diff options
author | Brian May <brian@linuxpenguins.xyz> | 2015-12-15 13:39:00 +1100 |
---|---|---|
committer | Brian May <brian@linuxpenguins.xyz> | 2015-12-15 13:39:00 +1100 |
commit | 1e81bf3dfc125bab97a81c4070d7f95c7d2cf212 (patch) | |
tree | 9701b531d6f5f53a76ddfd75f44dea418dd27694 | |
parent | 7362ba9f5256103a276cd5301caa13ffe1cc12a7 (diff) |
Mirror setup/restore logic
-rw-r--r-- | sshuttle/firewall.py | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/sshuttle/firewall.py b/sshuttle/firewall.py index 8d7c011..f16aac6 100644 --- a/sshuttle/firewall.py +++ b/sshuttle/firewall.py @@ -175,21 +175,20 @@ def main(method_name, syslog): udp = bool(int(udp)) debug2('firewall manager: Got udp: %r\n' % udp) + subnets_v6 = [i for i in subnets if i[0] == socket.AF_INET6] + nslist_v6 = [i for i in nslist if i[0] == socket.AF_INET6] + subnets_v4 = [i for i in subnets if i[0] == socket.AF_INET] + nslist_v4 = [i for i in nslist if i[0] == socket.AF_INET] + try: debug1('firewall manager: setting up.\n') - subnets_v6 = [i for i in subnets if i[0] == socket.AF_INET6] - nslist_v6 = [i for i in nslist if i[0] == socket.AF_INET6] - if len(subnets_v6) > 0 or len(nslist_v6) > 0: debug2('firewall manager: setting up IPv6.\n') method.setup_firewall( port_v6, dnsport_v6, nslist_v6, socket.AF_INET6, subnets_v6, udp) - subnets_v4 = [i for i in subnets if i[0] == socket.AF_INET] - nslist_v4 = [i for i in nslist if i[0] == socket.AF_INET] - if len(subnets_v4) > 0 or len(nslist_v4) > 0: debug2('firewall manager: setting up IPv4.\n') method.setup_firewall( @@ -227,7 +226,7 @@ def main(method_name, syslog): pass try: - if port_v6: + if len(subnets_v6) > 0 or len(nslist_v6) > 0: debug2('firewall manager: undoing IPv6 changes.\n') method.restore_firewall(port_v6, socket.AF_INET6, udp) except: @@ -240,9 +239,9 @@ def main(method_name, syslog): pass try: - if port_v4: + if len(subnets_v4) > 0 or len(nslist_v4) > 0: debug2('firewall manager: undoing IPv4 changes.\n') - method.restore_firewall(port_v4, socket.AF_INET, udp) + method.restore_firewall(port_v4, socket.AF_INET, udp) except: try: debug1("firewall manager: " |