d3m0k1d/BanForge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 14 Wiki Activity

feat: add logic for PortClose and PortOpen on interfaces
All checks were successful
build / build (push) Successful in 2m4s
Details

Browse Source
This commit is contained in:
d3m0k1d
2026-02-09 21:31:19 +03:00
parent 9519eedf4f
commit aacc98668f
5 changed files with 197 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
internal/blocker/nftables.go
View File

@@ -3,6 +3,7 @@ package blocker
import (
"fmt"
"os/exec"
"strconv"
"strings"
"github.com/d3m0k1d/BanForge/internal/logger"
@@ -166,11 +167,78 @@ func (n *Nftables) findRuleHandle(ip string) (string, error) {
return "", nil
}
func (n *Nftables) PortOpen(port int) error {
func (n *Nftables) PortOpen(port int, protocol string) error {
if port >= 0 && port <= 65535 {
if protocol != "tcp" && protocol != "udp" {
n.logger.Error("invalid protocol")
return fmt.Errorf("invalid protocol")
}
s := strconv.Itoa(port)
// #nosec G204 - managed by system adminstartor
cmd := exec.Command(
"nft",
"add",
"rule",
"inet",
"banforge",
"input",
protocol,
"dport",
s,
"accept",
)
output, err := cmd.CombinedOutput()
if err != nil {
n.logger.Error(err.Error())
return err
}
n.logger.Info("Add port " + s + " " + string(output))
err = saveNftablesConfig(n.config)
if err != nil {
n.logger.Error("failed to save config",
"config_path", n.config,
"error", err.Error())
return err
}
}
return nil
}
func (n *Nftables) PortClose(port int) error {
func (n *Nftables) PortClose(port int, protocol string) error {
if port >= 0 && port <= 65535 {
if protocol != "tcp" && protocol != "udp" {
n.logger.Error("invalid protocol")
return fmt.Errorf("invalid protocol")
}
s := strconv.Itoa(port)
// #nosec G204 - managed by system adminstartor
cmd := exec.Command(
"nft",
"add",
"rule",
"inet",
"banforge",
"input",
protocol,
"dport",
s,
"drop",
)
output, err := cmd.CombinedOutput()
if err != nil {
n.logger.Error(err.Error())
return err
}
n.logger.Info("Add port " + s + " " + string(output))
err = saveNftablesConfig(n.config)
if err != nil {
n.logger.Error("failed to save config",
"config_path", n.config,
"error", err.Error())
return err
}
}
return nil
}