     case $sel in
118 122 
         0)
 
@@ -134,17 +138,29 @@ function vpn_change_tls_port {
134 138 
                     done
135 139
136 140 
                     if [ $VPN_TLS_PORT -eq 443 ]; then
141 
+                        if [[ "$PREVIOUS_VPN_TLS_PORT" != "443" ]]; then
142 
+                            firewall_remove VPN-TLS ${EXISTING_VPN_TLS_PORT}
143 
+                        fi
137 144 
                         systemctl stop nginx
138 145 
                         systemctl disable nginx
139 146 
                     else
147 
+                        if [[ "$PREVIOUS_VPN_TLS_PORT" != "$VPN_TLS_PORT" ]]; then
148 
+                            firewall_remove VPN-TLS ${EXISTING_VPN_TLS_PORT}
149 
+                            firewall_add VPN-TLS ${VPN_TLS_PORT} tcp
150 
+                        fi
140 151 
                         systemctl enable nginx
141 152 
                         systemctl restart nginx
142 153 
                     fi
143 154
144 155 
                     systemctl restart stunnel
145 156
146 
-                    dialog --title $"VPN Configuration" \
147 
-                           --msgbox $"TLS port changed to $VPN_TLS_PORT" 6 60
157 
+                    if [ $VPN_TLS_PORT -eq 443 ]; then
158 
+                        dialog --title $"VPN Configuration" \
159 
+                               --msgbox $"TLS port changed to ${VPN_TLS_PORT}. Forward this port from your internet router." 10 60
160 
+                    else
161 
+                        dialog --title $"VPN Configuration" \
162 
+                               --msgbox $"TLS port changed to ${VPN_TLS_PORT}. Forward this port from your internet router." 10 60
163 
+                    fi
148 164 
                 fi
149 165 
             fi
150 166 
             ;;