fix: Modify the unbound status of iptables firewall (#10928)

2025-12-18 21:38:57 +08:00 · 2025-11-12 14:46:44 +08:00 · 2025-11-12 14:46:44 +08:00 · d631888d09
commit d631888d09
parent afd62e8539
13 changed files with 73 additions and 89 deletions
--- a/frontend/src/lang/modules/en.ts
+++ b/frontend/src/lang/modules/en.ts
@ -2858,7 +2858,10 @@ const message = {
        postCheck: 'POST parameter verification',
        cookieBlockList: 'Cookie blocklist',

-        dockerHelper: `Linux firewall "{0}" can't disable Docker port mapping. The application can edit the parameters on the "App Store -> Installed" page to control whether the port is released.`,
+        dockerHelper:
+            'The current firewall cannot disable container port mapping. Installed applications can go to the [Installed] page to edit application parameters and configure port release rules.',
+        iptablesHelper:
+            'Detected that the system is using {0} firewall. To switch to iptables, please uninstall it manually first!',
        quickJump: 'Quick access',
        used: 'Used',
        unUsed: 'Unused',
@ -2919,7 +2922,7 @@ const message = {
        importSuccess: 'Successfully imported {0} rules',
        importPartialSuccess: 'Import completed: {0} succeeded, {1} failed',

-        basicStatus: 'Current chain {0} status is unbound. Added firewall rules will take effect after binding!',
+        basicStatus: 'Current chain {0} is unbound, please bind first!',
        baseIptables: 'Iptables Service',
        forwardIptables: 'Iptables Port Forwarding Service',
        advanceIptables: 'Iptables Advanced Configuration Service',
--- a/frontend/src/lang/modules/es-es.ts
+++ b/frontend/src/lang/modules/es-es.ts
@ -2831,7 +2831,10 @@ const message = {
        argsCheck: 'Verificación de parámetros GET',
        postCheck: 'Verificación de parámetros POST',
        cookieBlockList: 'Lista negra de cookies',
-        dockerHelper: `El firewall de Linux "{0}" no puede deshabilitar el mapeo de puertos de Docker. La aplicación puede editar los parámetros en la página "App Store -> Instaladas" para controlar si el puerto se libera.`,
+        dockerHelper:
+            'El firewall actual no puede deshabilitar el mapeo de puertos de contenedores. Las aplicaciones instaladas pueden ir a la página [Instaladas] para editar los parámetros de la aplicación y configurar reglas de liberación de puertos.',
+        iptablesHelper:
+            'Se detectó que el sistema está usando el firewall {0}. Para cambiar a iptables, ¡desinstálelo manualmente primero!',
        quickJump: 'Acceso rápido',
        used: 'En uso',
        unUsed: 'No usado',
@ -2892,8 +2895,7 @@ const message = {
        importSuccess: 'Se importaron correctamente {0} reglas',
        importPartialSuccess: 'Importación completada: {0} correctas, {1} fallidas',

-        basicStatus:
-            'El estado actual de la cadena {0} es no vinculado. ¡Las reglas de firewall agregadas surtirán efecto después de la vinculación!',
+        basicStatus: 'La cadena actual {0} no está vinculada, ¡vincule primero!',
        baseIptables: 'Servicio Iptables',
        forwardIptables: 'Servicio de Reenvío de Puertos Iptables',
        advanceIptables: 'Servicio de Configuración Avanzada de Iptables',
--- a/frontend/src/lang/modules/ja.ts
+++ b/frontend/src/lang/modules/ja.ts
@ -2774,7 +2774,10 @@ const message = {
        postCheck: 'パラメーターの検証を投稿します',
        cookieBlockList: 'クッキーブロックリスト',

-        dockerHelper: `Linuxファイアウォール「{0}」ではDockerポートマッピングを無効にできません。アプリケーションは「アプリストア -> インストール済み」ページでパラメータを編集することにより、ポートの解放を制御できます。`,
+        dockerHelper:
+            '現在のファイアウォールではコンテナのポートマッピングを無効にできません。インストール済みアプリケーションは【インストール済み】ページでアプリケーションパラメータを編集し、ポート開放ルールを設定できます。',
+        iptablesHelper:
+            'システムが {0} ファイアウォールを使用していることを検出しました。iptables に切り替えるには、まず手動でアンインストールしてください！',
        quickJump: 'クイックアクセス',
        used: '使用済み',
        unUsed: '未使用',
@ -2835,8 +2838,7 @@ const message = {
        importSuccess: '{0} 件のルールを正常にインポートしました',
        importPartialSuccess: 'インポート完了: {0} 件成功、{1} 件失敗',

-        basicStatus:
-            '現在のチェーン {0} の状態は未バインドです。追加されたファイアウォールルールはバインド後に有効になります！',
+        basicStatus: '現在のチェーン {0} は未バインドです。まずバインドしてください！',
        baseIptables: 'Iptables サービス',
        forwardIptables: 'Iptables ポート転送サービス',
        advanceIptables: 'Iptables 高度な設定サービス',
--- a/frontend/src/lang/modules/ko.ts
+++ b/frontend/src/lang/modules/ko.ts
@ -2725,8 +2725,9 @@ const message = {
        postCheck: 'POST 파라미터 검사',
        cookieBlockList: '쿠키 차단 목록',
        dockerHelper:
-            '리눅스 방화벽 "{0}"은(는) Docker 포트 매핑을 비활성화할 수 없습니다. 애플리케이션은 "앱 스토어 -> 설치됨" 페이지에서 매핑 포트를 해제할 수 있는 파라미터를 수정해야 합니다.',
-        quickJump: '빠른 접근',
+            '현재 방화벽은 컨테이너 포트 매핑을 비활성화할 수 없습니다. 설치된 애플리케이션은 [설치됨] 페이지에서 애플리케이션 매개변수를 편집하고 포트 해제 규칙을 구성할 수 있습니다.',
+        iptablesHelper:
+            '시스템이 {0} 방화벽을 사용 중인 것으로 감지되었습니다. iptables로 전환하려면 먼저 수동으로 제거하세요!',
        used: '사용됨',
        unUsed: '사용 안 함',
        dockerRestart: '방화벽 작업에는 Docker 서비스 재시작이 필요합니다',
@ -2785,7 +2786,7 @@ const message = {
        importSuccess: '{0}개의 규칙을 성공적으로 가져왔습니다',
        importPartialSuccess: '가져오기 완료: 성공 {0}건, 실패 {1}건',

-        basicStatus: '현재 체인 {0} 상태가 바인딩되지 않았습니다. 추가된 방화벽 규칙은 바인딩 후에 효과가 발생합니다!',
+        basicStatus: '현재 체인 {0}이(가) 바인딩되지 않았습니다. 먼저 바인딩하세요!',
        baseIptables: 'Iptables 서비스',
        forwardIptables: 'Iptables 포트 포워딩 서비스',
        advanceIptables: 'Iptables 고급 구성 서비스',
--- a/frontend/src/lang/modules/ms.ts
+++ b/frontend/src/lang/modules/ms.ts
@ -2836,7 +2836,10 @@ const message = {
        postCheck: 'Pengesahan parameter POST',
        cookieBlockList: 'Senarai blok Cookie',

-        dockerHelper: `Firewall Linux "{0}" tidak boleh melumpuhkan pemetaan port Docker. Aplikasi boleh mengedit parameter pada halaman "App Store -> Installed" untuk mengawal sama ada port dilepaskan.`,
+        dockerHelper:
+            'Firewall semasa tidak boleh melumpuhkan pemetaan port bekas. Aplikasi yang dipasang boleh pergi ke halaman [Dipasang] untuk mengedit parameter aplikasi dan mengkonfigurasi peraturan pelepasan port.',
+        iptablesHelper:
+            'Dikesan sistem menggunakan firewall {0}. Untuk beralih ke iptables, sila nyahpasang secara manual dahulu!',
        quickJump: 'Akses pantas',
        used: 'Digunakan',
        unUsed: 'Tidak Digunakan',
@ -2899,8 +2902,7 @@ const message = {
        importSuccess: '{0} peraturan berjaya diimport',
        importPartialSuccess: 'Import selesai: {0} berjaya, {1} gagal',

-        basicStatus:
-            'Status rantaian semasa {0} adalah tidak terikat. Peraturan firewall yang ditambah akan berkuat kuasa selepas pengikatan!',
+        basicStatus: 'Rantaian semasa {0} tidak terikat, sila ikat dahulu!',
        baseIptables: 'Perkhidmatan Iptables',
        forwardIptables: 'Perkhidmatan Penerusan Port Iptables',
        advanceIptables: 'Perkhidmatan Konfigurasi Lanjutan Iptables',
--- a/frontend/src/lang/modules/pt-br.ts
+++ b/frontend/src/lang/modules/pt-br.ts
@ -2844,7 +2844,9 @@ const message = {
        cookieBlockList: 'Lista de cookies bloqueados',

        dockerHelper:
-            'O firewall do Linux "{0}" não pode desativar o mapeamento de portas do Docker. O aplicativo pode editar os parâmetros na página "App Store -> Instalados" para controlar se a porta será liberada.',
+            'O firewall atual não pode desativar o mapeamento de porta de contêiner. Aplicativos instalados podem ir para a página [Instalados] para editar parâmetros do aplicativo e configurar regras de liberação de porta.',
+        iptablesHelper:
+            'Detectado que o sistema está usando o firewall {0}. Para mudar para iptables, desinstale-o manualmente primeiro!',
        quickJump: 'Acesso rápido',
        used: 'Usado',
        unUsed: 'Não usado',
@ -2906,8 +2908,7 @@ const message = {
        importSuccess: '{0} regras importadas com sucesso',
        importPartialSuccess: 'Importação concluída: {0} sucesso, {1} falha',

-        basicStatus:
-            'O status atual da cadeia {0} é não vinculado. As regras de firewall adicionadas entrarão em vigor após a vinculação!',
+        basicStatus: 'A cadeia atual {0} não está vinculada, vincule primeiro!',
        baseIptables: 'Serviço Iptables',
        forwardIptables: 'Serviço de Encaminhamento de Porta Iptables',
        advanceIptables: 'Serviço de Configuração Avançada do Iptables',
--- a/frontend/src/lang/modules/ru.ts
+++ b/frontend/src/lang/modules/ru.ts
@ -2837,7 +2837,9 @@ const message = {
        cookieBlockList: 'Черный список Cookie',

        dockerHelper:
-            'Межсетевой экран Linux "{0}" не может отключить сопоставление портов Docker. Приложение может редактировать параметры на странице "Магазин приложений -> Установленные" для контроля открытия портов.',
+            'Текущий брандмауэр не может отключить сопоставление портов контейнера. Установленные приложения могут перейти на страницу [Установленные], чтобы редактировать параметры приложения и настраивать правила открытия портов.',
+        iptablesHelper:
+            'Обнаружено, что система использует брандмауэр {0}. Чтобы переключиться на iptables, сначала удалите его вручную!',
        quickJump: 'Быстрый доступ',
        used: 'Используется',
        unUsed: 'Не используется',
@ -2899,8 +2901,7 @@ const message = {
        importSuccess: 'Успешно импортировано {0} правил',
        importPartialSuccess: 'Импорт завершён: {0} успешно, {1} с ошибкой',

-        basicStatus:
-            'Текущий статус цепочки {0} - не привязан. Добавленные правила брандмауэра вступят в силу после привязки!',
+        basicStatus: 'Текущая цепочка {0} не привязана, сначала привяжите!',
        baseIptables: 'Сервис Iptables',
        forwardIptables: 'Сервис Переадресации Порта Iptables',
        advanceIptables: 'Сервис Расширенной Конфигурации Iptables',
--- a/frontend/src/lang/modules/tr.ts
+++ b/frontend/src/lang/modules/tr.ts
@ -2896,7 +2896,9 @@ const message = {
        cookieBlockList: 'Çerez engelleme listesi',

        dockerHelper:
-            'Linux güvenlik duvarı "{0}", Docker bağlantı noktası eşlemesini devre dışı bırakamaz. Uygulama, bağlantı noktasının serbest bırakılıp bırakılmayacağını kontrol etmek için "Uygulama Mağazası -> Kurulu" sayfasında parametreleri düzenleyebilir.',
+            'Mevcut güvenlik duvarı konteyner port eşlemesini devre dışı bırakamaz. Yüklü uygulamalar, uygulama parametrelerini düzenlemek ve port serbest bırakma kurallarını yapılandırmak için [Yüklü] sayfasına gidebilir.',
+        iptablesHelper:
+            "Sistemin {0} güvenlik duvarını kullandığı tespit edildi. iptables'a geçmek için lütfen önce manuel olarak kaldırın!",
        quickJump: 'Hızlı erişim',
        used: 'Kullanıldı',
        unUsed: 'Kullanılmadı',
@ -2957,8 +2959,7 @@ const message = {
        importSuccess: '{0} kural başarıyla içe aktarıldı',
        importPartialSuccess: 'İçe aktarma tamamlandı: {0} başarılı, {1} başarısız',

-        basicStatus:
-            'Mevcut zincir {0} durumu bağlı değil. Eklenen güvenlik duvarı kuralları bağlandıktan sonra etkili olacak!',
+        basicStatus: 'Mevcut zincir {0} bağlı değil, lütfen önce bağlayın!',
        baseIptables: 'Iptables Servisi',
        forwardIptables: 'Iptables Port Yönlendirme Servisi',
        advanceIptables: 'Iptables Gelişmiş Yapılandırma Servisi',
--- a/frontend/src/lang/modules/zh-Hant.ts
+++ b/frontend/src/lang/modules/zh-Hant.ts
@ -2656,7 +2656,8 @@ const message = {
        postCheck: 'POST 參數校驗',
        cookieBlockList: 'Cookie 黑名單',

-        dockerHelper: 'Linux 防火牆 {0} 無法停用 Docker 埠映射，應用可以在 [已安裝] 頁面編輯參數來控制埠是否放開',
+        dockerHelper: '目前防火牆無法停用容器端口映射，已安裝應用可前往【已安裝】頁面編輯應用參數，設定端口放行規則。',
+        iptablesHelper: '偵測到系統正在使用 {0} 防火牆，如需切換至 iptables，請先手動解除安裝！',
        quickJump: '快速跳轉',
        used: '已使用',
        unUsed: '未使用',
@ -2709,7 +2710,7 @@ const message = {
        importSuccess: '成功匯入 {0} 條規則',
        importPartialSuccess: '匯入完成：成功 {0} 條，失敗 {1} 條',

-        basicStatus: '目前鏈 {0} 狀態為未綁定，已新增的防火牆規則需要綁定後生效！',
+        basicStatus: '目前未綁定鏈 {0} ，請先綁定！',
        baseIptables: 'Iptables 服務',
        forwardIptables: 'Iptables 端口轉發服務',
        advanceIptables: 'Iptables 進階設定服務',
--- a/frontend/src/lang/modules/zh.ts
+++ b/frontend/src/lang/modules/zh.ts
@ -2654,7 +2654,8 @@ const message = {
        postCheck: 'POST 参数校验',
        cookieBlockList: 'Cookie 黑名单',

-        dockerHelper: 'Linux 防火墙 {0} 无法禁用 Docker 端口映射，应用可以在 [已安装] 页面编辑参数来控制端口是否放开',
+        dockerHelper: '当前防火墙无法禁用容器端口映射，已安装应用可前往【已安装】页面编辑应用参数，配置端口放行规则。',
+        iptablesHelper: '检测到系统正在使用 {0} 防火墙，如需切换至 iptables，请先手动卸载！',
        quickJump: '快速跳转',
        used: '已使用',
        unUsed: '未使用',
@ -2708,7 +2709,7 @@ const message = {
        importSuccess: '成功导入 {0} 条规则',
        importPartialSuccess: '导入完成：成功 {0} 条，失败 {1} 条',

-        basicStatus: '当前链 {0} 状态为未绑定，已添加的防火墙规则需要绑定后生效！',
+        basicStatus: '当前未绑定链 {0} ，请先绑定！',
        baseIptables: 'Iptables 服务',
        forwardIptables: 'Iptables 端口转发服务',
        advanceIptables: 'Iptables 高级配置服务',
--- a/frontend/src/views/host/firewall/ip/index.vue
+++ b/frontend/src/views/host/firewall/ip/index.vue
@ -5,11 +5,12 @@
        <div v-loading="loading">
            <FireStatus
                ref="fireStatusRef"
-                @search="search(true)"
+                @search="search"
                v-model:loading="loading"
                v-model:name="fireName"
                v-model:mask-show="maskShow"
                v-model:is-active="isActive"
+                v-model:is-bind="isBind"
                current-tab="base"
            />

@ -17,15 +18,14 @@
                <el-card v-if="!isActive && maskShow" class="mask-prompt">
                    <span>{{ $t('firewall.firewallNotStart') }}</span>
                </el-card>
+                <el-card v-if="!isBind && maskShow" class="mask-prompt">
+                    <span>{{ $t('firewall.basicStatus', ['1PANEL_BASIC']) }}</span>
+                </el-card>

-                <LayoutContent :title="$t('firewall.ipRule', 2)" :class="{ mask: !isActive }">
+                <LayoutContent :title="$t('firewall.ipRule', 2)" :class="{ mask: !isActive || !isBind }">
                    <template #prompt>
-                        <div v-if="!isBind">
-                            <el-alert
-                                type="info"
-                                :closable="false"
-                                :title="$t('firewall.basicStatus', ['1PANEL_BASIC'])"
-                            />
+                        <div v-if="fireName !== 'iptables'">
+                            <el-alert :closable="false" :title="$t('firewall.iptablesHelper', [fireName])" />
                        </div>
                    </template>
                    <template #leftToolBar>
@ -120,13 +120,7 @@ import ImportDialog from '@/views/host/firewall/ip/import/index.vue';
 import FireRouter from '@/views/host/firewall/index.vue';
 import FireStatus from '@/views/host/firewall/status/index.vue';
 import { onMounted, reactive, ref } from 'vue';
-import {
-    batchOperateRule,
-    loadChainStatus,
-    searchFireRule,
-    updateAddrRule,
-    updateFirewallDescription,
-} from '@/api/modules/host';
+import { batchOperateRule, searchFireRule, updateAddrRule, updateFirewallDescription } from '@/api/modules/host';
 import { Host } from '@/api/interface/host';
 import { ElMessageBox } from 'element-plus';
 import i18n from '@/lang';
@ -156,7 +150,7 @@ const paginationConfig = reactive({
    total: 0,
 });

-const search = async (init?: boolean) => {
+const search = async () => {
    if (!isActive.value) {
        loading.value = false;
        data.value = [];
@ -172,9 +166,6 @@ const search = async (init?: boolean) => {
        pageSize: paginationConfig.pageSize,
    };
    loading.value = true;
-    if (init) {
-        loadStatus();
-    }
    await searchFireRule(params)
        .then((res) => {
            loading.value = false;
@ -186,16 +177,6 @@ const search = async (init?: boolean) => {
        });
 };

-const loadStatus = async () => {
-    if (fireName.value !== 'iptables') {
-        isBind.value = true;
-        return;
-    }
-    await loadChainStatus('1PANEL_BASIC').then((res) => {
-        isBind.value = res.data.isBind;
-    });
-};
-
 const dialogRef = ref();
 const onOpenDialog = async (
    title: string,
--- a/frontend/src/views/host/firewall/port/index.vue
+++ b/frontend/src/views/host/firewall/port/index.vue
@ -5,10 +5,11 @@
        <div v-loading="loading">
            <FireStatus
                ref="fireStatusRef"
-                @search="search(true)"
+                @search="search"
                v-model:loading="loading"
                v-model:mask-show="maskShow"
                v-model:is-active="isActive"
+                v-model:is-bind="isBind"
                v-model:name="fireName"
                current-tab="base"
            />
@ -16,9 +17,15 @@
                <el-card v-if="!isActive && maskShow" class="mask-prompt">
                    <span>{{ $t('firewall.firewallNotStart') }}</span>
                </el-card>
+                <el-card v-if="!isBind && maskShow" class="mask-prompt">
+                    <span>{{ $t('firewall.basicStatus', ['1PANEL_BASIC']) }}</span>
+                </el-card>

-                <LayoutContent :title="$t('firewall.portRule', 2)" :class="{ mask: !isActive }">
+                <LayoutContent :title="$t('firewall.portRule', 2)" :class="{ mask: !isActive || !isBind }">
                    <template #prompt>
+                        <div class="mb-2" v-if="fireName !== 'iptables'">
+                            <el-alert :closable="false" :title="$t('firewall.iptablesHelper', [fireName])" />
+                        </div>
                        <el-alert type="info" :closable="false">
                            <template #default>
                                <span class="flx-align-center">
@ -34,14 +41,6 @@
                                </span>
                            </template>
                        </el-alert>
-
-                        <div v-if="!isBind" class="mt-2">
-                            <el-alert
-                                type="info"
-                                :closable="false"
-                                :title="$t('firewall.basicStatus', ['1PANEL_BASIC'])"
-                            />
-                        </div>
                    </template>
                    <template #leftToolBar>
                        <el-button type="primary" @click="onOpenDialog('create')">
@ -169,13 +168,7 @@ import OperateDialog from '@/views/host/firewall/port/operate/index.vue';
 import ImportDialog from '@/views/host/firewall/port/import/index.vue';
 import FireStatus from '@/views/host/firewall/status/index.vue';
 import { onMounted, reactive, ref } from 'vue';
-import {
-    batchOperateRule,
-    loadChainStatus,
-    searchFireRule,
-    updateFirewallDescription,
-    updatePortRule,
-} from '@/api/modules/host';
+import { batchOperateRule, searchFireRule, updateFirewallDescription, updatePortRule } from '@/api/modules/host';
 import { Host } from '@/api/interface/host';
 import i18n from '@/lang';
 import { MsgSuccess } from '@/utils/message';
@ -207,7 +200,7 @@ const paginationConfig = reactive({
    total: 0,
 });

-const search = async (init?: boolean) => {
+const search = async () => {
    if (!isActive.value) {
        loading.value = false;
        data.value = [];
@ -223,9 +216,6 @@ const search = async (init?: boolean) => {
        pageSize: paginationConfig.pageSize,
    };
    loading.value = true;
-    if (init) {
-        loadStatus();
-    }
    await searchFireRule(params)
        .then((res) => {
            loading.value = false;
@ -308,16 +298,6 @@ const onChange = async (info: any) => {
    MsgSuccess(i18n.global.t('commons.msg.operationSuccess'));
 };

-const loadStatus = async () => {
-    if (fireName.value !== 'iptables') {
-        isBind.value = true;
-        return;
-    }
-    await loadChainStatus('1PANEL_BASIC').then((res) => {
-        isBind.value = res.data.isBind;
-    });
-};
-
 const onDelete = async (row: Host.RuleInfo | null) => {
    let names = [];
    let rules = [];
--- a/frontend/src/views/host/firewall/status/index.vue
+++ b/frontend/src/views/host/firewall/status/index.vue
@ -52,7 +52,7 @@
                </div>
            </el-card>
        </div>
-        <NoSuchService v-else name="Firewalld / Ufw" />
+        <NoSuchService v-else name="Firewalld / Ufw / iptables" />

        <LayoutContent :divider="true" v-if="!baseInfo.isInit">
            <template #main>
@ -115,7 +115,14 @@ const acceptParams = (): void => {
    loadBaseInfo(true);
    loadDocker();
 };
-const emit = defineEmits(['search', 'update:is-active', 'update:loading', 'update:maskShow', 'update:name']);
+const emit = defineEmits([
+    'search',
+    'update:is-active',
+    'update:is-bind',
+    'update:loading',
+    'update:maskShow',
+    'update:name',
+]);

 const loadBaseInfo = async (search: boolean) => {
    await loadFireBaseInfo(props.currentTab)
@ -129,6 +136,7 @@ const loadBaseInfo = async (search: boolean) => {
                emit('update:name', '-');
            }
            emit('update:is-active', baseInfo.value.isActive);
+            emit('update:is-bind', baseInfo.value.isBind);

            if (search) {
                emit('search');