def AddDropAddress(self, get):
import time
import re
ip_format = get.port.split('/')[0]
if not public.check_ip(ip_format):
return public.returnMsg(False, 'FIREWALL_IP_FORMAT')
if ip_format in ['0.0.0.0', '127.0.0.0', "::1"]:
return public.returnMsg(False, '请不要花样作死!')
address = get.port
if public.M('firewall').where("port=?", (address, )).count() > 0:
return public.returnMsg(False, 'FIREWALL_IP_EXISTS')
if self.__isUfw:
public.ExecShell('ufw insert 1 deny from ' + address + ' to any')
else:
if self.__isFirewalld:
#self.__Obj.AddDropAddress(address)
if public.is_ipv6(ip_format):
public.ExecShell(
'firewall-cmd --permanent --add-rich-rule=\'rule family=ipv6 source address="'
+ address + '" drop\'')
else:
public.ExecShell(
'firewall-cmd --permanent --add-rich-rule=\'rule family=ipv4 source address="'
+ address + '" drop\'')
else:
if public.is_ipv6(ip_format):
return public.returnMsg(False, 'FIREWALL_IP_FORMAT')
public.ExecShell('iptables -I INPUT -s ' + address +
' -j DROP')
public.WriteLog("TYPE_FIREWALL", 'FIREWALL_DROP_IP', (address, ))
addtime = time.strftime('%Y-%m-%d %X', time.localtime())
public.M('firewall').add('port,ps,addtime', (address, get.ps, addtime))
self.FirewallReload()
return public.returnMsg(True, 'ADD_SUCCESS')
def DelDropAddress(self, get):
address = get.port
id = get.id
ip_format = get.port.split('/')[0]
if self.__isUfw:
public.ExecShell('ufw delete deny from ' + address + ' to any')
else:
if self.__isFirewalld:
#self.__Obj.DelDropAddress(address)
if public.is_ipv6(ip_format):
public.ExecShell(
'firewall-cmd --permanent --remove-rich-rule=\'rule family=ipv6 source address="'
+ address + '" drop\'')
else:
public.ExecShell(
'firewall-cmd --permanent --remove-rich-rule=\'rule family=ipv4 source address="'
+ address + '" drop\'')
else:
public.ExecShell('iptables -D INPUT -s ' + address +
' -j DROP')
public.WriteLog("TYPE_FIREWALL", 'FIREWALL_ACCEPT_IP', (address, ))
public.M('firewall').where("id=?", (id, )).delete()
self.FirewallReload()
return public.returnMsg(True, 'DEL_SUCCESS')