ExternalVendorCode/balena-supervisor
1
0
Fork 0
mirror of https://github.com/balena-os/balena-supervisor.git synced 2025-06-01 23:30:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Check if rules exist before adding them

Browse Source
This commit is contained in:
Pablo Carranza Velez 2016-08-16 09:30:38 -03:00
parent c4ea2c77a0
commit 145d124410
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/utils.coffee
View File

@ -281,9 +281,14 @@ exports.validateKeys = (options, validSet) ->
invalidKeys = _.keys(_.omit(options, validSet)) invalidKeys = _.keys(_.omit(options, validSet))
throw new Error("Using #{invalidKeys.join(', ')} is not allowed.") if !_.isEmpty(invalidKeys) throw new Error("Using #{invalidKeys.join(', ')} is not allowed.") if !_.isEmpty(invalidKeys)
checkAndAddIptablesRule = (rule) ->
execAsync("iptables -C #{rule}")
.catch ->
execAsync("iptables -A #{rule}")
exports.createIpTablesRules = -> exports.createIpTablesRules = ->
allowedInterfaces = ['tun0', 'docker0', 'lo'] allowedInterfaces = ['tun0', 'docker0', 'lo']
Promise.each allowedInterfaces, (iface) -> Promise.each allowedInterfaces, (iface) ->
execAsync("iptables -A INPUT -p tcp --dport #{config.listenPort} -i #{iface} -j ACCEPT") checkAndAddIptablesRule("INPUT -p tcp --dport #{config.listenPort} -i #{iface} -j ACCEPT")
.then -> .then ->
execAsync("iptables -A INPUT -p tcp --dport #{config.listenPort} -j REJECT") checkAndAddIptablesRule("INPUT -p tcp --dport #{config.listenPort} -j REJECT")