From 1a1e8caff0afd2fee34a59bfa31f17596480accb Mon Sep 17 00:00:00 2001 From: Eduardo Silva Date: Fri, 1 Mar 2024 19:08:32 -0300 Subject: [PATCH] Display automatic rules --- firewall/views.py | 4 + templates/firewall/firewall_nav_tabs.html | 8 +- templates/firewall/firewall_rule_list.html | 92 +++++++++++++++++++++- templates/firewall/redirect_rule_list.html | 4 +- 4 files changed, 104 insertions(+), 4 deletions(-) diff --git a/firewall/views.py b/firewall/views.py index c5f78b4..6a85caa 100644 --- a/firewall/views.py +++ b/firewall/views.py @@ -60,6 +60,7 @@ def manage_redirect_rule(request): def view_firewall_rule_list(request): wireguard_instances = WireGuardInstance.objects.all().order_by('instance_id') + firewall_settings, firewall_settings_created = FirewallSettings.objects.get_or_create(name='global') current_chain = request.GET.get('chain', 'forward') if current_chain not in ['forward', 'portforward', 'postrouting']: current_chain = 'forward' @@ -72,6 +73,9 @@ def view_firewall_rule_list(request): 'pending_changes_warning': pending_changes_warning, 'firewall_rule_list': FirewallRule.objects.filter(firewall_chain=current_chain).order_by('sort_order'), 'current_chain': current_chain, + 'port_forward_list': RedirectRule.objects.all().order_by('port'), + 'firewall_settings': firewall_settings, + 'wireguard_instances': wireguard_instances, } return render(request, 'firewall/firewall_rule_list.html', context=context) diff --git a/templates/firewall/firewall_nav_tabs.html b/templates/firewall/firewall_nav_tabs.html index 63956fe..83d2858 100644 --- a/templates/firewall/firewall_nav_tabs.html +++ b/templates/firewall/firewall_nav_tabs.html @@ -9,5 +9,11 @@
  • Port Forward
    • + {% if current_chain == 'forward' %} +
  • + Default Policy: {{ firewall_settings.get_default_forward_policy_display }} +
    • + {% endif %} - \ No newline at end of file + + diff --git a/templates/firewall/firewall_rule_list.html b/templates/firewall/firewall_rule_list.html index f3deb2d..4a42c2b 100644 --- a/templates/firewall/firewall_rule_list.html +++ b/templates/firewall/firewall_rule_list.html @@ -17,6 +17,10 @@ display: none; width: 100%; } + + .fw_automatic_rule { + display: none; + } @@ -43,9 +47,56 @@ Port State Action - + + + {% for rule in port_forward_list %} + {% if rule.add_forward_rule and current_chain == 'forward' %} + + - + + {{ firewall_settings.wan_interface }} + wg{{ rule.wireguard_instance.instance_id }} + + + {% if rule.ip_address %} + {{ rule.ip_address }} + {% elif rule.peer %} + {{ rule.peer }} + {% endif %} + + {{ rule.get_protocol_display }} + {{ rule.port }} + + ACCEPT + + + {% elif rule.masquerade_source and current_chain == 'postrouting' %} + + - + + + wg{{ rule.wireguard_instance.instance_id }} + + + {% if rule.ip_address %} + {{ rule.ip_address }} + {% elif rule.peer %} + {{ rule.peer }} + {% endif %} + + {{ rule.get_protocol_display }} + {{ rule.port }} + + MASQUERADE + + + {% endif %} + + + {% endfor %} + {% for rule in firewall_rule_list %} @@ -82,11 +133,50 @@ {% endfor %} + {% if current_chain == 'forward' %} + {% for wireguard_instance in wireguard_instances %} + + - + + wg{{ wireguard_instance.instance_id }} + wg{{ wireguard_instance.instance_id }} + + + + + + + {% if firewall_settings.allow_peer_to_peer %} + ACCEPT + {% else %} + REJECT + {% endif %} + + + + {% endfor %} + + + - + + wg+ + wg+ + + + + + + {% if firewall_settings.allow_instance_to_instance %}ACCEPT{% else %}REJECT{% endif %} + + + {% endif %} + Create Firewall Rule Firewall Settings + Display automatic rules diff --git a/templates/firewall/redirect_rule_list.html b/templates/firewall/redirect_rule_list.html index da2698d..95291b3 100644 --- a/templates/firewall/redirect_rule_list.html +++ b/templates/firewall/redirect_rule_list.html @@ -16,14 +16,14 @@ Destination Allow Forward Masquerade Source - Actions + {% for redirect_rule in redirect_rule_list %} {{ redirect_rule.wireguard_instance }} - {{ redirect_rule.protocol }} + {{ redirect_rule.get_protocol_display }} {{ redirect_rule.port }} {% if redirect_rule.peer %}