2020-07-04 15:16:23 +00:00 · 2020-07-02 13:55:05 +00:00 · 2020-07-02 13:56:52 +00:00 · 2020-07-02 14:17:23 +00:00 · 2020-07-02 14:03:44 +00:00 · 2020-07-02 14:04:47 +00:00
1 changed files with 28 additions and 12 deletions
--- a/src/fw.rs
+++ b/src/fw.rs
@ -1,6 +1,8 @@
 use iptables;
 use regex::Regex;
 use std::collections::HashSet;
 use std::io;
 #[derive(PartialEq,Eq,Debug,Hash)]
 pub struct Port {
@ -8,22 +10,35 @@ pub struct Port {
    number: u16,
 }
-pub fn setup(ipt: &iptables::IPTables) {
+#[derive(Debug)]
-    ipt.new_chain("filter", "DIPLONAT").unwrap();
+pub struct FirewallError(String);
-    ipt.insert("filter", "INPUT", "-j DIPLONAT", 1).unwrap();
+
 impl From<iptables::error::IPTError> for FirewallError {
    fn from(error: iptables::error::IPTError) -> Self {
        FirewallError(error.to_string())
    }
 }
-pub fn open_ports(ipt: &iptables::IPTables, ports: Vec<Port>) {
+pub fn setup(ipt: &iptables::IPTables) -> Result<(), FirewallError> {
    ipt.new_chain("filter", "DIPLONAT")?;
    ipt.insert("filter", "INPUT", "-j DIPLONAT", 1)?;
    Ok(())
 }
 pub fn open_ports(ipt: &iptables::IPTables, ports: Vec<Port>) -> Result<(), FirewallError> {
    for p in ports {
-        ipt.append("filter", "DIPLONAT", &format!("-p {} --dport {} -j ACCEPT", p.proto, p.number)).unwrap();
+        ipt.append("filter", "DIPLONAT", &format!("-p {} --dport {} -j ACCEPT", p.proto, p.number))?;
    }
    Ok(())
 }
-pub fn get_opened_ports(ipt: &iptables::IPTables) -> HashSet<Port> {
+pub fn get_opened_ports(ipt: &iptables::IPTables) -> Result<HashSet<Port>, FirewallError> {
    let mut opened_ports: HashSet<Port> = HashSet::new();
-    let list = ipt.list("filter", "DIPLONAT").unwrap();
+    let list = ipt.list("filter", "DIPLONAT")?;
    let re = Regex::new(r"\-A.*? \-p (\w+).*\-\-dport (\d+).*?\-j ACCEPT").unwrap();
    for i in list {
        let caps = re.captures(&i);
@ -41,13 +56,14 @@ pub fn get_opened_ports(ipt: &iptables::IPTables) -> HashSet<Port> {
        }
    }
-    opened_ports
+    Ok(opened_ports)
 }
-pub fn cleanup(ipt: &iptables::IPTables) {
+pub fn cleanup(ipt: &iptables::IPTables) -> Result<(), FirewallError> {
-    ipt.flush_chain("filter", "DIPLONAT").unwrap();
+    ipt.flush_chain("filter", "DIPLONAT")?;
-    ipt.delete("filter", "INPUT", "-j DIPLONAT").unwrap();
+    ipt.delete("filter", "INPUT", "-j DIPLONAT")?;
-    ipt.delete_chain("filter", "DIPLONAT").unwrap();
+    ipt.delete_chain("filter", "DIPLONAT")?;
    Ok(())
 }
 /*