firewall: open ports in ipv6 as well as ipv4 (using ip6tables)

src/fw_actor.rs

@@ -12,7 +12,8 @@ use tokio::{
 use crate::{fw, messages};
 
 pub struct FirewallActor {
-  pub ipt: iptables::IPTables,
+  pub ipt_v4: iptables::IPTables,
+  pub ipt_v6: iptables::IPTables,
   rx_ports: watch::Receiver<messages::PublicExposedPorts>,
   last_ports: messages::PublicExposedPorts,
   refresh: Duration,
@@ -20,17 +21,19 @@ pub struct FirewallActor {
 
 impl FirewallActor {
   pub async fn new(
-    _refresh: Duration,
+    refresh: Duration,
     rxp: &watch::Receiver<messages::PublicExposedPorts>,
   ) -> Result<Self> {
     let ctx = Self {
-      ipt: iptables::new(false)?,
+      ipt_v4: iptables::new(false)?,
+      ipt_v6: iptables::new(true)?,
       rx_ports: rxp.clone(),
       last_ports: messages::PublicExposedPorts::new(),
-      refresh: _refresh,
+      refresh,
     };
 
-    fw::setup(&ctx.ipt)?;
+    fw::setup(&ctx.ipt_v4)?;
+    fw::setup(&ctx.ipt_v6)?;
 
     return Ok(ctx);
   }
@@ -59,7 +62,8 @@ impl FirewallActor {
   }
 
   pub async fn do_fw_update(&self) -> Result<()> {
-    let curr_opened_ports = fw::get_opened_ports(&self.ipt)?;
+    for ipt in [&self.ipt_v4, &self.ipt_v6] {
+      let curr_opened_ports = fw::get_opened_ports(ipt)?;
 
       let diff_tcp = self
         .last_ports
@@ -79,7 +83,8 @@ impl FirewallActor {
         udp_ports: diff_udp,
       };
 
-    fw::open_ports(&self.ipt, ports_to_open)?;
+      fw::open_ports(ipt, ports_to_open)?;
+    }
 
     return Ok(());
   }