From 6b7556c6d3abbdde55dce8395137c14359c4d76d Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Fri, 11 Nov 2022 11:19:07 -0800 Subject: [PATCH] transmission: Add protection to local service using firewall Tests: - When app is freshly installed, nft rules are inserted. - Trying to connect to local daemon from fbx user fails. - Functional tests pass. Signed-off-by: Sunil Mohan Adapa Reviewed-by: James Valleroy --- plinth/modules/transmission/__init__.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/plinth/modules/transmission/__init__.py b/plinth/modules/transmission/__init__.py index 10208cad3..ec8755db2 100644 --- a/plinth/modules/transmission/__init__.py +++ b/plinth/modules/transmission/__init__.py @@ -11,7 +11,8 @@ from plinth import cfg, frontpage, menu from plinth.daemon import Daemon from plinth.modules.apache.components import Webserver from plinth.modules.backups.components import BackupRestore -from plinth.modules.firewall.components import Firewall +from plinth.modules.firewall.components import (Firewall, + FirewallLocalProtection) from plinth.modules.users import add_user_to_share_group from plinth.modules.users.components import UsersAndGroups from plinth.package import Packages @@ -50,7 +51,7 @@ class TransmissionApp(app_module.App): app_id = 'transmission' - _version = 4 + _version = 5 DAEMON = 'transmission-daemon' @@ -91,6 +92,10 @@ class TransmissionApp(app_module.App): 'transmission-client'], is_external=True) self.add(firewall) + firewall_local_protection = FirewallLocalProtection( + 'firewall-local-protection-transmission', ['9091']) + self.add(firewall_local_protection) + webserver = Webserver('webserver-transmission', 'transmission-plinth', urls=['https://{host}/transmission']) self.add(webserver)