-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathserver.py
171 lines (141 loc) · 4.64 KB
/
server.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
import uvicorn
from fastapi import FastAPI
import cfw
import cfw.ip_tools
app = FastAPI()
items = []
@app.on_event("startup")
def startup_event():
rules, rules6 = cfw.ip_tools.start()
items.append(rules)
items.append(rules6)
"""
ipv4 block / unblock
"""
@app.get("/block_ip")
def block_ip(ip: str, timeout: int):
return cfw.block_ip(ip, timeout, "user")
@app.get("/unblock_ip")
def unblock_ip(ip: str):
return cfw.unblock_ip(ip, "user")
@app.get("/blacklist")
def blacklist():
text = cfw.shell("ipset list blacklist")
return {
"code": 1,
"message": text
}
"""
ipv6 block / unblock
"""
@app.get("/block_ip6")
def block_ip6(ip: str, timeout: int):
return cfw.block_ip6(ip, timeout, "user")
@app.get("/unblock_ip6")
def unblock_ip6(ip: str):
return cfw.unblock_ip6(ip, "user")
@app.get("/blacklist6")
def blacklist6():
text = cfw.shell("ipset list blacklist6")
return {
"code": 1,
"message": text
}
"""
ipv4 port
"""
@app.get("/allow_port")
def allow_port(port: str, protocol: str):
rules, rules6 = items
if protocol == "all":
r_tcp = rules.add_tcp_port(port)
r_udp = rules.add_udp_port(port)
if not r_tcp and not r_udp:
return {"code": 0, "message": f"{port} port tcp/udp is already open."}
elif protocol == "tcp":
if not rules.add_tcp_port(port):
return {"code": 0, "message": f"{port} port tcp is already open."}
elif protocol == "udp":
if not rules.add_udp_port(port):
return {"code": 0, "message": f"{port} port udp is already open."}
rules.save_rules()
return {"code": 1}
@app.get("/deny_port")
def deny_port(port: str, protocol: str):
rules, rules6 = items
if protocol == "all":
r_tcp = rules.rm_tcp_port(port)
r_udp = rules.rm_udp_port(port)
if not r_tcp and not r_udp:
return {"code": 0, "message": f"{port} port tcp/udp has been closed."}
elif protocol == "tcp":
if not rules.rm_tcp_port(port):
return {"code": 0, "message": f"{port} port tcp has been closed."}
elif protocol == "udp":
if not rules.rm_udp_port(port):
return {"code": 0, "message": f"{port} port udp has been closed."}
rules.save_rules()
return {"code": 1}
@app.get("/status")
def status_port():
rules, rules6 = items
ports = []
for rule in rules.data:
if 'tcp' in rule and "0:65535" not in rule:
port = (rule.split("--dport ")[1].split(" -j")[0], "tcp")
ports.append(port)
elif 'udp' in rule and "0:65535" not in rule:
port = (rule.split("--dport ")[1].split(" -j")[0], "udp")
ports.append(port)
ports = set(ports)
return {"code": 1, "message": ports}
"""
ipv6 port
"""
@app.get("/allow_port6")
def allow_port6(port: str, protocol: str):
rules, rules6 = items
if protocol == "all":
r_tcp = rules6.add_tcp_port(port)
r_udp = rules6.add_udp_port(port)
if not r_tcp and not r_udp:
return {"code": 0, "message": f"{port} port tcp/udp is already open."}
elif protocol == "tcp":
if not rules6.add_tcp_port(port):
return {"code": 0, "message": f"{port} port tcp is already open."}
elif protocol == "udp":
if not rules6.add_udp_port(port):
return {"code": 0, "message": f"{port} port udp is already open."}
rules6.save_rules()
return {"code": 1}
@app.get("/deny_port6")
def deny_port6(port: str, protocol: str):
rules, rules6 = items
if protocol == "all":
r_tcp = rules6.rm_tcp_port(port)
r_udp = rules6.rm_udp_port(port)
if not r_tcp and not r_udp:
return {"code": 0, "message": f"{port} port tcp/udp has been closed."}
elif protocol == "tcp":
if not rules6.rm_tcp_port(port):
return {"code": 0, "message": f"{port} port tcp has been closed."}
elif protocol == "udp":
if not rules6.rm_udp_port(port):
return {"code": 0, "message": f"{port} port udp has been closed."}
rules6.save_rules()
return {"code": 1}
@app.get("/status6")
def status_port6():
rules, rules6 = items
ports = []
for rule in rules6.data:
if 'tcp' in rule and "0:65535" not in rule:
port = (rule.split("--dport ")[1].split(" -j")[0], "tcp")
ports.append(port)
elif 'udp' in rule and "0:65535" not in rule:
port = (rule.split("--dport ")[1].split(" -j")[0], "udp")
ports.append(port)
ports = set(ports)
return {"code": 1, "message": ports}
if __name__ == "__main__":
uvicorn.run("server:app", port=cfw.config["port"])