From f40ecaa1551fcf41b70040ab6599adc4a2e1b93d Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Wed, 10 Apr 2019 17:54:54 +0200 Subject: [PATCH] i2p: Add HTTP(S) and IRC ports to firewall Enable or disable the ports with the firewalld. Reviewed-by: Sunil Mohan Adapa --- plinth/modules/i2p/__init__.py | 27 ++++++++++--------- .../firewalld/services/i2p_irc-freedombox.xml | 7 +++++ .../services/i2p_socks_http-freedombox.xml | 7 +++++ .../services/i2p_socks_https-freedombox.xml | 7 +++++ 4 files changed, 36 insertions(+), 12 deletions(-) create mode 100644 plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_irc-freedombox.xml create mode 100644 plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_http-freedombox.xml create mode 100644 plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_https-freedombox.xml diff --git a/plinth/modules/i2p/__init__.py b/plinth/modules/i2p/__init__.py index e8fc6aa8c..0765c8870 100644 --- a/plinth/modules/i2p/__init__.py +++ b/plinth/modules/i2p/__init__.py @@ -64,11 +64,15 @@ additional_favorites = [ ('YaCy Seeker', 'http://seeker.i2p'), ] -tunnels_to_manage = [ - 'I2P HTTP Proxy', - 'I2P HTTPS Proxy', - 'Irc2P' -] +tunnels_to_manage = { + 'I2P HTTP Proxy': 'i2p_socks_http-freedombox', + 'I2P HTTPS Proxy': 'i2p_socks_https-freedombox', + 'Irc2P': 'i2p_irc-freedombox' +} + +service_ports = [ + 'http', 'https' + ] + list(tunnels_to_manage.values()) def init(): @@ -80,9 +84,8 @@ def init(): global service setup_helper = globals()['setup_helper'] if setup_helper.get_state() != 'needs-setup': - service = service_module.Service(managed_services[0], name, ports=[ - 'http', 'https' - ], is_external=True, is_enabled=is_enabled, enable=enable, + service = service_module.Service(managed_services[0], name, ports=service_ports, + is_external=True, is_enabled=is_enabled, enable=enable, disable=disable, is_running=is_running) @@ -105,19 +108,19 @@ def setup(helper, old_version=None): ]) # Tunnels to all interfaces - for tunnel in tunnels_to_manage: + for tunnel in tunnels_to_manage.keys(): helper.call('post', actions.superuser_run, 'i2p', [ 'set-tunnel-property', '--name', tunnel, '--property', 'interface', '--value', '0.0.0.0' ]) + helper.call('post', disable) helper.call('post', enable) global service if service is None: - service = service_module.Service(managed_services[0], name, ports=[ - 'http', 'https' - ], is_external=True, is_enabled=is_enabled, enable=enable, + service = service_module.Service(managed_services[0], name, ports=service_ports, + is_external=True, is_enabled=is_enabled, enable=enable, disable=disable, is_running=is_running) diff --git a/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_irc-freedombox.xml b/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_irc-freedombox.xml new file mode 100644 index 000000000..bac78c108 --- /dev/null +++ b/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_irc-freedombox.xml @@ -0,0 +1,7 @@ + + + I2P IRC + An entry into an IRC proxy server on I2P + + + diff --git a/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_http-freedombox.xml b/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_http-freedombox.xml new file mode 100644 index 000000000..5af862d8d --- /dev/null +++ b/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_http-freedombox.xml @@ -0,0 +1,7 @@ + + + I2P SOCKS5 HTTP Proxy + A SOCKS5 HTTP proxy into the I2P network to browse eepsites. + + + diff --git a/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_https-freedombox.xml b/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_https-freedombox.xml new file mode 100644 index 000000000..d394d3607 --- /dev/null +++ b/plinth/modules/i2p/data/usr/lib/firewalld/services/i2p_socks_https-freedombox.xml @@ -0,0 +1,7 @@ + + + I2P SOCKS5 HTTPS Proxy + A SOCKS5 HTTPS proxy into the I2P network to browse eepsites. + + +