-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfirewall_remove.py
More file actions
31 lines (24 loc) · 1.01 KB
/
firewall_remove.py
File metadata and controls
31 lines (24 loc) · 1.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
from scriptlets._common.get_firewall import get_available_firewall
import subprocess
def firewall_remove(port: int, protocol: str = 'tcp') -> None:
"""
Removes a specific port from the system's firewall.
Supports UFW, Firewalld, and iptables.
Args:
port (int): The port number to remove.
protocol (str, optional): The protocol to use ('tcp' or 'udp'). Defaults to 'tcp'.
"""
firewall = get_available_firewall()
if firewall == 'ufw':
cmd = ['ufw', 'delete', 'allow', f'{port}/{protocol}']
subprocess.run(cmd, check=True)
elif firewall == 'firewalld':
cmd = ['firewall-cmd', '--permanent', '--remove-port', f'{port}/{protocol}']
subprocess.run(cmd, check=True)
subprocess.run(['firewall-cmd', '--reload'], check=True)
elif firewall == 'iptables':
cmd = ['iptables', '-D', 'INPUT', '-p', protocol, '--dport', str(port), '-j', 'ACCEPT']
subprocess.run(cmd, check=True)
subprocess.run(['service', 'iptables', 'save'], check=True)
else:
raise RuntimeError("No supported firewall found on the system.")