Might fix #82
- Allow any input traffic on Shadowsocks port if Shadowsocks is enabled - Allow any input traffic on TinyProxy port if TinyProxy is enabled
This commit is contained in:
Quentin McGaw (desktop)
@@ -136,6 +136,8 @@ func main() {
|
|||||||
if allSettings.TinyProxy.Enabled {
|
if allSettings.TinyProxy.Enabled {
|
||||||
err = tinyProxyConf.MakeConf(allSettings.TinyProxy.LogLevel, allSettings.TinyProxy.Port, allSettings.TinyProxy.User, allSettings.TinyProxy.Password, uid, gid)
|
err = tinyProxyConf.MakeConf(allSettings.TinyProxy.LogLevel, allSettings.TinyProxy.Port, allSettings.TinyProxy.User, allSettings.TinyProxy.Password, uid, gid)
|
||||||
e.FatalOnError(err)
|
e.FatalOnError(err)
|
||||||
|
err = firewallConf.AllowAnyIncomingOnPort(allSettings.TinyProxy.Port)
|
||||||
|
e.FatalOnError(err)
|
||||||
stream, waitFn, err := tinyProxyConf.Start()
|
stream, waitFn, err := tinyProxyConf.Start()
|
||||||
e.FatalOnError(err)
|
e.FatalOnError(err)
|
||||||
go func() {
|
go func() {
|
||||||
@@ -149,6 +151,8 @@ func main() {
|
|||||||
if allSettings.ShadowSocks.Enabled {
|
if allSettings.ShadowSocks.Enabled {
|
||||||
err = shadowsocksConf.MakeConf(allSettings.ShadowSocks.Port, allSettings.ShadowSocks.Password, uid, gid)
|
err = shadowsocksConf.MakeConf(allSettings.ShadowSocks.Port, allSettings.ShadowSocks.Password, uid, gid)
|
||||||
e.FatalOnError(err)
|
e.FatalOnError(err)
|
||||||
|
err = firewallConf.AllowAnyIncomingOnPort(allSettings.ShadowSocks.Port)
|
||||||
|
e.FatalOnError(err)
|
||||||
stream, waitFn, err := shadowsocksConf.Start("0.0.0.0", allSettings.ShadowSocks.Port, allSettings.ShadowSocks.Password, allSettings.ShadowSocks.Log)
|
stream, waitFn, err := shadowsocksConf.Start("0.0.0.0", allSettings.ShadowSocks.Port, allSettings.ShadowSocks.Password, allSettings.ShadowSocks.Log)
|
||||||
e.FatalOnError(err)
|
e.FatalOnError(err)
|
||||||
go func() {
|
go func() {
|
||||||
|
|||||||
@@ -24,6 +24,7 @@ type Configurator interface {
|
|||||||
AddRoutesVia(subnets []net.IPNet, defaultGateway net.IP, defaultInterface string) error
|
AddRoutesVia(subnets []net.IPNet, defaultGateway net.IP, defaultInterface string) error
|
||||||
GetDefaultRoute() (defaultInterface string, defaultGateway net.IP, defaultSubnet net.IPNet, err error)
|
GetDefaultRoute() (defaultInterface string, defaultGateway net.IP, defaultSubnet net.IPNet, err error)
|
||||||
AllowInputTrafficOnPort(device models.VPNDevice, port uint16) error
|
AllowInputTrafficOnPort(device models.VPNDevice, port uint16) error
|
||||||
|
AllowAnyIncomingOnPort(port uint16) error
|
||||||
}
|
}
|
||||||
|
|
||||||
type configurator struct {
|
type configurator struct {
|
||||||
|
|||||||
@@ -128,3 +128,11 @@ func (c *configurator) AllowInputTrafficOnPort(device models.VPNDevice, port uin
|
|||||||
fmt.Sprintf("-A INPUT -i %s -p udp --dport %d -j ACCEPT", device, port),
|
fmt.Sprintf("-A INPUT -i %s -p udp --dport %d -j ACCEPT", device, port),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (c *configurator) AllowAnyIncomingOnPort(port uint16) error {
|
||||||
|
c.logger.Info("%s: accepting any input traffic on port %d", logPrefix, port)
|
||||||
|
return c.runIptablesInstructions([]string{
|
||||||
|
fmt.Sprintf("-A INPUT -p tcp --dport %d -j ACCEPT", port),
|
||||||
|
fmt.Sprintf("-A INPUT -p udp --dport %d -j ACCEPT", port),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user