schiwagoa/ufw-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update ufw-docker

Browse Source
This commit is contained in:
Egor Panfilov 2021-11-04 03:47:01 +03:00 committed by Chai Feng
parent e40bfd517c
commit 1333dcd298
1 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
ufw-docker
View File

@ -72,11 +72,11 @@ function ufw-docker--allow() {
if [[ -z "$INSTANCE_PORT" || "$PORT_PROTO" = "${INSTANCE_PORT}/${PROTO}" ]]; then if [[ -z "$INSTANCE_PORT" || "$PORT_PROTO" = "${INSTANCE_PORT}/${PROTO}" ]]; then
ITER=0 ITER=0
for IP in "${INSTANCE_IP_ADDRESSES[@]}"; do for IP in "${INSTANCE_IP_ADDRESSES[@]}"; do
INSTANCE_NETWORK="${INSTANCE_NETWORK_NAMES[$ITER]}" INSTANCE_NETWORK="${INSTANCE_NETWORK_NAMES[$ITER]}"
ITER=$((ITER+1)) ITER=$((ITER+1))
if [[ -n "$NETWORK" ]] && [[ "$NETWORK" != "$INSTANCE_NETWORK" ]]; then if [[ -n "$NETWORK" ]] && [[ "$NETWORK" != "$INSTANCE_NETWORK" ]]; then
continue continue
fi fi
ufw-docker--add-rule "$INSTANCE_NAME" "$IP" "${PORT_PROTO%/*}" "${PORT_PROTO#*/}" "${INSTANCE_NETWORK}" ufw-docker--add-rule "$INSTANCE_NAME" "$IP" "${PORT_PROTO%/*}" "${PORT_PROTO#*/}" "${INSTANCE_NETWORK}"
RETVAL="$?" RETVAL="$?"
done done
@ -303,11 +303,11 @@ function on-exit() {
trap on-exit EXIT INT TERM QUIT ABRT ERR trap on-exit EXIT INT TERM QUIT ABRT ERR
function ufw-docker--check-install() { function ufw-docker--check-install() {
after_rules_tmp="${after_rules_tmp:-$(mktemp)}" after_rules_tmp="${after_rules_tmp:-$(mktemp)}"
rm-on-exit "$after_rules_tmp" rm-on-exit "$after_rules_tmp"
sed "/^# BEGIN UFW AND DOCKER/,/^# END UFW AND DOCKER/d" "$after_rules" > "$after_rules_tmp" sed "/^# BEGIN UFW AND DOCKER/,/^# END UFW AND DOCKER/d" "$after_rules" > "$after_rules_tmp"
>> "${after_rules_tmp}" cat <<-\EOF >> "${after_rules_tmp}" cat <<-\EOF
# BEGIN UFW AND DOCKER # BEGIN UFW AND DOCKER
*filter *filter
:ufw-user-forward - [0:0] :ufw-user-forward - [0:0]
@ -337,16 +337,16 @@ function ufw-docker--check-install() {
# END UFW AND DOCKER # END UFW AND DOCKER
EOF EOF
diff -u --color=auto "$after_rules" "$after_rules_tmp" diff -u --color=auto "$after_rules" "$after_rules_tmp"
} }
function ufw-docker--install() { function ufw-docker--install() {
if ! ufw-docker--check-install; then if ! ufw-docker--check-install; then
local after_rules_bak local after_rules_bak
after_rules_bak="${after_rules}-ufw-docker~$(date '+%Y-%m-%d-%H%M%S')~" after_rules_bak="${after_rules}-ufw-docker~$(date '+%Y-%m-%d-%H%M%S')~"
err "\\nBacking up $after_rules to $after_rules_bak" err "\\nBacking up $after_rules to $after_rules_bak"
cp "$after_rules" "$after_rules_bak" cp "$after_rules" "$after_rules_bak"
cat "$after_rules_tmp" > "$after_rules" cat "$after_rules_tmp" > "$after_rules"
err "Please restart UFW service manually by using the following command:" err "Please restart UFW service manually by using the following command:"
if type systemctl &>/dev/null; then if type systemctl &>/dev/null; then
err " sudo systemctl restart ufw" err " sudo systemctl restart ufw"
@ -357,7 +357,7 @@ function ufw-docker--install() {
} }
function ufw-docker--help() { function ufw-docker--help() {
cat <<-EOF >&2 cat <<-EOF >&2
Usage: Usage:
ufw-docker <list|allow> [docker-instance-id-or-name [port[/tcp|/udp]] [network]] ufw-docker <list|allow> [docker-instance-id-or-name [port[/tcp|/udp]] [network]]
ufw-docker delete allow [docker-instance-id-or-name [port[/tcp|/udp]] [network]] ufw-docker delete allow [docker-instance-id-or-name [port[/tcp|/udp]] [network]]
@ -437,9 +437,9 @@ case "$ufw_action" in
if [[ "$INSTANCE_PORT" = */udp ]]; then if [[ "$INSTANCE_PORT" = */udp ]]; then
PROTO=udp PROTO=udp
fi fi
shift || true shift || true
NETWORK="${1:-}" NETWORK="${1:-}"
INSTANCE_PORT="${INSTANCE_PORT%/*}" INSTANCE_PORT="${INSTANCE_PORT%/*}"