diff --git a/ProxySU_Core/Models/Developers/IParameters.cs b/ProxySU_Core/Models/Developers/IParameters.cs index 11554c0..e532214 100644 --- a/ProxySU_Core/Models/Developers/IParameters.cs +++ b/ProxySU_Core/Models/Developers/IParameters.cs @@ -9,5 +9,7 @@ namespace ProxySU_Core.Models.Developers int Port { get; set; } string Domain { get; set; } + + List Types { get; set; } } } diff --git a/ProxySU_Core/Models/Developers/Project.cs b/ProxySU_Core/Models/Developers/Project.cs index 414f3ad..7f23b83 100644 --- a/ProxySU_Core/Models/Developers/Project.cs +++ b/ProxySU_Core/Models/Developers/Project.cs @@ -222,10 +222,7 @@ namespace ProxySU_Core.Models.Developers } } - /// - /// 配置防火墙 - /// - protected void ConfigureFirewall() + protected void ClosePort(params int[] portList) { string cmd; @@ -240,43 +237,88 @@ namespace ProxySU_Core.Models.Developers RunCmd("systemctl restart firewalld"); } - if (Parameters.Port == 443) + foreach (var port in portList) { - RunCmd("firewall-cmd --zone=public --add-port=80/tcp --permanent"); - RunCmd("firewall-cmd --zone=public --add-port=443/tcp --permanent"); - RunCmd("firewall-cmd --zone=public --add-port=80/udp --permanent"); - RunCmd("firewall-cmd --zone=public --add-port=443/udp --permanent"); - RunCmd("yes | firewall-cmd --reload"); + RunCmd($"firewall-cmd --zone=public --remove-port={port}/tcp --permanent"); + RunCmd($"firewall-cmd --zone=public --remove-port={port}/udp --permanent"); } - else - { - RunCmd($"firewall-cmd --zone=public --add-port={Parameters.Port}/tcp --permanent"); - RunCmd($"firewall-cmd --zone=public --add-port={Parameters.Port}/udp --permanent"); - RunCmd("yes | firewall-cmd --reload"); - } - return; + RunCmd("yes | firewall-cmd --reload"); } + else + { + cmd = RunCmd("command -v ufw"); + if (!string.IsNullOrEmpty(cmd)) + { + foreach (var port in portList) + { + RunCmd($"ufw delete allow {port}/tcp"); + RunCmd($"ufw delete allow {port}/udp"); + } + RunCmd("yes | ufw reload"); + } + } + } - cmd = RunCmd("command -v ufw"); + protected void OpenPort(params int[] portList) + { + + string cmd; + + cmd = RunCmd("command -v firewall-cmd"); if (!string.IsNullOrEmpty(cmd)) { - if (Parameters.Port == 443) + //有很奇怪的vps主机,在firewalld未运行时,端口是关闭的,无法访问。所以要先启动firewalld + //用于保证acme.sh申请证书成功 + cmd = RunCmd("firewall-cmd --state"); + if (cmd.Trim() != "running") { - RunCmd("ufw allow 80/tcp"); - RunCmd("ufw allow 443/tcp"); - RunCmd("ufw allow 80/udp"); - RunCmd("ufw allow 443/udp"); - RunCmd("yes | ufw reload"); + RunCmd("systemctl restart firewalld"); } - else + + foreach (var port in portList) { - RunCmd($"ufw allow {Parameters.Port}/tcp"); - RunCmd($"ufw allow {Parameters.Port}/udp"); + RunCmd($"firewall-cmd --zone=public --add-port={port}/tcp --permanent"); + RunCmd($"firewall-cmd --zone=public --add-port={port}/udp --permanent"); + } + RunCmd("yes | firewall-cmd --reload"); + } + else + { + cmd = RunCmd("command -v ufw"); + if (!string.IsNullOrEmpty(cmd)) + { + foreach (var port in portList) + { + RunCmd($"ufw allow {port}/tcp"); + RunCmd($"ufw allow {port}/udp"); + } RunCmd("yes | ufw reload"); } } } + /// + /// 配置防火墙 + /// + protected void ConfigureFirewall() + { + var portList = new List(); + portList.Add(80); + portList.Add(Parameters.Port); + + if (Parameters.Types.Contains(XrayType.ShadowsocksAEAD)) + { + portList.Add(ConfigBuilder.ShadowSocksPort); + } + + if (Parameters.Types.Contains(XrayType.VMESS_KCP)) + { + portList.Add(ConfigBuilder.VMESS_mKCP_Port); + } + + OpenPort(portList.ToArray()); + } + /// /// 配置同步时间差 /// diff --git a/ProxySU_Core/Models/Developers/XrayProject.cs b/ProxySU_Core/Models/Developers/XrayProject.cs index 309f5fe..98a550e 100644 --- a/ProxySU_Core/Models/Developers/XrayProject.cs +++ b/ProxySU_Core/Models/Developers/XrayProject.cs @@ -111,6 +111,8 @@ namespace ProxySU_Core.Models.Developers UninstallXray(); WriteOutput("卸载证书"); UninstallAcme(); + WriteOutput("关闭端口"); + ClosePort(ConfigBuilder.ShadowSocksPort, ConfigBuilder.VLESS_mKCP_Port, ConfigBuilder.VMESS_mKCP_Port); WriteOutput("************ 卸载完成 ************"); } @@ -134,6 +136,7 @@ namespace ProxySU_Core.Models.Developers { EnsureRootAuth(); EnsureSystemEnv(); + ConfigureFirewall(); var configJson = ConfigBuilder.BuildXrayConfig(Parameters); var stream = new MemoryStream(Encoding.UTF8.GetBytes(configJson)); RunCmd("rm -rf /usr/local/etc/xray/config.json"); diff --git a/ProxySU_Core/Views/TerminalWindow.xaml.cs b/ProxySU_Core/Views/TerminalWindow.xaml.cs index a9f4b07..b191556 100644 --- a/ProxySU_Core/Views/TerminalWindow.xaml.cs +++ b/ProxySU_Core/Views/TerminalWindow.xaml.cs @@ -114,7 +114,9 @@ namespace ProxySU_Core } catch (Exception ex) { + WriteOutput("登陆失败!"); WriteOutput(ex.Message); + return; } WriteOutput("登陆服务器成功!");