Verified Commit 513a1c15 authored by meskio's avatar meskio

[feat] add fw_reload to bitmaskctl

Some systems remove firewall rules, is usefull to be able to script the
reload of those rules in hooks or other custom systems.

- Resolves: #9289
parent 22c9d163
Pipeline #13053 passed with stages
in 63 minutes and 54 seconds
......@@ -43,10 +43,11 @@ SUBCOMMANDS:
get_cert Get VPN Certificate from provider
install Install helpers (needs root)
uninstall Uninstall helpers (needs root)
fw_reload Reload firewall rules
'''.format(name=command.appname)
commands = ['stop', 'install', 'uninstall',
commands = ['stop', 'install', 'uninstall', 'fw_reload',
'enable', 'disable', 'locations', 'countries']
def start(self, raw_args):
......
......@@ -206,6 +206,11 @@ class VPNCmd(SubCommand):
autostart_app('off')
return d
@register_method('dict')
def do_FW_RELOAD(self, vpn, *parts):
d = vpn.fw_reload()
return d
@register_method('dict')
def do_CHECK(self, vpn, *parts):
try:
......
......@@ -182,6 +182,21 @@ class VPNService(HookableService):
self.watchdog.stop()
return {'result': 'vpn stopped'}
def fw_reload(self):
if not self._tunnel:
return {'result': 'VPN was not running'}
if self._firewall.is_up():
fw_ok = self._firewall.stop()
if not fw_ok:
self.log.error('Firewall: error stopping')
fw_ok = self._firewall.start()
if not fw_ok:
raise Exception('Could not start firewall')
return {'result': 'fw reloaded'}
def push_status(self):
try:
statusdict = self.do_status()
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment