frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-03-01 10:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add openvpn udp rules to firewall

Browse Source
This commit is contained in:
Christian Zeitnitz 2021-07-18 22:09:59 +02:00
parent 2e1781a2eb
commit b770b89d73
1 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
includes/firewall.php
View File

@ -72,7 +72,7 @@ function createRuleStr(&$sect, &$conf) {
return $str; return $str;
} }
function setFirewall() { function configureFirewall() {
$json = file_get_contents(RASPAP_IPTABLES_CONF); $json = file_get_contents(RASPAP_IPTABLES_CONF);
$ipt = json_decode($json, true); $ipt = json_decode($json, true);
$conf = ReadFirewallConf(); $conf = ReadFirewallConf();
@ -135,6 +135,23 @@ function ReadFirewallConf() {
$conf["client-device"] = ""; $conf["client-device"] = "";
$conf["restricted-ips"] = ""; $conf["restricted-ips"] = "";
} }
# get openvpn server IP (if existing)
if ( RASPI_OPENVPN_ENABLED && file_exists(RASPI_OPENVPN_CLIENT_CONFIG) ) {
exec('cat '.RASPI_OPENVPN_CLIENT_CONFIG.' | sed -rn "s/^remote\s*([a-z0-9\.\-\_]*)\s*([0-9]*).*$/\1/ip" ', $ret);
if ( !empty($ret) ) {
$ip = $ret[0];
$ip = ( filter_var($ip, FILTER_VALIDATE_IP) !== false ) ? $ip : gethostbyname($ip);
if ( !empty($ip) ) {
$conf["openvpn-serverip"] = "$ip";
$conf["openvpn-enable"] = true;
}
}
}
# get wireguard server IP (if existing)
if ( RASPI_WIREGUARD_ENABLED && file_exists(RASPI_WIREGUARD_CONFIG) ) {
# search for endpoint
}
return $conf; return $conf;
} }
@ -162,7 +179,7 @@ function DisplayFirewallConfig()
if ( isset($_POST['firewall-disable']) ) $status->addMessage(_('Firewall is now disabled'), 'warning'); if ( isset($_POST['firewall-disable']) ) $status->addMessage(_('Firewall is now disabled'), 'warning');
if ( isset($_POST['save-firewall']) ) $status->addMessage(_('Firewall settings saved. Firewall is still disabled.'), 'success'); if ( isset($_POST['save-firewall']) ) $status->addMessage(_('Firewall settings saved. Firewall is still disabled.'), 'success');
WriteFirewallConf($fw_conf); WriteFirewallConf($fw_conf);
setFirewall(); configureFirewall();
} }
echo renderTemplate("firewall", compact( echo renderTemplate("firewall", compact(
"status", "status",