()
| 15 | ) |
| 16 | |
| 17 | func Init() { |
| 18 | if !needInit() { |
| 19 | return |
| 20 | } |
| 21 | InitPingStatus() |
| 22 | global.LOG.Info("initializing firewall settings...") |
| 23 | client, err := firewall.NewFirewallClient() |
| 24 | if err != nil { |
| 25 | return |
| 26 | } |
| 27 | clientName := client.Name() |
| 28 | |
| 29 | settingRepo := repo.NewISettingRepo() |
| 30 | if clientName == "ufw" || clientName == "iptables" { |
| 31 | if err := iptables.LoadRulesFromFile(iptables.FilterTab, iptables.Chain1PanelForward, iptables.ForwardFileName); err != nil { |
| 32 | global.LOG.Errorf("load forward rules from file failed, err: %v", err) |
| 33 | return |
| 34 | } |
| 35 | if err := iptables.LoadRulesFromFile(iptables.NatTab, iptables.Chain1PanelPreRouting, iptables.ForwardFileName1); err != nil { |
| 36 | global.LOG.Errorf("load prerouting rules from file failed, err: %v", err) |
| 37 | return |
| 38 | } |
| 39 | if err := iptables.LoadRulesFromFile(iptables.NatTab, iptables.Chain1PanelPostRouting, iptables.ForwardFileName2); err != nil { |
| 40 | global.LOG.Errorf("load postrouting rules from file failed, err: %v", err) |
| 41 | return |
| 42 | } |
| 43 | global.LOG.Infof("loaded iptables rules for forward from file successfully") |
| 44 | |
| 45 | iptablesForwardStatus, _ := settingRepo.GetValueByKey("IptablesForwardStatus") |
| 46 | if iptablesForwardStatus == constant.StatusEnable { |
| 47 | if err := firewallClient.EnableIptablesForward(); err != nil { |
| 48 | global.LOG.Errorf("enable iptables forward failed, err: %v", err) |
| 49 | return |
| 50 | } |
| 51 | } |
| 52 | } |
| 53 | |
| 54 | if clientName != "iptables" { |
| 55 | return |
| 56 | } |
| 57 | if err := iptables.LoadRulesFromFile(iptables.FilterTab, iptables.Chain1PanelBasicBefore, iptables.BasicBeforeFileName); err != nil { |
| 58 | global.LOG.Errorf("load basic before rules from file failed, err: %v", err) |
| 59 | return |
| 60 | } |
| 61 | if err := iptables.LoadRulesFromFile(iptables.FilterTab, iptables.Chain1PanelBasic, iptables.BasicFileName); err != nil { |
| 62 | global.LOG.Errorf("load basic rules from file failed, err: %v", err) |
| 63 | return |
| 64 | } |
| 65 | if err := iptables.LoadRulesFromFile(iptables.FilterTab, iptables.Chain1PanelBasicAfter, iptables.BasicAfterFileName); err != nil { |
| 66 | global.LOG.Errorf("load basic after rules from file failed, err: %v", err) |
| 67 | return |
| 68 | } |
| 69 | panelPort := service.LoadPanelPort() |
| 70 | if len(panelPort) == 0 { |
| 71 | global.LOG.Errorf("find 1panel service port failed") |
| 72 | return |
| 73 | } |
| 74 | if err := iptables.AddRule(iptables.FilterTab, iptables.Chain1PanelBasicBefore, "-p", "tcp", "-m", "tcp", "--dport", panelPort, "-j", "ACCEPT"); err != nil { |
nothing calls this directly
no test coverage detected