sssnake/setec_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit — SETEC LABS Manager (Setec_CDM)

Browse Source 
Flask-based VPS management panel with SSH remote command execution.
Includes E2E encrypted SSH tunnel (AES-256-GCM + Go agent), setup wizard,
security hardening tools, DNS management, firewall configs, monitoring,
backup, and .sec patch update system.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
DigiJ
2026-03-13 12:39:02 -07:00
commit 9e839ee826
62 changed files with 14605 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
setec-web/firewalld.py Normal file
View File

@@ -0,0 +1,96 @@
"""
Command-builder module for managing firewalld on a Linux VPS.
Each function returns a bash command string (or multi-command string).
"""
def _perm(permanent: bool) -> str:
return " --permanent" if permanent else ""
def status_cmd() -> str:
return (
"which firewall-cmd > /dev/null 2>&1 && echo 'firewalld is installed' || echo 'firewalld is NOT installed'; "
"firewall-cmd --state 2>/dev/null; "
"systemctl status firewalld --no-pager"
)
def install_cmd() -> str:
return (
"apt update && apt install -y firewalld && "
"systemctl enable firewalld && "
"systemctl start firewalld"
)
def zones_cmd() -> str:
return "firewall-cmd --get-zones; firewall-cmd --get-active-zones"
def zone_info_cmd(zone: str = "public") -> str:
return f"firewall-cmd --zone={zone} --list-all"
def add_service_cmd(service: str, zone: str = "public", permanent: bool = True) -> str:
return f"firewall-cmd --zone={zone} --add-service={service}{_perm(permanent)}"
def remove_service_cmd(service: str, zone: str = "public", permanent: bool = True) -> str:
return f"firewall-cmd --zone={zone} --remove-service={service}{_perm(permanent)}"
def add_port_cmd(port: str, zone: str = "public", permanent: bool = True) -> str:
return f"firewall-cmd --zone={zone} --add-port={port}{_perm(permanent)}"
def remove_port_cmd(port: str, zone: str = "public", permanent: bool = True) -> str:
return f"firewall-cmd --zone={zone} --remove-port={port}{_perm(permanent)}"
def add_rich_rule_cmd(rule: str, zone: str = "public", permanent: bool = True) -> str:
return f"firewall-cmd --zone={zone} --add-rich-rule='{rule}'{_perm(permanent)}"
def remove_rich_rule_cmd(rule: str, zone: str = "public", permanent: bool = True) -> str:
return f"firewall-cmd --zone={zone} --remove-rich-rule='{rule}'{_perm(permanent)}"
def block_ip_cmd(ip: str, zone: str = "drop") -> str:
return f"firewall-cmd --zone={zone} --add-source={ip} --permanent"
def unblock_ip_cmd(ip: str, zone: str = "drop") -> str:
return f"firewall-cmd --zone={zone} --remove-source={ip} --permanent"
def reload_cmd() -> str:
return "firewall-cmd --reload"
def panic_on_cmd() -> str:
return "firewall-cmd --panic-on"
def panic_off_cmd() -> str:
return "firewall-cmd --panic-off"
def log_cmd(lines: int = 50) -> str:
return f"journalctl -u firewalld --no-pager -n {lines}"
def services_list_cmd() -> str:
return "firewall-cmd --get-services"
def default_zone_cmd(zone: str) -> str:
return f"firewall-cmd --set-default-zone={zone}"
def uninstall_cmd() -> str:
return (
"systemctl stop firewalld && "
"systemctl disable firewalld && "
"apt remove -y firewalld"
)