From 489c536805e4ff5e0e7fb7373527cf2c85a4c7bd Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Fri, 11 Nov 2022 11:30:06 -0800 Subject: [PATCH] minidlna: Add protection to local service using firewall Tests: - When app is freshly installed, nft rules are inserted. - Trying to connect to local daemon from fbx user fails. - Functional tests pass. Signed-off-by: Sunil Mohan Adapa Reviewed-by: James Valleroy --- plinth/modules/minidlna/__init__.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/plinth/modules/minidlna/__init__.py b/plinth/modules/minidlna/__init__.py index e378d8d3b..514033995 100644 --- a/plinth/modules/minidlna/__init__.py +++ b/plinth/modules/minidlna/__init__.py @@ -9,7 +9,8 @@ from plinth import frontpage, menu from plinth.daemon import Daemon from plinth.modules.apache.components import Webserver from plinth.modules.backups.components import BackupRestore -from plinth.modules.firewall.components import Firewall +from plinth.modules.firewall.components import (Firewall, + FirewallLocalProtection) from plinth.modules.users.components import UsersAndGroups from plinth.package import Packages, install from plinth.utils import Version @@ -33,7 +34,7 @@ class MiniDLNAApp(app_module.App): app_id = 'minidlna' - _version = 2 + _version = 3 def __init__(self): """Initialize the app components.""" @@ -74,6 +75,10 @@ class MiniDLNAApp(app_module.App): is_external=False) self.add(firewall) + firewall_local_protection = FirewallLocalProtection( + 'firewall-local-protection-minidlna', ['8200']) + self.add(firewall_local_protection) + webserver = Webserver('webserver-minidlna', 'minidlna-freedombox', urls=['https://{host}/_minidlna/']) self.add(webserver)