1Panel-dev/1Panel
1
1
Fork 0
mirror of https://github.com/1Panel-dev/1Panel.git synced 2025-12-17 21:08:25 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: Modify the binding position of the 1PANEL_OUTPUT chain (#10945)

Browse source
This commit is contained in:
ssongliu 2025-11-13 15:43:10 +08:00 committed by GitHub
parent 3920076bd9
commit 8c9ae38017
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
agent/app/service/iptables.go
View file

@ -178,10 +178,10 @@ func (s *IptablesService) Operate(req dto.IptablesOp) error {
if err := iptables.AddChain(iptables.FilterTab, iptables.Chain1PanelOutput); err != nil {
return err
}
number := loadBindNumber()
if err := iptables.BindChain(iptables.FilterTab, iptables.ChainOutput, iptables.Chain1PanelOutput, number); err != nil {
if err := iptables.BindChain(iptables.FilterTab, iptables.ChainOutput, iptables.Chain1PanelOutput, 1); err != nil {
return err
}
number := loadBindNumber(iptables.Chain1PanelInput)
if err := iptables.BindChain(iptables.FilterTab, iptables.ChainInput, iptables.Chain1PanelInput, number); err != nil {
return err
}
@ -212,7 +212,7 @@ func (s *IptablesService) Operate(req dto.IptablesOp) error {
}
return nil
case "bind":
if err := iptables.BindChain(iptables.FilterTab, targetChain, req.Name, loadBindNumber()); err != nil {
if err := iptables.BindChain(iptables.FilterTab, targetChain, req.Name, loadBindNumber(req.Name)); err != nil {
return err
}
return nil
@ -289,7 +289,10 @@ func (s *IptablesService) validateIPOrCIDR(ipStr string) error {
return nil
}
func loadBindNumber() int {
func loadBindNumber(chain string) int {
if chain == iptables.Chain1PanelOutput {
return 1
}
number := 1
if exist, _ := iptables.CheckChainExist(iptables.FilterTab, iptables.Chain1PanelBasicBefore); exist {
number++