add(todo): additional setting to implement

backend/app.py

@@ -6,7 +6,7 @@ from jose import jwt
 from passlib.context import CryptContext
 from fastapi_socketio import SocketManager
 from utils.sqlite import SQLite
-from utils import API_VERSION, FIREGEX_PORT, JWT_ALGORITHM, get_interfaces, refresh_frontend, DEBUG, SysctlManager
+from utils import API_VERSION, FIREGEX_PORT, JWT_ALGORITHM, get_interfaces, socketio_emit, DEBUG, SysctlManager
 from utils.loader import frontend_deploy, load_routers
 from utils.models import ChangePasswordModel, IpInterface, PasswordChangeForm, PasswordForm, ResetRequest, StatusModel, StatusMessageModel
 from fastapi.middleware.cors import CORSMiddleware
@@ -41,6 +41,9 @@ def create_access_token(data: dict):
     encoded_jwt = jwt.encode(to_encode, JWT_SECRET(), algorithm=JWT_ALGORITHM)
     return encoded_jwt
 
+async def refresh_frontend(additional:list[str]=[]):
+    await socketio_emit([]+additional)
+
 async def check_login(token: str = Depends(oauth2_scheme)):
     if not token:
         return False

backend/modules/firewall/firewall.py

@@ -21,7 +21,38 @@ class FirewallManager:
     async def reload(self):
         async with self.lock:
             if self.db.get("ENABLED", "0") == "1":
-                nft.set(map(Rule.from_dict, self.db.query('SELECT * FROM rules WHERE active = 1 ORDER BY rule_id;')), policy=self.db.get('POLICY', 'accept'))
+                additional_rules = []
+                if self.allow_loopback:
+                    pass #TODO complete rule
+                if self.allow_established:
+                    pass #TODO complete rule
+                rules = list(map(Rule.from_dict, self.db.query('SELECT * FROM rules WHERE active = 1 ORDER BY rule_id;')), policy=self.db.get('POLICY', 'accept'))
+                nft.set(additional_rules + rules)
             else:
                 nft.reset()
+    
+    @property
+    def keep_rules(self):
+        return self.db.get("keep_rules", "0") == "1"
+    
+    @keep_rules.setter
+    def keep_rules(self, value):
+        self.db.set("keep_rules", "1" if value else "0")
+
+    @property
+    def allow_loopback(self):
+        return self.db.get("allow_loopback", "1") == "1"
+    
+    @allow_loopback.setter
+    def allow_loopback(self, value):
+        self.db.set("allow_loopback", "1" if value else "0")
+
+    @property
+    def allow_established(self):
+        return self.db.get("allow_established", "1") == "1"
+    
+    @allow_established.setter
+    def allow_established(self, value):
+        self.db.set("allow_established", "1" if value else "0")
+    
 

backend/modules/regexproxy/utils.py

@@ -3,7 +3,7 @@ from modules.regexproxy.proxy import Filter, Proxy
 import random, socket, asyncio
 from base64 import b64decode
 from utils.sqlite import SQLite
-from utils import refresh_frontend
+from utils import socketio_emit
 
 class STATUS:
     WAIT = "wait"
@@ -130,10 +130,10 @@ class ServiceManager:
                 while True:
                     if check_port_is_open(self.proxy.public_port):
                         self._set_status(to)
-                        await refresh_frontend()
+                        await socketio_emit(["regexproxy"])
                         await self.proxy.start(in_pause=(to==STATUS.PAUSE))
                         self._set_status(STATUS.STOP)
-                        await refresh_frontend()
+                        await socketio_emit(["regexproxy"])
                         return
                     else:
                         await asyncio.sleep(.5)

backend/routers/firewall.py

@@ -2,7 +2,7 @@ import sqlite3
 from fastapi import APIRouter, HTTPException
 from pydantic import BaseModel
 from utils.sqlite import SQLite
-from utils import ip_parse, ip_family, refactor_name, refresh_frontend, PortType
+from utils import ip_parse, ip_family, socketio_emit, PortType
 from utils.models import ResetRequest, StatusMessageModel
 from modules.firewall.nftables import FiregexTables
 from modules.firewall.firewall import FirewallManager
@@ -35,6 +35,11 @@ class RuleAddResponse(BaseModel):
 class RenameForm(BaseModel):
     name:str
 
+class FirewallSettings(BaseModel):
+    keep_rules: bool
+    allow_loopback: bool
+    allow_established: bool
+
 app = APIRouter()
 
 db = SQLite('db/firewall-rules.db', {
@@ -77,16 +82,39 @@ async def startup():
     await firewall.init()
 
 async def shutdown():
+    keep_rules = firewall.keep_rules
     db.backup()
-    await firewall.close()
+    if not keep_rules:
+        await firewall.close()
     db.disconnect()
     db.restore()
 
+async def refresh_frontend(additional:list[str]=[]):
+    await socketio_emit(["firewall"]+additional)
+
 async def apply_changes():
     await firewall.reload()
     await refresh_frontend()
     return {'status': 'ok'}
 
+
+@app.get("/settings", response_model=FirewallSettings)
+async def get_settings():
+    """Get the firewall settings"""
+    return {
+        "keep_rules": firewall.keep_rules,
+        "allow_loopback": firewall.allow_loopback,
+        "allow_established": firewall.allow_established
+    }
+
+@app.post("/settings/set", response_model=StatusMessageModel)
+async def set_settings(form: FirewallSettings):
+    """Set the firewall settings"""
+    firewall.keep_rules = form.keep_rules
+    firewall.allow_loopback = form.allow_loopback
+    firewall.allow_established = form.allow_established
+    return {'status': 'ok'}
+
 @app.get('/rules', response_model=RuleInfo)
 async def get_rule_list():
     """Get the list of existent firegex rules"""

backend/routers/nfregex.py

@@ -7,7 +7,7 @@ from pydantic import BaseModel
 from modules.nfregex.nftables import FiregexTables
 from modules.nfregex.firewall import STATUS, FirewallManager
 from utils.sqlite import SQLite
-from utils import ip_parse, refactor_name, refresh_frontend, PortType
+from utils import ip_parse, refactor_name, socketio_emit, PortType
 from utils.models import ResetRequest, StatusMessageModel
 
 class ServiceModel(BaseModel):
@@ -79,6 +79,9 @@ db = SQLite('db/nft-regex.db', {
     ]
 })
 
+async def refresh_frontend(additional:list[str]=[]):
+    await socketio_emit(["nfregex"]+additional)
+
 async def reset(params: ResetRequest):
     if not params.delete: 
         db.backup()

backend/routers/porthijack.py

@@ -4,7 +4,7 @@ from fastapi import APIRouter, HTTPException
 from pydantic import BaseModel
 from modules.porthijack.models import Service
 from utils.sqlite import SQLite
-from utils import addr_parse, ip_family, refactor_name, refresh_frontend, PortType
+from utils import addr_parse, ip_family, refactor_name, socketio_emit, PortType
 from utils.models import ResetRequest, StatusMessageModel
 from modules.porthijack.nftables import FiregexTables
 from modules.porthijack.firewall import FirewallManager
@@ -75,6 +75,9 @@ async def shutdown():
     db.disconnect()
     db.restore()
 
+async def refresh_frontend(additional:list[str]=[]):
+    await socketio_emit(["porthijack"]+additional)
+
 def gen_service_id():
     while True:
         res = secrets.token_hex(8)

backend/routers/regexproxy.py

@@ -5,7 +5,7 @@ from pydantic import BaseModel
 from modules.regexproxy.utils import STATUS, ProxyManager, gen_internal_port, gen_service_id
 from utils.sqlite import SQLite
 from utils.models import ResetRequest, StatusMessageModel
-from utils import refactor_name, refresh_frontend, PortType
+from utils import refactor_name, socketio_emit, PortType
 
 app = APIRouter()
 db = SQLite("db/regextcpproxy.db",{
@@ -56,7 +56,8 @@ async def shutdown():
     db.disconnect()
     db.restore()
     
-    
+async def refresh_frontend(additional:list[str]=[]):
+    await socketio_emit(["regexproxy"]+additional)
 
 class GeneralStatModel(BaseModel):
     closed:int

backend/utils/__init__.py

@@ -4,6 +4,7 @@ import os, socket, psutil, sys, nftables
 from fastapi_socketio import SocketManager
 from fastapi import Path
 from typing import Annotated
+import json
 
 LOCALHOST_IP = socket.gethostbyname(os.getenv("LOCALHOST_IP","127.0.0.1"))
 
@@ -25,8 +26,8 @@ async def run_func(func, *args, **kwargs):
     else: 
         return func(*args, **kwargs)
 
-async def refresh_frontend():
-    await socketio.emit("update","Refresh")
+async def socketio_emit(elements:list[str]):
+    await socketio.emit("update",elements)
 
 def refactor_name(name:str):
     name = name.strip()