kobalt/kaskad-pro
1
0
Fork 0
mirror of https://github.com/anten-ka/kaskad-pro.git synced 2026-05-19 11:26:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix UFW cleanup: close ports on rule delete, flush, and full uninstall

Browse Source 
Made-with: Cursor
This commit is contained in:
anten-ka
2026-03-07 12:39:31 +03:00
parent 6c781a9e48
commit 3dd10c679b
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
install.sh
View File

@@ -521,6 +521,9 @@ delete_single_rule() {
iptables -t nat -D PREROUTING -p "$d_proto" --dport "$d_port" -j DNAT --to-destination "$d_dest" 2>/dev/null
iptables -S INPUT 2>/dev/null | grep "kaskad:${d_port}:${d_proto}" | while read -r rule; do eval "iptables -D ${rule#-A }" 2>/dev/null; done
iptables -S FORWARD 2>/dev/null | grep "kaskad:${d_port}:${d_proto}" | while read -r rule; do eval "iptables -D ${rule#-A }" 2>/dev/null; done
if command -v ufw &>/dev/null && ufw status 2>/dev/null | grep -q "Status: active"; then
ufw delete allow "$d_port/$d_proto" > /dev/null 2>&1
fi
save_iptables
log_action "DELETE rule: $d_proto :$d_port -> $d_dest"
echo -e "${GREEN}[OK] Правило удалено.${NC}"; read -p "Нажмите Enter..."
@@ -531,6 +534,12 @@ flush_rules() {
echo "Будут удалены только правила Kaskad."
read -p "Уверены? (y/n): " confirm
if [[ "$confirm" == "y" ]]; then
if command -v ufw &>/dev/null && ufw status 2>/dev/null | grep -q "Status: active"; then
iptables -S INPUT 2>/dev/null | grep "kaskad" | grep -oP '(?<=--dport )\d+' | while read -r p; do
local pr; pr=$(iptables -S INPUT 2>/dev/null | grep "kaskad" | grep "\b${p}\b" | grep -oP '(?<=-p )\w+' | head -1)
[ -n "$pr" ] && ufw delete allow "$p/$pr" > /dev/null 2>&1
done
fi
while iptables -t nat -S PREROUTING 2>/dev/null | grep -q "DNAT"; do
local rule; rule=$(iptables -t nat -S PREROUTING | grep "DNAT" | head -1)
eval "iptables -t nat -D ${rule#-A }" 2>/dev/null
@@ -592,6 +601,13 @@ full_uninstall() {
rm -f /etc/systemd/system/kaskad-monitor.service
systemctl daemon-reload 2>/dev/null
echo -e " ${GREEN}${NC} Мониторинг остановлен"
if command -v ufw &>/dev/null && ufw status 2>/dev/null | grep -q "Status: active"; then
iptables -S INPUT 2>/dev/null | grep "kaskad" | grep -oP '(?<=--dport )\d+' | while read -r p; do
local pr; pr=$(iptables -S INPUT 2>/dev/null | grep "kaskad" | grep "\b${p}\b" | grep -oP '(?<=-p )\w+' | head -1)
[ -n "$pr" ] && ufw delete allow "$p/$pr" > /dev/null 2>&1
done
echo -e " ${GREEN}${NC} Правила UFW очищены"
fi
while iptables -t nat -S PREROUTING 2>/dev/null | grep -q "DNAT"; do
local rule; rule=$(iptables -t nat -S PREROUTING | grep "DNAT" | head -1)
eval "iptables -t nat -D ${rule#-A }" 2>/dev/null