Fixed firewalld setting in CentOS 7

2016-05-12 22:41:34 +09:00 · 2016-05-12 22:41:34 +09:00 · 3831e2bf52
commit 3831e2bf52
parent 33beecbab2
1 changed files with 49 additions and 31 deletions
--- a/shadowsocks-go.sh
+++ b/shadowsocks-go.sh
@ -10,14 +10,14 @@ export PATH
 #==================================================================

 clear
-echo ""
+echo
 echo "#############################################################"
 echo "# One click Install Shadowsocks-go server                   #"
 echo "# Intro: https://teddysun.com/392.html                      #"
 echo "# Author: Teddysun <i@teddysun.com>                         #"
 echo "# Thanks: @cyfdecyf <https://twitter.com/cyfdecyf>          #"
 echo "#############################################################"
-echo ""
+echo

 # Make sure only root can run our script
 function rootness(){
@ -68,7 +68,7 @@ function is_64bit(){
        return 0
    else
        return 1
-    fi        
+    fi
 }

 # Disable selinux
@ -85,11 +85,11 @@ function pre_install(){
    echo "Please input password for shadowsocks-go:"
    read -p "(Default password: teddysun.com):" shadowsockspwd
    [ -z "$shadowsockspwd" ] && shadowsockspwd="teddysun.com"
-    echo ""
+    echo
    echo "---------------------------"
    echo "password = $shadowsockspwd"
    echo "---------------------------"
-    echo ""
+    echo
    # Set shadowsocks-go config port
    while true
    do
@ -99,11 +99,11 @@ function pre_install(){
    expr $shadowsocksport + 0 &>/dev/null
    if [ $? -eq 0 ]; then
        if [ $shadowsocksport -ge 1 ] && [ $shadowsocksport -le 65535 ]; then
-            echo ""
+            echo
            echo "---------------------------"
            echo "port = $shadowsocksport"
            echo "---------------------------"
-            echo ""
+            echo
            break
        else
            echo "Input error! Please input correct numbers."
@ -121,7 +121,7 @@ function pre_install(){
        stty echo
        stty $SAVEDSTTY
    }
-    echo ""
+    echo
    echo "Press any key to start...or Press Ctrl+C to cancel"
    char=`get_char`
    #Install necessary dependencies
@ -138,7 +138,7 @@ function pre_install(){
        IP=$(curl -s -4 ipinfo.io/ip)
    fi
    echo -e "Your main public IP is\t\033[32m$IP\033[0m"
-    echo ""
+    echo
    #Current folder
    cur_dir=`pwd`
 }
@ -205,23 +205,43 @@ function config_shadowsocks(){
 EOF
 }

-# iptables set
-function iptables_set(){
-    echo "iptables start setting..."
-    /sbin/service iptables status 1>/dev/null 2>&1
-    if [ $? -eq 0 ]; then
-        /sbin/iptables -L -n | grep '${shadowsocksport}' | grep 'ACCEPT' >/dev/null 2>&1
-        if [ $? -ne 0 ]; then
-            /sbin/iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${shadowsocksport} -j ACCEPT
-            /sbin/iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${shadowsocksport} -j ACCEPT
-            /etc/init.d/iptables save
-            /etc/init.d/iptables restart
+# firewall set
+function firewall_set(){
+    echo "firewall set start..."
+    if centosversion 6; then
+        /etc/init.d/iptables status > /dev/null 2>&1
+        if [ $? -eq 0 ]; then
+            iptables -L -n | grep '${shadowsocksport}' | grep 'ACCEPT' > /dev/null 2>&1
+            if [ $? -ne 0 ]; then
+                iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${shadowsocksport} -j ACCEPT
+                iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${shadowsocksport} -j ACCEPT
+                /etc/init.d/iptables save
+                /etc/init.d/iptables restart
+            else
+                echo "port ${shadowsocksport} has been set up."
+            fi
        else
-            echo "port ${shadowsocksport} has been set up."
+            echo "WARNING: iptables looks like shutdown or not installed, please manually set it if necessary."
+        fi
+    elif centosversion 7; then
+        systemctl status firewalld > /dev/null 2>&1
+        if [ $? -eq 0 ];then
+            firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/tcp
+            firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/udp
+            firewall-cmd --reload
+        else
+            echo "Firewalld looks like not running, try to start..."
+            systemctl start firewalld
+            if [ $? -eq 0 ];then
+                firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/tcp
+                firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/udp
+                firewall-cmd --reload
+            else
+                echo "WARNING: Try to start firewalld failed. please enable port ${shadowsocksport} manually if necessary."
+            fi
        fi
-    else
-        echo "iptables looks like shutdown, please manually set it if necessary."
    fi
+    echo "firewall set completed..."
 }

 # Install 
@ -247,23 +267,23 @@ function install_go(){
            echo "Shadowsocks-go start failure!"
        fi
    else
-        echo ""
+        echo
        echo "shadowsocks-go install failed!"
        exit 1
    fi
    cd $cur_dir
    clear
-    echo ""
+    echo
    echo "Congratulations, shadowsocks-go install completed!"
    echo -e "Your Server IP: \033[41;37m ${IP} \033[0m"
    echo -e "Your Server Port: \033[41;37m ${shadowsocksport} \033[0m"
    echo -e "Your Password: \033[41;37m ${shadowsockspwd} \033[0m"
    echo -e "Your Local Port: \033[41;37m 1080 \033[0m"
    echo -e "Your Encryption Method: \033[41;37m aes-256-cfb \033[0m"
-    echo ""
+    echo
    echo "Welcome to visit:https://teddysun.com/392.html"
    echo "Enjoy it!"
-    echo ""
+    echo
    exit 0
 }

@ -307,9 +327,7 @@ function install_shadowsocks_go(){
    config_shadowsocks
    install_go
    if [ "$OS" == 'CentOS' ]; then
-        if centosversion 6; then
-            iptables_set
-        fi
+        firewall_set
    fi
 }

@ -327,4 +345,4 @@ uninstall)
    echo "Arguments error! [${action} ]"
    echo "Usage: `basename $0` {install|uninstall}"
    ;;
-esac
+esac