feat: 防火墙允许操作 ipv6 (1Panel-dev#5564)

Refs 1Panel-dev#2409
KaySar12 · Jun 25, 2024 · fd46227 · fd46227
1 parent f8cf8e8
commit fd46227
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 59 deletions.
diff --git a/backend/utils/firewall/client/firewalld.go b/backend/utils/firewall/client/firewalld.go
@@ -108,8 +108,7 @@ func (f *Firewall) ListPort() ([]FireInfo, error) {
 				continue
 			}
 			itemRule := f.loadInfo(rule)
-			if len(itemRule.Port) != 0 && itemRule.Family == "ipv4" {
-				itemRule.Family = ""
+			if (len(itemRule.Port) != 0 && itemRule.Family == "ipv4") || (itemRule.Family == "ipv6" && len(itemRule.Address) != 0) {
 				datas = append(datas, itemRule)
 			}
 		}
@@ -177,6 +176,9 @@ func (f *Firewall) RichRules(rule FireInfo, operation string) error {
 		return buserr.New(constant.ErrCmdIllegal)
 	}
 	ruleStr := "rule family=ipv4 "
+	if strings.Contains(rule.Address, ":") {
+		ruleStr = "rule family=ipv6 "
+	}
 	if len(rule.Address) != 0 {
 		ruleStr += fmt.Sprintf("source address=%s ", rule.Address)
 	}

diff --git a/backend/utils/firewall/client/ufw.go b/backend/utils/firewall/client/ufw.go
@@ -255,15 +255,19 @@ func (f *Ufw) loadInfo(line string, fireType string) FireInfo {
 	if len(fields) < 4 {
 		return itemInfo
 	}
-	if fields[1] == "(v6)" {
+	if fields[1] == "(v6)" && fireType == "port" {
 		return itemInfo
 	}
 	if fields[0] == "Anywhere" && fireType != "port" {
 		itemInfo.Strategy = "drop"
 		if fields[1] == "ALLOW" {
 			itemInfo.Strategy = "accept"
 		}
-		itemInfo.Address = fields[3]
+		if fields[1] == "(v6)" {
+			itemInfo.Address = fields[4]
+		} else {
+			itemInfo.Address = fields[3]
+		}
 		return itemInfo
 	}
 	if strings.Contains(fields[0], "/") {