From f22c3d47da8febe1047997aa82e438e780e119d1 Mon Sep 17 00:00:00 2001 From: Eduardo Silva Date: Mon, 26 Feb 2024 10:37:41 -0300 Subject: [PATCH] Port forwarding skeleton --- firewall/__init__.py | 0 firewall/admin.py | 10 ++++++ firewall/apps.py | 6 ++++ firewall/forms.py | 0 firewall/migrations/0001_initial.py | 35 +++++++++++++++++++ ...redirectrule_masquerade_source_and_more.py | 23 ++++++++++++ firewall/migrations/__init__.py | 0 firewall/models.py | 26 ++++++++++++++ firewall/tests.py | 3 ++ firewall/views.py | 15 ++++++++ templates/base.html | 9 +++++ templates/firewall/manage_redirect_rule.html | 3 ++ templates/firewall/redirect_rule_list.html | 3 ++ wireguard_webadmin/settings.py | 1 + wireguard_webadmin/urls.py | 3 ++ 15 files changed, 137 insertions(+) create mode 100644 firewall/__init__.py create mode 100644 firewall/admin.py create mode 100644 firewall/apps.py create mode 100644 firewall/forms.py create mode 100644 firewall/migrations/0001_initial.py create mode 100644 firewall/migrations/0002_redirectrule_masquerade_source_and_more.py create mode 100644 firewall/migrations/__init__.py create mode 100644 firewall/models.py create mode 100644 firewall/tests.py create mode 100644 firewall/views.py create mode 100644 templates/firewall/manage_redirect_rule.html create mode 100644 templates/firewall/redirect_rule_list.html diff --git a/firewall/__init__.py b/firewall/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/firewall/admin.py b/firewall/admin.py new file mode 100644 index 0000000..e8acf03 --- /dev/null +++ b/firewall/admin.py @@ -0,0 +1,10 @@ +from django.contrib import admin +from firewall.models import RedirectRule + + +class RedirectRuleAdmin(admin.ModelAdmin): + list_display = ('protocol', 'port', 'add_forward_rule', 'peer', 'wireguard_instance', 'ip_address', 'description', 'created', 'updated', 'uuid') + search_fields = ('protocol', 'port', 'add_forward_rule', 'peer', 'wireguard_instance', 'ip_address', 'description', 'created', 'updated', 'uuid') + +admin.site.register(RedirectRule, RedirectRuleAdmin) + diff --git a/firewall/apps.py b/firewall/apps.py new file mode 100644 index 0000000..6799c78 --- /dev/null +++ b/firewall/apps.py @@ -0,0 +1,6 @@ +from django.apps import AppConfig + + +class FirewallConfig(AppConfig): + default_auto_field = 'django.db.models.BigAutoField' + name = 'firewall' diff --git a/firewall/forms.py b/firewall/forms.py new file mode 100644 index 0000000..e69de29 diff --git a/firewall/migrations/0001_initial.py b/firewall/migrations/0001_initial.py new file mode 100644 index 0000000..58bac13 --- /dev/null +++ b/firewall/migrations/0001_initial.py @@ -0,0 +1,35 @@ +# Generated by Django 5.0.2 on 2024-02-26 12:59 + +import django.db.models.deletion +import uuid +from django.db import migrations, models + + +class Migration(migrations.Migration): + + initial = True + + dependencies = [ + ('wireguard', '0014_alter_wireguardinstance_dns_primary_and_more'), + ] + + operations = [ + migrations.CreateModel( + name='RedirectRule', + fields=[ + ('description', models.CharField(blank=True, max_length=100, null=True)), + ('protocol', models.CharField(choices=[('tcp', 'TCP'), ('udp', 'UDP')], default='tcp', max_length=3)), + ('port', models.PositiveIntegerField(default=8080)), + ('add_forward_rule', models.BooleanField(default=True)), + ('ip_address', models.GenericIPAddressField(blank=True, null=True)), + ('created', models.DateTimeField(auto_now_add=True)), + ('updated', models.DateTimeField(auto_now=True)), + ('uuid', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)), + ('peer', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='wireguard.peer')), + ('wireguard_instance', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, to='wireguard.wireguardinstance')), + ], + options={ + 'unique_together': {('port', 'protocol')}, + }, + ), + ] diff --git a/firewall/migrations/0002_redirectrule_masquerade_source_and_more.py b/firewall/migrations/0002_redirectrule_masquerade_source_and_more.py new file mode 100644 index 0000000..80eb7d7 --- /dev/null +++ b/firewall/migrations/0002_redirectrule_masquerade_source_and_more.py @@ -0,0 +1,23 @@ +# Generated by Django 5.0.2 on 2024-02-26 13:35 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('firewall', '0001_initial'), + ] + + operations = [ + migrations.AddField( + model_name='redirectrule', + name='masquerade_source', + field=models.BooleanField(default=False), + ), + migrations.AlterField( + model_name='redirectrule', + name='ip_address', + field=models.GenericIPAddressField(blank=True, null=True, protocol='IPv4'), + ), + ] diff --git a/firewall/migrations/__init__.py b/firewall/migrations/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/firewall/models.py b/firewall/models.py new file mode 100644 index 0000000..d6b0532 --- /dev/null +++ b/firewall/models.py @@ -0,0 +1,26 @@ +from django.db import models +from wireguard.models import Peer, WireGuardInstance +import uuid + + +class RedirectRule(models.Model): + description = models.CharField(max_length=100, blank=True, null=True) + protocol = models.CharField(max_length=3, default='tcp', choices=[('tcp', 'TCP'), ('udp', 'UDP')]) + port = models.PositiveIntegerField(default=8080) + add_forward_rule = models.BooleanField(default=True) + masquerade_source = models.BooleanField(default=False) + peer = models.ForeignKey(Peer, on_delete=models.CASCADE, blank=True, null=True) + wireguard_instance = models.ForeignKey(WireGuardInstance, on_delete=models.CASCADE, blank=True, null=True) + ip_address = models.GenericIPAddressField(blank=True, null=True, protocol='IPv4') + + created = models.DateTimeField(auto_now_add=True) + updated = models.DateTimeField(auto_now=True) + uuid = models.UUIDField(primary_key=True, editable=False, default=uuid.uuid4) + + def __str__(self): + return self.protocol + '/' + str(self.port) + + class Meta: + unique_together = ['port', 'protocol'] + + diff --git a/firewall/tests.py b/firewall/tests.py new file mode 100644 index 0000000..7ce503c --- /dev/null +++ b/firewall/tests.py @@ -0,0 +1,3 @@ +from django.test import TestCase + +# Create your tests here. diff --git a/firewall/views.py b/firewall/views.py new file mode 100644 index 0000000..8c8a483 --- /dev/null +++ b/firewall/views.py @@ -0,0 +1,15 @@ +from django.shortcuts import render +from firewall.models import RedirectRule + + +def view_redirect_rule_list(request): + context = { + 'page_title': 'Port Forward List', + 'redirect_rule_list': RedirectRule.objects.all().order_by('wireguard_instance', 'protocol', 'port') + } + return render(request, 'firewall/redirect_rule_list.html', context=context) + + +def manage_redirect_rule(request): + context = {'page_title': 'Manage Port Forward'} + return render(request, 'firewall/manage_redirect_rule.html', context=context) \ No newline at end of file diff --git a/templates/base.html b/templates/base.html index ea21cff..362dc34 100644 --- a/templates/base.html +++ b/templates/base.html @@ -102,6 +102,15 @@ +
  • + + +

    + Port Forwarding +

    +     +
    • +
  • diff --git a/templates/firewall/manage_redirect_rule.html b/templates/firewall/manage_redirect_rule.html new file mode 100644 index 0000000..7344a66 --- /dev/null +++ b/templates/firewall/manage_redirect_rule.html @@ -0,0 +1,3 @@ +{% extends 'base.html' %} + +{% block content %}gerenciar regra{%endblock%} \ No newline at end of file diff --git a/templates/firewall/redirect_rule_list.html b/templates/firewall/redirect_rule_list.html new file mode 100644 index 0000000..6f8f5be --- /dev/null +++ b/templates/firewall/redirect_rule_list.html @@ -0,0 +1,3 @@ +{% extends 'base.html' %} + +{% block content %}Lista{%endblock%} \ No newline at end of file diff --git a/wireguard_webadmin/settings.py b/wireguard_webadmin/settings.py index 7b5d3e1..1e0a1e8 100644 --- a/wireguard_webadmin/settings.py +++ b/wireguard_webadmin/settings.py @@ -39,6 +39,7 @@ INSTALLED_APPS = [ 'wireguard', 'user_manager', 'wireguard_tools', + 'firewall', ] MIDDLEWARE = [ diff --git a/wireguard_webadmin/urls.py b/wireguard_webadmin/urls.py index 828de86..33fa656 100644 --- a/wireguard_webadmin/urls.py +++ b/wireguard_webadmin/urls.py @@ -23,6 +23,7 @@ from user_manager.views import view_user_list, view_manage_user from accounts.views import view_create_first_user, view_login, view_logout from wireguard_tools.views import export_wireguard_configs, download_config_or_qrcode, restart_wireguard_interfaces from api.views import wireguard_status, cron_check_updates, cron_update_peer_latest_handshake +from firewall.views import view_redirect_rule_list, manage_redirect_rule urlpatterns = [ @@ -45,5 +46,7 @@ urlpatterns = [ path('api/wireguard_status/', wireguard_status, name='api_wireguard_status'), path('api/cron_check_updates/', cron_check_updates, name='cron_check_updates'), path('api/cron_update_peer_latest_handshake/', cron_update_peer_latest_handshake, name='cron_update_peer_latest_handshake'), + path('firewall/port_forward/', view_redirect_rule_list, name='redirect_rule_list'), + path('firewall/manage_port_forward_rule/', manage_redirect_rule, name='manage_redirect_rule'), ]