Mirrors/wireguard_webadmin
1
0
Fork 0
mirror of https://github.com/eduardogsilva/wireguard_webadmin.git synced 2026-01-01 14:16:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove REJECT from forward policy

Browse Source
This commit is contained in:
Eduardo Silva
2025-12-29 15:55:27 -03:00
parent 2f9de59728
commit a1727618dd
3 changed files with 29 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
firewall/migrations/0015_alter_firewallsettings_default_forward_policy_and_more.py Normal file
View File

@@ -0,0 +1,23 @@
# Generated by Django 5.2.9 on 2025-12-29 18:49
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('firewall', '0014_redirectrule_port_forward'),
]
operations = [
migrations.AlterField(
model_name='firewallsettings',
name='default_forward_policy',
field=models.CharField(choices=[('accept', 'ACCEPT'), ('drop', 'DROP')], default='accept', max_length=6),
),
migrations.AlterField(
model_name='firewallsettings',
name='default_output_policy',
field=models.CharField(choices=[('accept', 'ACCEPT'), ('drop', 'DROP')], default='accept', max_length=6),
),
]

4
firewall/models.py
View File

@@ -72,8 +72,8 @@ class FirewallRule(models.Model):
class FirewallSettings(models.Model): class FirewallSettings(models.Model):
name = models.CharField(max_length=6, default='global', unique=True) name = models.CharField(max_length=6, default='global', unique=True)
default_forward_policy = models.CharField(max_length=6, default='accept', choices=[('accept', _('ACCEPT')), ('reject', _('REJECT')), ('drop', _('DROP'))]) default_forward_policy = models.CharField(max_length=6, default='accept', choices=[('accept', _('ACCEPT')), ('drop', _('DROP'))])
default_output_policy = models.CharField(max_length=6, default='accept', choices=[('accept', _('ACCEPT')), ('reject', _('REJECT')), ('drop', _('DROP'))]) default_output_policy = models.CharField(max_length=6, default='accept', choices=[('accept', _('ACCEPT')), ('drop', _('DROP'))])
allow_peer_to_peer = models.BooleanField(default=True) allow_peer_to_peer = models.BooleanField(default=True)
allow_instance_to_instance = models.BooleanField(default=True) allow_instance_to_instance = models.BooleanField(default=True)
wan_interface = models.CharField(max_length=12, default='eth0') wan_interface = models.CharField(max_length=12, default='eth0')

3
firewall/tools.py
View File

@@ -200,7 +200,10 @@ def generate_firewall_footer():
footer = '# The following rules come from Firewall settings\n' footer = '# The following rules come from Firewall settings\n'
footer += '# Default FORWARD policy\n' footer += '# Default FORWARD policy\n'
if firewall_settings.default_forward_policy:
footer += f'iptables -t filter -P FORWARD {firewall_settings.default_forward_policy.upper()}\n' footer += f'iptables -t filter -P FORWARD {firewall_settings.default_forward_policy.upper()}\n'
else:
footer += f'iptables -t filter -P FORWARD DROP\n'
footer += '# Same instance Peer to Peer traffic\n' footer += '# Same instance Peer to Peer traffic\n'
for wireguard_instance in WireGuardInstance.objects.all().order_by('instance_id'): for wireguard_instance in WireGuardInstance.objects.all().order_by('instance_id'):