Skip to content

Commit 86ce738

Browse files
DingGuodongDingGuodong
committed
improve code robustness
1 parent a364236 commit 86ce738

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

projects/LinuxSystemOps/Security/firewall/add-firewall-rich-rule-to-current-host.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
# Description: allow the login ip access a port on this host
77

88
function remove_an_old_fw_rich_rule() {
9-
wanted_rich_rule=$(firewall-cmd --list-all | awk '/fw_temp_kw_phone/','$1=$1')
9+
wanted_rich_rule=$(firewall-cmd --list-all | awk '/fw_temp_kw_internal/','$1=$1')
1010
if [[ $wanted_rich_rule != "" ]]; then
1111
firewall-cmd --permanent --zone=public --remove-rich-rule="$wanted_rich_rule"
1212
firewall-cmd --reload
@@ -15,7 +15,7 @@ function remove_an_old_fw_rich_rule() {
1515

1616
function add_a_fw_rich_rule() {
1717
from_ip=$(bash -c "w -h | awk '/w -h/ {print \$3}'")
18-
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="$from_ip" port protocol="tcp" port="50009" log prefix="fw_temp_kw_phone" level="info" accept"
18+
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="$from_ip" port protocol="tcp" port="50009" log prefix="fw_temp_kw_internal" level="info" accept"
1919
firewall-cmd --reload
2020
}
2121

0 commit comments

Comments
 (0)