aboutsummaryrefslogtreecommitdiff
path: root/src/fw.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/fw.rs')
-rw-r--r--src/fw.rs11
1 files changed, 6 insertions, 5 deletions
diff --git a/src/fw.rs b/src/fw.rs
index 42ce73a..8ee3e6b 100644
--- a/src/fw.rs
+++ b/src/fw.rs
@@ -1,7 +1,6 @@
use iptables;
use regex::Regex;
use std::collections::HashSet;
-use std::io;
use crate::messages;
#[derive(Debug)]
@@ -14,15 +13,17 @@ impl From<iptables::error::IPTError> for FirewallError {
}
pub fn setup(ipt: &iptables::IPTables) -> Result<(), FirewallError> {
-
- ipt.new_chain("filter", "DIPLONAT")?;
- ipt.insert("filter", "INPUT", "-j DIPLONAT", 1)?;
+
+ if !ipt.chain_exists("filter", "DIPLONAT")? {
+ ipt.new_chain("filter", "DIPLONAT")?;
+ }
+
+ ipt.insert_unique("filter", "INPUT", "-j DIPLONAT", 1)?;
Ok(())
}
pub fn open_ports(ipt: &iptables::IPTables, ports: messages::PublicExposedPorts) -> Result<(), FirewallError> {
-
for p in ports.tcp_ports {
ipt.append("filter", "DIPLONAT", &format!("-p tcp --dport {} -j ACCEPT", p))?;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-09 16:44:42 +0000