Son aktivite 1 month ago

nuno bu gisti düzenledi 1 month ago. Düzenlemeye git

1 file changed, 277 insertions

gistfile1.txt(dosya oluşturuldu)

@@ -0,0 +1,277 @@
1 + # ============================================
2 + # Remove peers from WireGuard
3 + # ============================================
4 +
5 + function cmd::group::rm_peers() {
6 + local name="" force=false
7 +
8 + while [[ $# -gt 0 ]]; do
9 + case "$1" in
10 + --name) util::require_flag "--name" "${2:-}" || return 1; name="$2"; shift 2 ;;
11 + --force) force=true; shift ;;
12 + --help) cmd::group::help; return ;;
13 + *) log::error "Unknown flag: $1"; return 1 ;;
14 + esac
15 + done
16 +
17 + [[ -z "$name" ]] && log::error "Missing required flag: --name" && return 1
18 + group::require_exists "$name" || return 1
19 +
20 + local peers_list=()
21 + mapfile -t peers_list < <(group::peers "$name")
22 + local peer_count=${#peers_list[@]}
23 + [[ -z "${peers_list[0]:-}" ]] && peer_count=0
24 +
25 + if [[ "$peer_count" -eq 0 ]]; then
26 + log::wg_warning "Group '${name}' has no peers"
27 + return 0
28 + fi
29 +
30 + if ! $force; then
31 + read -r -p "Remove all ${peer_count} peers in group '${name}' from WireGuard? [y/N] " confirm
32 + case "$confirm" in
33 + [yY][eE][sS]|[yY]) ;;
34 + *) log::info "Aborted"; return 0 ;;
35 + esac
36 + fi
37 +
38 + load_command remove
39 + group::each_peer "$name" cmd::group::_rm_peer_cb
40 + log::wg_success "Removed peers from group '${name}' (definition kept)"
41 + }
42 +
43 + function cmd::group::_rm_peer_cb() {
44 + local peer_name="${1:-}"
45 + if ! group::_peer_exists_check "$peer_name"; then
46 + log::wg_warning "Peer '${peer_name}' no longer exists — skipping"
47 + return 0
48 + fi
49 + cmd::remove::run --name "$peer_name" --force
50 + }
51 +
52 + # ============================================
53 + # Block / Unblock
54 + # ============================================
55 +
56 + function cmd::group::block() {
57 + local name="" force=false
58 +
59 + while [[ $# -gt 0 ]]; do
60 + case "$1" in
61 + --name) util::require_flag "--name" "${2:-}" || return 1; name="$2"; shift 2 ;;
62 + --force) force=true; shift ;;
63 + --help) cmd::group::help; return ;;
64 + *) log::error "Unknown flag: $1"; return 1 ;;
65 + esac
66 + done
67 +
68 + [[ -z "$name" ]] && log::error "Missing required flag: --name" && return 1
69 + group::require_exists "$name" || return 1
70 +
71 + local peers_list=()
72 + mapfile -t peers_list < <(group::peers "$name")
73 +
74 + if [[ ${#peers_list[@]} -eq 0 ]] || [[ -z "${peers_list[0]:-}" ]]; then
75 + log::wg_warning "Group '${name}' has no peers"
76 + return 0
77 + fi
78 +
79 + local count=0 skipped=0 blocked_names=()
80 + local filtered=()
81 + for p in "${peers_list[@]:-}"; do
82 + [[ -n "$p" ]] && filtered+=("$p")
83 + done
84 + [[ ${#filtered[@]} -eq 0 ]] && log::wg_warning "Group '${name}' has no peers" && return 0
85 +
86 + for peer_name in "${filtered[@]}"; do
87 + if cmd::group::_block_peer "$peer_name" "$name"; then
88 + (( count++ )) || true
89 + else
90 + (( skipped++ )) || true
91 + fi
92 + done
93 +
94 + if [[ "$count" -gt 0 ]]; then
95 + log::wg_block "All peers from ${name} have been blocked (${count} peers)."
96 + fi
97 +
98 + if [[ "$skipped" -gt 0 ]]; then
99 + log::wg_warning "${skipped} peers already blocked"
100 + fi
101 + }
102 +
103 + function cmd::group::unblock() {
104 + local name="" force=false
105 +
106 + while [[ $# -gt 0 ]]; do
107 + case "$1" in
108 + --name) util::require_flag "--name" "${2:-}" || return 1; name="$2"; shift 2 ;;
109 + --force) force=true; shift ;;
110 + --help) cmd::group::help; return ;;
111 + *) log::error "Unknown flag: $1"; return 1 ;;
112 + esac
113 + done
114 +
115 + [[ -z "$name" ]] && log::error "Missing required flag: --name" && return 1
116 + group::require_exists "$name" || return 1
117 +
118 + local peers_list=()
119 + mapfile -t peers_list < <(group::peers "$name")
120 +
121 + local filtered=()
122 + for p in "${peers_list[@]:-}"; do [[ -n "$p" ]] && filtered+=("$p"); done
123 + [[ ${#filtered[@]} -eq 0 ]] && log::wg_warning "Group '${name}' has no peers" && return 0
124 +
125 + local count=0 skipped=0
126 +
127 + for peer_name in "${filtered[@]}"; do
128 + if cmd::group::_unblock_peer "$peer_name" "$name"; then
129 + (( count++ )) || true
130 + else
131 + (( skipped++ )) || true
132 + fi
133 + done
134 +
135 + if [[ "$count" -gt 0 ]]; then
136 + log::wg_unblock "All peers from ${name} have been unblocked."
137 + fi
138 +
139 + if [[ "$skipped" -gt 0 ]]; then
140 + log::wg_warning "${skipped} peer(s) remain blocked (blocked directly or by other groups)"
141 + fi
142 + }
143 +
144 + function cmd::group::_block_peer() {
145 + local peer_name="${1:-}" group_name="${2:-}"
146 + if ! group::_peer_exists_check "$peer_name"; then
147 + log::wg_warning "Peer '${peer_name}' no longer exists — skipping"
148 + return 0
149 + fi
150 +
151 + local client_ip
152 + client_ip=$(peers::get_ip "$peer_name")
153 +
154 + # Check if already blocked by this group
155 + local current_blocked_groups
156 + current_blocked_groups=$(block::get_groups "$peer_name")
157 +
158 + local IFS=','
159 + for g in $current_blocked_groups; do
160 + if [[ "$g" == "$group_name" ]]; then
161 + log::wg_warning "${peer_name} — already blocked by group '${group_name}'"
162 + return 1
163 + fi
164 + done
165 +
166 + # Add group to block tracking
167 + block::add_group "$peer_name" "$client_ip" "$group_name"
168 +
169 + # Apply fw rules only if peer is still in WG server (not yet blocked)
170 + if peers::exists_in_server "$peer_name"; then
171 + block::apply_full "$peer_name" "$client_ip"
172 + fi
173 + }
174 +
175 + function cmd::group::_unblock_peer() {
176 + local peer_name="${1:-}" group_name="${2:-}"
177 +
178 + if ! group::_peer_exists_check "$peer_name"; then
179 + log::wg_warning "Peer '${peer_name}' no longer exists — skipping"
180 + return 1
181 + fi
182 +
183 + # Check if blocked by this group at all
184 + if ! block::has_file "$peer_name"; then
185 + log::wg_warning "${peer_name} — not blocked"
186 + return 1
187 + fi
188 +
189 + local current_groups
190 + current_groups=$(block::get_groups "$peer_name")
191 + if [[ "$current_groups" != *"$group_name"* ]]; then
192 + log::wg_warning "${peer_name} — not blocked by group '${group_name}'"
193 + return 1
194 + fi
195 +
196 + local client_ip
197 + client_ip=$(peers::get_ip "$peer_name")
198 +
199 + block::remove_group "$peer_name" "$client_ip" "$group_name"
200 +
201 + if block::is_blocked "$peer_name"; then
202 + local groups
203 + groups=$(block::get_groups "$peer_name")
204 +
205 + local direct
206 + direct=$(block::is_blocked_direct "$peer_name")
207 +
208 + if [[ "$direct" == "true" ]]; then
209 + log::wg_warning "${peer_name} — still blocked directly, skipping"
210 + else
211 + log::wg_warning "${peer_name} — still blocked by group(s): ${groups}, skipping"
212 + fi
213 +
214 + return 1
215 + fi
216 +
217 + block::restore_peer "$peer_name" "$client_ip"
218 + block::remove_file "$peer_name"
219 +
220 + local rule
221 + rule=$(peers::get_meta "$peer_name" "rule")
222 +
223 + [[ -n "$rule" ]] && rule::exists "$rule" && \
224 + rule::apply "$rule" "$client_ip" "$peer_name"
225 + }
226 +
227 + # ============================================
228 + # Rule assign
229 + # ============================================
230 +
231 + function cmd::group::rule() {
232 + local subcmd="${1:-help}"
233 + shift || true
234 + case "$subcmd" in
235 + assign) cmd::group::rule_assign "$@" ;;
236 + *)
237 + log::error "Unknown rule subcommand: '${subcmd}'"
238 + cmd::group::help
239 + return 1
240 + ;;
241 + esac
242 + }
243 +
244 + function cmd::group::rule_assign() {
245 + local name="" rule=""
246 +
247 + while [[ $# -gt 0 ]]; do
248 + case "$1" in
249 + --name) util::require_flag "--name" "${2:-}" || return 1; name="$2"; shift 2 ;;
250 + --rule) util::require_flag "--rule" "${2:-}" || return 1; rule="$2"; shift 2 ;;
251 + --help) cmd::group::help; return ;;
252 + *) log::error "Unknown flag: $1"; return 1 ;;
253 + esac
254 + done
255 +
256 + [[ -z "$name" ]] && log::error "Missing required flag: --name" && return 1
257 + [[ -z "$rule" ]] && log::error "Missing required flag: --rule" && return 1
258 + group::require_exists "$name" || return 1
259 + rule::require_exists "$rule" || return 1
260 +
261 + local peers_list=()
262 + mapfile -t peers_list < <(group::peers "$name")
263 + [[ -z "${peers_list[0]:-}" ]] && log::wg_warning "Group '${name}' has no peers" && return 0
264 +
265 + group::each_peer "$name" cmd::group::_rule_assign_cb "$rule"
266 + log::wg_success "Assigned rule '${rule}' to group '${name}'"
267 + }
268 +
269 + function cmd::group::_rule_assign_cb() {
270 + local peer_name="${1:-}" rule="${2:-}"
271 + if ! group::_peer_exists_check "$peer_name"; then
272 + log::wg_warning "Peer '${peer_name}' no longer exists — skipping"
273 + return 0
274 + fi
275 + load_command rule
276 + cmd::rule::assign --name "$rule" --peer "$peer_name"
277 + }
Daha yeni Daha eski